Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/YqN-DecnPBslli6D7vQf31tZg2Q.roa
File: YqN-DecnPBslli6D7vQf31tZg2Q.roa (raw, json)
Hash identifier: 9E2gi+864tUFTv6dN2V9PInwJ8I00uwRbY+403ssKCg=
Subject key identifier: 62:A3:7E:0D:E7:27:3C:1B:25:96:2E:83:EE:F4:1F:DF:5B:59:83:64
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018F149486230372271CC8D2CE20804EE13B
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/YqN-DecnPBslli6D7vQf31tZg2Q.roa
Signing time: Thu 25 Apr 2024 09:27:08 +0000
ROA not before: Thu 25 Apr 2024 09:27:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8434
IP address blocks: 192.71.158.0/24 maxlen: 24
192.121.172.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
193.180.61.0/24 maxlen: 24
193.183.118.0/24 maxlen: 24
193.234.68.0/23 maxlen: 23
193.234.237.0/24 maxlen: 24
194.14.129.0/24 maxlen: 24
194.14.212.0/24 maxlen: 24
194.68.56.0/23 maxlen: 23
194.68.99.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.71.27.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
194.71.248.0/21 maxlen: 21
194.103.50.0/24 maxlen: 24
194.132.108.0/23 maxlen: 24
194.132.174.0/24 maxlen: 24
194.132.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 23:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:14:94:86:23:03:72:27:1c:c8:d2:ce:20:80:4e:e1:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Apr 25 09:27:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62a37e0de7273c1b25962e83eef41fdf5b598364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:78:82:35:22:b8:0b:ef:b7:d4:13:fc:61:b2:
49:5c:f8:85:95:30:7f:35:11:db:47:c1:f6:d2:ad:
db:a8:63:cd:7d:de:3e:38:09:f6:48:1c:1d:92:78:
03:f1:fa:7f:76:1b:3b:4a:82:76:68:54:fd:21:d4:
a4:cf:a0:1d:a4:69:a6:28:84:78:b0:b5:fc:98:48:
3d:f4:f0:0f:58:39:f8:3a:68:23:ce:61:7d:1f:18:
b6:e6:24:75:f8:81:a7:84:29:8b:85:db:ea:17:01:
d0:91:88:34:54:4b:ca:98:31:8a:60:60:a5:74:c5:
37:5f:71:23:41:63:18:b8:58:2b:b6:4f:e2:cd:b5:
7b:e8:5d:f1:7d:ca:9e:df:a8:64:f7:f0:c1:78:b4:
4b:21:09:66:da:f6:d3:31:42:aa:cf:de:b8:6a:f5:
6d:77:83:af:18:fc:a7:bb:40:8c:af:aa:48:70:24:
08:55:bc:30:c0:80:1a:19:fe:89:2e:07:50:9c:b9:
75:36:35:c1:2e:61:ba:a2:60:ac:6c:7d:8b:b0:b1:
e0:22:83:9d:80:fe:be:38:1b:0c:cc:cc:c8:8d:7b:
33:12:e3:77:d1:c0:e4:74:a9:3b:e0:b2:4d:ab:6a:
25:a0:52:54:88:94:65:30:ca:4b:14:70:1a:90:83:
9f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:A3:7E:0D:E7:27:3C:1B:25:96:2E:83:EE:F4:1F:DF:5B:59:83:64
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/YqN-DecnPBslli6D7vQf31tZg2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.158.0/24
192.121.172.0/24
192.121.192.0/24
193.180.61.0/24
193.183.118.0/24
193.234.68.0/23
193.234.237.0/24
194.14.129.0/24
194.14.212.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.71.27.0/24
194.71.83.0/24
194.71.140.0/23
194.71.248.0/21
194.103.50.0/24
194.132.108.0/23
194.132.174.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:60:c3:b6:e7:db:48:2f:0d:e6:ba:8f:4d:7a:31:5f:00:39:
5d:d4:92:1f:eb:56:12:1e:19:2e:a1:3c:fb:9d:dc:b9:db:21:
8a:b3:07:ad:70:41:91:c5:ab:e1:09:a3:3e:bb:38:9e:f5:df:
c6:c5:c7:61:d7:9d:ba:4e:a4:66:16:dd:9a:f0:ba:9c:ac:90:
98:78:b0:bb:12:5d:17:d6:90:34:aa:b5:24:53:bf:79:a0:ea:
48:d7:b1:c5:90:81:eb:1e:a2:93:d9:b0:5c:21:bc:fb:31:bd:
db:b2:45:45:31:1a:fc:15:0b:ba:ae:55:ea:5b:21:f8:49:f8:
f4:98:c4:94:47:a8:b9:4a:c4:bc:15:10:42:ea:60:8c:28:32:
71:68:6d:a8:ae:c0:39:eb:f4:7c:a5:e2:30:75:d5:18:ec:e4:
30:6e:1d:e5:da:55:a9:05:56:ed:4c:26:ae:e1:13:9f:36:2e:
f7:b4:1a:2c:5c:d5:32:d3:31:50:db:68:f5:b0:25:7c:aa:c0:
dc:9f:da:66:42:09:2b:e4:d2:57:e4:64:77:99:fc:c5:81:a2:
1f:d3:95:83:ec:93:85:11:e5:10:a3:c1:f0:10:d6:13:1b:54:
b5:f4:5a:46:85:92:4c:d1:4f:3f:41:e0:de:8c:c6:25:cc:27:
ae:dd:5a:12
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAY8UlIYjA3InHMjSziCATuE7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwNDI1MDkyNzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmEzN2UwZGU3MjczYzFiMjU5NjJlODNlZWY0MWZkZjViNTk4MzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3iCNSK4C++31BP8YbJJXPiFlTB/
NRHbR8H20q3bqGPNfd4+OAn2SBwdkngD8fp/dhs7SoJ2aFT9IdSkz6AdpGmmKIR4
sLX8mEg99PAPWDn4OmgjzmF9Hxi25iR1+IGnhCmLhdvqFwHQkYg0VEvKmDGKYGCl
dMU3X3EjQWMYuFgrtk/izbV76F3xfcqe36hk9/DBeLRLIQlm2vbTMUKqz964avVt
d4OvGPynu0CMr6pIcCQIVbwwwIAaGf6JLgdQnLl1NjXBLmG6omCsbH2LsLHgIoOd
gP6+OBsMzMzIjXszEuN30cDkdKk74LJNq2oloFJUiJRlMMpLFHAakIOfJQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFGKjfg3nJzwbJZYug+70H99bWYNkMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvWXFOLURlY25QQnNsbGk2RDd2UWYzMXRaZzJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAMBHngME
AMB5rAMEAMB5wAMEAMG0PQMEAMG3dgMEAcHqRAMEAMHq7QMEAMIOgQMEAMIO1AME
AcJEOAMEAMJEYwMEAMJEfgMEAMJHGwMEAMJHUwMEAcJHjAMEA8JH+AMEAMJnMgME
AcKEbAMEAcKErjANBgkqhkiG9w0BAQsFAAOCAQEAuGDDtufbSC8N5rqPTXoxXwA5
XdSSH+tWEh4ZLqE8+53cudshirMHrXBBkcWr4QmjPrs4nvXfxsXHYdeduk6kZhbd
mvC6nKyQmHiwuxJdF9aQNKq1JFO/eaDqSNexxZCB6x6ik9mwXCG8+zG927JFRTEa
/BULuq5V6lsh+En49JjElEeouUrEvBUQQupgjCgycWhtqK7AOev0fKXiMHXVGOzk
MG4d5dpVqQVW7UwmruETnzYu97QaLFzVMtMxUNto9bAlfKrA3J/aZkIJK+TSV+Rk
d5n8xYGiH9OVg+yThRHlEKPB8BDWExtUtfRaRoWSTNFPP0Hg3ozGJcwnrt1aEg==
-----END CERTIFICATE-----
Generated at Fri Apr 26 09:43:32 2024 by rpki-client on console-ams.rpki-client.org