Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/645zufe1ae0LXOAaa39jL6Y6uTI.roa
File: 645zufe1ae0LXOAaa39jL6Y6uTI.roa (raw, json)
Hash identifier: Vks+s21wsVkCVIDxT22yH+CusoxvubI3AhoxAI59QR0=
Subject key identifier: EB:8E:73:B9:F7:B5:69:ED:0B:5C:E0:1A:6B:7F:63:2F:A6:3A:B9:32
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FC37A9B81B1E9F9F6D5BFB8EE76A8
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/645zufe1ae0LXOAaa39jL6Y6uTI.roa
Signing time: Thu 02 Jan 2025 05:49:26 +0000
ROA not before: Thu 02 Jan 2025 05:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56673
IP address blocks: 146.120.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:c3:7a:9b:81:b1:e9:f9:f6:d5:bf:b8:ee:76:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb8e73b9f7b569ed0b5ce01a6b7f632fa63ab932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ff:dd:e2:a1:23:b5:01:ea:4e:0a:c9:6f:b5:
18:28:f5:7c:cd:32:33:0f:aa:4d:28:9b:e6:bc:11:
79:a7:b0:19:82:7e:bd:bf:76:c0:39:1c:4d:98:40:
4c:2d:48:49:09:46:51:17:c2:9f:09:c1:f7:bb:d6:
b1:6f:01:f6:b5:c9:43:87:ad:bc:1b:e5:1f:31:35:
61:cc:c5:85:be:e6:f0:f4:eb:04:a4:5d:20:6a:37:
88:4a:e8:ac:9b:38:18:9c:b2:0a:5f:2c:46:41:bc:
67:15:4d:2b:c0:3d:c4:33:e0:ae:4f:30:99:8c:7f:
5f:4d:a2:5c:18:21:79:23:f4:cd:2f:4e:54:f1:8b:
f1:46:4c:5e:fc:f7:9d:77:39:0a:41:58:7f:8f:16:
fe:f0:48:df:a3:e5:7c:87:af:98:28:86:a3:bc:fb:
30:7f:d5:22:0e:fc:22:c4:8a:88:77:c5:f2:b3:39:
f4:bb:76:24:77:41:cc:20:50:07:e3:09:b8:89:7d:
a3:09:c8:73:5b:98:b9:c0:78:35:ce:a2:55:cb:b8:
38:49:55:4e:32:80:5c:a6:50:08:84:5e:ae:11:2b:
78:7e:21:7f:6b:f9:47:5d:5c:cb:80:af:21:11:17:
55:d8:d4:68:9c:c8:01:2d:a4:a4:73:38:3d:ac:03:
cc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:8E:73:B9:F7:B5:69:ED:0B:5C:E0:1A:6B:7F:63:2F:A6:3A:B9:32
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/645zufe1ae0LXOAaa39jL6Y6uTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.199.0/24
Signature Algorithm: sha256WithRSAEncryption
25:58:e8:29:9f:dd:77:e1:0d:75:ef:9a:c7:ed:b1:0e:ef:6e:
7a:4a:23:21:8b:f9:0a:b6:d1:cc:8f:49:08:5f:dd:f1:b8:11:
9c:41:4d:0e:87:e3:32:6f:ac:87:8c:d0:01:52:29:cd:f5:85:
b6:d2:02:13:e0:51:5d:af:73:3d:5e:85:e0:34:34:ca:06:18:
a4:48:5f:68:7c:85:ff:c9:0e:d3:14:09:9c:ef:ca:e8:06:cf:
ab:b7:cd:48:38:29:b9:9d:d1:52:a4:89:f8:d7:09:1f:90:3f:
dc:f1:0a:05:1f:fb:c4:1a:11:60:fc:8b:60:0c:ce:57:86:3f:
a8:19:33:8a:9c:05:1c:0a:e2:48:90:f0:2f:d1:68:46:4c:3d:
8f:c8:79:73:c5:c0:03:a4:72:34:80:28:58:25:da:5a:88:b5:
d9:9d:72:7b:f6:9a:46:44:f4:ab:75:4a:e2:5b:1d:c8:7f:41:
60:b1:78:98:9a:93:c0:40:41:41:43:80:87:34:6b:17:be:0f:
b5:4f:af:51:8f:59:4a:25:6b:1c:4a:da:0c:d3:17:ae:47:3b:
f6:8d:5c:c9:46:8b:3a:e7:71:d0:39:c9:bc:81:06:42:2b:65:
c9:43:42:e1:8e:94:5e:0f:62:28:82:46:a4:01:ca:16:53:36:
37:fc:04:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj8N6m4Gx6fn21b+47naoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjhlNzNiOWY3YjU2OWVkMGI1Y2UwMWE2YjdmNjMyZmE2M2FiOTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzv/d4qEjtQHqTgrJb7UYKPV8zTIz
D6pNKJvmvBF5p7AZgn69v3bAORxNmEBMLUhJCUZRF8KfCcH3u9axbwH2tclDh628
G+UfMTVhzMWFvubw9OsEpF0gajeISuismzgYnLIKXyxGQbxnFU0rwD3EM+CuTzCZ
jH9fTaJcGCF5I/TNL05U8YvxRkxe/PeddzkKQVh/jxb+8Ejfo+V8h6+YKIajvPsw
f9UiDvwixIqId8Xyszn0u3Ykd0HMIFAH4wm4iX2jCchzW5i5wHg1zqJVy7g4SVVO
MoBcplAIhF6uESt4fiF/a/lHXVzLgK8hERdV2NRonMgBLaSkczg9rAPMtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOuOc7n3tWntC1zgGmt/Yy+mOrkyMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvNjQ1enVmZTFhZTBMWE9BYWEzOWpMNlk2dVRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknjHMA0G
CSqGSIb3DQEBCwUAA4IBAQAlWOgpn9134Q1175rH7bEO7256SiMhi/kKttHMj0kI
X93xuBGcQU0Oh+Myb6yHjNABUinN9YW20gIT4FFdr3M9XoXgNDTKBhikSF9ofIX/
yQ7TFAmc78roBs+rt81IOCm5ndFSpIn41wkfkD/c8QoFH/vEGhFg/ItgDM5Xhj+o
GTOKnAUcCuJIkPAv0WhGTD2PyHlzxcADpHI0gChYJdpaiLXZnXJ79ppGRPSrdUri
Wx3If0FgsXiYmpPAQEFBQ4CHNGsXvg+1T69Rj1lKJWscStoM0xeuRzv2jVzJRos6
53HQOcm8gQZCK2XJQ0LhjpReD2IogkakAcoWUzY3/AQW
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:31 2025 by rpki-client