Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/nVtM49tEGAH-1aWyF0kRQDIkMAQ.roa
File: nVtM49tEGAH-1aWyF0kRQDIkMAQ.roa (raw, json)
Hash identifier: SCvlQDxkBKkBH7t74NFjWKm5Ha3cLwoKsvKephiP8oI=
Subject key identifier: 9D:5B:4C:E3:DB:44:18:01:FE:D5:A5:B2:17:49:11:40:32:24:30:04
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FA7894725851980B21BA3DD3B644C
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/nVtM49tEGAH-1aWyF0kRQDIkMAQ.roa
Signing time: Thu 02 Jan 2025 05:49:18 +0000
ROA not before: Thu 02 Jan 2025 05:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44835
IP address blocks: 146.120.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 02:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:a7:89:47:25:85:19:80:b2:1b:a3:dd:3b:64:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d5b4ce3db441801fed5a5b21749114032243004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:12:8d:af:fa:0c:87:57:9d:25:8d:ac:c5:6c:
8c:68:18:48:f3:48:60:65:b6:32:31:06:0b:21:d1:
78:68:82:bf:4f:77:20:ad:bb:55:a8:79:03:40:0f:
1b:47:01:e1:36:af:b6:29:a0:a0:90:9b:b9:c8:c3:
58:ab:ab:a3:87:84:4f:fc:bd:8e:f6:07:4f:82:a3:
f1:77:f2:66:be:e9:49:83:5f:4a:83:84:98:08:63:
25:13:60:99:10:ff:42:31:c7:a6:ab:61:c5:34:cc:
7e:c8:cf:93:21:51:a7:f6:03:c9:05:90:80:f4:72:
5e:23:fa:4e:c4:8b:46:21:6d:3b:97:34:97:13:15:
0e:22:e1:93:22:10:dc:35:82:e1:31:19:3f:c7:00:
01:0d:6a:77:94:51:1c:50:ad:7b:28:b0:d4:ad:72:
32:13:1a:ba:cb:d8:9a:35:da:c1:44:b1:c2:85:aa:
13:58:ea:46:27:ad:59:ed:5e:60:21:9b:56:1d:78:
47:eb:0a:07:85:8f:af:f3:f7:b5:95:7a:2b:11:c2:
4f:f6:15:d2:e8:1d:06:4d:62:fb:40:6d:ca:2a:5b:
31:ec:a4:5b:93:82:0c:f3:8b:25:18:ae:52:37:b5:
e4:d6:bd:ac:74:fc:7b:ab:89:51:a7:a0:0c:fe:53:
db:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:5B:4C:E3:DB:44:18:01:FE:D5:A5:B2:17:49:11:40:32:24:30:04
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/nVtM49tEGAH-1aWyF0kRQDIkMAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.224.0/24
Signature Algorithm: sha256WithRSAEncryption
56:ac:2c:9e:44:51:54:e6:a3:ae:e3:fa:84:96:c0:ee:8b:78:
d6:e5:b9:35:c3:7c:2d:a2:84:ee:0a:28:65:a6:14:8b:2c:7c:
82:9f:90:ca:6d:d4:77:30:6c:0c:d9:c4:37:bc:34:d3:a8:c7:
78:da:bc:33:30:c3:e3:0f:d8:c6:e4:47:03:60:ce:32:7a:83:
32:39:96:f8:c9:8a:e1:b9:3e:ce:94:12:c8:fb:32:b8:01:31:
9c:c0:22:4b:46:31:c1:28:e9:39:7c:e0:00:89:02:30:c9:cb:
88:8f:84:85:39:75:46:dd:24:14:55:89:52:5d:fa:5b:6a:ca:
a0:0d:e4:24:dc:d6:4c:18:5e:0b:7f:d9:cc:84:78:99:34:ee:
e9:3a:f7:a2:cf:59:a5:63:b4:d3:bd:d9:61:aa:9e:df:5f:f3:
af:aa:3e:53:0f:cc:0e:e5:a7:0b:f1:62:c4:c7:5f:45:09:c1:
dd:c7:c0:c7:7a:a9:09:61:83:da:69:a6:a3:49:c4:58:be:d9:
42:e5:28:13:f5:13:19:a4:63:71:61:29:45:47:79:e2:d2:20:
bb:45:c5:ba:9e:c9:1d:fa:ff:ca:4a:c3:cc:20:4f:f9:45:60:
c4:aa:4c:34:d1:15:cb:86:93:ee:c7:7a:9c:57:f7:1b:83:ca:
1e:55:78:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj6eJRyWFGYCyG6PdO2RMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDViNGNlM2RiNDQxODAxZmVkNWE1YjIxNzQ5MTE0MDMyMjQzMDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hKNr/oMh1edJY2sxWyMaBhI80hg
ZbYyMQYLIdF4aIK/T3cgrbtVqHkDQA8bRwHhNq+2KaCgkJu5yMNYq6ujh4RP/L2O
9gdPgqPxd/JmvulJg19Kg4SYCGMlE2CZEP9CMcemq2HFNMx+yM+TIVGn9gPJBZCA
9HJeI/pOxItGIW07lzSXExUOIuGTIhDcNYLhMRk/xwABDWp3lFEcUK17KLDUrXIy
Exq6y9iaNdrBRLHChaoTWOpGJ61Z7V5gIZtWHXhH6woHhY+v8/e1lXorEcJP9hXS
6B0GTWL7QG3KKlsx7KRbk4IM84slGK5SN7Xk1r2sdPx7q4lRp6AM/lPbsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1bTOPbRBgB/tWlshdJEUAyJDAEMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvblZ0TTQ5dEVHQUgtMWFXeUYwa1JRRElrTUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknjgMA0G
CSqGSIb3DQEBCwUAA4IBAQBWrCyeRFFU5qOu4/qElsDui3jW5bk1w3wtooTuCihl
phSLLHyCn5DKbdR3MGwM2cQ3vDTTqMd42rwzMMPjD9jG5EcDYM4yeoMyOZb4yYrh
uT7OlBLI+zK4ATGcwCJLRjHBKOk5fOAAiQIwycuIj4SFOXVG3SQUVYlSXfpbasqg
DeQk3NZMGF4Lf9nMhHiZNO7pOveiz1mlY7TTvdlhqp7fX/Ovqj5TD8wO5acL8WLE
x19FCcHdx8DHeqkJYYPaaaajScRYvtlC5SgT9RMZpGNxYSlFR3ni0iC7RcW6nskd
+v/KSsPMIE/5RWDEqkw00RXLhpPux3qcV/cbg8oeVXiJ
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:17:57 2025 by rpki-client