Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/0sSLLTVWYEN3nA50p-0chiOEwRc.roa
File: 0sSLLTVWYEN3nA50p-0chiOEwRc.roa (raw, json)
Hash identifier: 9Lq1dAzrByURYnyGtwBgk2HWVOwbLl7eK6X6kSE3gYw=
Subject key identifier: D2:C4:8B:2D:35:56:60:43:77:9C:0E:74:A7:ED:1C:86:23:84:C1:17
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019427484E9512E28CBFB724E62BE62F6BB3
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/0sSLLTVWYEN3nA50p-0chiOEwRc.roa
Signing time: Thu 02 Jan 2025 13:50:37 +0000
ROA not before: Thu 02 Jan 2025 13:50:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34652
IP address blocks: 193.183.70.0/24 maxlen: 24
193.183.75.0/24 maxlen: 24
2a01:280:328::/48 maxlen: 48
2a01:280:329::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:4e:95:12:e2:8c:bf:b7:24:e6:2b:e6:2f:6b:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2c48b2d35566043779c0e74a7ed1c862384c117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:55:36:73:c5:6a:94:89:7d:16:2f:3b:1e:07:
3a:5b:12:6b:07:be:5b:74:02:c7:95:83:85:e6:90:
a4:c4:26:1e:e0:39:00:0c:fc:8e:ad:c1:3e:40:f1:
fe:18:93:81:ea:ea:d0:e1:13:c3:44:da:4e:75:00:
ef:cd:b4:40:95:fc:a3:4c:44:5b:83:52:41:04:ff:
36:94:f3:1b:e2:94:b2:ef:52:cd:ce:49:fb:2e:4e:
50:31:b2:bc:82:d1:cb:32:61:ae:78:ac:61:27:d4:
aa:16:ed:f5:85:e1:f0:17:dd:6d:0f:94:5b:bb:ef:
00:05:94:dd:e7:f9:a7:1f:82:af:ae:ee:b4:b5:2a:
08:57:2b:a5:7f:47:57:37:53:c9:92:12:6f:d4:e4:
ca:91:20:72:8d:7e:49:6a:cd:92:17:29:53:85:ef:
4f:06:88:64:14:b3:fa:96:51:01:c5:44:4e:d4:0f:
29:c3:b4:22:ac:13:55:b3:b5:62:55:b8:0e:c1:4d:
63:44:fb:fb:8c:1c:2d:b4:e7:1b:cc:61:42:d6:0e:
83:24:c3:0c:61:85:62:b8:5a:26:c1:bb:76:50:87:
bf:b8:43:e6:ac:ad:31:41:9a:4f:62:e3:0d:c5:12:
32:74:e4:2e:21:01:77:2c:d2:d3:eb:17:77:0f:a7:
c6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C4:8B:2D:35:56:60:43:77:9C:0E:74:A7:ED:1C:86:23:84:C1:17
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/0sSLLTVWYEN3nA50p-0chiOEwRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.183.70.0/24
193.183.75.0/24
IPv6:
2a01:280:328::/47
Signature Algorithm: sha256WithRSAEncryption
8f:11:fa:44:a2:9d:1a:11:6e:e4:37:5a:d2:5e:7e:8a:30:a9:
f1:ab:b5:a6:0d:c1:b7:a6:6d:7a:c5:88:92:f4:bb:e2:d9:94:
e4:f4:f8:fe:11:fc:d9:b4:06:8d:0f:ed:eb:d1:aa:2b:22:c3:
84:55:1a:24:42:a4:1b:94:de:c6:87:cd:ed:13:71:20:8f:eb:
86:48:1b:aa:fd:98:3f:86:b3:e0:3b:db:8a:33:02:bc:a8:cc:
c8:77:53:ef:9c:44:19:c6:25:b2:36:11:45:da:6f:4d:ab:b9:
21:ef:5d:b2:b8:f4:bc:f3:6f:b1:6c:3c:34:c1:b0:3e:31:a9:
d8:3a:bb:ac:0f:a4:9c:8f:10:28:b6:32:d5:f6:9e:d4:41:b4:
bb:a4:98:78:1d:0a:0e:f9:b3:55:cf:77:c8:6d:fc:78:81:2d:
45:39:1e:6c:8b:f8:de:ea:3c:ac:e9:27:71:c5:a2:dc:92:13:
90:81:83:b0:66:80:62:33:f2:ce:c8:de:4a:a2:df:71:73:0f:
4e:80:60:ff:51:42:d3:f2:e9:2c:34:cd:62:65:df:b7:74:75:
32:a7:64:b7:5d:aa:69:52:84:53:ae:c3:08:9a:0a:a7:9a:bb:
0f:4c:ab:37:c9:25:65:1a:ae:90:c3:b9:f3:b7:dd:7a:42:c3:
b3:39:25:c3
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQnSE6VEuKMv7ck5ivmL2uzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmM0OGIyZDM1NTY2MDQzNzc5YzBlNzRhN2VkMWM4NjIzODRjMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFU2c8VqlIl9Fi87Hgc6WxJrB75b
dALHlYOF5pCkxCYe4DkADPyOrcE+QPH+GJOB6urQ4RPDRNpOdQDvzbRAlfyjTERb
g1JBBP82lPMb4pSy71LNzkn7Lk5QMbK8gtHLMmGueKxhJ9SqFu31heHwF91tD5Rb
u+8ABZTd5/mnH4Kvru60tSoIVyulf0dXN1PJkhJv1OTKkSByjX5Jas2SFylThe9P
BohkFLP6llEBxURO1A8pw7QirBNVs7ViVbgOwU1jRPv7jBwttOcbzGFC1g6DJMMM
YYViuFomwbt2UIe/uEPmrK0xQZpPYuMNxRIydOQuIQF3LNLT6xd3D6fGewIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNLEiy01VmBDd5wOdKftHIYjhMEXMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMHNTTExUVldZRU4zbkE1MHAtMGNoaU9Fd1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwbdGAwQA
wbdLMA8EAgACMAkDBwEqAQKAAygwDQYJKoZIhvcNAQELBQADggEBAI8R+kSinRoR
buQ3WtJefoowqfGrtaYNwbembXrFiJL0u+LZlOT0+P4R/Nm0Bo0P7evRqisiw4RV
GiRCpBuU3saHze0TcSCP64ZIG6r9mD+Gs+A724ozAryozMh3U++cRBnGJbI2EUXa
b02ruSHvXbK49Lzzb7FsPDTBsD4xqdg6u6wPpJyPECi2MtX2ntRBtLukmHgdCg75
s1XPd8ht/HiBLUU5HmyL+N7qPKzpJ3HFotySE5CBg7BmgGIz8s7I3kqi33FzD06A
YP9RQtPy6Sw0zWJl37d0dTKnZLddqmlShFOuwwiaCqeauw9MqzfJJWUarpDDufO3
3XpCw7M5JcM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:03 2025 by rpki-client