Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/3GsGxi_qltJ_dxKtDcZYmcG-1RU.roa
File: 3GsGxi_qltJ_dxKtDcZYmcG-1RU.roa (raw, json)
Hash identifier: urqnvQzj5UqUamwtL7DiN1Au12kSaXvinmARgCGLn7s=
Subject key identifier: DC:6B:06:C6:2F:EA:96:D2:7F:77:12:AD:0D:C6:58:99:C1:BE:D5:15
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258F99E6C778C897AC02A5D564D1D74B
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/3GsGxi_qltJ_dxKtDcZYmcG-1RU.roa
Signing time: Thu 02 Jan 2025 05:49:15 +0000
ROA not before: Thu 02 Jan 2025 05:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42209
IP address blocks: 146.120.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:99:e6:c7:78:c8:97:ac:02:a5:d5:64:d1:d7:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc6b06c62fea96d27f7712ad0dc65899c1bed515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a9:04:4f:49:05:64:5d:34:c5:54:49:9b:bc:
d6:e0:09:e2:ed:dd:ba:c6:e0:4b:22:42:cb:c8:3f:
0f:d2:46:5f:65:99:2a:d6:34:0d:fa:be:93:d4:fc:
17:c9:2c:6d:12:a0:40:92:c4:a1:9c:02:9b:d8:5f:
d1:8c:55:77:78:fc:ef:95:f0:17:29:ae:69:d6:6b:
8f:87:e1:9e:4e:d0:88:bd:fa:a3:f3:d2:e4:50:aa:
a4:23:96:fc:7e:62:30:d2:d4:57:41:35:16:38:b8:
48:d1:6c:fe:06:6c:1d:ce:57:26:b5:49:90:f2:5a:
ad:83:4c:30:5a:7b:65:a5:7f:8d:c1:8e:d3:fd:5d:
3b:ba:b8:30:b9:43:d6:02:e0:a2:9f:1d:a7:e7:7a:
1d:66:d1:c7:f4:9a:6a:d9:d0:8d:55:ae:65:47:48:
cc:42:86:b5:da:c4:4a:27:50:4b:cc:b8:45:71:ac:
01:ae:13:cc:06:c9:b6:cc:ee:82:59:ca:1a:8c:dc:
0f:32:4c:79:9f:ce:94:7f:3a:ef:e2:78:69:be:b7:
2c:17:4b:a6:04:f8:5f:43:be:e7:8c:f4:eb:92:f7:
58:69:b0:a2:04:34:5b:44:f7:9a:71:ac:0a:cd:27:
a7:ba:8f:88:c0:52:9c:3d:a3:f1:1e:3b:2e:fd:cc:
b8:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:6B:06:C6:2F:EA:96:D2:7F:77:12:AD:0D:C6:58:99:C1:BE:D5:15
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/3GsGxi_qltJ_dxKtDcZYmcG-1RU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.214.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:ad:84:8b:2e:ed:36:f8:5a:c7:fc:c7:bf:f4:86:04:64:21:
c7:7d:b4:25:94:b5:1d:2d:b3:ee:53:5a:19:d9:d3:8d:e8:3e:
da:71:ba:c1:87:16:c0:d9:9b:2f:b6:03:87:d5:0d:60:ff:0c:
9f:22:12:ce:fd:55:3e:9a:5d:5f:44:12:3a:ca:a3:f9:19:99:
05:b1:ab:11:aa:73:fa:e9:c5:71:7a:35:94:62:54:b4:cf:73:
0b:0b:38:c0:ef:32:27:b7:ea:11:b6:18:73:33:a3:f0:b8:e3:
a5:49:ed:90:77:51:04:2b:0f:3f:c5:29:8e:b1:a2:30:72:e2:
b6:81:b0:83:e2:c3:3c:d8:3d:98:60:21:6d:aa:bd:7b:67:98:
ae:32:3a:96:8a:70:72:6e:c0:0d:5c:b1:6b:d8:f6:0d:ab:b6:
d4:a4:3e:a6:5b:a6:82:0d:56:78:f9:f1:d9:fe:5e:fe:8e:cd:
14:13:5f:91:9b:cd:d3:d6:6a:f1:bc:64:2a:42:32:9c:15:94:
f9:3f:36:df:4a:a5:6f:57:1d:54:97:79:e5:4e:5a:1c:3a:ca:
40:78:c4:2c:69:de:3b:54:03:6a:09:71:fc:d5:f7:ed:6f:1f:
26:5c:68:b7:32:ad:5b:ae:d9:15:60:db:09:85:9b:a2:df:58:
57:81:ae:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj5nmx3jIl6wCpdVk0ddLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzZiMDZjNjJmZWE5NmQyN2Y3NzEyYWQwZGM2NTg5OWMxYmVkNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3akET0kFZF00xVRJm7zW4Ani7d26
xuBLIkLLyD8P0kZfZZkq1jQN+r6T1PwXySxtEqBAksShnAKb2F/RjFV3ePzvlfAX
Ka5p1muPh+GeTtCIvfqj89LkUKqkI5b8fmIw0tRXQTUWOLhI0Wz+BmwdzlcmtUmQ
8lqtg0wwWntlpX+NwY7T/V07urgwuUPWAuCinx2n53odZtHH9Jpq2dCNVa5lR0jM
Qoa12sRKJ1BLzLhFcawBrhPMBsm2zO6CWcoajNwPMkx5n86Ufzrv4nhpvrcsF0um
BPhfQ77njPTrkvdYabCiBDRbRPeacawKzSenuo+IwFKcPaPxHjsu/cy4VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxrBsYv6pbSf3cSrQ3GWJnBvtUVMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvM0dzR3hpX3FsdEpfZHhLdERjWlltY0ctMVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknjWMA0G
CSqGSIb3DQEBCwUAA4IBAQBcrYSLLu02+FrH/Me/9IYEZCHHfbQllLUdLbPuU1oZ
2dON6D7acbrBhxbA2ZsvtgOH1Q1g/wyfIhLO/VU+ml1fRBI6yqP5GZkFsasRqnP6
6cVxejWUYlS0z3MLCzjA7zInt+oRthhzM6PwuOOlSe2Qd1EEKw8/xSmOsaIwcuK2
gbCD4sM82D2YYCFtqr17Z5iuMjqWinBybsANXLFr2PYNq7bUpD6mW6aCDVZ4+fHZ
/l7+js0UE1+Rm83T1mrxvGQqQjKcFZT5PzbfSqVvVx1Ul3nlTlocOspAeMQsad47
VANqCXH81fftbx8mXGi3Mq1brtkVYNsJhZui31hXga43
-----END CERTIFICATE-----
Generated at Sun Apr 13 15:01:34 2025 by rpki-client