Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/DQP8vYuhGBpOC3XP2ioXCDYnUNE.roa
File: DQP8vYuhGBpOC3XP2ioXCDYnUNE.roa (raw, json)
Hash identifier: wgT6DCPebyNqGcn/768HvFYGfsCy2L6nw/ET08+cLpA=
Subject key identifier: 0D:03:FC:BD:8B:A1:18:1A:4E:0B:75:CF:DA:2A:17:08:36:27:50:D1
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC80302DD9DE31EB5265F4B38CEE86299
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/DQP8vYuhGBpOC3XP2ioXCDYnUNE.roa
Signing time: Tue 02 Jan 2024 02:31:29 +0000
ROA not before: Tue 02 Jan 2024 02:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206170
IP address blocks: 192.121.140.0/24 maxlen: 24
192.71.246.0/24 maxlen: 24
192.165.9.0/24 maxlen: 24
192.121.182.0/24 maxlen: 24
194.68.59.0/24 maxlen: 24
192.36.176.0/24 maxlen: 24
194.14.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:02:dd:9d:e3:1e:b5:26:5f:4b:38:ce:e8:62:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d03fcbd8ba1181a4e0b75cfda2a1708362750d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5c:00:04:00:ee:66:86:2f:4f:44:81:82:1d:
32:ff:ec:fd:84:73:07:60:ee:5a:b8:d2:64:fa:75:
47:11:46:76:f5:7c:2b:89:fc:9f:82:51:14:56:51:
eb:9d:2e:1d:ab:41:9c:35:42:de:f5:a2:00:2e:69:
78:a2:f8:76:c9:57:5e:f0:81:15:e5:7c:87:97:f5:
84:5b:f2:f6:6a:b2:7e:71:b7:6e:20:51:2f:c6:66:
68:8a:35:e9:cb:c2:67:10:93:3d:36:ad:7d:82:32:
33:be:78:96:cc:ab:a1:6e:55:ad:d6:d9:52:bc:a3:
5b:9a:0b:a8:58:cb:0f:fd:a6:aa:4e:86:62:44:99:
ab:2e:cc:01:37:37:15:c2:02:61:18:17:ef:36:b7:
f3:f3:75:95:d4:22:e8:7b:3c:fc:e5:e8:a4:58:d8:
da:62:3c:39:e7:92:f0:33:f6:04:cd:5f:4e:6b:01:
e9:b7:ed:0e:5e:28:9d:d5:43:0a:df:c3:1a:ae:75:
6e:8a:10:35:5f:a0:ff:5a:af:a5:77:21:d9:a1:fc:
11:5e:65:27:ab:96:33:6e:38:40:82:2c:c2:d2:50:
74:97:01:d7:1e:29:46:92:59:52:d2:56:ce:b2:dc:
65:c5:6d:65:43:3e:c1:8e:d5:2e:5b:7e:a7:87:5b:
a1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:03:FC:BD:8B:A1:18:1A:4E:0B:75:CF:DA:2A:17:08:36:27:50:D1
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/DQP8vYuhGBpOC3XP2ioXCDYnUNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.176.0/24
192.71.246.0/24
192.121.140.0/24
192.121.182.0/24
192.165.9.0/24
194.14.207.0/24
194.68.59.0/24
Signature Algorithm: sha256WithRSAEncryption
82:f6:aa:d5:40:66:68:db:5c:51:3d:3a:f4:ad:c6:0b:64:2a:
5b:0d:11:ee:b9:e5:4d:22:4f:3b:af:e0:f8:5a:e1:8f:f4:d7:
ee:0c:70:a3:1f:d6:11:a6:11:bc:26:ad:8f:f3:3e:6b:44:fd:
15:9e:88:ad:90:e5:57:82:f2:89:2e:82:51:a6:53:4e:8f:05:
b5:a2:88:03:92:c0:61:bf:ee:62:32:66:58:04:7c:5e:ae:e2:
67:f8:b9:4d:36:0e:f1:73:b2:61:17:23:ef:7f:f2:35:a6:71:
96:42:fa:9a:8c:f4:60:0f:05:c1:74:2e:8d:82:16:1d:a5:51:
ef:a2:e5:23:b7:d9:d6:d9:1a:99:dd:26:11:f6:eb:9f:5a:99:
aa:5c:a4:b9:2c:79:46:3d:be:9e:27:b5:02:16:d3:ac:b0:15:
d7:c7:f4:86:73:78:ec:68:51:98:e1:7b:eb:e9:af:53:03:d7:
00:14:fa:27:dd:8c:b1:38:08:bd:64:77:7f:07:b9:a7:5e:91:
d1:b7:21:d0:c4:90:84:b1:73:52:4d:00:31:c8:c9:c3:c0:08:
7c:da:f0:de:b2:1c:e9:98:81:d7:1a:80:e8:87:c6:60:17:2c:
77:8f:65:d7:bb:3f:df:62:68:74:f6:52:ba:29:49:c3:2b:e9:
e9:54:61:f6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzIAwLdneMetSZfSzjO6GKZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDAzZmNiZDhiYTExODFhNGUwYjc1Y2ZkYTJhMTcwODM2Mjc1MGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFwABADuZoYvT0SBgh0y/+z9hHMH
YO5auNJk+nVHEUZ29XwrifyfglEUVlHrnS4dq0GcNULe9aIALml4ovh2yVde8IEV
5XyHl/WEW/L2arJ+cbduIFEvxmZoijXpy8JnEJM9Nq19gjIzvniWzKuhblWt1tlS
vKNbmguoWMsP/aaqToZiRJmrLswBNzcVwgJhGBfvNrfz83WV1CLoezz85eikWNja
Yjw555LwM/YEzV9OawHpt+0OXiid1UMK38MarnVuihA1X6D/Wq+ldyHZofwRXmUn
q5YzbjhAgizC0lB0lwHXHilGkllS0lbOstxlxW1lQz7BjtUuW36nh1uh3QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFA0D/L2LoRgaTgt1z9oqFwg2J1DRMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvRFFQOHZZdWhHQnBPQzNYUDJpb1hDRFluVU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwCSwAwQA
wEf2AwQAwHmMAwQAwHm2AwQAwKUJAwQAwg7PAwQAwkQ7MA0GCSqGSIb3DQEBCwUA
A4IBAQCC9qrVQGZo21xRPTr0rcYLZCpbDRHuueVNIk87r+D4WuGP9NfuDHCjH9YR
phG8Jq2P8z5rRP0VnoitkOVXgvKJLoJRplNOjwW1oogDksBhv+5iMmZYBHxeruJn
+LlNNg7xc7JhFyPvf/I1pnGWQvqajPRgDwXBdC6NghYdpVHvouUjt9nW2RqZ3SYR
9uufWpmqXKS5LHlGPb6eJ7UCFtOssBXXx/SGc3jsaFGY4Xvr6a9TA9cAFPon3Yyx
OAi9ZHd/B7mnXpHRtyHQxJCEsXNSTQAxyMnDwAh82vDeshzpmIHXGoDoh8ZgFyx3
j2XXuz/fYmh09lK6KUnDK+npVGH2
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:31:19 2024 by rpki-client on console-fra.rpki-client.org