Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/iSeCKooPkxeiTbLw5SZOCiQOWM0.roa
File: iSeCKooPkxeiTbLw5SZOCiQOWM0.roa (raw, json)
Hash identifier: BW7VGPqz7gfKHXwc0erZ8rIMWqFSoiSNqw0md5jyPTs=
Subject key identifier: 89:27:82:2A:8A:0F:93:17:A2:4D:B2:F0:E5:26:4E:0A:24:0E:58:CD
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018DC1E589F279F9C927A7EE5D0AD04AC56D
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/iSeCKooPkxeiTbLw5SZOCiQOWM0.roa
Signing time: Mon 19 Feb 2024 15:04:22 +0000
ROA not before: Mon 19 Feb 2024 15:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60068
IP address blocks: 193.181.192.0/24 maxlen: 24
193.181.193.0/24 maxlen: 24
193.235.32.0/24 maxlen: 24
194.132.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c1:e5:89:f2:79:f9:c9:27:a7:ee:5d:0a:d0:4a:c5:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 19 15:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8927822a8a0f9317a24db2f0e5264e0a240e58cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:79:32:eb:8c:c9:4d:24:2a:61:30:8a:d5:fa:
18:2a:bb:d0:df:6c:d8:6f:9a:4e:78:7d:7a:ac:e4:
e3:c3:8f:1e:59:d6:80:11:42:41:99:80:54:7b:b9:
3c:76:e7:7b:75:ae:fa:23:97:ec:96:5e:d5:e3:48:
26:a5:c2:6e:65:6e:1c:1e:99:dd:cd:fb:02:07:e7:
f9:ec:3f:d0:9c:2a:6d:b3:e4:75:33:a1:df:02:25:
73:c6:0b:f2:b4:d3:50:ba:b2:67:c1:53:e8:29:0c:
78:03:e7:08:76:58:e7:33:28:23:ba:63:94:d6:95:
91:2d:53:d1:70:d3:cc:3d:01:83:01:dc:44:0b:29:
f1:2e:b7:8f:b5:c6:aa:8b:a1:cb:74:ef:99:f2:65:
94:66:99:ff:a4:07:65:ef:dc:1d:2e:bb:f8:29:b3:
22:ac:77:d3:f6:88:94:df:e7:e8:34:0a:78:62:34:
75:88:a7:fb:e3:8a:79:13:fd:12:bd:70:d5:30:06:
b9:72:a1:34:ca:7a:f2:13:3a:e0:e1:14:8d:e4:0c:
59:69:7f:1d:0e:27:52:d7:46:37:cf:82:ee:07:21:
6c:47:69:ea:50:82:ed:93:0c:c9:0d:a7:6f:9c:08:
c8:a0:52:89:ac:a8:fd:57:bc:8b:d0:ef:ee:be:2e:
7c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:27:82:2A:8A:0F:93:17:A2:4D:B2:F0:E5:26:4E:0A:24:0E:58:CD
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/iSeCKooPkxeiTbLw5SZOCiQOWM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.181.192.0/23
193.235.32.0/24
194.132.29.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:8b:fb:8e:9a:a6:2c:04:7f:0f:9a:c7:c8:26:61:da:86:e6:
03:c1:3d:a5:aa:14:31:e5:da:ce:6f:79:b1:79:8c:fe:93:96:
66:e6:c3:fc:79:a8:b2:db:d9:87:32:b6:6e:7f:47:80:98:64:
2e:83:d5:55:c3:00:bd:89:60:f6:b0:0d:ed:c9:83:67:65:b5:
d9:30:97:9e:f3:46:57:3b:e9:d0:43:6c:3b:da:f6:9b:84:d1:
a2:f6:3a:4e:ca:cf:9d:75:15:5d:6c:61:f8:e1:81:a4:ba:6d:
c9:78:7c:0a:0c:d2:f9:11:07:19:af:17:a8:9e:55:fe:5a:47:
5c:cd:64:0e:9f:5e:50:d5:b8:90:2d:f2:4f:f2:ec:7d:57:17:
5a:88:fd:7f:e1:1f:54:ff:8f:06:06:ff:76:f3:9b:93:f6:1b:
48:2e:da:e8:41:f1:4c:16:90:7a:33:c0:2d:f1:b7:32:fa:06:
f4:93:d5:47:fb:13:d7:63:60:15:3b:3d:30:07:4c:3c:3c:7e:
5f:7b:23:20:fd:eb:15:e8:cb:fc:2d:20:52:d9:97:2d:1a:82:
4b:f2:4e:2a:c8:17:33:4d:a6:96:8f:37:c6:ec:a2:84:c8:f9:
98:7b:72:de:60:5d:c3:d1:0f:2b:e6:55:d8:4c:98:42:27:36:
68:6b:1c:70
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3B5YnyefnJJ6fuXQrQSsVtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMjE5MTUwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTI3ODIyYThhMGY5MzE3YTI0ZGIyZjBlNTI2NGUwYTI0MGU1OGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXky64zJTSQqYTCK1foYKrvQ32zY
b5pOeH16rOTjw48eWdaAEUJBmYBUe7k8dud7da76I5fsll7V40gmpcJuZW4cHpnd
zfsCB+f57D/QnCpts+R1M6HfAiVzxgvytNNQurJnwVPoKQx4A+cIdljnMygjumOU
1pWRLVPRcNPMPQGDAdxECynxLrePtcaqi6HLdO+Z8mWUZpn/pAdl79wdLrv4KbMi
rHfT9oiU3+foNAp4YjR1iKf744p5E/0SvXDVMAa5cqE0ynryEzrg4RSN5AxZaX8d
DidS10Y3z4LuByFsR2nqUILtkwzJDadvnAjIoFKJrKj9V7yL0O/uvi58AQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIkngiqKD5MXok2y8OUmTgokDljNMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvaVNlQ0tvb1BreGVpVGJMdzVTWk9DaVFPV00wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwbXAAwQA
wesgAwQAwoQdMA0GCSqGSIb3DQEBCwUAA4IBAQBci/uOmqYsBH8PmsfIJmHahuYD
wT2lqhQx5drOb3mxeYz+k5Zm5sP8eaiy29mHMrZuf0eAmGQug9VVwwC9iWD2sA3t
yYNnZbXZMJee80ZXO+nQQ2w72vabhNGi9jpOys+ddRVdbGH44YGkum3JeHwKDNL5
EQcZrxeonlX+WkdczWQOn15Q1biQLfJP8ux9VxdaiP1/4R9U/48GBv9285uT9htI
LtroQfFMFpB6M8At8bcy+gb0k9VH+xPXY2AVOz0wB0w8PH5feyMg/esV6Mv8LSBS
2ZctGoJL8k4qyBczTaaWjzfG7KKEyPmYe3LeYF3D0Q8r5lXYTJhCJzZoaxxw
-----END CERTIFICATE-----
Generated at Thu May 2 03:37:16 2024 by rpki-client on console-ams.rpki-client.org