Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/If8k-CzYc8akLGlHO54cGIQ8_No.roa
File: If8k-CzYc8akLGlHO54cGIQ8_No.roa (raw, json)
Hash identifier: +EopbYFq/aIGxVFuyhjmGM5nIbgq1MlZvgvpQPfGAgY=
Subject key identifier: 21:FF:24:F8:2C:D8:73:C6:A4:2C:69:47:3B:9E:1C:18:84:3C:FC:DA
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194D56AB102E4AD269D00E7E93318B20C24
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/If8k-CzYc8akLGlHO54cGIQ8_No.roa
Signing time: Wed 05 Feb 2025 09:22:06 +0000
ROA not before: Wed 05 Feb 2025 09:22:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3399
IP address blocks: 192.36.22.0/24 maxlen: 24
192.36.208.0/24 maxlen: 24
192.165.178.0/23 maxlen: 23
193.180.23.0/24 maxlen: 24
193.180.96.0/22 maxlen: 22
193.180.164.0/23 maxlen: 23
193.181.248.0/22 maxlen: 22
193.182.111.0/24 maxlen: 24
193.183.116.0/24 maxlen: 24
193.183.132.0/23 maxlen: 23
194.68.170.0/23 maxlen: 23
194.68.170.0/24 maxlen: 24
194.68.171.0/24 maxlen: 24
194.68.220.0/23 maxlen: 23
194.71.216.0/23 maxlen: 23
194.71.216.0/24 maxlen: 24
194.71.217.0/24 maxlen: 24
194.103.80.0/22 maxlen: 22
194.132.40.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:6a:b1:02:e4:ad:26:9d:00:e7:e9:33:18:b2:0c:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 5 09:22:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21ff24f82cd873c6a42c69473b9e1c18843cfcda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ef:8b:ba:fc:24:79:16:00:28:4b:27:a8:32:
e4:26:02:2d:e1:f0:ca:f9:01:ca:56:be:74:0a:7c:
1d:32:bd:44:f7:fb:28:da:3c:8f:8c:ba:bc:97:04:
a9:7e:34:38:bb:bb:32:ae:02:d1:93:de:fb:9b:6f:
01:64:45:e9:11:4c:c5:ff:df:4a:d9:32:4c:d4:a5:
c7:e0:0c:d5:f1:96:c8:d4:f0:ef:23:0e:3f:98:e3:
3b:22:f7:9c:f9:64:ff:35:0e:81:ad:8b:73:bf:5b:
0f:a8:39:ff:72:e6:c9:d4:00:98:43:d1:2e:18:75:
a8:a4:f0:f2:d6:d4:7f:64:bc:b5:1c:89:97:7b:c6:
86:8b:26:b1:43:7b:4e:1a:52:b5:c4:ee:2d:4e:a2:
42:dc:73:66:5d:44:0e:09:d0:09:d8:99:b6:04:99:
d3:21:ac:9e:2d:39:d6:7a:88:58:9b:a0:ab:50:20:
db:b5:14:ae:64:66:ae:76:b1:76:6f:46:05:89:0f:
c6:b8:ad:bf:ae:73:cf:17:24:10:03:68:d5:19:e3:
bf:c0:c5:b6:cc:fe:d6:55:69:49:87:b0:ba:b4:ed:
72:92:e0:44:04:5a:52:79:a8:d5:ea:7a:90:b9:30:
4b:5b:67:fd:9e:5c:31:bb:a9:85:72:25:fa:b1:d7:
25:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:FF:24:F8:2C:D8:73:C6:A4:2C:69:47:3B:9E:1C:18:84:3C:FC:DA
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/If8k-CzYc8akLGlHO54cGIQ8_No.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.22.0/24
192.36.208.0/24
192.165.178.0/23
193.180.23.0/24
193.180.96.0/22
193.180.164.0/23
193.181.248.0/22
193.182.111.0/24
193.183.116.0/24
193.183.132.0/23
194.68.170.0/23
194.68.220.0/23
194.71.216.0/23
194.103.80.0/22
194.132.40.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:51:7d:5f:3e:2e:79:b6:63:22:fc:b0:a5:75:d5:d6:18:72:
4f:f3:8e:1c:af:d7:78:84:b6:7b:bd:08:d7:5a:ef:66:50:d5:
9b:95:52:a7:4d:4c:dd:86:3f:62:8b:2c:8c:c1:d8:bd:37:2e:
65:81:2e:9e:e4:fd:7b:d4:39:a0:83:a2:35:83:2b:44:e6:f9:
9a:82:60:45:c4:8a:fa:9a:9d:09:90:39:d5:bf:22:fd:d5:4a:
e3:4f:14:00:8f:3e:75:57:0d:61:1d:e8:78:62:7e:1d:9d:7b:
d7:cd:88:88:8f:1a:0e:f3:e8:e0:c2:a0:60:fa:75:47:cc:ae:
1f:0a:10:65:2f:99:bb:a3:d4:d3:15:1d:86:4c:63:95:78:e6:
29:c3:1b:7a:51:92:72:c4:64:a6:63:3d:62:21:cd:fd:15:09:
aa:25:55:73:b4:97:6b:0a:a9:07:1d:03:b2:17:81:f0:7c:da:
6e:6e:3e:22:3c:69:3c:c1:13:72:16:dd:37:0d:a0:3d:59:7e:
e7:4c:fc:cb:75:62:21:d7:7c:dd:a7:32:4c:ed:5b:2d:c6:06:
48:4e:ac:75:ff:12:36:10:93:a5:1d:9a:a2:c8:70:b8:a0:73:
1a:6e:8f:00:4b:f7:29:cd:1b:d2:22:4d:59:53:52:86:7b:dd:
14:21:75:f9
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZTVarEC5K0mnQDn6TMYsgwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMjA1MDkyMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWZmMjRmODJjZDg3M2M2YTQyYzY5NDczYjllMWMxODg0M2NmY2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAre+LuvwkeRYAKEsnqDLkJgIt4fDK
+QHKVr50CnwdMr1E9/so2jyPjLq8lwSpfjQ4u7syrgLRk977m28BZEXpEUzF/99K
2TJM1KXH4AzV8ZbI1PDvIw4/mOM7Ivec+WT/NQ6BrYtzv1sPqDn/cubJ1ACYQ9Eu
GHWopPDy1tR/ZLy1HImXe8aGiyaxQ3tOGlK1xO4tTqJC3HNmXUQOCdAJ2Jm2BJnT
IayeLTnWeohYm6CrUCDbtRSuZGaudrF2b0YFiQ/GuK2/rnPPFyQQA2jVGeO/wMW2
zP7WVWlJh7C6tO1ykuBEBFpSeajV6nqQuTBLW2f9nlwxu6mFciX6sdcl4wIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFCH/JPgs2HPGpCxpRzueHBiEPPzaMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvSWY4ay1DelljOGFrTEdsSE81NGNHSVE4X05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAwCQWAwQA
wCTQAwQBwKWyAwQAwbQXAwQCwbRgAwQBwbSkAwQCwbX4AwQAwbZvAwQAwbd0AwQB
wbeEAwQBwkSqAwQBwkTcAwQBwkfYAwQCwmdQAwQCwoQoMA0GCSqGSIb3DQEBCwUA
A4IBAQBaUX1fPi55tmMi/LClddXWGHJP844cr9d4hLZ7vQjXWu9mUNWblVKnTUzd
hj9iiyyMwdi9Ny5lgS6e5P171Dmgg6I1gytE5vmagmBFxIr6mp0JkDnVvyL91Urj
TxQAjz51Vw1hHeh4Yn4dnXvXzYiIjxoO8+jgwqBg+nVHzK4fChBlL5m7o9TTFR2G
TGOVeOYpwxt6UZJyxGSmYz1iIc39FQmqJVVztJdrCqkHHQOyF4HwfNpubj4iPGk8
wRNyFt03DaA9WX7nTPzLdWIh13zdpzJM7VstxgZITqx1/xI2EJOlHZqiyHC4oHMa
bo8AS/cpzRvSIk1ZU1KGe90UIXX5
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:36 2025 by rpki-client