Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1-GnDLPnzF-vnmacgsh1XIam4PFM.roa
File: 1-GnDLPnzF-vnmacgsh1XIam4PFM.roa (raw, json)
Hash identifier: ipn/Vb+v4YoVvuQpcyIzKJ+v3fNALH+rxoUZaeb8H8Y=
Subject key identifier: F8:69:C3:2C:F9:F3:17:EB:E7:99:A7:20:B2:1D:57:21:A9:B8:3C:53
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01916EA5C327F8678ADDB112A6E4CDC04ECE
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1-GnDLPnzF-vnmacgsh1XIam4PFM.roa
Signing time: Tue 20 Aug 2024 07:17:22 +0000
ROA not before: Tue 20 Aug 2024 07:17:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 192.36.57.0/24 maxlen: 24
192.71.227.0/24 maxlen: 24
192.71.249.0/24 maxlen: 24
192.121.22.0/24 maxlen: 24
192.121.23.0/24 maxlen: 24
192.121.46.0/23 maxlen: 24
192.121.46.0/24 maxlen: 24
192.121.47.0/24 maxlen: 24
192.121.162.0/24 maxlen: 24
192.121.170.0/24 maxlen: 24
194.14.208.0/24 maxlen: 24
194.14.217.0/24 maxlen: 24
194.68.26.0/24 maxlen: 24
194.68.27.0/24 maxlen: 24
194.68.44.0/24 maxlen: 24
194.71.126.0/24 maxlen: 24
194.71.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6e:a5:c3:27:f8:67:8a:dd:b1:12:a6:e4:cd:c0:4e:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Aug 20 07:17:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f869c32cf9f317ebe799a720b21d5721a9b83c53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f6:99:6b:7b:d2:62:c9:a4:76:6e:14:3d:3f:
ff:69:b2:e1:87:9d:f9:82:2b:5e:41:11:db:2f:97:
b0:3a:28:bb:9b:e3:2c:9f:b1:d7:fd:71:2c:26:54:
9a:99:ff:e6:84:01:21:94:f9:1f:80:e1:1c:71:63:
88:56:7c:5b:8e:36:83:05:46:2e:00:c1:49:43:4c:
03:12:4f:04:84:38:8e:ad:44:bc:49:64:f2:2b:e9:
cb:85:47:9c:de:99:21:e8:82:82:19:02:ab:fa:05:
9b:1d:3e:fc:88:6b:72:11:d9:0f:94:37:bc:cb:b1:
0c:95:56:3f:36:cf:a0:8c:8b:8a:04:d2:f7:a2:00:
8d:b8:04:b6:ca:82:a4:a8:fb:91:51:a0:bd:67:03:
42:41:c3:e9:8e:7d:4d:32:8a:f3:fc:3f:d4:5f:46:
97:85:09:43:d2:3c:f9:99:22:c9:13:d1:55:4b:bd:
aa:cc:4e:78:e9:fb:ed:f3:b4:d5:b4:29:b8:49:f5:
22:eb:42:ef:a5:d3:04:65:69:59:21:9a:7e:f9:b6:
b9:cc:79:e6:28:fc:76:ca:c9:8b:45:13:6d:e1:e5:
4c:33:9c:60:e3:a0:24:92:4c:22:3a:f6:33:8b:b0:
55:bf:9f:eb:56:a8:86:2d:9b:e0:37:cd:92:96:3f:
19:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:69:C3:2C:F9:F3:17:EB:E7:99:A7:20:B2:1D:57:21:A9:B8:3C:53
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1-GnDLPnzF-vnmacgsh1XIam4PFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.57.0/24
192.71.227.0/24
192.71.249.0/24
192.121.22.0/23
192.121.46.0/23
192.121.162.0/24
192.121.170.0/24
194.14.208.0/24
194.14.217.0/24
194.68.26.0/23
194.68.44.0/24
194.71.126.0/24
194.71.227.0/24
Signature Algorithm: sha256WithRSAEncryption
90:16:58:5e:22:7d:4b:5c:05:72:21:54:27:23:96:ad:dc:5e:
a7:cc:b3:68:c4:e1:03:a0:c4:dc:f1:b6:26:91:e2:a2:6f:70:
55:ab:72:5d:be:16:ec:22:c7:b3:ca:7e:a3:82:7e:0d:81:64:
04:4d:bc:6c:a5:54:7e:38:cd:76:ff:34:7a:19:0d:b4:49:f6:
a0:06:40:63:3d:75:22:1b:7a:50:15:5f:44:2d:da:5f:0f:a1:
44:07:68:3d:85:d2:8a:42:87:d8:f8:4d:1a:4a:8a:06:64:da:
a8:0e:8b:25:20:60:d2:f3:5c:74:7d:62:c5:13:a8:32:6b:9a:
87:b3:03:19:19:53:37:6d:f9:79:16:31:b3:9f:20:dc:12:95:
d2:fb:4e:77:91:11:74:31:ae:a5:2a:77:8a:b1:bd:08:30:2e:
b6:b9:22:d9:58:89:36:87:c2:d0:e7:e1:72:90:77:1f:24:04:
5b:b4:af:3e:41:c0:8c:4e:42:cb:ee:20:70:17:46:c3:43:ab:
46:0c:c8:11:60:ab:ab:e9:89:34:39:1d:a7:9a:a0:6c:8d:f2:
cd:5c:23:0a:de:8c:9d:0b:1c:28:55:1a:ba:fc:65:35:d4:e1:
45:90:7f:0c:8a:80:78:0c:e5:7d:89:2b:43:30:02:78:ee:0f:
65:41:85:e5
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZFupcMn+GeK3bESpuTNwE7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwODIwMDcxNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODY5YzMyY2Y5ZjMxN2ViZTc5OWE3MjBiMjFkNTcyMWE5YjgzYzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvaZa3vSYsmkdm4UPT//abLhh535
giteQRHbL5ewOii7m+Msn7HX/XEsJlSamf/mhAEhlPkfgOEccWOIVnxbjjaDBUYu
AMFJQ0wDEk8EhDiOrUS8SWTyK+nLhUec3pkh6IKCGQKr+gWbHT78iGtyEdkPlDe8
y7EMlVY/Ns+gjIuKBNL3ogCNuAS2yoKkqPuRUaC9ZwNCQcPpjn1NMorz/D/UX0aX
hQlD0jz5mSLJE9FVS72qzE546fvt87TVtCm4SfUi60LvpdMEZWlZIZp++ba5zHnm
KPx2ysmLRRNt4eVMM5xg46AkkkwiOvYzi7BVv5/rVqiGLZvgN82Slj8ZXQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFPhpwyz58xfr55mnILIdVyGpuDxTMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMS1HbkRMUG56Ri12bm1hY2dzaDFYSWFtNFBGTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMy
Ni8xL0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBnBggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAMAkOQME
AMBH4wMEAMBH+QMEAcB5FgMEAcB5LgMEAMB5ogMEAMB5qgMEAMIO0AMEAMIO2QME
AcJEGgMEAMJELAMEAMJHfgMEAMJH4zANBgkqhkiG9w0BAQsFAAOCAQEAkBZYXiJ9
S1wFciFUJyOWrdxep8yzaMThA6DE3PG2JpHiom9wVatyXb4W7CLHs8p+o4J+DYFk
BE28bKVUfjjNdv80ehkNtEn2oAZAYz11Iht6UBVfRC3aXw+hRAdoPYXSikKH2PhN
GkqKBmTaqA6LJSBg0vNcdH1ixROoMmuah7MDGRlTN235eRYxs58g3BKV0vtOd5ER
dDGupSp3irG9CDAutrki2ViJNofC0OfhcpB3HyQEW7SvPkHAjE5Cy+4gcBdGw0Or
RgzIEWCrq+mJNDkdp5qgbI3yzVwjCt6MnQscKFUauvxlNdThRZB/DIqAeAzlfYkr
QzACeO4PZUGF5Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:50:53 2024 by rpki-client on console-fra.rpki-client.org