Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/9l9kWPEfQrOFhvcmeJi1UXibDCs.roa
File: 9l9kWPEfQrOFhvcmeJi1UXibDCs.roa (raw, json)
Hash identifier: dnU8Iln21oCEz5xTQn2cag6uyVy7KT8q1k5GdOdxSc4=
Subject key identifier: F6:5F:64:58:F1:1F:42:B3:85:86:F7:26:78:98:B5:51:78:9B:0C:2B
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802DC756F70282BB314DBB2D01334E1
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/9l9kWPEfQrOFhvcmeJi1UXibDCs.roa
Signing time: Tue 02 Jan 2024 02:31:19 +0000
ROA not before: Tue 02 Jan 2024 02:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8769
IP address blocks: 193.182.245.0/24 maxlen: 24
193.234.82.0/24 maxlen: 24
194.71.221.0/24 maxlen: 24
193.234.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:dc:75:6f:70:28:2b:b3:14:db:b2:d0:13:34:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f65f6458f11f42b38586f7267898b551789b0c2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:84:c9:ce:64:e7:5d:34:e9:d8:50:93:3e:66:
95:f9:17:96:c5:b1:e8:b7:da:aa:3f:77:be:7d:c7:
ba:62:23:9b:46:63:15:2a:a4:94:03:da:a7:22:54:
eb:5f:48:a0:c1:0d:ff:4a:72:d7:a7:00:7c:bb:58:
8a:9d:7f:d8:56:dd:51:19:bb:b1:aa:4e:ac:f2:b4:
b4:7e:85:84:f6:c8:26:ef:45:00:86:28:a7:87:51:
5a:76:10:ad:99:0a:69:e0:20:e5:e2:3e:77:e1:d2:
7f:38:5f:3b:be:69:08:8c:03:e1:03:6f:d9:0d:d5:
0d:eb:ea:f0:0b:30:db:34:a6:3d:81:5c:8a:24:50:
96:e6:d9:78:4b:ff:12:e7:9c:d9:8f:13:ca:47:88:
50:49:14:8f:ec:f4:17:ab:f1:dc:c4:5b:22:18:cf:
88:55:f5:fc:fa:ae:8e:9a:6f:78:9a:be:e7:da:b6:
11:ce:15:82:06:6c:61:c5:75:58:ac:6c:18:6a:e1:
93:f8:31:d3:2e:0b:a4:96:6a:e5:53:24:62:0f:e4:
72:a8:d7:49:06:2f:16:5f:29:2f:00:a1:8b:1c:47:
7c:57:74:54:aa:dd:17:ea:f3:81:99:12:86:67:35:
f2:d1:cd:34:83:52:79:57:83:36:44:84:f5:13:34:
07:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:5F:64:58:F1:1F:42:B3:85:86:F7:26:78:98:B5:51:78:9B:0C:2B
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/9l9kWPEfQrOFhvcmeJi1UXibDCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.182.245.0/24
193.234.18.0/24
193.234.82.0/24
194.71.221.0/24
Signature Algorithm: sha256WithRSAEncryption
48:8b:7a:f8:f1:5d:fa:b0:5d:3e:36:49:07:55:37:98:ca:65:
2a:04:fc:f6:89:87:9c:0f:fc:c3:a4:94:50:bb:ca:fd:e5:b5:
46:9b:f8:2a:2e:e3:10:7f:12:d7:9c:d3:83:0f:8f:ed:41:5d:
8d:4d:e0:25:33:cd:ac:6f:2d:50:3a:0f:ca:d6:20:70:42:d0:
d1:ce:31:63:bf:95:df:2f:4e:20:51:1b:19:23:5d:e6:d3:5c:
b5:52:87:38:1f:ee:71:0c:65:8b:7d:2a:87:a7:fe:54:7e:b4:
c1:76:e1:15:ef:f0:ee:c2:84:5b:a9:ff:ac:31:4c:43:a1:3f:
9d:c8:77:16:69:ab:78:cd:67:8f:ad:a9:06:a4:40:ab:44:b8:
cf:e8:8b:bb:7c:27:ef:9d:c3:9c:65:b9:e9:df:0d:57:97:44:
e5:98:9e:11:0b:87:ca:83:40:4f:f3:51:a5:fe:1f:dc:b5:6e:
43:c8:9a:9b:bf:dc:f3:67:8b:0e:c6:5e:44:1f:a3:c6:2e:60:
94:b2:6a:28:9d:c1:4a:06:19:77:9a:34:5c:c1:bb:b8:c6:cc:
c9:4c:b8:6d:d0:97:72:9e:cc:19:10:72:d7:59:bc:e0:03:79:
e3:0a:d6:65:84:b3:7c:dd:f8:5d:d5:f9:c8:3c:2e:1f:98:5b:
4d:65:aa:b5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIAtx1b3AoK7MU27LQEzThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjVmNjQ1OGYxMWY0MmIzODU4NmY3MjY3ODk4YjU1MTc4OWIwYzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34TJzmTnXTTp2FCTPmaV+ReWxbHo
t9qqP3e+fce6YiObRmMVKqSUA9qnIlTrX0igwQ3/SnLXpwB8u1iKnX/YVt1RGbux
qk6s8rS0foWE9sgm70UAhiinh1FadhCtmQpp4CDl4j534dJ/OF87vmkIjAPhA2/Z
DdUN6+rwCzDbNKY9gVyKJFCW5tl4S/8S55zZjxPKR4hQSRSP7PQXq/HcxFsiGM+I
VfX8+q6Omm94mr7n2rYRzhWCBmxhxXVYrGwYauGT+DHTLguklmrlUyRiD+RyqNdJ
Bi8WXykvAKGLHEd8V3RUqt0X6vOBmRKGZzXy0c00g1J5V4M2RIT1EzQHJwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPZfZFjxH0KzhYb3JniYtVF4mwwrMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvOWw5a1dQRWZRck9GaHZjbWVKaTFVWGliRENzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwbb1AwQA
weoSAwQAwepSAwQAwkfdMA0GCSqGSIb3DQEBCwUAA4IBAQBIi3r48V36sF0+NkkH
VTeYymUqBPz2iYecD/zDpJRQu8r95bVGm/gqLuMQfxLXnNODD4/tQV2NTeAlM82s
by1QOg/K1iBwQtDRzjFjv5XfL04gURsZI13m01y1Uoc4H+5xDGWLfSqHp/5UfrTB
duEV7/DuwoRbqf+sMUxDoT+dyHcWaat4zWePrakGpECrRLjP6Iu7fCfvncOcZbnp
3w1Xl0TlmJ4RC4fKg0BP81Gl/h/ctW5DyJqbv9zzZ4sOxl5EH6PGLmCUsmooncFK
Bhl3mjRcwbu4xszJTLht0JdynswZEHLXWbzgA3njCtZlhLN83fhd1fnIPC4fmFtN
Zaq1
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:04:53 2024 by rpki-client on console-ams.rpki-client.org