Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NwRc8p7U8Eiaw8dhsviB5w9IsoU.roa
File: NwRc8p7U8Eiaw8dhsviB5w9IsoU.roa (raw, json)
Hash identifier: 1b34yhLBiGtm0WEhWovEGFt3W3gFi/gmzVuZ0ggaSDE=
Subject key identifier: 37:04:5C:F2:9E:D4:F0:48:9A:C3:C7:61:B2:F8:81:E7:0F:48:B2:85
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A1536A6EE3256AD55BBF0FA9AD701
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NwRc8p7U8Eiaw8dhsviB5w9IsoU.roa
Signing time: Tue 02 Jan 2024 12:33:24 +0000
ROA not before: Tue 02 Jan 2024 12:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56673
IP address blocks: 146.120.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Nov 2024 12:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:15:36:a6:ee:32:56:ad:55:bb:f0:fa:9a:d7:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37045cf29ed4f0489ac3c761b2f881e70f48b285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:3c:1c:8a:ea:39:f2:79:45:b7:91:19:7f:5e:
38:1f:96:3a:57:a7:fd:d1:b0:de:03:35:fd:1b:9c:
ed:6e:a0:99:d0:68:75:fe:de:a1:5b:32:17:34:7a:
b6:fc:02:7b:7f:8a:83:b9:0b:29:36:d6:fa:c1:01:
6a:95:23:c0:85:3a:db:a1:e7:11:8a:a4:43:34:a6:
eb:27:91:1e:b7:f4:34:27:27:9f:f1:39:26:c6:a7:
ac:5b:42:3e:30:2f:c7:4a:7c:5f:d4:6b:41:fb:f6:
8a:70:c7:c5:67:2d:9f:b6:62:89:d5:01:45:6d:ef:
8d:c5:9d:63:d0:9b:0c:b7:0e:72:7d:34:ca:3a:59:
02:04:33:02:fc:a8:42:10:f7:05:d3:84:c5:cd:ff:
2c:b5:6c:d0:17:be:9e:e1:52:0e:4d:31:8b:32:b8:
66:7e:d8:c0:e2:4f:65:d7:45:7d:95:6a:3d:5c:4d:
c6:78:14:68:1a:ed:aa:85:e8:9b:78:2d:78:bf:6d:
43:85:4f:9a:d5:cf:15:7f:a9:1a:c1:fa:f7:a7:d0:
29:9f:81:5f:aa:1b:ac:08:e8:d7:55:d3:3e:11:9c:
8d:30:82:7f:bd:6b:90:63:dd:d4:ad:d8:f8:07:50:
77:12:1c:11:ca:47:ab:a5:73:db:19:b3:45:14:a4:
87:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:04:5C:F2:9E:D4:F0:48:9A:C3:C7:61:B2:F8:81:E7:0F:48:B2:85
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NwRc8p7U8Eiaw8dhsviB5w9IsoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.199.0/24
Signature Algorithm: sha256WithRSAEncryption
82:dd:eb:3f:4d:af:7a:11:bb:3c:12:99:8b:a3:59:6b:70:4f:
c8:d2:b6:07:8a:e9:f6:60:f6:91:48:01:44:5c:31:6a:b9:18:
21:bc:11:2a:fd:d0:c9:3e:e1:01:9b:de:e0:c0:14:fb:52:4b:
f1:56:a8:a1:68:94:e5:0f:e7:24:bb:e2:2e:af:31:ef:8d:27:
89:1f:51:8d:82:95:70:19:9e:92:90:20:f3:9c:2c:00:b6:58:
10:22:1b:a8:3a:71:0b:cb:b3:64:0d:6d:42:95:b7:3c:ec:2f:
85:25:c0:43:4f:45:e6:01:45:b4:21:df:ce:fb:0d:db:b4:aa:
f4:e7:d7:79:f7:7f:9b:38:41:4c:4f:8e:de:8a:45:9e:78:eb:
99:91:e4:6c:66:01:d8:9e:1a:ba:2f:0c:ce:8b:a6:d6:52:c0:
a0:0a:16:6d:db:5d:53:8b:63:84:18:f4:4d:a9:8c:c5:82:ee:
83:f4:58:81:af:ae:dd:bf:5d:71:ba:7d:c2:65:c4:c8:2f:1c:
12:12:a4:97:3b:a7:80:97:36:da:2a:9a:86:ed:e7:22:b0:12:
95:6a:2e:b2:20:50:1e:3c:d5:e2:48:22:88:71:40:1d:2d:7a:
7e:5a:16:b5:79:04:3e:e5:67:c2:c9:0d:a9:ae:f5:e8:e0:f8:
3c:ec:4d:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKhU2pu4yVq1Vu/D6mtcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzA0NWNmMjllZDRmMDQ4OWFjM2M3NjFiMmY4ODFlNzBmNDhiMjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Dwciuo58nlFt5EZf144H5Y6V6f9
0bDeAzX9G5ztbqCZ0Gh1/t6hWzIXNHq2/AJ7f4qDuQspNtb6wQFqlSPAhTrboecR
iqRDNKbrJ5Eet/Q0Jyef8TkmxqesW0I+MC/HSnxf1GtB+/aKcMfFZy2ftmKJ1QFF
be+NxZ1j0JsMtw5yfTTKOlkCBDMC/KhCEPcF04TFzf8stWzQF76e4VIOTTGLMrhm
ftjA4k9l10V9lWo9XE3GeBRoGu2qheibeC14v21DhU+a1c8Vf6kawfr3p9Apn4Ff
qhusCOjXVdM+EZyNMIJ/vWuQY93Urdj4B1B3EhwRykerpXPbGbNFFKSHPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDcEXPKe1PBImsPHYbL4gecPSLKFMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvTndSYzhwN1U4RWlhdzhkaHN2aUI1dzlJc29VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknjHMA0G
CSqGSIb3DQEBCwUAA4IBAQCC3es/Ta96Ebs8EpmLo1lrcE/I0rYHiun2YPaRSAFE
XDFquRghvBEq/dDJPuEBm97gwBT7UkvxVqihaJTlD+cku+IurzHvjSeJH1GNgpVw
GZ6SkCDznCwAtlgQIhuoOnELy7NkDW1Clbc87C+FJcBDT0XmAUW0Id/O+w3btKr0
59d593+bOEFMT47eikWeeOuZkeRsZgHYnhq6LwzOi6bWUsCgChZt211Ti2OEGPRN
qYzFgu6D9FiBr67dv11xun3CZcTILxwSEqSXO6eAlzbaKpqG7ecisBKVai6yIFAe
PNXiSCKIcUAdLXp+Wha1eQQ+5WfCyQ2prvXo4Pg87E2a
-----END CERTIFICATE-----
Generated at Sun Nov 10 16:47:38 2024 by rpki-client on console-fra.rpki-client.org