Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1Hn0Ql1mPdy_i1tEWoOyEfpklao.roa
File: 1Hn0Ql1mPdy_i1tEWoOyEfpklao.roa (raw, json)
Hash identifier: KwO8sjIOS3AyavNN1rZ3J9NpiUvy53YYtmqOuzHCgm4=
Subject key identifier: D4:79:F4:42:5D:66:3D:DC:BF:8B:5B:44:5A:83:B2:11:FA:64:95:AA
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01929B0A5079C4C39F181EDB728958E72AFC
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1Hn0Ql1mPdy_i1tEWoOyEfpklao.roa
Signing time: Thu 17 Oct 2024 15:13:17 +0000
ROA not before: Thu 17 Oct 2024 15:13:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202395
IP address blocks: 192.165.252.0/24 maxlen: 24
193.181.45.0/24 maxlen: 24
193.183.224.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9b:0a:50:79:c4:c3:9f:18:1e:db:72:89:58:e7:2a:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Oct 17 15:13:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d479f4425d663ddcbf8b5b445a83b211fa6495aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:10:11:10:42:ea:7b:e3:33:39:cb:f8:c5:8d:
71:ef:75:6e:83:c9:9f:08:6f:3f:bb:1f:9e:36:6a:
33:9c:62:9b:4b:b8:af:e9:5b:1b:5e:00:d3:cd:55:
be:c9:fd:51:72:1a:f8:34:e3:17:62:90:26:f0:a9:
dc:5e:c1:cb:3b:36:16:24:4c:9e:18:6d:5e:2a:f1:
98:cb:38:8a:5e:ab:29:b5:29:0b:75:c2:b1:d6:8b:
04:5d:db:2b:00:8f:0f:eb:5a:ac:ee:c0:08:95:ca:
c5:3d:7b:9e:3e:31:e1:d9:58:db:19:69:47:d3:6b:
01:0b:0a:b4:a9:09:9d:2a:20:eb:4d:5a:27:fc:da:
ab:9c:4d:22:ea:e5:53:0d:b2:b6:12:d0:93:56:d0:
3d:48:98:f6:35:6c:f0:77:bd:4d:0c:5f:1c:70:58:
e5:3b:3c:26:fd:df:5a:c6:ae:58:9a:bc:9b:06:c1:
01:c2:21:fa:86:e0:b7:b2:b5:07:04:f5:96:b4:10:
ac:11:83:1c:fa:7e:3f:3a:6c:54:37:b7:1d:82:ab:
f6:a9:29:69:2f:6e:65:e4:07:b4:ac:46:b2:69:a3:
e0:ee:a6:54:1f:59:59:07:20:13:42:00:fd:4f:d0:
b2:51:9c:de:49:86:18:aa:9f:cc:5c:4f:c8:f0:d4:
93:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:79:F4:42:5D:66:3D:DC:BF:8B:5B:44:5A:83:B2:11:FA:64:95:AA
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1Hn0Ql1mPdy_i1tEWoOyEfpklao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.165.252.0/24
193.181.45.0/24
193.183.224.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:ef:18:9d:d8:61:c7:11:46:dd:c7:c4:77:42:03:b7:3d:16:
46:e5:fc:95:fe:7b:6b:27:cc:56:99:63:b0:bf:04:dd:88:0d:
95:0d:cb:14:3e:6a:a0:69:56:53:85:44:89:1f:84:63:12:75:
81:25:17:ee:a7:bf:6f:a8:26:ea:ff:44:ce:45:1c:7c:1d:dd:
74:97:fa:a3:0b:22:55:31:d7:07:62:9f:0b:ed:65:d3:cf:c2:
48:33:e9:eb:6b:48:e3:09:ca:80:8b:e6:78:57:4c:8c:4b:93:
54:61:52:24:28:35:85:46:17:31:72:65:6a:5d:19:6b:e2:60:
c1:96:54:74:55:6a:2a:09:4f:03:9e:f3:79:0d:b4:aa:4c:5a:
d3:f2:b1:a9:11:9d:bf:a8:62:a1:de:12:b8:02:d3:eb:7d:10:
d0:c6:30:e3:1e:81:6a:e5:de:ce:31:18:e8:ad:1f:e9:61:13:
5a:23:a0:5b:4c:9a:27:f6:bc:95:59:58:69:00:f7:72:73:2e:
ec:ba:f7:82:67:0d:30:2a:76:01:0a:48:fa:b8:09:c0:ff:7a:
06:20:23:7b:23:9d:f3:d1:f1:24:40:3c:77:e8:37:87:4e:61:
0f:ec:fc:a3:15:cb:6d:86:d1:c9:a5:74:a8:d5:e1:a6:84:18:
b1:02:aa:cc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKbClB5xMOfGB7bcolY5yr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQxMDE3MTUxMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDc5ZjQ0MjVkNjYzZGRjYmY4YjViNDQ1YTgzYjIxMWZhNjQ5NWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBAREELqe+MzOcv4xY1x73Vug8mf
CG8/ux+eNmoznGKbS7iv6VsbXgDTzVW+yf1Rchr4NOMXYpAm8KncXsHLOzYWJEye
GG1eKvGYyziKXqsptSkLdcKx1osEXdsrAI8P61qs7sAIlcrFPXuePjHh2VjbGWlH
02sBCwq0qQmdKiDrTVon/NqrnE0i6uVTDbK2EtCTVtA9SJj2NWzwd71NDF8ccFjl
Ozwm/d9axq5YmrybBsEBwiH6huC3srUHBPWWtBCsEYMc+n4/OmxUN7cdgqv2qSlp
L25l5Ae0rEayaaPg7qZUH1lZByATQgD9T9CyUZzeSYYYqp/MXE/I8NSTewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNR59EJdZj3cv4tbRFqDshH6ZJWqMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMUhuMFFsMW1QZHlfaTF0RVdvT3lFZnBrbGFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwKX8AwQA
wbUtAwQCwbfgMA0GCSqGSIb3DQEBCwUAA4IBAQCy7xid2GHHEUbdx8R3QgO3PRZG
5fyV/ntrJ8xWmWOwvwTdiA2VDcsUPmqgaVZThUSJH4RjEnWBJRfup79vqCbq/0TO
RRx8Hd10l/qjCyJVMdcHYp8L7WXTz8JIM+nra0jjCcqAi+Z4V0yMS5NUYVIkKDWF
RhcxcmVqXRlr4mDBllR0VWoqCU8DnvN5DbSqTFrT8rGpEZ2/qGKh3hK4AtPrfRDQ
xjDjHoFq5d7OMRjorR/pYRNaI6BbTJon9ryVWVhpAPdycy7suveCZw0wKnYBCkj6
uAnA/3oGICN7I53z0fEkQDx36DeHTmEP7PyjFctthtHJpXSo1eGmhBixAqrM
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:10:29 2024 by rpki-client on console-fra.rpki-client.org