Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Z2tsSeocnbbkv25ISELCqXWpTfs.roa
File: Z2tsSeocnbbkv25ISELCqXWpTfs.roa (raw, json)
Hash identifier: j0+CIReqARWzm4lNzqAqacZDRJvlUUcHbSIl4+74oWk=
Subject key identifier: 67:6B:6C:49:EA:1C:9D:B6:E4:BF:6E:48:48:42:C2:A9:75:A9:4D:FB
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC803004B9873A056306E85680322DE90
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Z2tsSeocnbbkv25ISELCqXWpTfs.roa
Signing time: Tue 02 Jan 2024 02:31:29 +0000
ROA not before: Tue 02 Jan 2024 02:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202671
IP address blocks: 194.68.64.0/24 maxlen: 24
193.235.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:00:4b:98:73:a0:56:30:6e:85:68:03:22:de:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=676b6c49ea1c9db6e4bf6e484842c2a975a94dfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:fe:38:a3:d3:90:b5:d1:63:4b:ce:77:56:9e:
34:0a:c9:d4:1a:41:44:88:2b:d8:79:54:25:24:a1:
4f:dc:90:7c:a4:51:05:0f:9d:e9:96:8f:bc:ea:2c:
f2:c9:67:33:f8:8c:f8:54:c6:20:75:ba:6e:19:38:
90:c3:33:4c:59:ad:66:bc:b9:95:c0:43:6a:6c:59:
68:3c:7d:90:4e:16:3d:06:8d:3a:e6:72:37:24:87:
6d:a4:ce:37:91:55:7b:cf:16:91:cd:c5:a6:1c:37:
28:80:26:d7:ea:f0:ba:1d:ea:c0:84:7f:31:12:68:
5f:af:74:20:fd:67:11:92:b3:f0:87:73:f3:38:dc:
68:0a:c0:9b:73:7d:85:64:c9:53:1b:83:73:32:7a:
10:2d:6a:1f:d0:5e:6b:9f:ec:4d:67:79:80:88:30:
b9:9f:a8:82:c8:7f:20:9d:ae:d9:30:b6:1c:50:5d:
91:a3:40:43:e4:e5:1e:e9:36:b4:60:0a:4f:2b:9c:
6f:cd:46:19:a8:83:06:99:81:32:a9:ae:ad:33:d1:
58:a5:b9:01:a5:70:e2:db:d4:3e:45:7b:bb:06:03:
3f:fb:35:b1:d5:fb:5d:1d:04:49:29:14:25:ff:e0:
d3:5b:4a:d2:c7:9c:df:c2:ee:26:d1:24:6d:24:54:
ec:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:6B:6C:49:EA:1C:9D:B6:E4:BF:6E:48:48:42:C2:A9:75:A9:4D:FB
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Z2tsSeocnbbkv25ISELCqXWpTfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.235.128.0/24
194.68.64.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:be:cc:fd:82:e0:c8:29:ba:da:4c:c1:ba:04:42:55:c5:02:
d5:67:b9:7c:d3:bb:ca:04:83:3d:68:2e:b5:81:69:7d:c0:21:
01:6f:55:99:01:1a:a9:da:f5:4a:1f:06:5e:2f:46:0a:d1:c8:
cc:66:0d:f9:6d:46:0a:41:94:71:f9:9d:d0:94:fd:a2:10:2f:
28:a9:aa:b6:1b:f3:8e:f5:9f:f4:67:53:f1:1e:db:d3:db:b0:
e9:55:b2:3c:37:ea:82:bf:7d:e5:75:2c:4f:48:67:ce:b1:62:
f7:fc:c9:f4:84:c5:ee:12:4b:f9:37:58:48:d4:df:d3:74:22:
06:af:48:30:54:b9:29:b5:94:71:1e:9f:99:d3:c3:58:18:fa:
01:a7:3f:8d:3b:f2:e4:45:03:b9:c5:89:53:62:82:2b:e9:72:
65:d5:05:13:c8:cc:fc:8e:f5:a0:49:c7:07:a0:4e:f1:06:42:
b1:6e:45:99:ad:34:28:67:bc:f5:5a:cd:be:0a:87:a6:2e:b7:
fa:22:da:69:1a:eb:fa:88:d7:7a:8b:de:25:7a:0c:a2:37:da:
a6:59:8e:9a:c0:bb:14:60:2f:59:c6:a5:c9:5e:0e:7d:dc:c5:
db:a9:5d:04:68:67:ec:7d:16:fd:3b:25:94:1a:76:d0:a5:8a:
17:1a:cc:84
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAwBLmHOgVjBuhWgDIt6QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzZiNmM0OWVhMWM5ZGI2ZTRiZjZlNDg0ODQyYzJhOTc1YTk0ZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjf44o9OQtdFjS853Vp40CsnUGkFE
iCvYeVQlJKFP3JB8pFEFD53plo+86izyyWcz+Iz4VMYgdbpuGTiQwzNMWa1mvLmV
wENqbFloPH2QThY9Bo065nI3JIdtpM43kVV7zxaRzcWmHDcogCbX6vC6HerAhH8x
Emhfr3Qg/WcRkrPwh3PzONxoCsCbc32FZMlTG4NzMnoQLWof0F5rn+xNZ3mAiDC5
n6iCyH8gna7ZMLYcUF2Ro0BD5OUe6Ta0YApPK5xvzUYZqIMGmYEyqa6tM9FYpbkB
pXDi29Q+RXu7BgM/+zWx1ftdHQRJKRQl/+DTW0rSx5zfwu4m0SRtJFTsRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGdrbEnqHJ225L9uSEhCwql1qU37MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvWjJ0c1Nlb2NuYmJrdjI1SVNFTENxWFdwVGZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAweuAAwQA
wkRAMA0GCSqGSIb3DQEBCwUAA4IBAQBevsz9guDIKbraTMG6BEJVxQLVZ7l807vK
BIM9aC61gWl9wCEBb1WZARqp2vVKHwZeL0YK0cjMZg35bUYKQZRx+Z3QlP2iEC8o
qaq2G/OO9Z/0Z1PxHtvT27DpVbI8N+qCv33ldSxPSGfOsWL3/Mn0hMXuEkv5N1hI
1N/TdCIGr0gwVLkptZRxHp+Z08NYGPoBpz+NO/LkRQO5xYlTYoIr6XJl1QUTyMz8
jvWgSccHoE7xBkKxbkWZrTQoZ7z1Ws2+CoemLrf6ItppGuv6iNd6i94legyiN9qm
WY6awLsUYC9ZxqXJXg593MXbqV0EaGfsfRb9OyWUGnbQpYoXGsyE
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:44:00 2024 by rpki-client on console-ams.rpki-client.org