Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/XG5nMFBzaRNEBRCRckGu8H9PNgc.roa
File: XG5nMFBzaRNEBRCRckGu8H9PNgc.roa (raw, json)
Hash identifier: Fkwk/osS8pbdK2ymMzTfCzypCSPVuZ9Mfe96aeoIbvU=
Subject key identifier: 5C:6E:67:30:50:73:69:13:44:05:10:91:72:41:AE:F0:7F:4F:36:07
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01934474914C9D93C76CE33540AA122AF408
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/XG5nMFBzaRNEBRCRckGu8H9PNgc.roa
Signing time: Tue 19 Nov 2024 12:45:10 +0000
ROA not before: Tue 19 Nov 2024 12:45:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57630
IP address blocks: 192.71.0.0/24 maxlen: 24
192.165.3.0/24 maxlen: 24
192.165.134.0/23 maxlen: 23
192.165.152.0/22 maxlen: 24
192.165.157.0/24 maxlen: 24
193.180.92.0/24 maxlen: 24
193.181.34.0/24 maxlen: 24
193.183.20.0/24 maxlen: 24
193.183.49.0/24 maxlen: 24
193.183.59.0/24 maxlen: 24
193.234.3.0/24 maxlen: 24
193.234.94.0/24 maxlen: 24
193.234.116.0/22 maxlen: 22
193.234.144.0/24 maxlen: 24
193.234.205.0/24 maxlen: 24
194.14.57.0/24 maxlen: 24
194.68.181.0/24 maxlen: 24
194.71.0.0/23 maxlen: 23
194.71.219.0/24 maxlen: 24
194.103.3.0/24 maxlen: 24
194.103.16.0/23 maxlen: 24
194.103.95.0/24 maxlen: 24
194.103.145.0/24 maxlen: 24
194.103.197.0/24 maxlen: 24
194.132.120.0/24 maxlen: 24
194.132.164.0/24 maxlen: 24
194.132.166.0/24 maxlen: 24
194.132.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:74:91:4c:9d:93:c7:6c:e3:35:40:aa:12:2a:f4:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Nov 19 12:45:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c6e673050736913440510917241aef07f4f3607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c3:70:f2:b4:c9:be:8f:a0:19:0e:91:8c:d7:
6f:92:d7:d8:d6:e3:37:8a:66:9e:78:e6:48:46:e5:
33:a8:be:4e:4c:d3:4c:9b:71:f2:09:eb:84:90:b8:
89:05:41:77:eb:ab:e1:8e:2f:53:69:1d:f7:66:5b:
fe:b0:c7:16:81:25:85:2d:ef:c5:30:e3:30:36:b6:
ac:7e:20:67:e2:a9:01:87:6f:dd:b6:c4:65:f3:83:
13:e0:3b:91:61:fd:20:23:9b:2d:88:a5:a8:18:59:
c4:63:d0:45:e8:02:6f:4d:dc:58:56:ee:98:2d:94:
8b:47:63:b6:4d:41:6e:4c:3c:92:8d:66:de:62:a8:
90:b9:57:aa:4f:50:71:08:72:52:a4:4a:13:cd:c2:
11:c8:4e:75:15:f3:85:a1:33:47:fa:0d:2c:33:a9:
6e:52:3c:87:d5:51:7c:15:25:2b:c3:e8:49:3c:74:
c7:ad:e8:0c:65:b5:9a:a2:30:1a:45:e4:d2:29:6a:
58:dc:c5:2f:29:30:45:a7:6a:ef:a5:ad:ba:06:9d:
92:21:72:6e:a6:9a:e3:bc:86:b6:0f:a8:5f:ee:cf:
64:55:f5:f8:28:ce:56:da:2b:c1:aa:2a:87:68:4d:
20:22:d3:16:b8:ce:ec:4c:f9:ae:19:80:ac:ad:ac:
6a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:6E:67:30:50:73:69:13:44:05:10:91:72:41:AE:F0:7F:4F:36:07
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/XG5nMFBzaRNEBRCRckGu8H9PNgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.0.0/24
192.165.3.0/24
192.165.134.0/23
192.165.152.0/22
192.165.157.0/24
193.180.92.0/24
193.181.34.0/24
193.183.20.0/24
193.183.49.0/24
193.183.59.0/24
193.234.3.0/24
193.234.94.0/24
193.234.116.0/22
193.234.144.0/24
193.234.205.0/24
194.14.57.0/24
194.68.181.0/24
194.71.0.0/23
194.71.219.0/24
194.103.3.0/24
194.103.16.0/23
194.103.95.0/24
194.103.145.0/24
194.103.197.0/24
194.132.120.0/24
194.132.164.0/24
194.132.166.0/24
194.132.186.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:24:31:d9:2b:ae:4f:79:0d:bb:0a:43:2c:80:0a:94:67:d3:
b1:d9:d8:e8:c5:37:f2:b8:00:a3:49:6f:93:1c:31:bd:cb:cc:
65:47:0f:c8:04:34:b8:ca:cf:ab:3d:87:83:10:fc:06:f7:c0:
9d:aa:dd:0a:df:86:c7:21:ec:91:dc:be:af:ca:74:45:b6:21:
21:3d:c8:48:87:79:06:b7:8e:c5:5b:11:9d:73:6c:84:58:90:
31:8c:6f:b4:64:b7:ff:47:c6:95:ce:82:08:4e:da:53:89:42:
69:d7:7d:38:ea:05:81:5d:4f:e9:54:e9:e1:8f:4c:e1:23:9e:
4d:e7:71:21:a0:85:b8:d9:a7:02:03:42:59:93:fa:18:3c:32:
9f:7c:08:a9:84:8f:28:05:29:c2:1d:ba:b0:ac:78:ce:96:e5:
a2:dd:45:6c:19:5e:41:13:cf:0a:cd:db:36:1d:42:2c:0c:58:
5e:bc:90:45:b3:e1:d9:67:49:30:a5:a4:d2:79:00:84:d9:06:
cd:a0:fc:88:fa:02:31:34:3d:60:50:28:d4:f4:db:41:29:e3:
e3:f8:c2:a9:53:66:eb:7f:be:6e:29:db:f4:7e:52:f3:da:2a:
84:91:98:a3:3d:8c:f5:2e:fa:e6:d3:e6:09:11:c7:62:c9:fa:
48:85:30:24
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZNEdJFMnZPHbOM1QKoSKvQIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQxMTE5MTI0NTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzZlNjczMDUwNzM2OTEzNDQwNTEwOTE3MjQxYWVmMDdmNGYzNjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMNw8rTJvo+gGQ6RjNdvktfY1uM3
imaeeOZIRuUzqL5OTNNMm3HyCeuEkLiJBUF366vhji9TaR33Zlv+sMcWgSWFLe/F
MOMwNrasfiBn4qkBh2/dtsRl84MT4DuRYf0gI5stiKWoGFnEY9BF6AJvTdxYVu6Y
LZSLR2O2TUFuTDySjWbeYqiQuVeqT1BxCHJSpEoTzcIRyE51FfOFoTNH+g0sM6lu
UjyH1VF8FSUrw+hJPHTHregMZbWaojAaReTSKWpY3MUvKTBFp2rvpa26Bp2SIXJu
pprjvIa2D6hf7s9kVfX4KM5W2ivBqiqHaE0gItMWuM7sTPmuGYCsraxqnwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFFxuZzBQc2kTRAUQkXJBrvB/TzYHMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvWEc1bk1GQnphUk5FQlJDUmNrR3U4SDlQTmdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBADA
RwADBADApQMDBAHApYYDBALApZgDBADApZ0DBADBtFwDBADBtSIDBADBtxQDBADB
tzEDBADBtzsDBADB6gMDBADB6l4DBALB6nQDBADB6pADBADB6s0DBADCDjkDBADC
RLUDBAHCRwADBADCR9sDBADCZwMDBAHCZxADBADCZ18DBADCZ5EDBADCZ8UDBADC
hHgDBADChKQDBADChKYDBADChLowDQYJKoZIhvcNAQELBQADggEBAA4kMdkrrk95
DbsKQyyACpRn07HZ2OjFN/K4AKNJb5McMb3LzGVHD8gENLjKz6s9h4MQ/Ab3wJ2q
3Qrfhsch7JHcvq/KdEW2ISE9yEiHeQa3jsVbEZ1zbIRYkDGMb7Rkt/9HxpXOgghO
2lOJQmnXfTjqBYFdT+lU6eGPTOEjnk3ncSGghbjZpwIDQlmT+hg8Mp98CKmEjygF
KcIdurCseM6W5aLdRWwZXkETzwrN2zYdQiwMWF68kEWz4dlnSTClpNJ5AITZBs2g
/Ij6AjE0PWBQKNT020Ep4+P4wqlTZut/vm4p2/R+UvPaKoSRmKM9jPUu+ubT5gkR
x2LJ+kiFMCQ=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:31:19 2024 by rpki-client on console-fra.rpki-client.org