Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Wde3IvOXU95hacllJq1dXIlnPbU.roa
File: Wde3IvOXU95hacllJq1dXIlnPbU.roa (raw, json)
Hash identifier: rpJhuL3SsSTGD9WzCACN+9mbfl0Z6DlhLHLsQdWMGX0=
Subject key identifier: 59:D7:B7:22:F3:97:53:DE:61:69:C9:65:26:AD:5D:5C:89:67:3D:B5
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018DF927C83AD878DDCE20A26F443ACCB295
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Wde3IvOXU95hacllJq1dXIlnPbU.roa
Signing time: Fri 01 Mar 2024 08:35:50 +0000
ROA not before: Fri 01 Mar 2024 08:35:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49769
IP address blocks: 192.165.156.0/24 maxlen: 24
193.235.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 22:35:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:27:c8:3a:d8:78:dd:ce:20:a2:6f:44:3a:cc:b2:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 1 08:35:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59d7b722f39753de6169c96526ad5d5c89673db5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:99:84:fd:cf:7c:da:6e:cd:2c:32:91:89:34:
27:0e:76:88:e0:93:2d:90:58:44:9c:a2:4f:d3:c0:
7f:8b:b8:9f:6f:0b:b2:b2:5e:c1:0f:b8:f0:8c:06:
65:4a:d8:cb:cb:63:1d:f7:e4:90:5c:77:e2:81:82:
a1:d5:68:34:5a:fa:f7:bb:7c:a8:14:97:7e:1e:c3:
c7:22:2d:a1:c3:a7:ef:4e:c8:67:ed:af:6c:5d:94:
70:bc:d9:dd:38:30:2c:a1:06:c9:eb:95:ae:f4:c5:
e4:e2:5d:49:dd:3e:74:3a:d3:2f:48:d8:de:02:4d:
5b:e8:a2:c3:0b:65:3b:73:6b:95:36:f8:cc:48:19:
6d:ba:a9:2d:98:82:39:8f:20:25:db:1a:54:bd:2a:
ce:d2:a0:44:bc:74:9b:cf:1b:13:91:07:f2:85:3e:
44:7e:6a:ff:31:9a:18:a8:5b:4d:cb:f0:ce:5e:9f:
51:d8:ed:c0:b0:4c:5c:8c:1f:57:e2:dd:63:b6:7c:
9a:f4:d4:e0:90:44:4e:5c:55:fd:9c:03:83:92:84:
0e:2a:90:cc:f5:6c:17:cd:bc:71:a6:b5:e8:7d:12:
69:f2:bc:4d:b6:ba:4d:f5:3d:0d:34:45:d7:37:c2:
c0:2b:ce:1f:56:02:08:5d:27:fa:c0:d0:5e:48:a2:
53:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:D7:B7:22:F3:97:53:DE:61:69:C9:65:26:AD:5D:5C:89:67:3D:B5
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Wde3IvOXU95hacllJq1dXIlnPbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.165.156.0/24
193.235.2.0/24
Signature Algorithm: sha256WithRSAEncryption
79:74:db:81:38:07:5d:30:21:d9:db:12:6c:09:82:c7:0c:9b:
da:b1:37:3d:47:c3:bc:89:3f:c6:88:b7:fb:6e:c0:0e:ba:51:
cb:f2:66:ae:6a:ab:45:6e:56:40:ed:a3:e7:42:0f:39:8b:28:
77:7d:5c:8c:72:56:7e:24:a6:a9:90:c1:c6:9a:2b:8b:4f:b8:
9c:78:4e:7f:00:81:de:5c:16:47:3e:83:4e:71:86:c7:2c:03:
06:8a:cd:cd:0e:cf:3b:e2:6c:36:83:11:bb:46:e4:5e:b9:5d:
f4:eb:be:d2:75:00:ae:35:89:20:73:a1:80:fa:1c:4a:e7:39:
0c:b5:fb:9c:76:f6:ca:60:2f:48:62:ca:d9:87:e5:6a:36:04:
75:63:5b:9d:99:6f:56:84:b7:65:a0:81:84:75:40:3c:17:cf:
5d:1b:52:be:ed:0e:d6:46:01:3e:85:26:54:f5:0e:6f:db:12:
b2:3c:30:fe:97:93:05:18:ee:f6:04:f4:91:fc:e3:77:10:87:
03:b1:65:9c:a8:41:62:2b:21:c4:d8:cd:ef:0e:14:5c:82:55:
69:20:56:75:1e:6d:22:53:d0:2c:f1:43:5f:dc:f5:ad:f3:a6:
8b:ef:45:b7:8d:d3:8e:62:ad:83:44:23:3e:89:f8:f2:ac:da:
88:1b:a9:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY35J8g62HjdziCib0Q6zLKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMzAxMDgzNTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWQ3YjcyMmYzOTc1M2RlNjE2OWM5NjUyNmFkNWQ1Yzg5NjczZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpmE/c982m7NLDKRiTQnDnaI4JMt
kFhEnKJP08B/i7ifbwuysl7BD7jwjAZlStjLy2Md9+SQXHfigYKh1Wg0Wvr3u3yo
FJd+HsPHIi2hw6fvTshn7a9sXZRwvNndODAsoQbJ65Wu9MXk4l1J3T50OtMvSNje
Ak1b6KLDC2U7c2uVNvjMSBltuqktmII5jyAl2xpUvSrO0qBEvHSbzxsTkQfyhT5E
fmr/MZoYqFtNy/DOXp9R2O3AsExcjB9X4t1jtnya9NTgkEROXFX9nAODkoQOKpDM
9WwXzbxxprXofRJp8rxNtrpN9T0NNEXXN8LAK84fVgIIXSf6wNBeSKJTLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFnXtyLzl1PeYWnJZSatXVyJZz21MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvV2RlM0l2T1hVOTVoYWNsbEpxMWRYSWxuUGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwKWcAwQA
wesCMA0GCSqGSIb3DQEBCwUAA4IBAQB5dNuBOAddMCHZ2xJsCYLHDJvasTc9R8O8
iT/GiLf7bsAOulHL8mauaqtFblZA7aPnQg85iyh3fVyMclZ+JKapkMHGmiuLT7ic
eE5/AIHeXBZHPoNOcYbHLAMGis3NDs874mw2gxG7RuReuV30677SdQCuNYkgc6GA
+hxK5zkMtfucdvbKYC9IYsrZh+VqNgR1Y1udmW9WhLdloIGEdUA8F89dG1K+7Q7W
RgE+hSZU9Q5v2xKyPDD+l5MFGO72BPSR/ON3EIcDsWWcqEFiKyHE2M3vDhRcglVp
IFZ1Hm0iU9As8UNf3PWt86aL70W3jdOOYq2DRCM+ifjyrNqIG6nl
-----END CERTIFICATE-----
Generated at Thu May 23 03:16:38 2024 by rpki-client on console-ams.rpki-client.org