Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/aDvmA8CnHsfX-hCws4Nh57keL4w.roa
File: aDvmA8CnHsfX-hCws4Nh57keL4w.roa (raw, json)
Hash identifier: tjV0PLTMZOy7ngHn9j0J1Rie/QQosjeQcuqWT77HMJU=
Subject key identifier: 68:3B:E6:03:C0:A7:1E:C7:D7:FA:10:B0:B3:83:61:E7:B9:1E:2F:8C
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01949301595957AE75F5F617F58F623373D6
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/aDvmA8CnHsfX-hCws4Nh57keL4w.roa
Signing time: Thu 23 Jan 2025 11:52:06 +0000
ROA not before: Thu 23 Jan 2025 11:52:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8434
IP address blocks: 192.36.37.0/24 maxlen: 24
192.71.97.0/24 maxlen: 24
192.71.158.0/24 maxlen: 24
192.121.172.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
192.165.65.0/24 maxlen: 24
192.165.86.0/24 maxlen: 24
192.176.161.0/24 maxlen: 24
193.180.61.0/24 maxlen: 24
193.181.0.0/24 maxlen: 24
193.181.187.0/24 maxlen: 24
193.183.3.0/24 maxlen: 24
193.183.68.0/23 maxlen: 23
193.183.79.0/24 maxlen: 24
193.183.92.0/24 maxlen: 24
193.183.93.0/24 maxlen: 24
193.183.104.0/24 maxlen: 24
193.183.118.0/24 maxlen: 24
193.234.68.0/23 maxlen: 23
193.234.220.0/23 maxlen: 23
193.234.237.0/24 maxlen: 24
193.235.142.0/23 maxlen: 24
194.14.129.0/24 maxlen: 24
194.14.212.0/24 maxlen: 24
194.68.56.0/23 maxlen: 23
194.68.99.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.68.194.0/23 maxlen: 23
194.71.27.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
194.71.168.0/24 maxlen: 24
194.71.248.0/21 maxlen: 21
194.103.50.0/24 maxlen: 24
194.132.108.0/23 maxlen: 24
194.132.174.0/24 maxlen: 24
194.132.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:93:01:59:59:57:ae:75:f5:f6:17:f5:8f:62:33:73:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 23 11:52:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=683be603c0a71ec7d7fa10b0b38361e7b91e2f8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fd:1d:fe:23:98:e9:af:6b:4a:20:4c:c1:7e:
2d:14:4f:6e:1e:73:9f:47:1e:f2:3c:12:0a:02:96:
4b:8b:ef:50:ce:74:b8:8a:b6:6f:86:79:8c:06:c0:
58:95:f2:f2:19:ee:d2:67:ca:8d:ca:15:99:bb:5f:
7b:fe:d4:9c:7e:58:b8:87:59:75:7c:22:f4:c3:f5:
63:5c:95:f5:8a:9b:79:f2:d0:4b:b8:49:7e:83:df:
27:43:e0:ec:21:d2:aa:ba:01:2f:c8:f9:e3:5b:89:
1e:c8:ff:d5:a4:f0:a5:b1:fd:8c:2a:77:9d:1c:9f:
58:dc:1c:41:bb:a0:5c:52:6d:70:6a:c6:c0:30:66:
f7:74:73:78:0e:a7:6c:d2:05:14:37:2a:f9:c7:8a:
f6:b4:fa:8c:c9:de:bf:6b:ec:da:68:10:bb:86:9a:
ee:d4:3d:69:86:42:9b:b7:e7:d9:59:fe:6c:69:72:
b4:a8:b2:ed:3b:b1:0c:6b:26:37:9e:ed:82:b6:ef:
95:49:0c:26:d8:25:b0:0b:d1:86:7d:34:3f:aa:07:
c1:43:8c:6c:17:31:db:c2:54:4b:cd:c8:9e:18:a6:
3d:a0:5d:02:72:9a:c3:7c:43:3c:c4:1c:eb:92:bf:
5a:5d:d3:4b:42:0b:19:75:1a:de:24:ed:0c:37:56:
79:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:3B:E6:03:C0:A7:1E:C7:D7:FA:10:B0:B3:83:61:E7:B9:1E:2F:8C
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/aDvmA8CnHsfX-hCws4Nh57keL4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.37.0/24
192.71.97.0/24
192.71.158.0/24
192.121.172.0/24
192.121.192.0/24
192.165.65.0/24
192.165.86.0/24
192.176.161.0/24
193.180.61.0/24
193.181.0.0/24
193.181.187.0/24
193.183.3.0/24
193.183.68.0/23
193.183.79.0/24
193.183.92.0/23
193.183.104.0/24
193.183.118.0/24
193.234.68.0/23
193.234.220.0/23
193.234.237.0/24
193.235.142.0/23
194.14.129.0/24
194.14.212.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.68.194.0/23
194.71.27.0/24
194.71.83.0/24
194.71.140.0/23
194.71.168.0/24
194.71.248.0/21
194.103.50.0/24
194.132.108.0/23
194.132.174.0/23
Signature Algorithm: sha256WithRSAEncryption
47:a1:05:ec:e6:e1:21:4b:27:36:a4:a8:cc:e5:7a:73:db:89:
4a:2e:32:64:4e:d3:01:7c:f1:d9:91:a0:66:2e:52:27:fd:df:
a3:a4:c5:10:4d:65:ff:5e:64:84:f7:40:8b:64:cc:40:b0:b2:
8e:8b:f5:ff:b1:06:27:9f:ad:c5:a8:08:96:f9:2e:b2:71:20:
2e:a2:27:70:09:95:12:12:fc:97:b8:6f:4a:0a:7a:f9:58:3d:
b3:2e:f5:17:e8:d1:9d:2e:d5:89:f2:ed:8e:16:8d:89:c6:ab:
24:7a:b4:ef:f2:d6:30:dc:b2:a3:35:ca:c5:6a:84:88:0f:7e:
7d:50:c3:5d:f8:f2:d7:4e:35:32:35:1f:28:df:bc:f4:c8:4c:
9c:0e:f6:d2:9e:48:6b:53:03:85:f8:2a:0d:0f:0e:ce:22:d3:
29:86:93:97:fa:3c:5e:14:53:06:ba:23:04:18:56:23:a0:ee:
34:83:50:74:02:2e:bf:ac:70:ee:83:41:16:a4:3c:fb:3f:ce:
b3:67:cb:06:35:4c:ec:51:49:a4:49:83:41:8e:82:30:2a:27:
b7:1c:3d:bd:6c:63:71:4b:28:37:42:5f:eb:d1:c5:a1:c8:0e:
29:76:56:b4:66:2e:52:0d:5c:70:f5:b7:8f:ea:80:45:e7:94:
80:1d:59:7e
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAZSTAVlZV6519fYX9Y9iM3PWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTIzMTE1MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODNiZTYwM2MwYTcxZWM3ZDdmYTEwYjBiMzgzNjFlN2I5MWUyZjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvv0d/iOY6a9rSiBMwX4tFE9uHnOf
Rx7yPBIKApZLi+9QznS4irZvhnmMBsBYlfLyGe7SZ8qNyhWZu197/tScfli4h1l1
fCL0w/VjXJX1ipt58tBLuEl+g98nQ+DsIdKqugEvyPnjW4keyP/VpPClsf2MKned
HJ9Y3BxBu6BcUm1wasbAMGb3dHN4Dqds0gUUNyr5x4r2tPqMyd6/a+zaaBC7hpru
1D1phkKbt+fZWf5saXK0qLLtO7EMayY3nu2Ctu+VSQwm2CWwC9GGfTQ/qgfBQ4xs
FzHbwlRLzcieGKY9oF0CcprDfEM8xBzrkr9aXdNLQgsZdRreJO0MN1Z5GQIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFGg75gPApx7H1/oQsLODYee5Hi+MMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvYUR2bUE4Q25Ic2ZYLWhDd3M0Tmg1N2tlTDR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBADA
JCUDBADAR2EDBADAR54DBADAeawDBADAecADBADApUEDBADApVYDBADAsKEDBADB
tD0DBADBtQADBADBtbsDBADBtwMDBAHBt0QDBADBt08DBAHBt1wDBADBt2gDBADB
t3YDBAHB6kQDBAHB6twDBADB6u0DBAHB644DBADCDoEDBADCDtQDBAHCRDgDBADC
RGMDBADCRH4DBAHCRMIDBADCRxsDBADCR1MDBAHCR4wDBADCR6gDBAPCR/gDBADC
ZzIDBAHChGwDBAHChK4wDQYJKoZIhvcNAQELBQADggEBAEehBezm4SFLJzakqMzl
enPbiUouMmRO0wF88dmRoGYuUif936OkxRBNZf9eZIT3QItkzECwso6L9f+xBief
rcWoCJb5LrJxIC6iJ3AJlRIS/Je4b0oKevlYPbMu9Rfo0Z0u1Yny7Y4WjYnGqyR6
tO/y1jDcsqM1ysVqhIgPfn1Qw1348tdONTI1HyjfvPTITJwO9tKeSGtTA4X4Kg0P
Ds4i0ymGk5f6PF4UUwa6IwQYViOg7jSDUHQCLr+scO6DQRakPPs/zrNnywY1TOxR
SaRJg0GOgjAqJ7ccPb1sY3FLKDdCX+vRxaHIDil2VrRmLlINXHD1t4/qgEXnlIAd
WX4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:04 2025 by rpki-client