Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/85ZAs1tfgmF_W_MXmjt-Gztho60.roa
File: 85ZAs1tfgmF_W_MXmjt-Gztho60.roa (raw, json)
Hash identifier: qvvC2otmB6butNaEHjsbhfsyszqDdDnJYfUbpXXgraU=
Subject key identifier: F3:96:40:B3:5B:5F:82:61:7F:5B:F3:17:9A:3B:7E:1B:3B:61:A3:AD
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CCF689B11764DAAE0F81A78D56A416686
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/85ZAs1tfgmF_W_MXmjt-Gztho60.roa
Signing time: Wed 03 Jan 2024 12:59:48 +0000
ROA not before: Wed 03 Jan 2024 12:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.68.123.0/24 maxlen: 24
194.68.128.0/24 maxlen: 24
194.68.130.0/23 maxlen: 23
194.68.133.0/24 maxlen: 24
194.68.135.0/24 maxlen: 24
194.132.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cf:68:9b:11:76:4d:aa:e0:f8:1a:78:d5:6a:41:66:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 3 12:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f39640b35b5f82617f5bf3179a3b7e1b3b61a3ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:41:d1:d3:ea:3c:63:4b:47:1e:14:ad:7c:c2:
3d:fe:23:b0:b1:c9:8e:e4:87:47:82:f8:f5:5d:66:
31:3f:f8:bf:fd:9b:99:e7:b0:06:2f:eb:43:96:a6:
d6:b3:0b:95:e4:8e:45:e3:71:ff:35:cb:c4:6b:bb:
e0:19:79:4e:fa:1a:ab:ce:37:1d:99:4a:fd:78:0a:
3c:8c:dc:f0:23:7e:c2:4d:dd:ed:ce:1c:1a:76:7f:
a9:7d:c4:cf:d4:b3:63:23:f0:46:11:1f:71:04:9b:
d7:fd:08:d0:34:35:be:4d:f9:a6:af:c8:5d:96:30:
5c:0a:a8:c6:ac:b5:71:df:7a:03:1d:f0:78:73:86:
ff:62:48:b5:c5:67:51:65:b7:1f:fc:e2:02:ba:13:
e6:c2:c9:6a:25:4f:80:40:47:d2:33:5e:c3:28:50:
73:03:2e:3c:0a:7f:70:a5:74:b0:19:2c:17:75:7b:
a2:95:05:c3:c9:38:b9:27:c5:39:11:39:f6:cb:74:
44:47:6c:07:9d:da:d0:5d:ea:00:5a:b1:56:02:c3:
f5:99:1e:ea:23:ee:0f:73:c6:c6:d9:61:18:3e:3b:
94:f7:68:11:f7:5f:2b:d9:ad:16:28:2c:62:b7:03:
f8:fa:07:d6:3b:7c:33:5a:de:08:1c:b8:62:d3:72:
65:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:96:40:B3:5B:5F:82:61:7F:5B:F3:17:9A:3B:7E:1B:3B:61:A3:AD
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/85ZAs1tfgmF_W_MXmjt-Gztho60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.68.123.0/24
194.68.128.0/24
194.68.130.0/23
194.68.133.0/24
194.68.135.0/24
194.132.59.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:35:4f:7b:a8:b2:40:4c:4b:2d:82:d7:27:a8:fc:ae:c6:11:
b9:70:48:18:a7:2e:2e:3d:ff:ed:69:39:74:43:24:7a:23:5b:
43:3b:a7:96:89:76:14:f9:89:5d:0b:23:ba:63:7d:38:d5:4f:
24:90:b8:29:8c:03:03:f1:00:b0:b9:6e:f6:78:a9:e0:85:69:
44:4f:56:de:54:43:f5:a7:d1:29:df:3d:32:b8:fa:d7:ab:a7:
98:7a:47:a4:e1:d4:fe:cf:f1:5d:c0:97:87:18:9d:b7:bd:33:
00:49:3b:ed:e0:92:ac:a0:c8:e8:1a:5a:e9:a5:1a:dc:d2:00:
84:ef:ff:02:6b:ae:49:0e:24:28:71:dc:1e:cd:3c:18:c9:34:
23:2f:13:7f:97:6d:07:fe:f6:02:01:d6:32:4d:b8:79:3f:1a:
21:c4:1a:0e:64:b9:ba:75:2a:af:60:0f:82:e2:c5:4e:f7:da:
6f:41:8b:67:76:47:cb:79:94:99:42:54:04:4f:ed:27:20:99:
69:5b:66:7c:ad:68:36:c3:41:06:bf:42:fe:fe:53:98:74:65:
d1:2a:ef:7c:ba:53:d0:f8:fd:45:63:07:ed:85:ac:2f:5c:04:
ce:bf:9a:05:ee:e8:14:c6:72:6c:54:5c:4e:0e:fc:b0:35:5a:
0e:04:f2:81
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzPaJsRdk2q4PgaeNVqQWaGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAzMTI1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzk2NDBiMzViNWY4MjYxN2Y1YmYzMTc5YTNiN2UxYjNiNjFhM2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUHR0+o8Y0tHHhStfMI9/iOwscmO
5IdHgvj1XWYxP/i//ZuZ57AGL+tDlqbWswuV5I5F43H/NcvEa7vgGXlO+hqrzjcd
mUr9eAo8jNzwI37CTd3tzhwadn+pfcTP1LNjI/BGER9xBJvX/QjQNDW+Tfmmr8hd
ljBcCqjGrLVx33oDHfB4c4b/Yki1xWdRZbcf/OICuhPmwslqJU+AQEfSM17DKFBz
Ay48Cn9wpXSwGSwXdXuilQXDyTi5J8U5ETn2y3RER2wHndrQXeoAWrFWAsP1mR7q
I+4Pc8bG2WEYPjuU92gR918r2a0WKCxitwP4+gfWO3wzWt4IHLhi03JlEQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPOWQLNbX4Jhf1vzF5o7fhs7YaOtMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvODVaQXMxdGZnbUZfV19NWG1qdC1HenRobzYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwkR7AwQA
wkSAAwQBwkSCAwQAwkSFAwQAwkSHAwQAwoQ7MA0GCSqGSIb3DQEBCwUAA4IBAQCx
NU97qLJATEstgtcnqPyuxhG5cEgYpy4uPf/taTl0QyR6I1tDO6eWiXYU+YldCyO6
Y3041U8kkLgpjAMD8QCwuW72eKnghWlET1beVEP1p9Ep3z0yuPrXq6eYekek4dT+
z/FdwJeHGJ23vTMASTvt4JKsoMjoGlrppRrc0gCE7/8Ca65JDiQocdwezTwYyTQj
LxN/l20H/vYCAdYyTbh5PxohxBoOZLm6dSqvYA+C4sVO99pvQYtndkfLeZSZQlQE
T+0nIJlpW2Z8rWg2w0EGv0L+/lOYdGXRKu98ulPQ+P1FYwfthawvXATOv5oF7ugU
xnJsVFxODvywNVoOBPKB
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:50:53 2024 by rpki-client on console-fra.rpki-client.org