Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/F8znPv1WOvWYP_7u5j7JPeY_t_U.roa
File: F8znPv1WOvWYP_7u5j7JPeY_t_U.roa (raw, json)
Hash identifier: kMQ2fO1ZTr1yMdv72a6UArC73ZROhBbnQISzEyVD6Xk=
Subject key identifier: 17:CC:E7:3E:FD:56:3A:F5:98:3F:FE:EE:E6:3E:C9:3D:E6:3F:B7:F5
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01942748814DF1315E493896C47C06123005
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/F8znPv1WOvWYP_7u5j7JPeY_t_U.roa
Signing time: Thu 02 Jan 2025 13:50:50 +0000
ROA not before: Thu 02 Jan 2025 13:50:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211434
IP address blocks: 192.36.200.0/24 maxlen: 24
192.71.206.0/24 maxlen: 24
193.181.200.0/21 maxlen: 24
194.68.22.0/23 maxlen: 23
194.71.106.0/24 maxlen: 24
194.132.172.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:81:4d:f1:31:5e:49:38:96:c4:7c:06:12:30:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17cce73efd563af5983ffeeee63ec93de63fb7f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ad:98:e5:21:9f:b0:2a:98:9b:fd:5d:23:5c:
67:f9:1f:c5:6a:c6:ac:6b:5a:ea:23:b8:da:69:0a:
ea:a7:72:50:c1:fa:5f:6e:8b:c6:fe:25:65:26:cf:
33:0f:a8:13:3c:8f:89:03:aa:6b:a7:57:51:a3:79:
dd:1b:3f:11:17:1e:88:56:ba:28:48:ad:45:c9:26:
e9:5a:09:0b:a6:e7:67:2b:56:96:ce:7d:8b:89:3a:
3f:e8:7c:d1:92:80:98:68:f1:9d:09:4e:ee:6a:01:
b9:31:cb:cf:44:9f:a5:07:36:25:64:1b:e2:19:da:
ae:31:74:eb:6f:04:36:f9:1b:d0:46:d6:ce:7c:f1:
b3:21:d4:20:6a:2e:2e:11:0c:80:18:f0:d7:f6:cb:
f0:90:98:f1:c4:79:71:54:78:c1:5f:8f:86:17:cf:
a8:b0:d9:0e:21:81:ef:64:11:b0:38:d8:92:3c:8a:
2f:8b:2e:e8:43:5b:14:df:a8:c6:7b:93:68:50:06:
00:30:c5:51:97:4c:b8:e0:73:36:5c:13:03:32:e2:
ff:fd:7a:00:04:77:3e:fa:e4:14:66:ab:aa:5f:45:
fe:87:90:f7:55:66:dd:a0:9b:c2:ec:bc:ac:ff:0e:
38:eb:b9:63:f5:30:06:6a:95:ab:48:a1:57:c7:e0:
bb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:CC:E7:3E:FD:56:3A:F5:98:3F:FE:EE:E6:3E:C9:3D:E6:3F:B7:F5
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/F8znPv1WOvWYP_7u5j7JPeY_t_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.200.0/24
192.71.206.0/24
193.181.200.0/21
194.68.22.0/23
194.71.106.0/24
194.132.172.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:ed:f8:30:7b:69:43:fb:50:9e:47:ae:15:47:54:50:88:45:
0e:26:7f:2e:44:56:75:ca:a7:ab:51:1b:bd:b7:29:cd:b2:00:
c3:a1:d3:4f:98:fe:65:ab:5c:b3:65:e6:a5:91:74:8e:1c:87:
38:71:ce:da:76:c6:ee:9b:9e:a9:0b:8e:9e:b0:fe:55:41:b9:
40:c7:eb:c4:fa:40:af:fd:e3:82:4a:c0:56:d2:eb:69:c6:9c:
2d:75:3b:ad:c9:d9:42:36:c1:eb:3d:eb:e7:89:f1:67:e5:fe:
5a:cb:11:b9:05:2f:d1:b1:44:63:52:65:40:51:1d:41:f3:91:
21:d8:eb:21:90:cd:38:c8:3e:9d:49:83:22:5c:4f:93:ea:9f:
85:cf:9f:87:eb:ec:c1:16:2d:8d:49:b8:ba:d6:b5:d5:45:a9:
b8:5f:40:6b:98:d8:2e:ba:1c:68:ce:2a:a2:ee:d4:cb:f3:f3:
4a:ec:ca:e2:7f:c3:43:17:da:40:20:06:da:ec:b2:02:8c:ed:
f8:5c:ed:00:ce:e6:22:8e:dd:0d:c7:79:ff:93:e0:11:c5:23:
13:43:87:fe:db:1a:52:bf:8f:80:7e:55:42:93:81:f5:19:e7:
2a:a3:10:a8:14:a7:0d:18:31:37:e1:6b:c7:0a:09:6d:f3:ff:
f4:4b:75:78
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQnSIFN8TFeSTiWxHwGEjAFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2NjZTczZWZkNTYzYWY1OTgzZmZlZWVlNjNlYzkzZGU2M2ZiN2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtq2Y5SGfsCqYm/1dI1xn+R/Fasas
a1rqI7jaaQrqp3JQwfpfbovG/iVlJs8zD6gTPI+JA6prp1dRo3ndGz8RFx6IVroo
SK1FySbpWgkLpudnK1aWzn2LiTo/6HzRkoCYaPGdCU7uagG5McvPRJ+lBzYlZBvi
GdquMXTrbwQ2+RvQRtbOfPGzIdQgai4uEQyAGPDX9svwkJjxxHlxVHjBX4+GF8+o
sNkOIYHvZBGwONiSPIoviy7oQ1sU36jGe5NoUAYAMMVRl0y44HM2XBMDMuL//XoA
BHc++uQUZquqX0X+h5D3VWbdoJvC7Lys/w4467lj9TAGapWrSKFXx+C7iQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBfM5z79Vjr1mD/+7uY+yT3mP7f1MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvRjh6blB2MVdPdldZUF83dTVqN0pQZVlfdF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwCTIAwQA
wEfOAwQDwbXIAwQBwkQWAwQAwkdqAwQBwoSsMA0GCSqGSIb3DQEBCwUAA4IBAQAN
7fgwe2lD+1CeR64VR1RQiEUOJn8uRFZ1yqerURu9tynNsgDDodNPmP5lq1yzZeal
kXSOHIc4cc7adsbum56pC46esP5VQblAx+vE+kCv/eOCSsBW0utpxpwtdTutydlC
NsHrPevnifFn5f5ayxG5BS/RsURjUmVAUR1B85Eh2OshkM04yD6dSYMiXE+T6p+F
z5+H6+zBFi2NSbi61rXVRam4X0BrmNguuhxoziqi7tTL8/NK7Mrif8NDF9pAIAba
7LICjO34XO0AzuYijt0Nx3n/k+ARxSMTQ4f+2xpSv4+AflVCk4H1GecqoxCoFKcN
GDE34WvHCglt8//0S3V4
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:47 2025 by rpki-client