Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2vAWL6G5j0jjhhkYCrT698atjEs.roa
File: 2vAWL6G5j0jjhhkYCrT698atjEs.roa (raw, json)
Hash identifier: hvn9EnyN8GMoL0mH+qGorXkfDwffoGd6+fz2rU7rPrQ=
Subject key identifier: DA:F0:16:2F:A1:B9:8F:48:E3:86:19:18:0A:B4:FA:F7:C6:AD:8C:4B
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0192D2729351B0D4F407D691A32CAD33D6A3
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2vAWL6G5j0jjhhkYCrT698atjEs.roa
Signing time: Mon 28 Oct 2024 09:26:17 +0000
ROA not before: Mon 28 Oct 2024 09:26:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201216
IP address blocks: 192.121.57.0/24 maxlen: 24
192.121.59.0/24 maxlen: 24
193.181.192.0/24 maxlen: 24
193.183.145.0/24 maxlen: 24
193.183.146.0/24 maxlen: 24
194.14.35.0/24 maxlen: 24
194.14.39.0/24 maxlen: 24
194.132.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d2:72:93:51:b0:d4:f4:07:d6:91:a3:2c:ad:33:d6:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Oct 28 09:26:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=daf0162fa1b98f48e38619180ab4faf7c6ad8c4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4c:0e:a8:34:92:68:be:1f:b6:4f:ed:50:d1:
2b:ef:be:c5:82:5c:1d:df:33:1b:9d:16:13:3b:4d:
9b:02:c2:83:c2:25:be:3d:ff:41:96:a7:d3:85:95:
db:a2:4c:8f:cf:32:8a:5e:63:a5:f0:a3:50:d7:8d:
bc:d4:9a:25:59:23:ec:9b:3b:77:e0:f8:e7:0d:1b:
cd:39:72:f7:3a:dc:a9:94:36:f1:ba:17:dc:03:0d:
c8:ba:44:df:b0:2e:c8:8d:ad:83:e1:a3:0a:07:a6:
d2:3c:67:18:50:9a:fe:e3:a7:01:6b:36:09:9b:4e:
f4:7b:84:3c:16:26:a1:7a:df:86:54:74:3e:1c:37:
aa:c2:45:1b:ec:b3:b6:de:1f:27:97:9e:20:16:1f:
ea:a0:d4:7e:f5:64:42:28:bb:51:5c:c8:98:f7:f4:
0a:e1:42:08:2a:c8:4c:54:79:ba:32:92:e7:9b:2a:
4c:ed:0f:91:ca:85:cd:cb:58:32:76:bc:4e:fe:a2:
82:35:6e:3f:b3:02:81:a0:ca:29:2f:c0:6a:68:c0:
a5:fe:b8:49:23:45:6b:02:b0:3d:07:7f:90:f0:ed:
7b:a4:07:13:f2:8d:51:b5:b5:94:ae:4a:59:e5:8b:
2e:f1:df:ac:56:c0:00:0e:b5:21:03:bb:7e:98:9e:
d7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:F0:16:2F:A1:B9:8F:48:E3:86:19:18:0A:B4:FA:F7:C6:AD:8C:4B
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2vAWL6G5j0jjhhkYCrT698atjEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.57.0/24
192.121.59.0/24
193.181.192.0/24
193.183.145.0-193.183.146.255
194.14.35.0/24
194.14.39.0/24
194.132.29.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:7e:46:ae:65:fe:c6:a7:bb:fe:8b:d5:3d:33:b6:87:dd:06:
d6:df:11:e8:93:ed:60:fb:6d:1b:50:f5:c1:d8:1a:75:e7:8e:
f0:48:29:b4:8c:5f:2c:3d:b0:c5:e4:22:54:61:d6:e7:d8:c7:
4d:f6:07:20:89:8d:6c:30:e3:6a:7f:47:a9:26:8a:fd:08:93:
70:56:e8:a6:5f:99:05:e6:1d:ad:73:9b:92:6c:7f:e0:20:b7:
47:d4:a6:49:e9:0a:62:1a:91:7d:63:56:d2:85:6b:75:5d:c1:
23:1e:0d:03:18:68:26:33:a3:b4:50:2e:b7:79:c8:a5:75:f4:
63:70:e2:93:45:34:da:10:c6:45:1c:b6:c0:45:96:7f:f1:a8:
3e:89:96:78:67:3a:e6:cc:bf:f7:15:1d:e2:42:40:a6:17:9a:
f8:0d:01:65:de:62:b6:e9:23:68:19:0f:c5:c7:d3:24:12:9f:
b2:8d:49:ba:45:73:83:34:5e:64:d2:ae:ef:ef:bb:81:0e:29:
62:cc:18:1e:cc:5f:28:13:80:f9:b7:b3:b8:13:d4:05:7c:5b:
cf:33:03:22:32:f9:8a:c7:62:b5:6e:a7:15:60:ae:ef:af:f1:
ef:4f:a5:2f:4b:8c:7a:7f:d6:09:c6:5f:b4:66:3a:a6:20:bd:
5b:0e:d3:c9
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZLScpNRsNT0B9aRoyytM9ajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQxMDI4MDkyNjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWYwMTYyZmExYjk4ZjQ4ZTM4NjE5MTgwYWI0ZmFmN2M2YWQ4YzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEwOqDSSaL4ftk/tUNEr777Fglwd
3zMbnRYTO02bAsKDwiW+Pf9BlqfThZXbokyPzzKKXmOl8KNQ14281JolWSPsmzt3
4PjnDRvNOXL3OtyplDbxuhfcAw3IukTfsC7Ija2D4aMKB6bSPGcYUJr+46cBazYJ
m070e4Q8Fiahet+GVHQ+HDeqwkUb7LO23h8nl54gFh/qoNR+9WRCKLtRXMiY9/QK
4UIIKshMVHm6MpLnmypM7Q+RyoXNy1gydrxO/qKCNW4/swKBoMopL8BqaMCl/rhJ
I0VrArA9B3+Q8O17pAcT8o1RtbWUrkpZ5Ysu8d+sVsAADrUhA7t+mJ7XjQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFNrwFi+huY9I44YZGAq0+vfGrYxLMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMnZBV0w2RzVqMGpqaGhrWUNyVDY5OGF0akVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAwHk5AwQA
wHk7AwQAwbXAMAwDBADBt5EDBADBt5IDBADCDiMDBADCDicDBADChB0wDQYJKoZI
hvcNAQELBQADggEBAB1+Rq5l/sanu/6L1T0ztofdBtbfEeiT7WD7bRtQ9cHYGnXn
jvBIKbSMXyw9sMXkIlRh1ufYx032ByCJjWww42p/R6kmiv0Ik3BW6KZfmQXmHa1z
m5Jsf+Agt0fUpknpCmIakX1jVtKFa3VdwSMeDQMYaCYzo7RQLrd5yKV19GNw4pNF
NNoQxkUctsBFln/xqD6JlnhnOubMv/cVHeJCQKYXmvgNAWXeYrbpI2gZD8XH0yQS
n7KNSbpFc4M0XmTSru/vu4EOKWLMGB7MXygTgPm3s7gT1AV8W88zAyIy+YrHYrVu
pxVgru+v8e9PpS9LjHp/1gnGX7RmOqYgvVsO08k=
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:50:49 2024 by rpki-client on console-ams.rpki-client.org