Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/QOD5B0_zQ24ObdK16ERxQJPCRko.roa
File: QOD5B0_zQ24ObdK16ERxQJPCRko.roa (raw, json)
Hash identifier: RUu65edQ7xmblXIHLUCSZyPMMJ33dPleMHT4yFUhjbU=
Subject key identifier: 40:E0:F9:07:4F:F3:43:6E:0E:6D:D2:B5:E8:44:71:40:93:C2:46:4A
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FA2C817BDC6DE84413C71F987B33B
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/QOD5B0_zQ24ObdK16ERxQJPCRko.roa
Signing time: Thu 02 Jan 2025 05:49:17 +0000
ROA not before: Thu 02 Jan 2025 05:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44321
IP address blocks: 146.120.12.0/24 maxlen: 24
146.120.40.0/21 maxlen: 24
146.120.56.0/21 maxlen: 24
146.120.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:a2:c8:17:bd:c6:de:84:41:3c:71:f9:87:b3:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40e0f9074ff3436e0e6dd2b5e844714093c2464a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5e:db:cd:75:88:7e:3b:49:54:4e:80:f6:71:
51:51:4b:39:55:37:26:3c:20:4c:48:dd:f8:ac:e4:
b5:4c:13:cc:8b:4a:c6:88:f8:b6:7a:50:db:6d:16:
00:0a:71:25:b3:d3:90:a8:1c:92:6a:e2:f7:00:01:
ff:94:3c:5f:36:e7:04:85:f7:5a:dd:58:a6:c4:36:
b7:d2:18:55:62:a4:9a:2d:66:3b:31:b5:07:40:81:
a8:67:73:89:a4:24:2e:97:79:a5:c2:c5:0f:9f:1b:
75:2f:b9:02:45:11:a3:1f:5a:bb:35:d8:75:8e:3f:
d3:d7:10:3a:eb:4d:46:6c:10:e6:44:fc:46:80:ab:
b1:3e:b6:3d:10:bc:55:d2:19:c0:e2:42:ec:ef:7f:
5e:8d:c3:5f:fc:af:ec:22:17:e5:21:fa:8c:0b:f3:
2a:da:58:0d:0e:7d:50:03:31:95:27:c2:49:dc:1a:
f9:1f:6f:55:a9:f4:27:df:64:bd:6f:91:f7:ef:10:
41:da:b5:43:cd:92:1e:35:fe:64:86:de:5a:91:a5:
45:11:b9:a3:f5:48:d7:0e:16:8a:a3:f6:3e:89:a9:
58:e3:2d:c8:1d:b2:d8:d4:83:3c:e3:ba:3f:82:72:
27:c8:29:75:a7:65:e1:81:c5:a0:d7:5b:a8:4b:62:
b8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E0:F9:07:4F:F3:43:6E:0E:6D:D2:B5:E8:44:71:40:93:C2:46:4A
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/QOD5B0_zQ24ObdK16ERxQJPCRko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.12.0/24
146.120.40.0/21
146.120.56.0/21
146.120.97.0/24
Signature Algorithm: sha256WithRSAEncryption
46:4f:25:95:2b:b4:0a:47:c2:a3:56:30:80:a1:34:ef:c0:be:
3c:cb:8f:c4:bd:9a:ef:1e:d2:d5:48:f2:bf:ae:32:b0:22:68:
99:e4:53:45:5e:24:20:23:b5:b2:51:64:76:b7:1d:1d:f9:4f:
ec:e0:ca:e9:63:f5:ba:d0:48:b6:17:47:60:f4:dd:be:3c:14:
42:92:a2:9e:a8:ba:c0:ba:84:9e:10:23:0b:62:83:a9:b2:fc:
c0:e4:45:03:d2:4a:d4:d9:d7:83:a6:e7:55:d7:32:6c:11:63:
6e:a2:de:8b:7d:3b:b7:b6:76:9c:0e:15:aa:49:75:bc:62:b0:
c6:3a:9e:35:5c:34:97:b6:98:d0:aa:8e:e1:ea:45:7b:76:a0:
81:0d:39:55:f8:ba:24:a7:7c:0d:a6:42:f2:b2:fa:c4:2e:ac:
24:d4:49:c5:e3:23:af:22:05:e1:44:24:f2:f7:4a:d6:b8:ad:
de:e3:d0:c4:7c:5b:50:46:19:98:9b:35:12:d0:de:17:db:35:
96:71:5c:2c:3e:10:fa:b0:07:13:7e:4a:9c:b3:2a:49:79:e1:
31:5e:14:70:21:38:4f:b2:8b:5b:7d:77:c3:41:fc:89:29:d2:
7c:f4:b6:93:71:14:b5:f1:63:ab:64:7b:5d:69:a9:14:e0:ad:
53:dc:81:1d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQlj6LIF73G3oRBPHH5h7M7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGUwZjkwNzRmZjM0MzZlMGU2ZGQyYjVlODQ0NzE0MDkzYzI0NjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo17bzXWIfjtJVE6A9nFRUUs5VTcm
PCBMSN34rOS1TBPMi0rGiPi2elDbbRYACnEls9OQqBySauL3AAH/lDxfNucEhfda
3VimxDa30hhVYqSaLWY7MbUHQIGoZ3OJpCQul3mlwsUPnxt1L7kCRRGjH1q7Ndh1
jj/T1xA6601GbBDmRPxGgKuxPrY9ELxV0hnA4kLs739ejcNf/K/sIhflIfqMC/Mq
2lgNDn1QAzGVJ8JJ3Br5H29VqfQn32S9b5H37xBB2rVDzZIeNf5kht5akaVFEbmj
9UjXDhaKo/Y+ialY4y3IHbLY1IM847o/gnInyCl1p2XhgcWg11uoS2K4awIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEDg+QdP80NuDm3StehEcUCTwkZKMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvUU9ENUIwX3pRMjRPYmRLMTZFUnhRSlBDUmtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAkngMAwQD
kngoAwQDkng4AwQAknhhMA0GCSqGSIb3DQEBCwUAA4IBAQBGTyWVK7QKR8KjVjCA
oTTvwL48y4/EvZrvHtLVSPK/rjKwImiZ5FNFXiQgI7WyUWR2tx0d+U/s4MrpY/W6
0Ei2F0dg9N2+PBRCkqKeqLrAuoSeECMLYoOpsvzA5EUD0krU2deDpudV1zJsEWNu
ot6LfTu3tnacDhWqSXW8YrDGOp41XDSXtpjQqo7h6kV7dqCBDTlV+Lokp3wNpkLy
svrELqwk1EnF4yOvIgXhRCTy90rWuK3e49DEfFtQRhmYmzUS0N4X2zWWcVwsPhD6
sAcTfkqcsypJeeExXhRwIThPsotbfXfDQfyJKdJ89LaTcRS18WOrZHtdaakU4K1T
3IEd
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:56:06 2025 by rpki-client