Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/kSufYPWVR9OrPX9DtQe3-BZQtZM.roa
File: kSufYPWVR9OrPX9DtQe3-BZQtZM.roa (raw, json)
Hash identifier: HsL8A9trMdPG4bFWvyDAv+3wNPHxqbe2TAgaTBtjQ4c=
Subject key identifier: 91:2B:9F:60:F5:95:47:D3:AB:3D:7F:43:B5:07:B7:F8:16:50:B5:93
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019427487AB47DE7CB58CF603AF98C3C43E7
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/kSufYPWVR9OrPX9DtQe3-BZQtZM.roa
Signing time: Thu 02 Jan 2025 13:50:48 +0000
ROA not before: Thu 02 Jan 2025 13:50:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208583
IP address blocks: 192.165.198.0/24 maxlen: 24
193.181.177.0/24 maxlen: 24
193.235.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:7a:b4:7d:e7:cb:58:cf:60:3a:f9:8c:3c:43:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=912b9f60f59547d3ab3d7f43b507b7f81650b593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:01:0b:93:b1:30:98:5f:47:de:4c:e2:c7:bb:
b3:8a:4f:24:66:2b:93:7a:50:44:ea:3c:57:37:4a:
54:45:38:e8:7a:6f:d7:3c:e8:41:3f:52:7d:1f:00:
d1:1d:01:1f:05:a4:8f:2c:e9:ad:e7:d2:6f:85:e1:
cc:0e:70:c6:b8:6a:01:45:6d:7c:10:5a:bb:4e:f3:
a3:a9:42:e9:b2:cc:18:cd:4e:fe:72:55:f3:43:e4:
8e:5d:4a:e7:2b:7e:24:c0:70:f3:48:5b:f7:d3:1a:
a5:7e:d0:11:2c:ea:fc:1d:c9:ce:2e:10:a4:3f:81:
1d:0d:13:8b:77:ca:d4:d4:29:0b:a2:e3:a6:de:e6:
e4:ba:9c:b8:f7:07:77:ac:16:e7:54:d8:77:33:c9:
cc:5b:bc:7d:4d:0a:64:15:f9:af:86:55:fd:28:2e:
fd:23:7a:f8:4b:24:4f:03:ac:d5:6c:4c:4e:2d:7c:
23:e8:ac:14:60:96:80:85:5d:c2:d4:df:9d:75:7a:
89:fe:ee:dc:43:d6:e3:2f:b0:7a:2d:0d:f6:ec:18:
64:c1:97:ea:60:93:8f:85:92:81:fd:9f:0f:e8:e5:
f0:30:14:41:5a:0b:1c:bf:bc:6b:08:60:82:da:5f:
e2:27:91:61:84:1e:ef:f1:0a:61:a5:d0:b5:f1:c7:
50:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:2B:9F:60:F5:95:47:D3:AB:3D:7F:43:B5:07:B7:F8:16:50:B5:93
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/kSufYPWVR9OrPX9DtQe3-BZQtZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.165.198.0/24
193.181.177.0/24
193.235.193.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:ac:b5:04:58:f6:f8:b6:e1:b9:cf:7b:49:01:bc:53:9d:a8:
49:44:63:e5:e0:51:ee:49:82:84:4a:29:52:96:07:89:f2:30:
6b:49:a7:94:42:d5:d3:16:6a:18:35:40:60:5f:bc:a7:e0:68:
e8:23:9a:04:2d:ab:2a:66:c4:af:c2:98:6c:95:69:cc:87:34:
6a:46:13:83:b2:35:c2:fd:59:38:cc:db:c8:e2:6b:13:4b:46:
dd:3f:24:13:5d:fc:40:27:65:be:3a:01:38:88:d8:e0:51:72:
69:e4:6d:51:c0:ef:34:2d:90:30:25:08:bb:a2:7f:be:c6:f5:
9e:e2:dd:8e:77:24:82:48:01:c0:e3:7e:b1:86:59:bd:a1:36:
fe:cb:fe:6e:8f:3c:58:0a:2a:65:4f:38:0c:19:e8:8a:60:79:
b1:35:ec:50:63:cc:dd:d5:b7:74:f1:32:ee:48:aa:90:ac:2b:
b9:80:2a:24:a2:3a:e8:67:40:d7:4c:bb:ff:7a:2b:5d:1d:1d:
8e:39:8d:cf:4b:7a:b5:8a:a2:33:d0:89:69:82:e4:0f:ab:a9:
65:f0:70:cd:64:bc:4c:cf:23:a5:91:4e:dd:60:31:66:e6:2f:
2e:b4:0f:f0:b3:90:82:18:3a:0b:f4:0f:d9:52:dd:10:0e:bd:
c9:56:c1:ff
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnSHq0fefLWM9gOvmMPEPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTJiOWY2MGY1OTU0N2QzYWIzZDdmNDNiNTA3YjdmODE2NTBiNTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QELk7EwmF9H3kzix7uzik8kZiuT
elBE6jxXN0pURTjoem/XPOhBP1J9HwDRHQEfBaSPLOmt59JvheHMDnDGuGoBRW18
EFq7TvOjqULpsswYzU7+clXzQ+SOXUrnK34kwHDzSFv30xqlftARLOr8HcnOLhCk
P4EdDROLd8rU1CkLouOm3ubkupy49wd3rBbnVNh3M8nMW7x9TQpkFfmvhlX9KC79
I3r4SyRPA6zVbExOLXwj6KwUYJaAhV3C1N+ddXqJ/u7cQ9bjL7B6LQ327BhkwZfq
YJOPhZKB/Z8P6OXwMBRBWgscv7xrCGCC2l/iJ5FhhB7v8QphpdC18cdQ1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJErn2D1lUfTqz1/Q7UHt/gWULWTMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEva1N1ZllQV1ZSOU9yUFg5RHRRZTMtQlpRdFpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwKXGAwQA
wbWxAwQAwevBMA0GCSqGSIb3DQEBCwUAA4IBAQC0rLUEWPb4tuG5z3tJAbxTnahJ
RGPl4FHuSYKESilSlgeJ8jBrSaeUQtXTFmoYNUBgX7yn4GjoI5oELasqZsSvwphs
lWnMhzRqRhODsjXC/Vk4zNvI4msTS0bdPyQTXfxAJ2W+OgE4iNjgUXJp5G1RwO80
LZAwJQi7on++xvWe4t2OdySCSAHA436xhlm9oTb+y/5ujzxYCiplTzgMGeiKYHmx
NexQY8zd1bd08TLuSKqQrCu5gCokojroZ0DXTLv/eitdHR2OOY3PS3q1iqIz0Ilp
guQPq6ll8HDNZLxMzyOlkU7dYDFm5i8utA/ws5CCGDoL9A/ZUt0QDr3JVsH/
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:46 2025 by rpki-client