Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/aZ1D-4N7wq-xn9snRc5kEEx-tkw.roa
File: aZ1D-4N7wq-xn9snRc5kEEx-tkw.roa (raw, json)
Hash identifier: OJjzQurHAcFR+2X21K8Tg4W9L2JEKKdTSI++onhIvqw=
Subject key identifier: 69:9D:43:FB:83:7B:C2:AF:B1:9F:DB:27:45:CE:64:10:4C:7E:B6:4C
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018F063998FD2B03FC42DC94F6A441F10F2C
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/aZ1D-4N7wq-xn9snRc5kEEx-tkw.roa
Signing time: Mon 22 Apr 2024 14:33:09 +0000
ROA not before: Mon 22 Apr 2024 14:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57630
IP address blocks: 192.71.0.0/24 maxlen: 24
192.165.3.0/24 maxlen: 24
192.165.134.0/23 maxlen: 23
193.180.92.0/24 maxlen: 24
193.181.34.0/24 maxlen: 24
193.183.20.0/24 maxlen: 24
193.183.49.0/24 maxlen: 24
193.183.59.0/24 maxlen: 24
193.234.3.0/24 maxlen: 24
193.234.94.0/24 maxlen: 24
193.234.116.0/22 maxlen: 22
193.234.144.0/24 maxlen: 24
193.234.205.0/24 maxlen: 24
194.14.57.0/24 maxlen: 24
194.68.181.0/24 maxlen: 24
194.71.0.0/23 maxlen: 23
194.71.219.0/24 maxlen: 24
194.103.3.0/24 maxlen: 24
194.103.16.0/23 maxlen: 24
194.103.95.0/24 maxlen: 24
194.103.145.0/24 maxlen: 24
194.103.197.0/24 maxlen: 24
194.132.164.0/24 maxlen: 24
194.132.166.0/24 maxlen: 24
194.132.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 22:35:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:39:98:fd:2b:03:fc:42:dc:94:f6:a4:41:f1:0f:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Apr 22 14:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=699d43fb837bc2afb19fdb2745ce64104c7eb64c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fb:05:c0:99:c5:c8:71:b4:71:9b:c7:55:b6:
24:63:ab:cf:31:e5:29:54:67:af:ad:dc:ca:01:6c:
ab:ed:c4:99:4e:59:b4:15:74:b6:b3:f5:8d:2f:67:
19:11:fe:e8:54:95:69:89:25:f7:44:e9:6a:35:42:
49:7d:4c:54:20:fa:4d:a4:5f:ff:af:43:64:15:52:
0a:33:2a:6c:64:98:c1:54:c8:38:96:7f:c1:f6:51:
3e:17:bc:e2:f3:fc:20:b1:6f:d8:6c:af:52:ac:5c:
20:21:eb:11:82:c5:31:0f:8a:1f:e2:d9:6d:c2:4a:
b6:dd:4c:cc:f3:bf:37:b7:7c:10:1b:b4:96:a0:92:
34:6a:f1:ab:1e:12:46:7e:5f:9b:52:d9:7a:ff:aa:
95:1c:22:fa:75:b8:a0:c6:4b:4b:18:ef:08:b9:ce:
21:4a:e2:f8:23:cf:76:4b:d4:0d:b2:3a:a5:8a:19:
b0:42:93:b3:39:a3:c8:f4:7d:40:fe:5d:9a:e7:b3:
0b:0e:48:48:30:c4:2f:e0:c5:ed:c7:98:45:ff:83:
9e:20:3a:29:8f:af:5c:18:e6:60:f8:dc:1c:57:ca:
5d:22:72:4e:3c:1e:df:f8:76:db:ed:8b:0c:5b:2e:
0f:85:12:85:24:ff:5f:46:24:58:97:c7:46:d2:f4:
17:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:9D:43:FB:83:7B:C2:AF:B1:9F:DB:27:45:CE:64:10:4C:7E:B6:4C
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/aZ1D-4N7wq-xn9snRc5kEEx-tkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.0.0/24
192.165.3.0/24
192.165.134.0/23
193.180.92.0/24
193.181.34.0/24
193.183.20.0/24
193.183.49.0/24
193.183.59.0/24
193.234.3.0/24
193.234.94.0/24
193.234.116.0/22
193.234.144.0/24
193.234.205.0/24
194.14.57.0/24
194.68.181.0/24
194.71.0.0/23
194.71.219.0/24
194.103.3.0/24
194.103.16.0/23
194.103.95.0/24
194.103.145.0/24
194.103.197.0/24
194.132.164.0/24
194.132.166.0/24
194.132.186.0/24
Signature Algorithm: sha256WithRSAEncryption
42:c7:e9:7b:c1:87:14:07:08:c5:3b:44:56:92:c1:08:29:6d:
90:b9:18:62:35:2a:d9:d6:2d:0a:62:2b:95:2d:46:3e:d2:9b:
52:2d:95:fe:cb:53:02:1d:76:2e:b5:6b:df:46:a7:dc:a6:59:
42:06:ec:50:d8:f4:bf:7f:99:d0:1c:ad:0a:7e:ee:16:4d:31:
5a:83:df:21:46:4e:21:c6:95:8b:01:1b:6a:5e:b5:e7:13:a3:
8e:34:c2:96:5c:cb:27:33:1d:9e:6d:15:17:13:47:b6:47:1c:
94:8b:3e:15:35:58:f6:6a:63:e0:e0:0c:97:c6:ed:61:9a:04:
f3:f0:a4:42:9f:bb:32:38:78:e1:68:02:17:cf:60:52:59:2f:
b5:3d:1f:a9:b4:bf:f6:02:c3:7e:ef:e7:69:d1:81:28:04:2d:
bc:2b:cf:14:46:7b:11:a2:c1:4b:12:f9:67:38:0b:8c:d4:c6:
61:e9:db:e2:20:fc:e6:5b:66:93:b9:e7:e1:84:cf:55:05:77:
3c:76:20:c8:c8:60:95:92:80:42:42:c9:a3:6b:78:4d:4c:67:
d7:26:2d:4f:e9:52:5d:55:a0:36:d6:c3:ec:df:6b:45:a6:85:
78:7c:fe:f6:c3:bf:7e:20:7c:60:70:fd:e0:20:d2:78:4f:36:
c1:38:57:b3
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAY8GOZj9KwP8QtyU9qRB8Q8sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwNDIyMTQzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTlkNDNmYjgzN2JjMmFmYjE5ZmRiMjc0NWNlNjQxMDRjN2ViNjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfsFwJnFyHG0cZvHVbYkY6vPMeUp
VGevrdzKAWyr7cSZTlm0FXS2s/WNL2cZEf7oVJVpiSX3ROlqNUJJfUxUIPpNpF//
r0NkFVIKMypsZJjBVMg4ln/B9lE+F7zi8/wgsW/YbK9SrFwgIesRgsUxD4of4tlt
wkq23UzM8783t3wQG7SWoJI0avGrHhJGfl+bUtl6/6qVHCL6dbigxktLGO8Iuc4h
SuL4I892S9QNsjqlihmwQpOzOaPI9H1A/l2a57MLDkhIMMQv4MXtx5hF/4OeIDop
j69cGOZg+NwcV8pdInJOPB7f+Hbb7YsMWy4PhRKFJP9fRiRYl8dG0vQXHwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFGmdQ/uDe8KvsZ/bJ0XOZBBMfrZMMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvYVoxRC00Tjd3cS14bjlzblJjNWtFRXgtdGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBADA
RwADBADApQMDBAHApYYDBADBtFwDBADBtSIDBADBtxQDBADBtzEDBADBtzsDBADB
6gMDBADB6l4DBALB6nQDBADB6pADBADB6s0DBADCDjkDBADCRLUDBAHCRwADBADC
R9sDBADCZwMDBAHCZxADBADCZ18DBADCZ5EDBADCZ8UDBADChKQDBADChKYDBADC
hLowDQYJKoZIhvcNAQELBQADggEBAELH6XvBhxQHCMU7RFaSwQgpbZC5GGI1KtnW
LQpiK5UtRj7Sm1Itlf7LUwIddi61a99Gp9ymWUIG7FDY9L9/mdAcrQp+7hZNMVqD
3yFGTiHGlYsBG2petecTo440wpZcyyczHZ5tFRcTR7ZHHJSLPhU1WPZqY+DgDJfG
7WGaBPPwpEKfuzI4eOFoAhfPYFJZL7U9H6m0v/YCw37v52nRgSgELbwrzxRGexGi
wUsS+Wc4C4zUxmHp2+Ig/OZbZpO55+GEz1UFdzx2IMjIYJWSgEJCyaNreE1MZ9cm
LU/pUl1VoDbWw+zfa0WmhXh8/vbDv34gfGBw/eAg0nhPNsE4V7M=
-----END CERTIFICATE-----
Generated at Thu May 23 01:56:11 2024 by rpki-client on console-fra.rpki-client.org