Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/JkTXd7Lv_O-OTpoKd5aeBDTwW0w.roa
File: JkTXd7Lv_O-OTpoKd5aeBDTwW0w.roa (raw, json)
Hash identifier: YvaLwLUoea2k0cyWuyFk5pqLpA8J5jkDLUWa+sP1WE4=
Subject key identifier: 26:44:D7:77:B2:EF:FC:EF:8E:4E:9A:0A:77:96:9E:04:34:F0:5B:4C
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802D62B32716647CD9DAB7579043DC7
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/JkTXd7Lv_O-OTpoKd5aeBDTwW0w.roa
Signing time: Tue 02 Jan 2024 02:31:18 +0000
ROA not before: Tue 02 Jan 2024 02:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1257
IP address blocks: 193.234.87.0/24 maxlen: 24
193.180.240.0/24 maxlen: 24
192.71.220.0/24 maxlen: 24
193.180.247.0/24 maxlen: 24
194.103.24.0/22 maxlen: 24
193.181.2.0/24 maxlen: 24
194.132.60.0/24 maxlen: 24
192.71.180.0/24 maxlen: 24
193.234.177.0/24 maxlen: 24
193.180.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:d6:2b:32:71:66:47:cd:9d:ab:75:79:04:3d:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2644d777b2effcef8e4e9a0a77969e0434f05b4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e8:dd:27:06:08:24:5d:9d:b4:e9:60:5d:d4:
c4:c8:07:f9:50:0f:21:c4:c9:87:1f:af:6c:dc:c2:
b1:90:b8:c6:a6:0c:9e:9d:d4:7a:11:f4:f6:09:ea:
8d:4f:25:52:de:79:99:d1:23:8d:f8:5c:dc:ae:7a:
e0:19:aa:00:0b:5b:47:57:fe:d3:06:fd:27:c0:dc:
ad:3e:f2:d5:a4:35:37:f5:05:91:36:1f:8e:c0:a5:
ef:db:6c:91:e5:97:91:1c:78:b3:e4:09:be:a2:94:
14:66:1a:82:50:ae:14:d2:54:82:47:98:39:1f:cc:
43:f2:7a:90:ec:66:3b:e0:8f:81:87:f5:1f:99:70:
48:af:48:03:bc:a6:5f:bc:b8:5c:c4:db:d1:a3:30:
d4:e1:72:f0:b8:c8:b3:1a:bb:98:6d:dd:00:4b:e5:
79:95:36:9b:85:85:a6:d7:2f:ee:68:68:5e:2a:c0:
22:b6:c9:8a:1f:e4:e1:20:a0:45:f3:1e:36:6a:94:
e8:b4:f8:12:5c:ad:49:51:42:78:c1:52:46:86:59:
ea:1b:cb:40:ec:21:83:c5:bb:b8:19:e7:6a:bd:89:
75:97:07:61:82:96:35:82:50:19:b0:59:01:df:81:
ff:f0:20:c7:64:31:c4:ee:44:6a:0c:1a:16:46:f4:
65:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:44:D7:77:B2:EF:FC:EF:8E:4E:9A:0A:77:96:9E:04:34:F0:5B:4C
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/JkTXd7Lv_O-OTpoKd5aeBDTwW0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.180.0/24
192.71.220.0/24
193.180.207.0/24
193.180.240.0/24
193.180.247.0/24
193.181.2.0/24
193.234.87.0/24
193.234.177.0/24
194.103.24.0/22
194.132.60.0/24
Signature Algorithm: sha256WithRSAEncryption
68:d1:d5:68:98:31:84:f3:af:0d:e1:57:60:54:ae:15:00:84:
20:3b:47:19:cb:37:ba:c6:48:1c:20:75:24:5c:c0:2d:05:51:
cc:14:03:40:62:ec:03:5d:2a:64:67:5d:ff:3b:20:cd:92:0c:
42:f0:ee:e3:02:50:4f:21:41:a6:9a:29:71:55:d3:5d:36:99:
ec:71:b1:73:97:d6:b4:8d:af:5f:c8:9c:05:e3:40:0b:63:2d:
bd:42:48:5e:02:0b:3f:03:91:8e:84:04:d0:86:ab:72:b3:09:
39:75:c8:d7:b2:a1:39:19:67:55:35:e7:f6:ab:f2:5f:99:e8:
2a:b8:e6:cd:c4:29:09:ca:73:5c:f5:7a:8a:83:b4:5e:14:19:
a7:2b:9a:69:3a:04:e1:63:47:81:a3:94:d8:e8:b7:8e:b3:43:
ca:2b:37:ed:5b:82:40:ec:cb:13:88:b5:0a:2a:7a:83:a4:87:
f1:77:97:01:a2:3d:63:a8:68:5f:88:c1:b6:68:db:2f:4e:e4:
60:fe:98:f8:3b:b2:50:0b:e8:f8:e0:b6:7f:e3:79:22:90:8a:
59:ae:80:ee:34:89:bf:92:ea:dd:d8:03:18:34:d1:79:50:c4:
9f:09:91:b9:22:cd:21:95:67:c6:2f:12:d7:4f:0c:33:e2:ab:
d3:fc:6c:9f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzIAtYrMnFmR82dq3V5BD3HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjQ0ZDc3N2IyZWZmY2VmOGU0ZTlhMGE3Nzk2OWUwNDM0ZjA1YjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOjdJwYIJF2dtOlgXdTEyAf5UA8h
xMmHH69s3MKxkLjGpgyendR6EfT2CeqNTyVS3nmZ0SON+FzcrnrgGaoAC1tHV/7T
Bv0nwNytPvLVpDU39QWRNh+OwKXv22yR5ZeRHHiz5Am+opQUZhqCUK4U0lSCR5g5
H8xD8nqQ7GY74I+Bh/UfmXBIr0gDvKZfvLhcxNvRozDU4XLwuMizGruYbd0AS+V5
lTabhYWm1y/uaGheKsAitsmKH+ThIKBF8x42apTotPgSXK1JUUJ4wVJGhlnqG8tA
7CGDxbu4GedqvYl1lwdhgpY1glAZsFkB34H/8CDHZDHE7kRqDBoWRvRliQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFCZE13ey7/zvjk6aCneWngQ08FtMMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvSmtUWGQ3THZfTy1PVHBvS2Q1YWVCRFR3VzB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwEe0AwQA
wEfcAwQAwbTPAwQAwbTwAwQAwbT3AwQAwbUCAwQAwepXAwQAweqxAwQCwmcYAwQA
woQ8MA0GCSqGSIb3DQEBCwUAA4IBAQBo0dVomDGE868N4VdgVK4VAIQgO0cZyze6
xkgcIHUkXMAtBVHMFANAYuwDXSpkZ13/OyDNkgxC8O7jAlBPIUGmmilxVdNdNpns
cbFzl9a0ja9fyJwF40ALYy29QkheAgs/A5GOhATQhqtyswk5dcjXsqE5GWdVNef2
q/JfmegquObNxCkJynNc9XqKg7ReFBmnK5ppOgThY0eBo5TY6LeOs0PKKzftW4JA
7MsTiLUKKnqDpIfxd5cBoj1jqGhfiMG2aNsvTuRg/pj4O7JQC+j44LZ/43kikIpZ
roDuNIm/kurd2AMYNNF5UMSfCZG5Is0hlWfGLxLXTwwz4qvT/Gyf
-----END CERTIFICATE-----
Generated at Sat May 25 09:13:22 2024 by rpki-client on console-fra.rpki-client.org