Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2t2t63ZhPnShV4MLDLZguvPXbzM.roa
File: 2t2t63ZhPnShV4MLDLZguvPXbzM.roa (raw, json)
Hash identifier: g73YfChQ99ie/avmFx2/GVABK8vrGCgH7a0tHNmjS4k=
Subject key identifier: DA:DD:AD:EB:76:61:3E:74:A1:57:83:0B:0C:B6:60:BA:F3:D7:6F:33
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802F4B514E82D339D9E03C05191EB6B
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2t2t63ZhPnShV4MLDLZguvPXbzM.roa
Signing time: Tue 02 Jan 2024 02:31:26 +0000
ROA not before: Tue 02 Jan 2024 02:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56630
IP address blocks: 194.68.225.0/24 maxlen: 24
194.71.107.0/24 maxlen: 24
192.121.163.0/24 maxlen: 24
192.36.41.0/24 maxlen: 24
192.71.26.0/24 maxlen: 24
192.121.171.0/24 maxlen: 24
192.36.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:f4:b5:14:e8:2d:33:9d:9e:03:c0:51:91:eb:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=daddadeb76613e74a157830b0cb660baf3d76f33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ab:e3:9e:9d:a4:4d:44:40:b6:05:dd:f2:e1:
c3:a9:22:61:fe:94:92:11:c8:15:02:10:0a:f3:d4:
86:9d:dc:34:d0:59:49:81:ea:3f:e8:d4:9a:98:7c:
c2:7d:99:7c:f0:10:dc:14:22:d6:5a:47:41:0a:ca:
c7:b3:d5:bf:28:c4:c7:4c:6c:dc:25:ff:08:17:e6:
87:a4:b1:d0:3e:9f:d7:2c:b9:51:33:66:43:8f:da:
e8:75:fa:f4:53:32:80:c7:3d:73:36:56:12:e5:e5:
dc:db:fa:ad:a7:3c:ab:70:9d:db:52:bc:a3:f2:c0:
4c:08:5d:64:ac:01:a4:57:12:bc:96:79:84:f1:f8:
d9:eb:a4:9a:ce:f6:ad:95:46:62:cd:8c:79:6a:5c:
a6:aa:6c:7b:3e:ac:6a:51:79:ee:33:3b:a0:70:67:
52:4c:04:41:8a:65:94:58:e5:f8:85:86:d5:e3:aa:
35:57:06:e0:41:41:1a:4b:3a:52:44:a0:c5:ae:3e:
8d:3e:66:ee:60:9c:da:67:83:ed:01:83:3b:09:6a:
46:2f:88:77:70:b6:04:7c:b5:0b:3a:3d:13:39:3c:
0f:81:79:c9:0e:20:73:37:41:a0:15:95:d4:0a:c1:
6d:27:a1:70:bb:f7:3b:48:c8:7a:1b:09:c3:3d:71:
d1:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:DD:AD:EB:76:61:3E:74:A1:57:83:0B:0C:B6:60:BA:F3:D7:6F:33
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2t2t63ZhPnShV4MLDLZguvPXbzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.41.0/24
192.36.61.0/24
192.71.26.0/24
192.121.163.0/24
192.121.171.0/24
194.68.225.0/24
194.71.107.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:a3:09:10:e0:2a:19:2d:44:c9:78:09:e5:b9:d9:6c:f7:eb:
a5:d4:d4:ce:8b:68:6d:3c:c8:49:b6:f3:c9:2d:f7:8d:51:1e:
89:de:e3:d2:7e:42:bb:c6:55:68:6c:e8:48:b8:ca:42:c4:b5:
a7:57:7e:17:9a:f2:10:95:7b:52:06:09:c0:1f:13:4a:92:57:
83:7b:e5:19:4e:cd:0f:82:b6:d8:0b:ea:9c:55:73:22:60:d3:
a8:26:06:4b:ce:78:0c:26:00:d1:29:d0:e2:02:1c:4c:cf:f8:
27:84:8f:62:a5:f2:1e:0a:4d:98:c8:29:4e:92:33:ca:9c:6e:
aa:d7:52:9a:8e:39:b7:7d:a7:ed:db:a4:d6:40:3c:0e:e8:4d:
7c:19:26:ce:98:11:13:7f:4a:1f:eb:1d:fa:d3:e2:a7:0a:76:
79:78:bf:65:77:75:5a:55:c4:8b:ae:ca:46:ff:c4:d6:51:26:
c4:63:5a:17:9b:fe:59:82:03:0f:0a:57:f6:04:2d:b2:c6:41:
19:7b:c6:de:61:7b:c3:57:be:0a:16:ef:14:ad:49:e2:df:ae:
f8:95:b2:48:41:80:f3:b0:d1:1a:d7:a0:86:d9:da:d8:b4:1b:
7f:e8:63:e4:82:2d:ff:a6:cd:35:4a:44:65:c2:27:bf:b9:a4:
67:a9:17:4f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzIAvS1FOgtM52eA8BRketrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWRkYWRlYjc2NjEzZTc0YTE1NzgzMGIwY2I2NjBiYWYzZDc2ZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvavjnp2kTURAtgXd8uHDqSJh/pSS
EcgVAhAK89SGndw00FlJgeo/6NSamHzCfZl88BDcFCLWWkdBCsrHs9W/KMTHTGzc
Jf8IF+aHpLHQPp/XLLlRM2ZDj9rodfr0UzKAxz1zNlYS5eXc2/qtpzyrcJ3bUryj
8sBMCF1krAGkVxK8lnmE8fjZ66SazvatlUZizYx5alymqmx7PqxqUXnuMzugcGdS
TARBimWUWOX4hYbV46o1VwbgQUEaSzpSRKDFrj6NPmbuYJzaZ4PtAYM7CWpGL4h3
cLYEfLULOj0TOTwPgXnJDiBzN0GgFZXUCsFtJ6Fwu/c7SMh6GwnDPXHRZwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNrdret2YT50oVeDCwy2YLrz128zMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMnQydDYzWmhQblNoVjRNTERMWmd1dlBYYnpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwCQpAwQA
wCQ9AwQAwEcaAwQAwHmjAwQAwHmrAwQAwkThAwQAwkdrMA0GCSqGSIb3DQEBCwUA
A4IBAQBvowkQ4CoZLUTJeAnludls9+ul1NTOi2htPMhJtvPJLfeNUR6J3uPSfkK7
xlVobOhIuMpCxLWnV34XmvIQlXtSBgnAHxNKkleDe+UZTs0PgrbYC+qcVXMiYNOo
JgZLzngMJgDRKdDiAhxMz/gnhI9ipfIeCk2YyClOkjPKnG6q11Kajjm3faft26TW
QDwO6E18GSbOmBETf0of6x360+KnCnZ5eL9ld3VaVcSLrspG/8TWUSbEY1oXm/5Z
ggMPClf2BC2yxkEZe8beYXvDV74KFu8UrUni3674lbJIQYDzsNEa16CG2drYtBt/
6GPkgi3/ps01SkRlwie/uaRnqRdP
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:04:53 2024 by rpki-client on console-ams.rpki-client.org