Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/l0ra1SHb8XVyTJxykFQ7zRb7lzw.roa
File: l0ra1SHb8XVyTJxykFQ7zRb7lzw.roa (raw, json)
Hash identifier: EKiwofj70df4vs7AL7ycxUW1cZOKExyPDGgiSqfxC6I=
Subject key identifier: 97:4A:DA:D5:21:DB:F1:75:72:4C:9C:72:90:54:3B:CD:16:FB:97:3C
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01942748460DA221B918B8E190F31E30B7EF
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/l0ra1SHb8XVyTJxykFQ7zRb7lzw.roa
Signing time: Thu 02 Jan 2025 13:50:35 +0000
ROA not before: Thu 02 Jan 2025 13:50:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25252
IP address blocks: 192.165.12.0/24 maxlen: 24
193.183.228.0/23 maxlen: 23
193.183.230.0/23 maxlen: 23
193.183.236.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:46:0d:a2:21:b9:18:b8:e1:90:f3:1e:30:b7:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=974adad521dbf175724c9c7290543bcd16fb973c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b9:0f:69:b8:6e:09:13:15:4a:61:8a:4e:1a:
fc:42:bf:ba:3f:f1:1a:0b:0f:0c:5c:87:02:33:be:
11:04:c6:a3:0d:48:a5:89:0d:eb:0e:32:0a:83:b7:
f9:3f:c7:aa:cf:b6:22:35:95:65:7c:78:c4:a1:27:
12:d3:1b:51:5b:d7:1f:b3:89:93:97:bd:e6:5a:76:
d5:34:9c:fb:d2:72:0d:19:e1:a3:05:dd:34:7f:79:
86:f4:63:6f:72:15:d2:f6:c0:74:f5:24:fb:e8:73:
d1:1b:59:3b:42:b5:bc:d4:04:7e:cc:22:64:a9:9f:
85:e0:bf:1d:9d:18:c1:d0:b4:a5:55:85:b6:51:35:
bf:82:e1:e8:fb:1a:c0:40:df:c2:73:e1:42:3c:43:
c2:0e:fd:8b:0d:34:21:0f:e8:66:34:64:55:25:64:
e2:b2:f4:c4:09:f4:16:44:38:5e:11:45:e4:3b:cb:
67:d0:77:4c:20:0f:21:3f:2c:e8:32:5f:84:11:41:
b4:ae:0d:05:e1:56:00:e2:e4:a0:c3:81:d7:59:b7:
4e:b9:a9:3e:3e:f4:f1:de:34:b3:5c:60:f4:f3:3d:
0e:46:77:06:db:6e:53:8c:a9:f9:39:d5:3b:aa:3a:
91:71:94:9d:4e:dd:57:52:62:69:22:f3:60:d2:18:
ae:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:4A:DA:D5:21:DB:F1:75:72:4C:9C:72:90:54:3B:CD:16:FB:97:3C
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/l0ra1SHb8XVyTJxykFQ7zRb7lzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.165.12.0/24
193.183.228.0/22
193.183.236.0/23
Signature Algorithm: sha256WithRSAEncryption
53:fa:e6:55:0a:f5:e0:82:e7:9c:87:71:df:fe:fb:3d:34:cd:
fa:0f:bc:45:cc:44:94:54:93:d9:47:74:88:34:f1:b4:40:9a:
3c:6f:af:b9:5c:df:21:72:14:75:35:90:82:0a:d9:e7:82:92:
15:c6:bc:36:cb:a0:8f:b0:44:82:5a:7b:89:d4:cd:0c:41:63:
8f:df:fa:0f:93:c0:2d:80:8f:44:2e:3f:28:bc:ef:ea:9a:37:
0e:3b:00:78:f4:e3:71:0c:5b:60:2e:11:a3:17:a8:cb:1c:3d:
b5:ec:14:a5:d7:d3:a3:7b:7f:59:c4:1c:72:dd:26:15:c1:89:
e1:7e:53:b3:6a:88:0f:d9:50:fc:dd:89:df:39:30:db:e4:c8:
06:a4:c5:07:fb:32:fa:68:ff:08:0f:4f:98:75:4e:46:a5:0c:
80:5e:28:5e:1b:20:2f:14:72:f7:5d:ed:3d:29:71:c5:ec:b8:
ad:df:dc:b5:8d:b6:4a:db:4c:a4:4d:5b:56:ab:8e:82:cc:d4:
2e:7d:58:09:d0:53:3b:db:fd:41:32:9e:a9:f0:e2:c0:74:6a:
cb:55:6f:44:66:2b:75:99:f4:79:fc:12:e7:dc:ed:45:f3:48:
e2:6c:7d:42:02:27:36:a4:31:1a:20:f7:e7:42:26:f0:1d:1f:
a1:a8:e4:c3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnSEYNoiG5GLjhkPMeMLfvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzRhZGFkNTIxZGJmMTc1NzI0YzljNzI5MDU0M2JjZDE2ZmI5NzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7kPabhuCRMVSmGKThr8Qr+6P/Ea
Cw8MXIcCM74RBMajDUiliQ3rDjIKg7f5P8eqz7YiNZVlfHjEoScS0xtRW9cfs4mT
l73mWnbVNJz70nINGeGjBd00f3mG9GNvchXS9sB09ST76HPRG1k7QrW81AR+zCJk
qZ+F4L8dnRjB0LSlVYW2UTW/guHo+xrAQN/Cc+FCPEPCDv2LDTQhD+hmNGRVJWTi
svTECfQWRDheEUXkO8tn0HdMIA8hPyzoMl+EEUG0rg0F4VYA4uSgw4HXWbdOuak+
PvTx3jSzXGD08z0ORncG225TjKn5OdU7qjqRcZSdTt1XUmJpIvNg0hiucwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJdK2tUh2/F1ckyccpBUO80W+5c8MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvbDByYTFTSGI4WFZ5VEp4eWtGUTd6UmI3bHp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwKUMAwQC
wbfkAwQBwbfsMA0GCSqGSIb3DQEBCwUAA4IBAQBT+uZVCvXgguech3Hf/vs9NM36
D7xFzESUVJPZR3SINPG0QJo8b6+5XN8hchR1NZCCCtnngpIVxrw2y6CPsESCWnuJ
1M0MQWOP3/oPk8AtgI9ELj8ovO/qmjcOOwB49ONxDFtgLhGjF6jLHD217BSl19Oj
e39ZxBxy3SYVwYnhflOzaogP2VD83YnfOTDb5MgGpMUH+zL6aP8ID0+YdU5GpQyA
XiheGyAvFHL3Xe09KXHF7Lit39y1jbZK20ykTVtWq46CzNQufVgJ0FM72/1BMp6p
8OLAdGrLVW9EZit1mfR5/BLn3O1F80jibH1CAic2pDEaIPfnQibwHR+hqOTD
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:53 2025 by rpki-client