Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/iBHKpNBxlPNQ0sN4hQrBhoNwkVg.roa
File: iBHKpNBxlPNQ0sN4hQrBhoNwkVg.roa (raw, json)
Hash identifier: yHoyRVYlUM8ml+1db+I5JDMZ+3AtxnA82AYDx5pAdjk=
Subject key identifier: 88:11:CA:A4:D0:71:94:F3:50:D2:C3:78:85:0A:C1:86:83:70:91:58
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FA3378DE1A7C68D67F027B0871316
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/iBHKpNBxlPNQ0sN4hQrBhoNwkVg.roa
Signing time: Thu 02 Jan 2025 05:49:17 +0000
ROA not before: Thu 02 Jan 2025 05:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44340
IP address blocks: 146.120.174.0/23 maxlen: 24
146.120.174.0/24 maxlen: 24
146.120.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:a3:37:8d:e1:a7:c6:8d:67:f0:27:b0:87:13:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8811caa4d07194f350d2c378850ac18683709158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e8:a8:f0:b7:71:2e:1a:25:f2:cd:93:be:d7:
2a:a0:d7:5d:44:43:a1:3a:68:1f:fe:b7:fb:ae:b3:
bb:e4:5a:2b:b2:de:03:cf:1e:aa:91:c0:d5:27:ac:
4d:ef:8a:22:5e:4a:a8:ff:d5:5e:b8:37:ab:3a:cd:
07:43:20:75:b4:7b:f7:79:cc:5c:04:a1:9d:4a:8a:
04:08:05:0f:00:ad:1a:f0:f8:65:c9:1a:a3:04:ff:
18:e1:fd:c3:14:97:b3:8d:cd:a0:61:ac:2d:ac:bc:
1b:c0:01:7a:af:2a:f4:1a:1b:77:c2:d9:d6:1a:47:
70:ab:77:d4:d0:fc:f5:5a:41:3d:81:d7:30:38:bb:
2c:c0:67:ff:f6:e3:64:b8:79:a2:cc:2c:a8:51:f5:
d1:50:93:83:3b:3f:64:8a:e0:bd:01:5e:c9:2c:f1:
3d:77:da:b2:d0:58:e8:db:ab:97:6b:4b:05:17:65:
f8:20:13:c5:b1:71:84:2c:81:97:7b:f7:b5:45:ab:
d5:0c:63:eb:24:1b:72:fa:35:03:39:8f:3d:0b:a2:
4f:42:15:78:f1:3d:eb:8c:db:31:49:f8:a1:04:5d:
6f:09:fa:4d:92:1a:6a:79:1a:08:78:e7:f6:87:d7:
ed:59:7b:7e:de:5c:63:bc:b9:f9:7b:a5:63:ac:ab:
51:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:11:CA:A4:D0:71:94:F3:50:D2:C3:78:85:0A:C1:86:83:70:91:58
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/iBHKpNBxlPNQ0sN4hQrBhoNwkVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.174.0/23
Signature Algorithm: sha256WithRSAEncryption
06:bd:c2:19:f5:0f:2a:a4:1b:3b:df:47:8c:fa:18:1d:ee:f4:
78:d8:2b:81:8d:9c:ad:c7:60:28:a2:58:ff:ae:3b:97:c6:4f:
4d:ec:c0:e9:3a:ae:10:4a:9b:e6:fc:ca:41:c5:53:1a:8f:7e:
43:6c:ba:00:bf:75:ed:12:77:e1:2f:4a:c5:07:cd:14:d9:1b:
1e:47:43:15:e1:91:cb:cb:f0:93:ce:52:cd:f0:fc:9f:3c:c5:
68:f6:fc:db:bd:88:f0:db:8a:2a:99:85:1e:f3:cd:13:6d:48:
f8:99:9f:d4:41:a5:9d:3c:ed:cf:9e:0e:2e:db:44:ad:15:f5:
ca:e3:7a:96:d1:bc:0d:c6:10:a6:e6:ff:21:41:a3:2e:11:3f:
4a:40:bd:67:07:46:01:9c:5b:2a:5d:4e:d2:1f:12:dc:19:48:
68:0c:8e:7f:69:ba:bb:a8:30:84:95:00:1c:e1:c5:04:e3:da:
d2:69:56:4b:d5:99:d0:40:64:a2:6f:a8:99:14:8b:b4:c8:48:
1a:88:9b:7a:40:a1:a8:27:4d:12:2c:e8:76:4d:7d:2d:fa:d5:
f8:ca:2b:4e:eb:66:00:f2:74:57:7a:0d:36:fa:93:67:e2:8f:
67:0c:f0:42:e3:bd:55:ef:4b:f0:ce:95:5f:1b:54:c2:a7:61:
fb:e0:e7:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj6M3jeGnxo1n8CewhxMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODExY2FhNGQwNzE5NGYzNTBkMmMzNzg4NTBhYzE4NjgzNzA5MTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOio8LdxLhol8s2TvtcqoNddREOh
Omgf/rf7rrO75Forst4Dzx6qkcDVJ6xN74oiXkqo/9VeuDerOs0HQyB1tHv3ecxc
BKGdSooECAUPAK0a8PhlyRqjBP8Y4f3DFJezjc2gYawtrLwbwAF6ryr0Ght3wtnW
Gkdwq3fU0Pz1WkE9gdcwOLsswGf/9uNkuHmizCyoUfXRUJODOz9kiuC9AV7JLPE9
d9qy0Fjo26uXa0sFF2X4IBPFsXGELIGXe/e1RavVDGPrJBty+jUDOY89C6JPQhV4
8T3rjNsxSfihBF1vCfpNkhpqeRoIeOf2h9ftWXt+3lxjvLn5e6VjrKtRYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIgRyqTQcZTzUNLDeIUKwYaDcJFYMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvaUJIS3BOQnhsUE5RMHNONGhRckJob053a1ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBkniuMA0G
CSqGSIb3DQEBCwUAA4IBAQAGvcIZ9Q8qpBs730eM+hgd7vR42CuBjZytx2Aoolj/
rjuXxk9N7MDpOq4QSpvm/MpBxVMaj35DbLoAv3XtEnfhL0rFB80U2RseR0MV4ZHL
y/CTzlLN8PyfPMVo9vzbvYjw24oqmYUe880TbUj4mZ/UQaWdPO3Png4u20StFfXK
43qW0bwNxhCm5v8hQaMuET9KQL1nB0YBnFsqXU7SHxLcGUhoDI5/abq7qDCElQAc
4cUE49rSaVZL1ZnQQGSib6iZFIu0yEgaiJt6QKGoJ00SLOh2TX0t+tX4yitO62YA
8nRXeg02+pNn4o9nDPBC471V70vwzpVfG1TCp2H74Oe8
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:16 2025 by rpki-client