Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1--13XzY6S3Rvl8H6w45bh6qeH_k.roa
File: 1--13XzY6S3Rvl8H6w45bh6qeH_k.roa (raw, json)
Hash identifier: 38r8LfVUqp2EY7EnIaFM0SoKANyF6vjHFjw4ehUVVGs=
Subject key identifier: FB:ED:77:5F:36:3A:4B:74:6F:97:C1:FA:C3:8E:5B:87:AA:9E:1F:F9
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01942748629E22AD603F60252356652E295E
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1--13XzY6S3Rvl8H6w45bh6qeH_k.roa
Signing time: Thu 02 Jan 2025 13:50:42 +0000
ROA not before: Thu 02 Jan 2025 13:50:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57169
IP address blocks: 192.36.38.0/24 maxlen: 24
192.36.39.0/24 maxlen: 24
192.36.41.0/24 maxlen: 24
192.36.56.0/24 maxlen: 24
192.36.61.0/24 maxlen: 24
192.71.26.0/24 maxlen: 24
192.71.233.0/24 maxlen: 24
192.71.247.0/24 maxlen: 24
192.121.16.0/24 maxlen: 24
192.121.17.0/24 maxlen: 24
192.121.163.0/24 maxlen: 24
192.121.171.0/24 maxlen: 24
193.235.147.0/24 maxlen: 24
194.68.225.0/24 maxlen: 24
194.71.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:62:9e:22:ad:60:3f:60:25:23:56:65:2e:29:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbed775f363a4b746f97c1fac38e5b87aa9e1ff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7b:d8:61:91:6a:79:ff:68:99:57:d5:03:47:
12:7b:46:14:b6:ab:f2:c4:74:23:eb:9a:5a:7a:6f:
2e:da:07:f6:22:04:43:cb:84:7f:a6:83:89:68:37:
27:00:e3:77:c9:ca:80:9e:ef:c7:77:c7:c5:0e:fe:
ba:a3:a4:03:d0:e5:8e:fa:6f:a4:6e:80:89:c3:d1:
ea:b2:bc:a1:7e:77:87:20:24:8c:6b:55:e1:f4:2e:
b2:fa:fe:8f:4e:43:93:91:05:7e:45:83:fc:4f:76:
f8:44:0b:8b:38:28:81:98:8c:f4:e6:4e:ef:da:27:
78:a3:6d:28:55:ee:4c:d0:83:cf:25:0d:ae:bc:74:
65:9a:eb:79:d9:17:1b:04:2f:d3:1d:4c:81:c3:92:
a4:f5:be:75:a1:cd:99:c4:c6:b5:02:94:a1:c5:5c:
63:8d:40:bd:b3:cb:b0:47:52:6c:77:3c:af:b1:70:
04:53:66:ff:fe:e8:f4:5e:73:c1:67:23:2c:f1:5a:
2f:74:6e:8a:cd:12:98:96:3d:4c:18:6a:c6:6f:fe:
65:60:c1:28:39:09:ac:58:d0:2b:67:b2:71:7a:c8:
6e:62:3d:11:a2:11:d3:36:57:30:50:f0:01:47:82:
d6:c2:2e:0d:ae:e8:0b:ef:06:3b:ea:d3:81:b5:da:
fc:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:ED:77:5F:36:3A:4B:74:6F:97:C1:FA:C3:8E:5B:87:AA:9E:1F:F9
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1--13XzY6S3Rvl8H6w45bh6qeH_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.38.0/23
192.36.41.0/24
192.36.56.0/24
192.36.61.0/24
192.71.26.0/24
192.71.233.0/24
192.71.247.0/24
192.121.16.0/23
192.121.163.0/24
192.121.171.0/24
193.235.147.0/24
194.68.225.0/24
194.71.107.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:3e:3d:a4:5c:26:9e:6a:26:55:ec:54:96:d5:fb:6e:3f:83:
13:73:b8:c2:46:43:17:82:54:9c:0e:b0:f7:79:0b:82:4d:e3:
a6:d3:d7:f8:05:65:67:8c:ff:ef:8f:cb:94:0f:b2:b2:81:29:
1e:87:95:60:8b:0e:79:92:9e:2d:b8:58:5f:fb:2e:0d:fc:3e:
fb:c5:bd:f9:9b:cf:20:21:cd:df:9b:82:86:f7:b5:8c:c0:07:
35:e5:6b:89:0b:e4:87:6b:53:09:eb:90:d2:39:c6:96:3e:81:
cd:3d:03:6b:f2:83:d8:f9:12:4f:81:42:2d:09:50:10:9c:50:
0b:f4:1e:35:d6:65:17:58:31:e4:32:0d:3a:e4:70:95:c1:79:
bb:29:f2:2c:a8:91:4f:e8:91:9d:4e:b6:3c:e8:a2:2f:58:46:
dc:2e:63:36:f7:c8:fc:bb:23:8f:19:63:b4:51:38:e4:7b:28:
08:c0:8b:2d:13:62:bf:55:ad:7a:6c:25:30:86:9d:02:6c:7a:
fa:f7:02:b9:cb:25:be:af:ab:a6:c4:9f:2f:ed:cc:ad:cf:2b:
02:78:6a:73:94:96:5f:55:63:5b:32:f7:7c:02:b2:5d:6a:4c:
97:bc:2d:7f:8f:32:1e:50:e5:0c:60:e3:02:d8:cf:72:4a:3d:
20:6f:0c:c4
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZQnSGKeIq1gP2AlI1ZlLileMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmVkNzc1ZjM2M2E0Yjc0NmY5N2MxZmFjMzhlNWI4N2FhOWUxZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHvYYZFqef9omVfVA0cSe0YUtqvy
xHQj65paem8u2gf2IgRDy4R/poOJaDcnAON3ycqAnu/Hd8fFDv66o6QD0OWO+m+k
boCJw9HqsryhfneHICSMa1Xh9C6y+v6PTkOTkQV+RYP8T3b4RAuLOCiBmIz05k7v
2id4o20oVe5M0IPPJQ2uvHRlmut52RcbBC/THUyBw5Kk9b51oc2ZxMa1ApShxVxj
jUC9s8uwR1JsdzyvsXAEU2b//uj0XnPBZyMs8VovdG6KzRKYlj1MGGrGb/5lYMEo
OQmsWNArZ7JxeshuYj0RohHTNlcwUPABR4LWwi4NrugL7wY76tOBtdr83wIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFPvtd182Okt0b5fB+sOOW4eqnh/5MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMS0tMTNYelk2UzNSdmw4SDZ3NDViaDZxZUhfay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMy
Ni8xL0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBnBggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAcAkJgME
AMAkKQMEAMAkOAMEAMAkPQMEAMBHGgMEAMBH6QMEAMBH9wMEAcB5EAMEAMB5owME
AMB5qwMEAMHrkwMEAMJE4QMEAMJHazANBgkqhkiG9w0BAQsFAAOCAQEAPT49pFwm
nmomVexUltX7bj+DE3O4wkZDF4JUnA6w93kLgk3jptPX+AVlZ4z/74/LlA+ysoEp
HoeVYIsOeZKeLbhYX/suDfw++8W9+ZvPICHN35uChve1jMAHNeVriQvkh2tTCeuQ
0jnGlj6BzT0Da/KD2PkST4FCLQlQEJxQC/QeNdZlF1gx5DINOuRwlcF5uynyLKiR
T+iRnU62POiiL1hG3C5jNvfI/LsjjxljtFE45HsoCMCLLRNiv1WtemwlMIadAmx6
+vcCucslvq+rpsSfL+3Mrc8rAnhqc5SWX1VjWzL3fAKyXWpMl7wtf48yHlDlDGDj
AtjPcko9IG8MxA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:27 2025 by rpki-client