Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/nTYkiaO_zY8vS55qtNPJ8ER-KCI.roa
File: nTYkiaO_zY8vS55qtNPJ8ER-KCI.roa (raw, json)
Hash identifier: 2tlgNMRZLGEHVec9N1mRdOXNcYXY5GZQe2JVWMTszTc=
Subject key identifier: 9D:36:24:89:A3:BF:CD:8F:2F:4B:9E:6A:B4:D3:C9:F0:44:7E:28:22
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01942748641D788AE5FB1C1930A4EFB9FA56
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/nTYkiaO_zY8vS55qtNPJ8ER-KCI.roa
Signing time: Thu 02 Jan 2025 13:50:43 +0000
ROA not before: Thu 02 Jan 2025 13:50:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57829
IP address blocks: 193.234.1.0/24 maxlen: 24
193.235.192.0/24 maxlen: 24
194.14.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:64:1d:78:8a:e5:fb:1c:19:30:a4:ef:b9:fa:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d362489a3bfcd8f2f4b9e6ab4d3c9f0447e2822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:5a:53:5b:85:f1:e7:9e:de:e4:65:32:80:1b:
83:1a:cc:ec:aa:51:f3:78:b9:cf:58:51:07:41:8c:
1a:87:e8:a0:35:e8:c3:8c:35:e7:f6:35:73:7e:37:
ff:7d:72:61:36:7f:58:f8:9f:e8:04:93:cd:73:f6:
27:80:3e:46:f4:1e:f2:e8:6c:7b:37:9f:4e:a0:65:
c4:b5:2e:34:3b:99:d0:2d:e5:5c:2a:5d:f9:03:d3:
c6:37:5a:f9:6e:e4:67:da:bb:b6:1c:fb:a9:d8:24:
e9:45:55:a0:b1:0c:44:97:1b:30:b6:6a:1b:25:c0:
04:a9:1a:9a:20:72:21:bb:cf:a5:b8:44:c7:9a:8f:
fd:fc:ab:c0:12:e4:c7:76:5d:be:c7:38:e0:1b:71:
00:20:dd:b7:e3:e0:06:93:cb:13:54:00:36:da:b4:
53:cb:6d:ea:5d:95:6a:69:cb:90:0f:2e:e0:8e:18:
da:53:74:26:24:0a:45:42:b3:99:89:7d:7d:5f:44:
ad:be:ae:76:ce:c7:8c:54:21:65:5c:e2:05:42:8d:
b8:73:a0:ba:7e:0b:0a:69:e1:12:a2:9b:bd:ac:b6:
3a:56:50:88:0b:73:7d:cd:6e:5a:6f:fb:3e:ed:d5:
3f:b7:c3:28:16:c8:80:16:57:2c:b8:fc:e8:24:28:
50:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:36:24:89:A3:BF:CD:8F:2F:4B:9E:6A:B4:D3:C9:F0:44:7E:28:22
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/nTYkiaO_zY8vS55qtNPJ8ER-KCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.234.1.0/24
193.235.192.0/24
194.14.195.0/24
Signature Algorithm: sha256WithRSAEncryption
59:6b:66:a7:db:54:ab:6b:52:d6:7e:5c:33:0f:3b:95:96:7a:
cc:6a:4c:6f:3c:15:3d:6f:2b:12:b1:72:86:f6:7c:1c:a7:f5:
d7:2f:37:fd:0c:cb:52:f3:2b:91:3a:cd:ae:ae:ae:01:6a:76:
5c:6a:2a:a7:1d:d4:9b:b1:6a:fc:5d:21:36:7d:9d:c6:05:aa:
fc:32:24:0c:f5:49:e3:34:de:93:45:44:83:22:b1:60:d9:93:
95:7e:31:97:d5:7b:93:fe:2f:72:b5:db:5a:7b:6f:7a:56:fd:
6c:1e:74:69:7f:45:ca:7f:38:ef:6d:f7:e8:8b:ed:88:eb:e7:
8c:35:4f:d8:ec:b9:fb:4c:f7:28:fa:83:54:5f:95:e7:c1:c6:
73:08:b6:fa:e6:e9:8c:1b:36:79:47:5e:3e:04:80:21:c3:d6:
3b:d4:7e:cb:a0:f1:54:18:c1:18:79:8b:aa:bb:09:ba:40:a4:
e3:03:4e:c9:aa:a2:89:da:cc:2e:2d:0a:a8:91:ac:cd:06:77:
82:f7:f1:cd:0c:86:d1:9b:43:6f:d9:e2:7b:e8:6f:98:af:7b:
b3:d5:6a:cf:2b:84:f9:36:fd:70:7d:f3:4a:21:8b:01:7b:54:
f7:74:be:23:04:77:5c:1e:97:83:d2:79:cf:a7:33:4e:6c:ae:
c9:93:af:cc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnSGQdeIrl+xwZMKTvufpWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDM2MjQ4OWEzYmZjZDhmMmY0YjllNmFiNGQzYzlmMDQ0N2UyODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9VpTW4Xx557e5GUygBuDGszsqlHz
eLnPWFEHQYwah+igNejDjDXn9jVzfjf/fXJhNn9Y+J/oBJPNc/YngD5G9B7y6Gx7
N59OoGXEtS40O5nQLeVcKl35A9PGN1r5buRn2ru2HPup2CTpRVWgsQxElxswtmob
JcAEqRqaIHIhu8+luETHmo/9/KvAEuTHdl2+xzjgG3EAIN234+AGk8sTVAA22rRT
y23qXZVqacuQDy7gjhjaU3QmJApFQrOZiX19X0Stvq52zseMVCFlXOIFQo24c6C6
fgsKaeESopu9rLY6VlCIC3N9zW5ab/s+7dU/t8MoFsiAFlcsuPzoJChQ8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ02JImjv82PL0uearTTyfBEfigiMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvblRZa2lhT196WTh2UzU1cXROUEo4RVItS0NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAweoBAwQA
wevAAwQAwg7DMA0GCSqGSIb3DQEBCwUAA4IBAQBZa2an21Sra1LWflwzDzuVlnrM
akxvPBU9bysSsXKG9nwcp/XXLzf9DMtS8yuROs2urq4BanZcaiqnHdSbsWr8XSE2
fZ3GBar8MiQM9UnjNN6TRUSDIrFg2ZOVfjGX1XuT/i9ytdtae296Vv1sHnRpf0XK
fzjvbffoi+2I6+eMNU/Y7Ln7TPco+oNUX5XnwcZzCLb65umMGzZ5R14+BIAhw9Y7
1H7LoPFUGMEYeYuquwm6QKTjA07JqqKJ2swuLQqokazNBneC9/HNDIbRm0Nv2eJ7
6G+Yr3uz1WrPK4T5Nv1wffNKIYsBe1T3dL4jBHdcHpeD0nnPpzNObK7Jk6/M
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:58 2025 by rpki-client