Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/0MGz4z0RhcdxYz0fx8fNFAS1t5k.roa
File: 0MGz4z0RhcdxYz0fx8fNFAS1t5k.roa (raw, json)
Hash identifier: c/2dY7rD/Up4FTeNawp/dV52SFjqy2sfxong2JN0MVU=
Subject key identifier: D0:C1:B3:E3:3D:11:85:C7:71:63:3D:1F:C7:C7:CD:14:04:B5:B7:99
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01919325A271DD5426A2EB687062189EBFFA
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/0MGz4z0RhcdxYz0fx8fNFAS1t5k.roa
Signing time: Tue 27 Aug 2024 09:23:22 +0000
ROA not before: Tue 27 Aug 2024 09:23:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5411
IP address blocks: 192.36.44.0/23 maxlen: 24
192.71.132.0/23 maxlen: 24
192.71.134.0/23 maxlen: 24
192.176.131.0/24 maxlen: 24
192.176.132.0/23 maxlen: 24
192.176.148.0/23 maxlen: 24
192.176.162.0/23 maxlen: 24
194.14.66.0/23 maxlen: 24
194.14.70.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:93:25:a2:71:dd:54:26:a2:eb:68:70:62:18:9e:bf:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Aug 27 09:23:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0c1b3e33d1185c771633d1fc7c7cd1404b5b799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1b:18:a5:1b:b0:d7:fa:2f:8a:07:ae:08:59:
7b:14:f0:4b:8f:be:06:3c:63:2e:c4:ea:af:e1:05:
35:ef:9c:6f:eb:5d:cc:71:6f:2f:07:b7:16:c7:d8:
79:4c:a5:9a:45:63:fa:b6:9c:75:e4:b4:71:40:37:
e3:85:52:95:2b:b0:dd:0e:f0:df:48:bb:5b:18:17:
29:34:3a:3c:98:37:5f:b4:c7:34:1b:ca:a2:52:e2:
45:02:98:ec:b7:44:28:74:1d:c7:71:64:b2:c4:48:
15:c1:87:85:99:e1:2c:7a:b6:e8:eb:31:be:b3:af:
c4:05:3b:4a:fe:5c:88:65:3c:26:37:a5:38:2f:45:
64:d4:9f:cb:06:ac:58:c4:8c:a5:95:0f:37:d1:a2:
df:e0:f7:f4:1b:08:42:3c:ef:11:dd:15:3a:93:c4:
2a:cb:48:b1:0a:ce:40:f1:b7:07:bb:3d:85:96:b6:
aa:1c:fc:5f:f4:0a:42:cb:a9:90:7b:d0:36:a5:0c:
36:bf:9c:ca:53:3a:5f:e5:09:57:ee:b7:64:0d:87:
6d:de:57:67:01:09:b8:9a:6f:fa:1e:e3:90:ca:2c:
a0:09:5f:7d:90:e0:a7:87:20:4c:ac:54:b9:a3:7f:
d6:64:bf:ae:66:c3:49:48:9d:f4:96:b8:ac:ff:d1:
83:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:C1:B3:E3:3D:11:85:C7:71:63:3D:1F:C7:C7:CD:14:04:B5:B7:99
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/0MGz4z0RhcdxYz0fx8fNFAS1t5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.44.0/23
192.71.132.0/22
192.176.131.0-192.176.133.255
192.176.148.0/23
192.176.162.0/23
194.14.66.0/23
194.14.70.0/23
Signature Algorithm: sha256WithRSAEncryption
88:ff:d6:dd:58:f7:d7:82:a9:a7:a7:6a:2b:57:bc:75:81:83:
8e:6e:e0:33:2b:48:0f:59:1c:0a:f3:1f:9c:f5:0b:09:43:91:
ed:a8:0f:52:2b:4e:fa:92:5f:e7:1a:28:5d:84:79:bf:72:75:
27:31:4e:f1:50:a3:5d:4f:43:39:00:b1:45:38:d5:b3:76:dd:
4c:08:68:ab:21:1a:cd:07:37:2e:db:ca:a1:4a:77:d3:d6:01:
64:80:20:12:72:fc:69:39:27:cb:47:20:01:03:a9:35:2a:f7:
5d:e6:4a:7c:22:f7:29:22:fb:83:13:88:54:f3:d3:d4:e8:58:
8c:d7:4d:27:6c:b5:d9:ab:aa:ca:fe:f9:45:a6:84:06:7e:91:
d2:04:17:72:06:41:35:c6:41:10:0b:1f:98:aa:88:4a:d2:96:
d2:ae:95:5a:21:00:ce:e4:f2:c1:ef:5b:7e:e9:e8:a2:f9:af:
13:9e:0d:58:9c:72:06:d1:67:b2:d0:61:00:b5:26:c2:11:40:
29:5d:e0:7e:d0:59:cf:2c:82:96:20:5c:1f:f5:ef:48:44:b4:
78:ea:ca:18:18:0c:82:da:7e:2a:aa:bc:83:f6:3c:b9:bb:0a:
dd:46:26:63:2a:3f:72:8e:24:1a:4d:d1:c1:6b:83:01:87:dd:
92:43:42:22
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZGTJaJx3VQmoutocGIYnr/6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwODI3MDkyMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGMxYjNlMzNkMTE4NWM3NzE2MzNkMWZjN2M3Y2QxNDA0YjViNzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxsYpRuw1/ovigeuCFl7FPBLj74G
PGMuxOqv4QU175xv613McW8vB7cWx9h5TKWaRWP6tpx15LRxQDfjhVKVK7DdDvDf
SLtbGBcpNDo8mDdftMc0G8qiUuJFApjst0QodB3HcWSyxEgVwYeFmeEserbo6zG+
s6/EBTtK/lyIZTwmN6U4L0Vk1J/LBqxYxIyllQ830aLf4Pf0GwhCPO8R3RU6k8Qq
y0ixCs5A8bcHuz2FlraqHPxf9ApCy6mQe9A2pQw2v5zKUzpf5QlX7rdkDYdt3ldn
AQm4mm/6HuOQyiygCV99kOCnhyBMrFS5o3/WZL+uZsNJSJ30lris/9GDOwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFNDBs+M9EYXHcWM9H8fHzRQEtbeZMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvME1HejR6MFJoY2R4WXowZng4Zk5GQVMxdDVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBwCQsAwQC
wEeEMAwDBADAsIMDBAHAsIQDBAHAsJQDBAHAsKIDBAHCDkIDBAHCDkYwDQYJKoZI
hvcNAQELBQADggEBAIj/1t1Y99eCqaenaitXvHWBg45u4DMrSA9ZHArzH5z1CwlD
ke2oD1IrTvqSX+caKF2Eeb9ydScxTvFQo11PQzkAsUU41bN23UwIaKshGs0HNy7b
yqFKd9PWAWSAIBJy/Gk5J8tHIAEDqTUq913mSnwi9yki+4MTiFTz09ToWIzXTSds
tdmrqsr++UWmhAZ+kdIEF3IGQTXGQRALH5iqiErSltKulVohAM7k8sHvW37p6KL5
rxOeDViccgbRZ7LQYQC1JsIRQCld4H7QWc8sgpYgXB/170hEtHjqyhgYDILafiqq
vIP2PLm7Ct1GJmMqP3KOJBpN0cFrgwGH3ZJDQiI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:44:00 2024 by rpki-client on console-ams.rpki-client.org