Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/RXXjRcKC_4E4jtVTXPxb6Xng81Y.roa
File: RXXjRcKC_4E4jtVTXPxb6Xng81Y.roa (raw, json)
Hash identifier: WyfF6R4JQ1dLmfbtklglcOC4JfThKn7ASJaghW08Fho=
Subject key identifier: 45:75:E3:45:C2:82:FF:81:38:8E:D5:53:5C:FC:5B:E9:79:E0:F3:56
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FB2A1718A6A0156B2F4FD87E3D374
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/RXXjRcKC_4E4jtVTXPxb6Xng81Y.roa
Signing time: Thu 02 Jan 2025 05:49:21 +0000
ROA not before: Thu 02 Jan 2025 05:49:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49376
IP address blocks: 146.120.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:b2:a1:71:8a:6a:01:56:b2:f4:fd:87:e3:d3:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4575e345c282ff81388ed5535cfc5be979e0f356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8c:78:a9:82:95:36:a1:6a:25:77:b9:fd:37:
2c:55:2e:ca:e0:96:72:ff:62:a3:80:ed:b0:81:a9:
1f:63:cf:e3:36:56:54:23:e5:c4:aa:7a:2d:6f:ac:
ba:60:8d:22:26:02:47:27:44:e1:39:43:67:ad:3d:
e3:cc:fc:7f:ef:64:2e:8e:5c:78:df:27:57:cb:73:
34:b2:eb:2e:f4:ff:d8:5b:a1:8f:89:2e:f6:07:4a:
4d:a5:ae:89:9b:e5:80:9c:5d:63:15:b5:8e:e0:34:
db:83:1a:02:fe:cb:10:7c:a9:57:5e:af:aa:74:1a:
d1:78:10:2c:3d:28:9c:07:34:00:10:bb:ca:49:58:
b5:17:2b:9f:87:37:69:46:ca:1e:cc:c1:c7:ec:2a:
8f:b1:12:c3:c8:5b:5a:f6:e3:2c:05:41:e9:37:cc:
ef:5c:0b:2d:30:97:06:07:19:ca:f4:e1:6b:83:88:
19:cc:3e:f7:6e:b8:df:55:ad:69:22:6f:59:d6:ee:
0f:86:13:6b:61:e7:0a:02:47:63:55:6b:30:b6:98:
8b:c3:2a:53:34:72:b9:6a:cb:d7:18:91:e0:b7:82:
d5:70:6f:a1:fa:1d:06:af:bf:03:28:40:39:1f:bd:
d3:7f:28:49:6c:ef:cb:58:05:c0:6f:2f:1a:07:96:
81:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:75:E3:45:C2:82:FF:81:38:8E:D5:53:5C:FC:5B:E9:79:E0:F3:56
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/RXXjRcKC_4E4jtVTXPxb6Xng81Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.207.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:93:33:d9:50:b0:73:a7:56:50:8a:13:22:ee:d9:90:a2:a1:
ac:44:43:7e:41:34:88:d0:d1:cb:21:c6:79:d5:9c:f3:84:bf:
ee:e2:47:6d:94:27:e4:b2:a8:32:5c:70:8a:15:f7:79:64:48:
e2:0d:f3:38:92:06:b5:5a:74:6f:fc:40:b0:6a:af:a9:fd:bf:
aa:b8:e3:4a:0e:e6:3a:3a:b2:b6:e1:1f:7d:0b:f6:76:33:70:
4f:9a:d8:65:aa:07:2b:ff:df:43:05:3f:80:6a:8a:b6:c8:7f:
ff:49:09:31:ad:3e:92:7a:65:1c:f9:7b:83:d3:81:7b:7a:81:
15:13:35:1c:bd:ab:c8:4a:3b:0a:04:2b:5a:f7:bd:28:d4:43:
fc:16:fc:7d:6b:c1:17:d9:dd:63:09:88:6a:36:92:51:62:ca:
a7:06:16:42:a5:55:9c:91:d0:3d:70:96:de:83:9f:1e:d9:78:
bb:59:ad:ad:ff:6c:2a:9f:d1:6f:2d:f9:96:57:69:4c:2b:b7:
2d:2a:af:d9:16:9d:27:5a:ef:55:6e:e7:05:2f:ec:a5:38:c6:
2d:14:fc:71:18:97:c2:30:17:1d:9f:5c:08:67:64:58:be:7d:
e8:46:a9:8a:ed:78:bf:59:44:37:6a:5b:3d:90:cf:5b:f2:eb:
9e:34:47:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj7KhcYpqAVay9P2H49N0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTc1ZTM0NWMyODJmZjgxMzg4ZWQ1NTM1Y2ZjNWJlOTc5ZTBmMzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIx4qYKVNqFqJXe5/TcsVS7K4JZy
/2KjgO2wgakfY8/jNlZUI+XEqnotb6y6YI0iJgJHJ0ThOUNnrT3jzPx/72Qujlx4
3ydXy3M0susu9P/YW6GPiS72B0pNpa6Jm+WAnF1jFbWO4DTbgxoC/ssQfKlXXq+q
dBrReBAsPSicBzQAELvKSVi1FyufhzdpRsoezMHH7CqPsRLDyFta9uMsBUHpN8zv
XAstMJcGBxnK9OFrg4gZzD73brjfVa1pIm9Z1u4PhhNrYecKAkdjVWswtpiLwypT
NHK5asvXGJHgt4LVcG+h+h0Gr78DKEA5H73TfyhJbO/LWAXAby8aB5aBmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEV140XCgv+BOI7VU1z8W+l54PNWMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvUlhYalJjS0NfNEU0anRWVFhQeGI2WG5nODFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknjPMA0G
CSqGSIb3DQEBCwUAA4IBAQAakzPZULBzp1ZQihMi7tmQoqGsREN+QTSI0NHLIcZ5
1ZzzhL/u4kdtlCfksqgyXHCKFfd5ZEjiDfM4kga1WnRv/ECwaq+p/b+quONKDuY6
OrK24R99C/Z2M3BPmthlqgcr/99DBT+Aaoq2yH//SQkxrT6SemUc+XuD04F7eoEV
EzUcvavISjsKBCta970o1EP8Fvx9a8EX2d1jCYhqNpJRYsqnBhZCpVWckdA9cJbe
g58e2Xi7Wa2t/2wqn9FvLfmWV2lMK7ctKq/ZFp0nWu9VbucFL+ylOMYtFPxxGJfC
MBcdn1wIZ2RYvn3oRqmK7Xi/WUQ3als9kM9b8uueNEf9
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:32 2025 by rpki-client