Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/IxtNjuKUizmcc0fUk02pubB13wI.roa
File: IxtNjuKUizmcc0fUk02pubB13wI.roa (raw, json)
Hash identifier: Y/QpK6VZeSMBv18MoDt4uj1oGyf+AVzqAWZs51+HsbE=
Subject key identifier: 23:1B:4D:8E:E2:94:8B:39:9C:73:47:D4:93:4D:A9:B9:B0:75:DF:02
Certificate issuer: /CN=90f25e6a6893f466d2695e90670c047443643701
Certificate serial: 0194236A25D5FD15911E6AC8BB3AD7DFBC5C
Authority key identifier: 90:F2:5E:6A:68:93:F4:66:D2:69:5E:90:67:0C:04:74:43:64:37:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/IxtNjuKUizmcc0fUk02pubB13wI.roa
Signing time: Wed 01 Jan 2025 19:49:06 +0000
ROA not before: Wed 01 Jan 2025 19:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6830
IP address blocks: 62.179.0.0/17 maxlen: 17
78.103.0.0/16 maxlen: 16
80.111.0.0/16 maxlen: 16
80.111.0.0/17 maxlen: 17
80.111.128.0/17 maxlen: 17
84.116.0.0/16 maxlen: 16
92.235.0.0/18 maxlen: 18
92.235.0.0/19 maxlen: 19
92.235.32.0/19 maxlen: 19
94.169.0.0/16 maxlen: 16
94.170.0.0/15 maxlen: 15
94.170.0.0/16 maxlen: 16
94.171.0.0/16 maxlen: 16
195.34.130.0/24 maxlen: 24
195.34.132.0/22 maxlen: 22
195.34.132.0/23 maxlen: 23
195.34.134.0/23 maxlen: 23
213.47.220.0/22 maxlen: 22
213.47.220.0/23 maxlen: 23
213.47.222.0/23 maxlen: 23
2001:730::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/kPJeamiT9GbSaV6QZwwEdENkNwE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/kPJeamiT9GbSaV6QZwwEdENkNwE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:25:d5:fd:15:91:1e:6a:c8:bb:3a:d7:df:bc:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f25e6a6893f466d2695e90670c047443643701
Validity
Not Before: Jan 1 19:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=231b4d8ee2948b399c7347d4934da9b9b075df02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ae:30:c3:c7:d4:22:2a:99:9f:8f:58:92:e9:
e0:50:7b:72:db:d7:28:e8:ff:be:f6:e2:2b:93:9c:
1f:9b:7c:b2:ac:a2:e7:82:4a:f1:fe:83:b0:ec:4f:
2c:89:de:c9:c4:6f:2b:d7:ce:a0:bf:e6:ff:49:04:
c7:ad:5c:f1:ed:69:4a:ec:e0:f4:b7:6a:a2:9d:76:
81:ef:8d:b3:55:18:a3:5a:2d:6d:f9:45:dc:81:0d:
f9:c9:de:df:73:b6:02:97:64:84:76:d2:04:d0:0e:
c5:ed:f3:0c:27:68:bc:b3:e9:99:4a:03:31:b4:a3:
ee:19:26:96:47:51:49:be:3c:ff:32:71:89:48:ba:
34:68:98:c0:f1:4b:69:1b:03:d9:fe:b1:54:13:3e:
7e:2c:2c:6a:6c:a9:7d:b5:94:14:36:3f:45:46:f1:
db:73:4e:55:d6:d1:10:2d:37:61:ad:5a:8b:f9:ea:
ae:8b:89:59:e4:5a:16:c2:e5:13:63:fa:c4:fd:18:
ff:21:57:6e:f2:66:e8:af:d0:37:3a:54:73:ea:6d:
91:2d:2f:63:2b:be:17:5e:0f:5d:2c:0c:6e:7f:c6:
a1:f2:4b:11:dc:67:2c:e0:df:0b:f3:0e:75:6f:1f:
09:ca:da:95:77:c4:41:41:09:d6:49:db:35:25:4d:
4b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:1B:4D:8E:E2:94:8B:39:9C:73:47:D4:93:4D:A9:B9:B0:75:DF:02
X509v3 Authority Key Identifier:
keyid:90:F2:5E:6A:68:93:F4:66:D2:69:5E:90:67:0C:04:74:43:64:37:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/IxtNjuKUizmcc0fUk02pubB13wI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/kPJeamiT9GbSaV6QZwwEdENkNwE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.179.0.0/17
78.103.0.0/16
80.111.0.0/16
84.116.0.0/16
92.235.0.0/18
94.169.0.0-94.171.255.255
195.34.130.0/24
195.34.132.0/22
213.47.220.0/22
IPv6:
2001:730::/29
Signature Algorithm: sha256WithRSAEncryption
45:66:89:1b:85:76:e8:ef:ff:87:9e:de:e1:b3:ab:d3:5f:41:
e6:2c:3d:4b:68:58:eb:0f:2a:bc:ea:fd:48:08:eb:02:32:cc:
67:5b:2c:ab:fe:c1:1e:b4:7b:be:12:26:6f:cc:23:f1:f5:d4:
45:40:d9:53:8a:b0:0c:36:34:70:5c:28:97:9d:a4:d0:15:0c:
bf:fd:50:50:d6:0c:16:4c:5c:0c:e2:41:f0:46:35:3f:32:fa:
96:f4:92:a0:a6:d6:ff:f4:a6:a3:1f:d4:26:37:b2:11:dd:91:
ff:88:04:0d:8f:42:4f:30:a8:68:d0:52:60:81:3c:22:3d:02:
2e:e5:7c:6e:af:23:28:4f:e0:fb:49:85:6f:26:ac:bb:ca:ff:
ed:71:d4:49:c1:c5:bb:d7:c3:42:26:ab:8f:97:79:6c:8d:7b:
7c:84:79:d6:ae:29:aa:12:ed:e9:ab:9e:7a:8d:b7:e2:82:8c:
47:47:63:40:4f:7f:ba:84:77:ed:fb:bb:85:ec:11:21:9d:35:
99:55:41:d8:a5:67:32:ea:ce:b3:88:5d:44:d1:16:09:5f:3e:
92:03:23:57:d5:89:b5:8c:d7:32:c1:fb:b7:c4:26:b7:8a:de:
3e:af:0f:8d:29:dd:a6:a9:6b:94:c6:6a:27:0e:0b:c1:78:d8:
0c:e3:17:2d
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZQjaiXV/RWRHmrIuzrX37xcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZjI1ZTZhNjg5M2Y0NjZkMjY5NWU5MDY3MGMwNDc0NDM2
NDM3MDEwHhcNMjUwMTAxMTk0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzFiNGQ4ZWUyOTQ4YjM5OWM3MzQ3ZDQ5MzRkYTliOWIwNzVkZjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0a4ww8fUIiqZn49YkungUHty29co
6P++9uIrk5wfm3yyrKLngkrx/oOw7E8sid7JxG8r186gv+b/SQTHrVzx7WlK7OD0
t2qinXaB742zVRijWi1t+UXcgQ35yd7fc7YCl2SEdtIE0A7F7fMMJ2i8s+mZSgMx
tKPuGSaWR1FJvjz/MnGJSLo0aJjA8UtpGwPZ/rFUEz5+LCxqbKl9tZQUNj9FRvHb
c05V1tEQLTdhrVqL+equi4lZ5FoWwuUTY/rE/Rj/IVdu8mbor9A3OlRz6m2RLS9j
K74XXg9dLAxuf8ah8ksR3Gcs4N8L8w51bx8JytqVd8RBQQnWSds1JU1LLwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFCMbTY7ilIs5nHNH1JNNqbmwdd8CMB8GA1UdIwQY
MBaAFJDyXmpok/Rm0mlekGcMBHRDZDcBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1BKZWFtaVQ5R2JTYVY2UVp3d0VkRU5rTndFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGIxNjItNzA5OS00MDRkLTgzOTEt
M2IwYjRiOGEyOTgzLzEvSXh0Tmp1S1Vpem1jYzBmVWswMnB1YkIxM3dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNGIxNjItNzA5OS00MDRkLTgzOTEtM2IwYjRiOGEyOTgz
LzEva1BKZWFtaVQ5R2JTYVY2UVp3d0VkRU5rTndFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA/BAIAATA5AwQHPrMAAwMA
TmcDAwBQbwMDAFR0AwQGXOsAMAoDAwBeqQMDAl6oAwQAwyKCAwQCwyKEAwQC1S/c
MA0EAgACMAcDBQMgAQcwMA0GCSqGSIb3DQEBCwUAA4IBAQBFZokbhXbo7/+Hnt7h
s6vTX0HmLD1LaFjrDyq86v1ICOsCMsxnWyyr/sEetHu+EiZvzCPx9dRFQNlTirAM
NjRwXCiXnaTQFQy//VBQ1gwWTFwM4kHwRjU/MvqW9JKgptb/9KajH9QmN7IR3ZH/
iAQNj0JPMKho0FJggTwiPQIu5XxuryMoT+D7SYVvJqy7yv/tcdRJwcW718NCJquP
l3lsjXt8hHnWrimqEu3pq556jbfigoxHR2NAT3+6hHft+7uF7BEhnTWZVUHYpWcy
6s6ziF1E0RYJXz6SAyNX1Ym1jNcywfu3xCa3it4+rw+NKd2mqWuUxmonDgvBeNgM
4xct
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:02 2025 by rpki-client