Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/U5Zbtbs3iH8a0fd2lsUnCBN70x0.roa
File: U5Zbtbs3iH8a0fd2lsUnCBN70x0.roa (raw, json)
Hash identifier: 0djw0A5OUv4sClaPQqiTtpJjH5QLqluVOn/h4C9Dbm8=
Subject key identifier: 53:96:5B:B5:BB:37:88:7F:1A:D1:F7:76:96:C5:27:08:13:7B:D3:1D
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802F1F7505493983D68CF0375D9203F
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/U5Zbtbs3iH8a0fd2lsUnCBN70x0.roa
Signing time: Tue 02 Jan 2024 02:31:25 +0000
ROA not before: Tue 02 Jan 2024 02:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50572
IP address blocks: 193.180.0.0/24 maxlen: 24
193.182.253.0/24 maxlen: 24
193.182.251.0/24 maxlen: 24
193.182.252.0/24 maxlen: 24
194.68.229.0/24 maxlen: 24
194.103.228.0/22 maxlen: 22
192.36.242.0/24 maxlen: 24
194.14.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:f1:f7:50:54:93:98:3d:68:cf:03:75:d9:20:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53965bb5bb37887f1ad1f77696c52708137bd31d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:58:e4:09:b9:7b:f1:92:f9:a5:9f:8a:e0:d3:
8e:e1:ba:c5:94:22:dc:08:97:e1:dc:a3:4c:07:9f:
fa:d3:32:d0:df:34:df:ed:c3:1c:20:1a:55:d3:20:
70:02:e5:a8:ad:1a:89:95:15:d9:fd:2f:a0:43:b5:
e9:85:6b:3e:c1:aa:77:32:98:1e:a1:5e:a9:3f:15:
d4:fd:af:9a:1b:4d:c5:cb:4d:f0:4a:f2:11:9a:26:
e3:bc:f8:a1:25:32:2c:df:8d:db:1c:d8:f1:05:45:
48:3b:94:48:8d:13:10:dc:66:4b:12:81:49:2f:0b:
b5:3e:07:5b:da:93:1a:b7:2d:2d:10:20:80:f5:ae:
7c:f9:8d:04:ce:c3:e9:d0:3e:9f:08:ac:a3:34:5c:
bd:7d:26:7d:ee:04:cd:95:fe:12:f8:79:a8:ae:b0:
6d:3b:3d:a6:10:af:47:4e:81:a1:f6:92:1d:60:bf:
87:d3:43:8b:9e:36:50:7c:5d:44:80:46:ee:ea:76:
6e:49:19:e4:eb:5a:fa:21:7e:07:87:17:e9:16:b2:
f9:b0:fa:ce:49:de:ee:ca:62:06:56:a3:5a:fe:6e:
62:ad:93:bd:e0:09:0c:a3:c2:2d:70:4a:6e:86:80:
ce:1a:31:6d:c4:c4:d0:df:78:64:36:58:8e:36:db:
e2:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:96:5B:B5:BB:37:88:7F:1A:D1:F7:76:96:C5:27:08:13:7B:D3:1D
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/U5Zbtbs3iH8a0fd2lsUnCBN70x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.242.0/24
193.180.0.0/24
193.182.251.0-193.182.253.255
194.14.104.0/24
194.68.229.0/24
194.103.228.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:71:50:ea:09:e8:63:8a:33:0f:63:5d:54:47:75:74:bd:d1:
92:3b:6b:9f:77:1c:81:22:14:d4:c5:9a:ac:b1:75:5f:40:de:
c9:2e:f6:03:ba:75:f5:56:03:23:2a:51:73:4e:7f:bf:d0:31:
56:14:b4:12:4a:d5:9e:bb:10:87:cf:26:f5:dc:18:22:8b:c1:
d3:cb:63:76:3f:3e:ee:28:e8:ae:e8:30:1a:58:28:5c:ec:c4:
32:d0:ff:4f:2f:a3:5d:b9:ce:a7:21:cf:35:1d:34:0c:e5:ab:
14:38:22:2c:da:17:65:b8:01:77:3b:6f:43:8c:27:cb:46:ce:
17:f1:48:4a:94:0b:21:e0:6d:a6:86:b9:f0:d7:86:df:31:d2:
bb:24:76:59:11:e6:2f:ed:c7:76:a6:e4:6b:01:0c:62:c7:4d:
e4:b3:8b:b8:f4:fe:07:e0:1a:4d:2a:a2:22:80:3b:60:35:0b:
ba:6f:ae:1c:2e:57:5d:e5:4d:0d:1e:95:f4:5f:46:3b:31:22:
58:04:f3:8f:80:f7:61:7c:90:16:17:eb:35:b3:cd:09:f3:d9:
e1:33:47:1b:c6:5d:05:de:f9:3d:13:f5:17:91:07:c0:45:7a:
e1:41:05:77:ae:23:2f:0d:4a:e5:c6:2a:9b:cd:f9:0f:6f:24:
b5:95:24:41
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzIAvH3UFSTmD1ozwN12SA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzk2NWJiNWJiMzc4ODdmMWFkMWY3NzY5NmM1MjcwODEzN2JkMzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFjkCbl78ZL5pZ+K4NOO4brFlCLc
CJfh3KNMB5/60zLQ3zTf7cMcIBpV0yBwAuWorRqJlRXZ/S+gQ7XphWs+wap3Mpge
oV6pPxXU/a+aG03Fy03wSvIRmibjvPihJTIs343bHNjxBUVIO5RIjRMQ3GZLEoFJ
Lwu1Pgdb2pMaty0tECCA9a58+Y0EzsPp0D6fCKyjNFy9fSZ97gTNlf4S+HmorrBt
Oz2mEK9HToGh9pIdYL+H00OLnjZQfF1EgEbu6nZuSRnk61r6IX4HhxfpFrL5sPrO
Sd7uymIGVqNa/m5irZO94AkMo8ItcEpuhoDOGjFtxMTQ33hkNliONtvi/QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFFOWW7W7N4h/GtH3dpbFJwgTe9MdMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvVTVaYnRiczNpSDhhMGZkMmxzVW5DQk43MHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAwCTyAwQA
wbQAMAwDBADBtvsDBAHBtvwDBADCDmgDBADCROUDBALCZ+QwDQYJKoZIhvcNAQEL
BQADggEBAD5xUOoJ6GOKMw9jXVRHdXS90ZI7a593HIEiFNTFmqyxdV9A3sku9gO6
dfVWAyMqUXNOf7/QMVYUtBJK1Z67EIfPJvXcGCKLwdPLY3Y/Pu4o6K7oMBpYKFzs
xDLQ/08vo125zqchzzUdNAzlqxQ4IizaF2W4AXc7b0OMJ8tGzhfxSEqUCyHgbaaG
ufDXht8x0rskdlkR5i/tx3am5GsBDGLHTeSzi7j0/gfgGk0qoiKAO2A1C7pvrhwu
V13lTQ0elfRfRjsxIlgE84+A92F8kBYX6zWzzQnz2eEzRxvGXQXe+T0T9ReRB8BF
euFBBXeuIy8NSuXGKpvN+Q9vJLWVJEE=
-----END CERTIFICATE-----
Generated at Wed Jun 26 07:57:27 2024 by rpki-client on console-fra.rpki-client.org