Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/fXGVAQWKV9uoV30u2leVGs-fZis.roa
File: fXGVAQWKV9uoV30u2leVGs-fZis.roa (raw, json)
Hash identifier: H25AESIPOpgQCdSdPgk7o6xoc8n/T46UGQSpFVu/wjo=
Subject key identifier: 7D:71:95:01:05:8A:57:DB:A8:57:7D:2E:DA:57:95:1A:CF:9F:66:2B
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC803024DC0B3231FA1E33BB870D65D66
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/fXGVAQWKV9uoV30u2leVGs-fZis.roa
Signing time: Tue 02 Jan 2024 02:31:29 +0000
ROA not before: Tue 02 Jan 2024 02:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205332
IP address blocks: 193.180.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:02:4d:c0:b3:23:1f:a1:e3:3b:b8:70:d6:5d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d719501058a57dba8577d2eda57951acf9f662b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:dc:85:c4:71:de:4c:e3:23:99:b3:39:75:16:
a8:9f:ba:fe:1b:3c:81:09:ee:93:d8:5f:7e:10:f8:
66:6d:d6:2e:de:e9:15:95:f4:6c:99:61:c1:0a:16:
1c:72:a3:77:5b:09:d4:dc:f5:1a:b5:f5:22:cb:1d:
2b:8c:d6:6d:42:34:f4:90:8d:34:cf:f1:75:99:9a:
30:3d:01:06:ee:ee:44:7a:07:57:5b:7c:cd:61:a0:
1f:47:76:45:37:2d:96:69:46:c5:fa:bd:fb:48:b5:
a3:29:3f:69:56:d2:9a:5b:0e:f6:5c:07:c2:49:7a:
c4:92:45:05:8b:ec:68:30:c4:70:c7:d2:29:62:43:
c9:28:fc:ba:b8:37:d0:cb:dd:a9:0c:2b:bc:0d:99:
22:00:2f:72:52:22:8a:2b:e0:4f:66:ad:0c:9f:76:
72:17:e0:8b:9a:5d:72:31:4a:49:37:99:00:70:10:
91:c2:87:77:26:3f:fc:f9:9b:95:39:65:d4:a1:9f:
95:16:47:89:94:b0:be:47:db:f4:20:e9:10:bb:11:
47:34:be:2a:e2:65:f8:be:d7:a7:06:ca:81:f3:ec:
25:e1:65:03:51:f7:95:5e:b1:6e:2c:94:4c:2e:4a:
f1:cc:28:90:5a:d2:9e:7a:7f:cb:fd:76:65:4d:8f:
e3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:71:95:01:05:8A:57:DB:A8:57:7D:2E:DA:57:95:1A:CF:9F:66:2B
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/fXGVAQWKV9uoV30u2leVGs-fZis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.180.93.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:05:71:9e:cd:e1:4e:4d:c3:fb:58:84:9e:2a:a7:2f:6e:ca:
db:16:5e:b2:57:c5:1b:ab:24:e0:a8:f3:b0:b8:6a:16:91:05:
a2:16:e6:e9:27:be:c7:86:0e:45:bb:bd:36:95:0a:fa:65:18:
35:a7:83:91:35:1b:25:7e:f6:7e:d9:76:ba:68:b6:e0:be:1b:
c2:9d:cd:ce:2c:e4:77:cc:c3:e3:ab:c7:8f:a1:1a:75:a3:09:
9d:38:56:7f:18:9b:8e:75:88:20:95:c6:0e:b9:74:55:e2:ec:
51:d2:df:1b:16:ef:0c:40:1f:6c:ea:4e:cf:70:c8:5e:f0:3d:
d1:9a:24:3a:df:8f:85:27:65:8a:3a:10:ef:86:94:5e:f9:8d:
e8:a5:dc:9e:ff:c9:24:d8:1e:79:6b:27:e6:45:3c:6d:22:ea:
8b:99:40:7c:c6:a1:e2:46:ca:7f:5e:b3:b3:8e:10:cc:9d:2a:
8b:a5:07:0b:b8:39:6b:ad:f8:c0:6c:4c:7b:59:03:e2:a9:d9:
d9:ba:d5:81:ba:25:a3:00:83:de:88:56:ef:79:f1:cb:15:02:
57:05:35:c4:f7:f8:c1:96:03:78:6a:8f:dc:a4:55:58:93:26:
3d:d5:7c:ab:e1:50:51:08:4e:ce:c5:7a:d9:47:2e:e9:fd:eb:
05:d8:cc:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAwJNwLMjH6HjO7hw1l1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDcxOTUwMTA1OGE1N2RiYTg1NzdkMmVkYTU3OTUxYWNmOWY2NjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdyFxHHeTOMjmbM5dRaon7r+GzyB
Ce6T2F9+EPhmbdYu3ukVlfRsmWHBChYccqN3WwnU3PUatfUiyx0rjNZtQjT0kI00
z/F1mZowPQEG7u5EegdXW3zNYaAfR3ZFNy2WaUbF+r37SLWjKT9pVtKaWw72XAfC
SXrEkkUFi+xoMMRwx9IpYkPJKPy6uDfQy92pDCu8DZkiAC9yUiKKK+BPZq0Mn3Zy
F+CLml1yMUpJN5kAcBCRwod3Jj/8+ZuVOWXUoZ+VFkeJlLC+R9v0IOkQuxFHNL4q
4mX4vtenBsqB8+wl4WUDUfeVXrFuLJRMLkrxzCiQWtKeen/L/XZlTY/jVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH1xlQEFilfbqFd9LtpXlRrPn2YrMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvZlhHVkFRV0tWOXVvVjMwdTJsZVZHcy1mWmlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbRdMA0G
CSqGSIb3DQEBCwUAA4IBAQBKBXGezeFOTcP7WISeKqcvbsrbFl6yV8UbqyTgqPOw
uGoWkQWiFubpJ77Hhg5Fu702lQr6ZRg1p4ORNRslfvZ+2Xa6aLbgvhvCnc3OLOR3
zMPjq8ePoRp1owmdOFZ/GJuOdYgglcYOuXRV4uxR0t8bFu8MQB9s6k7PcMhe8D3R
miQ634+FJ2WKOhDvhpRe+Y3opdye/8kk2B55ayfmRTxtIuqLmUB8xqHiRsp/XrOz
jhDMnSqLpQcLuDlrrfjAbEx7WQPiqdnZutWBuiWjAIPeiFbvefHLFQJXBTXE9/jB
lgN4ao/cpFVYkyY91Xyr4VBRCE7OxXrZRy7p/esF2Mzy
-----END CERTIFICATE-----
Generated at Wed Jun 26 04:44:54 2024 by rpki-client on console-fra.rpki-client.org