Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/XIbKJD2DvGbVLpz56tTsR2qZ_-0.roa
File: XIbKJD2DvGbVLpz56tTsR2qZ_-0.roa (raw, json)
Hash identifier: nwWylqk71IV4I0EMFAX0lQkKlkrvqjTJ6h+r5a76WOw=
Subject key identifier: 5C:86:CA:24:3D:83:BC:66:D5:2E:9C:F9:EA:D4:EC:47:6A:99:FF:ED
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802FA81E19595E424398EEFE98F0D09
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/XIbKJD2DvGbVLpz56tTsR2qZ_-0.roa
Signing time: Tue 02 Jan 2024 02:31:27 +0000
ROA not before: Tue 02 Jan 2024 02:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197942
IP address blocks: 193.234.81.0/24 maxlen: 24
194.103.18.0/24 maxlen: 24
193.183.182.0/24 maxlen: 24
193.183.188.0/24 maxlen: 24
193.234.198.0/24 maxlen: 24
194.14.187.0/24 maxlen: 24
193.180.160.0/23 maxlen: 23
192.36.180.0/24 maxlen: 24
194.71.64.0/22 maxlen: 22
194.71.68.0/22 maxlen: 22
194.14.218.0/24 maxlen: 24
194.71.72.0/21 maxlen: 24
194.71.81.0/24 maxlen: 24
193.182.121.0/24 maxlen: 24
194.71.80.0/24 maxlen: 24
194.71.82.0/24 maxlen: 24
2a01:280:3a8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Jun 2024 02:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:fa:81:e1:95:95:e4:24:39:8e:ef:e9:8f:0d:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c86ca243d83bc66d52e9cf9ead4ec476a99ffed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4d:38:79:ab:c7:26:e5:ce:41:1e:96:21:2e:
45:35:8d:44:99:f1:fd:33:4c:72:f4:d2:f5:2b:ab:
fd:72:2f:a2:90:a1:0f:0a:62:e2:d7:94:c5:fa:34:
59:4f:67:de:74:e8:fd:7f:f4:56:c0:d0:d0:94:25:
46:36:aa:c4:de:b0:0c:d9:32:d3:39:0d:7d:90:ef:
80:8e:c0:39:e4:6b:08:91:65:e2:f4:5a:e8:47:f4:
e1:22:e1:cc:93:b0:55:ff:09:97:4a:af:5d:01:c2:
35:f7:6b:51:2e:8f:bc:76:49:15:84:19:b4:96:d9:
18:e6:fc:99:d7:c2:1f:fc:4e:3b:3d:a6:99:14:d3:
13:5c:8b:ee:99:21:35:81:09:9a:fa:ba:0c:7f:1a:
94:5b:a2:aa:42:16:aa:cd:9d:b6:a4:8b:68:45:c9:
34:4b:42:2b:be:97:06:a1:4a:0a:bf:57:c3:82:b1:
17:86:44:bd:ea:7a:68:1f:8c:0a:1b:97:20:28:dc:
a8:68:d3:36:72:8c:92:a4:dd:0a:1a:02:15:4f:a7:
b4:19:9e:d6:50:cd:08:7e:20:6e:63:a6:bb:09:2c:
35:c6:69:2d:36:c9:73:b8:08:72:c1:25:d6:4e:6f:
e1:e9:1e:4c:dd:70:c9:77:49:23:13:0a:eb:67:e0:
6f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:86:CA:24:3D:83:BC:66:D5:2E:9C:F9:EA:D4:EC:47:6A:99:FF:ED
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/XIbKJD2DvGbVLpz56tTsR2qZ_-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.180.0/24
193.180.160.0/23
193.182.121.0/24
193.183.182.0/24
193.183.188.0/24
193.234.81.0/24
193.234.198.0/24
194.14.187.0/24
194.14.218.0/24
194.71.64.0-194.71.82.255
194.103.18.0/24
IPv6:
2a01:280:3a8::/48
Signature Algorithm: sha256WithRSAEncryption
a3:97:9c:33:ac:c1:3d:29:77:9c:72:e2:47:f6:b3:81:68:7a:
14:cc:a1:62:a4:b5:33:17:5e:e4:b2:61:90:81:ff:02:36:5d:
9a:9e:da:b3:b9:7b:d1:5b:d7:22:6a:8a:bc:01:69:50:44:c0:
5a:1c:5b:cc:20:46:15:1b:e1:94:e2:6d:44:be:d1:c2:ba:09:
1a:a5:88:6d:fc:43:d1:56:0d:c8:29:1a:5b:03:46:53:bc:22:
96:76:58:cd:66:2a:5e:b5:51:6b:c7:c5:78:99:63:6a:cd:51:
2f:81:42:d8:f4:ee:08:55:69:8c:07:d4:08:d4:b0:ea:32:0b:
7e:38:74:a6:db:5f:88:61:fb:e7:88:46:72:ac:59:30:a6:ef:
b9:7e:12:a4:85:fc:77:59:12:49:cf:97:4c:97:a2:87:4f:58:
e8:1a:97:ab:a8:27:85:37:4e:de:e7:42:00:a7:2d:16:24:de:
ff:a6:41:d1:47:95:dd:60:53:c2:ed:28:b3:87:45:b5:ee:ac:
0b:ba:4e:93:1a:ce:46:ee:47:db:e0:ee:d3:ef:4b:d3:09:67:
39:65:a1:1f:b6:dd:cb:db:c7:25:5d:57:69:05:5d:a2:e8:bf:
ed:77:08:a4:00:8f:11:0d:e4:c7:c3:ce:e6:1d:29:2a:c3:d3:
78:36:91:64
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYzIAvqB4ZWV5CQ5ju/pjw0JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzg2Y2EyNDNkODNiYzY2ZDUyZTljZjllYWQ0ZWM0NzZhOTlmZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApE04eavHJuXOQR6WIS5FNY1EmfH9
M0xy9NL1K6v9ci+ikKEPCmLi15TF+jRZT2fedOj9f/RWwNDQlCVGNqrE3rAM2TLT
OQ19kO+AjsA55GsIkWXi9FroR/ThIuHMk7BV/wmXSq9dAcI192tRLo+8dkkVhBm0
ltkY5vyZ18If/E47PaaZFNMTXIvumSE1gQma+roMfxqUW6KqQhaqzZ22pItoRck0
S0IrvpcGoUoKv1fDgrEXhkS96npoH4wKG5cgKNyoaNM2coySpN0KGgIVT6e0GZ7W
UM0IfiBuY6a7CSw1xmktNslzuAhywSXWTm/h6R5M3XDJd0kjEwrrZ+BvJQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFFyGyiQ9g7xm1S6c+erU7Edqmf/tMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvWEliS0pEMkR2R2JWTHB6NTZ0VHNSMnFaXy0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBQBAIAATBKAwQAwCS0AwQB
wbSgAwQAwbZ5AwQAwbe2AwQAwbe8AwQAwepRAwQAwerGAwQAwg67AwQAwg7aMAwD
BAbCR0ADBADCR1IDBADCZxIwDwQCAAIwCQMHACoBAoADqDANBgkqhkiG9w0BAQsF
AAOCAQEAo5ecM6zBPSl3nHLiR/azgWh6FMyhYqS1Mxde5LJhkIH/AjZdmp7as7l7
0VvXImqKvAFpUETAWhxbzCBGFRvhlOJtRL7RwroJGqWIbfxD0VYNyCkaWwNGU7wi
lnZYzWYqXrVRa8fFeJljas1RL4FC2PTuCFVpjAfUCNSw6jILfjh0pttfiGH754hG
cqxZMKbvuX4SpIX8d1kSSc+XTJeih09Y6BqXq6gnhTdO3udCAKctFiTe/6ZB0UeV
3WBTwu0os4dFte6sC7pOkxrORu5H2+Du0+9L0wlnOWWhH7bdy9vHJV1XaQVdoui/
7XcIpACPEQ3kx8PO5h0pKsPTeDaRZA==
-----END CERTIFICATE-----
Generated at Tue Jun 4 11:45:46 2024 by rpki-client on console-ams.rpki-client.org