Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/YQvNjmoSK1GdE20wIxngWs7ohyg.roa
File: YQvNjmoSK1GdE20wIxngWs7ohyg.roa (raw, json)
Hash identifier: YrRoAx5FeStKP9uUzPOq6wWiYjpxXRl0o9GCyge28us=
Subject key identifier: 61:0B:CD:8E:6A:12:2B:51:9D:13:6D:30:23:19:E0:5A:CE:E8:87:28
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194274861C575A40687361BF070EF698555
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/YQvNjmoSK1GdE20wIxngWs7ohyg.roa
Signing time: Thu 02 Jan 2025 13:50:42 +0000
ROA not before: Thu 02 Jan 2025 13:50:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56630
IP address blocks: 192.36.41.0/24 maxlen: 24
192.36.61.0/24 maxlen: 24
192.71.26.0/24 maxlen: 24
192.121.163.0/24 maxlen: 24
192.121.171.0/24 maxlen: 24
194.68.225.0/24 maxlen: 24
194.71.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:61:c5:75:a4:06:87:36:1b:f0:70:ef:69:85:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=610bcd8e6a122b519d136d302319e05acee88728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:65:68:f8:c2:f2:c2:27:43:01:a1:f1:d7:d1:
4b:44:99:bc:76:07:b4:65:a3:bb:16:6a:36:96:aa:
a1:c0:c1:c3:10:c3:38:ad:e8:b7:e1:41:ee:03:7d:
9c:3b:bd:12:62:d1:1c:39:99:a8:44:72:b6:9a:52:
f8:2f:b1:7d:69:0d:d8:50:a1:e8:00:73:4a:37:37:
89:3c:9e:f9:42:5d:5b:5b:82:83:ac:e8:ba:bb:ee:
b8:93:70:0c:7e:74:77:c5:51:c0:62:ee:65:91:ab:
4f:72:39:2b:87:b2:96:7a:4c:7c:0f:59:43:ce:f5:
42:01:26:2c:43:9f:c2:d8:9a:98:3a:30:d8:8c:3b:
5e:43:4c:c5:a7:00:48:fd:57:63:ed:d6:d7:96:5a:
5f:0f:1b:f0:3a:15:60:b0:68:15:2f:e7:2c:b7:ff:
f5:2d:ac:ec:b6:5c:9d:9b:ee:22:0b:09:79:b6:52:
37:66:96:88:9e:58:bd:15:71:7a:e8:a4:a6:ed:32:
15:5f:1b:ba:a0:10:7c:5b:85:9c:f8:22:b6:ea:67:
ef:d2:37:dd:8c:74:f1:ba:52:d8:5e:6b:63:0e:5c:
da:a7:47:01:ed:c2:68:02:da:97:f3:d3:4b:b1:60:
8e:5f:bc:c9:c7:43:01:a5:54:e6:22:7f:8d:3a:92:
89:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:0B:CD:8E:6A:12:2B:51:9D:13:6D:30:23:19:E0:5A:CE:E8:87:28
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/YQvNjmoSK1GdE20wIxngWs7ohyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.41.0/24
192.36.61.0/24
192.71.26.0/24
192.121.163.0/24
192.121.171.0/24
194.68.225.0/24
194.71.107.0/24
Signature Algorithm: sha256WithRSAEncryption
50:74:1e:97:06:2f:ff:b4:bd:4d:b3:c8:4e:8c:8a:11:25:09:
2f:89:cf:4c:9e:a7:fe:c9:e6:76:e5:f0:92:4a:19:06:7a:ca:
60:51:3b:9c:71:50:c0:23:ce:63:ed:88:30:9a:3c:1e:58:ad:
0b:15:46:1b:72:dd:87:25:6c:ef:82:62:9e:30:86:2d:e8:2b:
11:56:58:97:44:2c:d4:9e:84:0a:43:6c:1f:c1:32:3d:63:d6:
82:17:8f:ac:7c:91:8e:40:28:67:04:5a:04:cc:56:77:36:21:
c7:71:a0:cc:ce:81:84:6a:2e:b4:5c:6a:d0:92:e2:31:7b:0a:
ff:18:68:2a:06:59:f8:4a:35:80:e1:ca:ce:7a:5b:14:5b:79:
9b:fa:f4:12:7a:f3:d4:64:16:d2:51:54:ae:3b:f8:74:bb:7a:
7f:3e:e0:17:6d:52:34:63:18:89:25:e4:9c:fb:18:a3:32:e3:
3c:7d:de:bf:e8:69:db:2f:53:67:02:4c:00:5d:26:d7:0b:f9:
89:d5:81:a3:01:de:2f:a2:53:64:6b:c2:51:2c:35:ef:03:26:
44:45:26:4a:e7:16:71:61:bc:2c:9c:c4:fb:ca:9b:c0:43:3f:
cd:44:f1:ab:fa:25:bf:30:bc:25:0c:e2:1b:16:eb:7f:78:a1:
61:e4:36:03
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQnSGHFdaQGhzYb8HDvaYVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTBiY2Q4ZTZhMTIyYjUxOWQxMzZkMzAyMzE5ZTA1YWNlZTg4NzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmVo+MLywidDAaHx19FLRJm8dge0
ZaO7Fmo2lqqhwMHDEMM4rei34UHuA32cO70SYtEcOZmoRHK2mlL4L7F9aQ3YUKHo
AHNKNzeJPJ75Ql1bW4KDrOi6u+64k3AMfnR3xVHAYu5lkatPcjkrh7KWekx8D1lD
zvVCASYsQ5/C2JqYOjDYjDteQ0zFpwBI/Vdj7dbXllpfDxvwOhVgsGgVL+cst//1
Lazstlydm+4iCwl5tlI3ZpaInli9FXF66KSm7TIVXxu6oBB8W4Wc+CK26mfv0jfd
jHTxulLYXmtjDlzap0cB7cJoAtqX89NLsWCOX7zJx0MBpVTmIn+NOpKJvwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGELzY5qEitRnRNtMCMZ4FrO6IcoMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvWVF2Tmptb1NLMUdkRTIwd0l4bmdXczdvaHlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwCQpAwQA
wCQ9AwQAwEcaAwQAwHmjAwQAwHmrAwQAwkThAwQAwkdrMA0GCSqGSIb3DQEBCwUA
A4IBAQBQdB6XBi//tL1Ns8hOjIoRJQkvic9Mnqf+yeZ25fCSShkGespgUTuccVDA
I85j7YgwmjweWK0LFUYbct2HJWzvgmKeMIYt6CsRVliXRCzUnoQKQ2wfwTI9Y9aC
F4+sfJGOQChnBFoEzFZ3NiHHcaDMzoGEai60XGrQkuIxewr/GGgqBln4SjWA4crO
elsUW3mb+vQSevPUZBbSUVSuO/h0u3p/PuAXbVI0YxiJJeSc+xijMuM8fd6/6Gnb
L1NnAkwAXSbXC/mJ1YGjAd4volNka8JRLDXvAyZERSZK5xZxYbwsnMT7ypvAQz/N
RPGr+iW/MLwlDOIbFut/eKFh5DYD
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:40 2025 by rpki-client