Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/d-txxNtuXibHME8xQnpNAFobcoY.roa
File: d-txxNtuXibHME8xQnpNAFobcoY.roa (raw, json)
Hash identifier: hhO5Kt/VBnRAA2AQP+Qt+APXc/VQveLqC7N6ZzX33hg=
Subject key identifier: 77:EB:71:C4:DB:6E:5E:26:C7:30:4F:31:42:7A:4D:00:5A:1B:72:86
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802DD3C7C15A25A7977F722EA88671B
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/d-txxNtuXibHME8xQnpNAFobcoY.roa
Signing time: Tue 02 Jan 2024 02:31:20 +0000
ROA not before: Tue 02 Jan 2024 02:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 194.71.227.0/24 maxlen: 24
192.71.227.0/24 maxlen: 24
192.121.162.0/24 maxlen: 24
192.71.249.0/24 maxlen: 24
192.36.57.0/24 maxlen: 24
192.121.22.0/24 maxlen: 24
192.121.23.0/24 maxlen: 24
194.68.26.0/24 maxlen: 24
194.68.27.0/24 maxlen: 24
192.121.47.0/24 maxlen: 24
194.71.126.0/24 maxlen: 24
192.121.46.0/23 maxlen: 24
192.121.46.0/24 maxlen: 24
194.68.44.0/24 maxlen: 24
194.14.208.0/24 maxlen: 24
194.14.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:dd:3c:7c:15:a2:5a:79:77:f7:22:ea:88:67:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77eb71c4db6e5e26c7304f31427a4d005a1b7286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:bc:2f:34:c7:ed:70:a9:11:62:a2:39:64:a0:
c8:a6:33:70:01:e8:e8:c4:89:11:a8:4e:01:c8:70:
7b:d8:d5:6f:47:e9:bc:20:d8:08:0f:1c:21:36:ee:
bd:15:41:09:f1:2c:33:19:1b:e8:60:a7:87:7c:34:
97:dc:42:44:44:a4:ff:3c:d6:f6:a2:c0:9c:f8:a8:
7f:63:fe:bd:3c:ab:cd:7b:a5:45:47:a4:ff:0f:28:
73:09:d9:05:35:2c:fb:17:24:f4:1b:f8:46:90:14:
7c:d0:27:f9:f5:eb:24:14:62:50:7f:c1:aa:94:ed:
fc:86:61:8a:e8:55:17:7e:15:15:8b:df:5c:2f:63:
53:6b:cb:1b:a9:a7:af:d8:cf:3f:df:92:f6:0a:4f:
a0:84:08:c1:9e:b9:b0:e2:0c:19:9a:ec:ea:a0:32:
cd:4d:99:09:fe:1d:08:36:5a:f5:9e:23:53:3e:25:
40:61:55:e0:6b:86:13:da:ca:14:fa:e6:58:c0:d0:
3c:0f:ed:f8:d0:d9:80:51:fa:5f:95:b1:24:f2:9c:
e5:b3:73:76:91:d2:20:ad:9c:92:6d:22:00:bd:15:
fa:4c:2f:9d:fc:9b:40:6b:3a:08:4f:0b:1c:f1:cc:
24:e0:aa:11:2e:51:ed:90:6a:7e:72:98:ca:66:f5:
9c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:EB:71:C4:DB:6E:5E:26:C7:30:4F:31:42:7A:4D:00:5A:1B:72:86
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/d-txxNtuXibHME8xQnpNAFobcoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.57.0/24
192.71.227.0/24
192.71.249.0/24
192.121.22.0/23
192.121.46.0/23
192.121.162.0/24
194.14.208.0/24
194.14.217.0/24
194.68.26.0/23
194.68.44.0/24
194.71.126.0/24
194.71.227.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:8d:a4:ac:db:4e:70:68:42:9e:ce:06:17:87:19:35:60:c7:
01:a3:84:91:7e:9e:4b:bc:15:4c:1a:4b:49:db:d9:ef:0b:5b:
91:c0:bc:f8:3f:d7:5a:e7:84:65:f1:44:16:d6:f4:6f:07:2c:
e8:26:f3:1f:3d:5a:a1:c8:f0:a7:56:d6:9b:f8:a9:ee:59:d2:
3f:87:ab:69:20:12:72:52:04:a3:8b:57:ec:05:e3:db:0e:ab:
57:91:51:bc:c6:ea:09:bc:73:df:ac:bc:04:00:3e:d0:0d:97:
1a:2c:e8:d4:41:7d:5b:80:8b:9c:fa:71:a9:1e:74:d0:b0:4c:
de:a0:5e:3b:eb:c9:31:cd:59:7e:9b:bf:df:67:f7:0c:0a:88:
11:03:d3:dc:a9:b4:d2:4a:c7:29:54:18:74:59:aa:43:01:1a:
cf:81:53:c2:36:d4:4f:4f:fe:99:5e:78:90:b3:a4:5d:37:dd:
50:44:f1:cc:c0:8a:e6:ab:21:4b:f6:0f:16:c6:80:a1:dc:53:
d9:ac:c0:90:fd:c4:09:b6:02:cf:47:fa:a5:eb:b9:b2:b1:bd:
db:4e:3c:d0:5f:5c:c3:64:6d:bb:02:74:e8:81:6d:00:70:3f:
5c:d4:90:58:10:fe:12:6b:30:3c:3c:ad:46:d9:b7:69:9e:f6:
78:e9:38:97
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzIAt08fBWiWnl39yLqiGcbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2ViNzFjNGRiNmU1ZTI2YzczMDRmMzE0MjdhNGQwMDVhMWI3Mjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLwvNMftcKkRYqI5ZKDIpjNwAejo
xIkRqE4ByHB72NVvR+m8INgIDxwhNu69FUEJ8SwzGRvoYKeHfDSX3EJERKT/PNb2
osCc+Kh/Y/69PKvNe6VFR6T/DyhzCdkFNSz7FyT0G/hGkBR80Cf59eskFGJQf8Gq
lO38hmGK6FUXfhUVi99cL2NTa8sbqaev2M8/35L2Ck+ghAjBnrmw4gwZmuzqoDLN
TZkJ/h0INlr1niNTPiVAYVXga4YT2soU+uZYwNA8D+340NmAUfpflbEk8pzls3N2
kdIgrZySbSIAvRX6TC+d/JtAazoITwsc8cwk4KoRLlHtkGp+cpjKZvWcfQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHfrccTbbl4mxzBPMUJ6TQBaG3KGMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvZC10eHhOdHVYaWJITUU4eFFucE5BRm9iY29ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAwCQ5AwQA
wEfjAwQAwEf5AwQBwHkWAwQBwHkuAwQAwHmiAwQAwg7QAwQAwg7ZAwQBwkQaAwQA
wkQsAwQAwkd+AwQAwkfjMA0GCSqGSIb3DQEBCwUAA4IBAQC8jaSs205waEKezgYX
hxk1YMcBo4SRfp5LvBVMGktJ29nvC1uRwLz4P9da54Rl8UQW1vRvByzoJvMfPVqh
yPCnVtab+KnuWdI/h6tpIBJyUgSji1fsBePbDqtXkVG8xuoJvHPfrLwEAD7QDZca
LOjUQX1bgIuc+nGpHnTQsEzeoF4768kxzVl+m7/fZ/cMCogRA9PcqbTSSscpVBh0
WapDARrPgVPCNtRPT/6ZXniQs6RdN91QRPHMwIrmqyFL9g8WxoCh3FPZrMCQ/cQJ
tgLPR/ql67mysb3bTjzQX1zDZG27AnTogW0AcD9c1JBYEP4SazA8PK1G2bdpnvZ4
6TiX
-----END CERTIFICATE-----
Generated at Sun Apr 28 04:24:53 2024 by rpki-client on console-ams.rpki-client.org