Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/UhmkbwJ72WGJ1DCv1bUAhw--y8Y.roa
File: UhmkbwJ72WGJ1DCv1bUAhw--y8Y.roa (raw, json)
Hash identifier: k9QjXeIRYBRkzcd9cOATTyNv6DorN14qf79Q7X/3B8U=
Subject key identifier: 52:19:A4:6F:02:7B:D9:61:89:D4:30:AF:D5:B5:00:87:0F:BE:CB:C6
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0193251EB6B9BB9AD64451ED9557D9152C66
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/UhmkbwJ72WGJ1DCv1bUAhw--y8Y.roa
Signing time: Wed 13 Nov 2024 10:43:10 +0000
ROA not before: Wed 13 Nov 2024 10:43:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205199
IP address blocks: 192.36.246.0/24 maxlen: 24
192.121.11.0/24 maxlen: 24
192.121.128.0/22 maxlen: 24
193.180.192.0/23 maxlen: 24
193.181.36.0/24 maxlen: 24
193.181.44.0/24 maxlen: 24
193.234.6.0/24 maxlen: 24
193.234.97.0/24 maxlen: 24
193.234.112.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:25:1e:b6:b9:bb:9a:d6:44:51:ed:95:57:d9:15:2c:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Nov 13 10:43:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5219a46f027bd96189d430afd5b500870fbecbc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a4:1a:92:96:ac:68:22:6b:96:f1:18:c5:58:
58:1e:c1:f9:57:22:f1:03:08:21:6f:07:ec:dc:08:
34:42:6d:7f:d1:b2:91:87:fe:67:3d:be:ec:98:4d:
21:59:27:17:9c:75:ce:9e:5c:55:0e:63:e5:6b:79:
f8:d8:2c:85:2b:c4:33:6d:06:72:b5:44:9a:5f:d0:
8a:41:d6:74:79:de:e7:20:5d:03:e3:0b:c4:73:03:
4f:09:98:48:e9:15:b7:01:86:de:e1:47:18:96:c1:
ce:0a:1f:76:e3:90:25:d5:9f:1e:dd:64:36:aa:93:
1b:be:5d:b4:1c:1b:f5:32:f2:05:68:bd:0f:e0:11:
f2:5f:52:61:09:75:4c:de:17:f9:17:99:59:81:15:
6c:b5:29:b1:70:da:4c:7d:c4:aa:10:f7:51:fe:99:
44:24:dd:2a:9e:37:5b:58:a6:9b:31:fa:96:cc:a2:
a7:c6:b3:24:8a:a8:b2:32:58:a6:a0:af:3b:66:86:
8f:81:81:e3:b4:e7:dc:1b:d4:68:fe:74:ce:48:17:
32:7b:e8:1b:68:6f:5e:a1:2f:bb:96:79:56:82:7d:
77:33:6c:19:f3:5e:1e:8d:50:ea:a5:3d:1a:0e:fe:
f5:a4:83:a2:2f:f6:56:96:3f:64:e4:4d:65:2f:23:
c1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:19:A4:6F:02:7B:D9:61:89:D4:30:AF:D5:B5:00:87:0F:BE:CB:C6
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/UhmkbwJ72WGJ1DCv1bUAhw--y8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.246.0/24
192.121.11.0/24
192.121.128.0/22
193.180.192.0/23
193.181.36.0/24
193.181.44.0/24
193.234.6.0/24
193.234.97.0/24
193.234.112.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:69:49:c2:94:40:90:08:e7:94:c2:e5:af:d8:7e:c9:bd:67:
be:e6:ea:de:8c:fd:d6:5b:a3:dd:ea:a1:7b:54:26:15:c0:1f:
13:a9:e7:23:50:4f:f0:dc:e5:a0:6e:a7:36:35:b3:c5:c7:22:
71:ff:9f:92:3f:35:c6:e1:1c:d5:44:de:1f:8a:23:e9:ae:dd:
e4:f4:e9:6d:94:0b:31:26:71:3e:b8:32:88:94:de:c0:5d:6e:
b8:5b:f8:ce:4b:55:7f:dc:2d:3d:ac:32:95:97:59:fb:6b:0c:
5b:9c:cb:93:1d:c8:cc:7d:89:aa:f9:72:55:2a:5c:bd:6a:2e:
6b:8e:a8:79:2f:d4:b3:60:16:38:65:30:3d:fb:5e:f9:78:5d:
60:fb:86:f6:92:1e:3b:ee:f3:7c:4a:77:8a:93:bf:f2:bd:6f:
fa:99:e8:3c:5e:f5:83:5e:10:ff:a6:17:d5:c6:ef:5d:64:a1:
43:14:03:62:e3:b7:cd:4e:f2:ce:66:ca:b6:9b:45:cb:93:9b:
fd:2f:c5:65:66:13:d3:74:ac:26:82:15:75:99:ab:ec:ec:45:
2b:c2:9a:d1:35:7d:24:fd:1f:a1:07:12:ba:6e:cc:8c:2e:65:
27:06:b0:d7:b3:e9:59:a9:23:bc:16:68:d5:25:ad:2b:37:2e:
a5:e9:c5:2c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZMlHra5u5rWRFHtlVfZFSxmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQxMTEzMTA0MzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjE5YTQ2ZjAyN2JkOTYxODlkNDMwYWZkNWI1MDA4NzBmYmVjYmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqQakpasaCJrlvEYxVhYHsH5VyLx
Awghbwfs3Ag0Qm1/0bKRh/5nPb7smE0hWScXnHXOnlxVDmPla3n42CyFK8QzbQZy
tUSaX9CKQdZ0ed7nIF0D4wvEcwNPCZhI6RW3AYbe4UcYlsHOCh9245Al1Z8e3WQ2
qpMbvl20HBv1MvIFaL0P4BHyX1JhCXVM3hf5F5lZgRVstSmxcNpMfcSqEPdR/plE
JN0qnjdbWKabMfqWzKKnxrMkiqiyMlimoK87ZoaPgYHjtOfcG9Ro/nTOSBcye+gb
aG9eoS+7lnlWgn13M2wZ814ejVDqpT0aDv71pIOiL/ZWlj9k5E1lLyPB2QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFIZpG8Ce9lhidQwr9W1AIcPvsvGMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvVWhta2J3SjcyV0dKMURDdjFiVUFody0teThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwCT2AwQA
wHkLAwQCwHmAAwQBwbTAAwQAwbUkAwQAwbUsAwQAweoGAwQAwephAwQCwepwMA0G
CSqGSIb3DQEBCwUAA4IBAQC6aUnClECQCOeUwuWv2H7JvWe+5urejP3WW6Pd6qF7
VCYVwB8TqecjUE/w3OWgbqc2NbPFxyJx/5+SPzXG4RzVRN4fiiPprt3k9OltlAsx
JnE+uDKIlN7AXW64W/jOS1V/3C09rDKVl1n7awxbnMuTHcjMfYmq+XJVKly9ai5r
jqh5L9SzYBY4ZTA9+175eF1g+4b2kh477vN8SneKk7/yvW/6meg8XvWDXhD/phfV
xu9dZKFDFANi47fNTvLOZsq2m0XLk5v9L8VlZhPTdKwmghV1mavs7EUrwprRNX0k
/R+hBxK6bsyMLmUnBrDXs+lZqSO8FmjVJa0rNy6l6cUs
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:44:00 2024 by rpki-client on console-ams.rpki-client.org