Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/4xtnJ963_k3TO6EPm2Bv87bJk84.roa
File: 4xtnJ963_k3TO6EPm2Bv87bJk84.roa (raw, json)
Hash identifier: K/FBhafYkqDgfiwZIXBfhjGGCUUCSqU3Xyp9RNpPNvg=
Subject key identifier: E3:1B:67:27:DE:B7:FE:4D:D3:3B:A1:0F:9B:60:6F:F3:B6:C9:93:CE
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01942748353B23A292290E513095A73AA5B2
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/4xtnJ963_k3TO6EPm2Bv87bJk84.roa
Signing time: Thu 02 Jan 2025 13:50:31 +0000
ROA not before: Thu 02 Jan 2025 13:50:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1257
IP address blocks: 192.71.180.0/24 maxlen: 24
192.71.220.0/24 maxlen: 24
193.180.207.0/24 maxlen: 24
193.180.240.0/24 maxlen: 24
193.180.247.0/24 maxlen: 24
193.181.2.0/24 maxlen: 24
193.234.87.0/24 maxlen: 24
193.234.177.0/24 maxlen: 24
194.71.248.0/21 maxlen: 24
194.103.24.0/22 maxlen: 24
194.132.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:35:3b:23:a2:92:29:0e:51:30:95:a7:3a:a5:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e31b6727deb7fe4dd33ba10f9b606ff3b6c993ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:13:e2:bf:0c:9a:e6:b1:91:40:c0:01:7f:c6:
3e:04:70:07:f4:fb:c6:cf:96:8c:75:ce:8c:63:ca:
fb:fa:96:53:d0:b8:8c:5d:08:07:af:a8:74:38:4f:
75:83:4e:22:08:25:55:90:d7:21:06:92:6c:ab:be:
e8:f4:e2:01:c4:49:1f:98:ef:8a:7b:51:29:c0:28:
71:e9:5b:b2:6f:71:50:d9:3c:19:3b:c8:38:08:74:
0a:59:5f:7a:0e:f2:e7:f9:ba:85:60:b8:8d:ba:87:
0a:f7:d6:ec:08:76:cf:36:41:98:ba:2e:6c:58:a6:
ec:2c:af:17:ba:0e:cb:3a:1b:30:a9:70:23:63:8e:
3c:f3:a1:ae:18:8e:5e:55:9a:ef:9d:69:9c:29:33:
91:e2:a5:40:54:7e:f9:51:32:60:3e:ba:6b:76:f9:
a2:5e:66:3f:e0:1c:5b:c2:0e:37:99:ab:69:2f:35:
50:a0:f0:a7:25:17:e2:71:d1:8f:3b:89:ff:30:0a:
fa:65:7e:e1:de:fd:93:03:d3:e5:2d:32:e4:00:d1:
7d:b7:3a:ad:fd:43:34:e1:62:8a:a3:c1:be:fb:83:
bc:e5:0d:fd:3b:92:0b:b6:2e:d6:5b:3f:7f:83:34:
89:0f:a1:61:fd:b6:cc:3c:18:de:2e:04:f5:a7:2c:
ba:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:1B:67:27:DE:B7:FE:4D:D3:3B:A1:0F:9B:60:6F:F3:B6:C9:93:CE
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/4xtnJ963_k3TO6EPm2Bv87bJk84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.180.0/24
192.71.220.0/24
193.180.207.0/24
193.180.240.0/24
193.180.247.0/24
193.181.2.0/24
193.234.87.0/24
193.234.177.0/24
194.71.248.0/21
194.103.24.0/22
194.132.60.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:7f:38:27:28:50:97:09:02:82:b4:a9:dc:6f:c3:18:89:b9:
50:92:6c:35:2b:09:ea:e7:d6:23:e1:28:d4:c9:69:90:e6:9a:
10:d4:e5:b7:4f:33:39:ee:68:55:bb:36:46:ab:ed:b2:8b:20:
57:7d:bf:fe:61:71:11:5c:ea:66:10:ed:73:59:46:e1:65:bd:
a8:3d:28:73:44:14:10:a1:09:fa:33:63:84:50:15:7e:e6:bd:
7e:21:d4:89:4f:3f:0f:be:75:31:98:c0:63:83:21:83:e8:4f:
83:ef:62:a1:a5:91:f6:63:ed:5b:51:15:e8:47:16:5d:78:7f:
57:85:9c:f5:03:9b:6e:1b:0f:1b:ba:aa:5c:5e:29:46:26:13:
3c:ab:55:4b:95:89:ee:7e:78:d3:bc:e3:20:02:19:b5:f9:48:
18:50:70:4c:ff:6d:f9:29:43:10:03:ca:ff:e0:86:fc:60:4c:
af:c1:55:c3:d4:53:b0:2b:2f:5a:13:2a:f0:a5:6b:86:08:78:
d8:e8:f1:52:3e:e6:f6:00:04:80:43:b9:17:f4:6a:d0:4b:8e:
46:97:9a:21:f3:08:e1:fc:c4:57:74:bb:85:36:cc:33:9b:71:
19:d1:eb:1d:c3:8c:25:08:59:ad:92:db:b2:69:fe:5b:48:05:
be:6d:a6:24
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQnSDU7I6KSKQ5RMJWnOqWyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzFiNjcyN2RlYjdmZTRkZDMzYmExMGY5YjYwNmZmM2I2Yzk5M2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRPivwya5rGRQMABf8Y+BHAH9PvG
z5aMdc6MY8r7+pZT0LiMXQgHr6h0OE91g04iCCVVkNchBpJsq77o9OIBxEkfmO+K
e1EpwChx6Vuyb3FQ2TwZO8g4CHQKWV96DvLn+bqFYLiNuocK99bsCHbPNkGYui5s
WKbsLK8Xug7LOhswqXAjY44886GuGI5eVZrvnWmcKTOR4qVAVH75UTJgPrprdvmi
XmY/4Bxbwg43matpLzVQoPCnJRficdGPO4n/MAr6ZX7h3v2TA9PlLTLkANF9tzqt
/UM04WKKo8G++4O85Q39O5ILti7WWz9/gzSJD6Fh/bbMPBjeLgT1pyy6/wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFOMbZyfet/5N0zuhD5tgb/O2yZPOMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvNHh0bko5NjNfazNUTzZFUG0yQnY4N2JKazg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwEe0AwQA
wEfcAwQAwbTPAwQAwbTwAwQAwbT3AwQAwbUCAwQAwepXAwQAweqxAwQDwkf4AwQC
wmcYAwQAwoQ8MA0GCSqGSIb3DQEBCwUAA4IBAQArfzgnKFCXCQKCtKncb8MYiblQ
kmw1Kwnq59Yj4SjUyWmQ5poQ1OW3TzM57mhVuzZGq+2yiyBXfb/+YXERXOpmEO1z
WUbhZb2oPShzRBQQoQn6M2OEUBV+5r1+IdSJTz8PvnUxmMBjgyGD6E+D72KhpZH2
Y+1bURXoRxZdeH9XhZz1A5tuGw8buqpcXilGJhM8q1VLlYnufnjTvOMgAhm1+UgY
UHBM/235KUMQA8r/4Ib8YEyvwVXD1FOwKy9aEyrwpWuGCHjY6PFSPub2AASAQ7kX
9GrQS45Gl5oh8wjh/MRXdLuFNswzm3EZ0esdw4wlCFmtktuyaf5bSAW+baYk
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:44 2025 by rpki-client