Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/sra7tNfQ4TMRw4v5eybnnHO5wGI.roa
File: sra7tNfQ4TMRw4v5eybnnHO5wGI.roa (raw, json)
Hash identifier: Ais9nlnyYiQDjO/wQyAn/oTv9wP97a6hTDL4TVk+AK8=
Subject key identifier: B2:B6:BB:B4:D7:D0:E1:33:11:C3:8B:F9:7B:26:E7:9C:73:B9:C0:62
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CD01ECC02A16A8A1CF3E9E9602112B0E5
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/sra7tNfQ4TMRw4v5eybnnHO5wGI.roa
Signing time: Wed 03 Jan 2024 16:18:48 +0000
ROA not before: Wed 03 Jan 2024 16:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3399
IP address blocks: 194.71.217.0/24 maxlen: 24
194.71.216.0/23 maxlen: 23
194.71.216.0/24 maxlen: 24
193.180.96.0/22 maxlen: 22
192.165.178.0/23 maxlen: 23
194.132.9.0/24 maxlen: 24
194.68.220.0/23 maxlen: 23
193.180.23.0/24 maxlen: 24
192.36.22.0/24 maxlen: 24
193.183.116.0/24 maxlen: 24
193.180.164.0/23 maxlen: 23
194.68.170.0/23 maxlen: 23
194.68.170.0/24 maxlen: 24
194.68.171.0/24 maxlen: 24
193.182.111.0/24 maxlen: 24
194.103.80.0/22 maxlen: 22
192.36.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d0:1e:cc:02:a1:6a:8a:1c:f3:e9:e9:60:21:12:b0:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 3 16:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2b6bbb4d7d0e13311c38bf97b26e79c73b9c062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3f:74:4a:62:7c:e3:c5:84:c4:50:39:2e:4f:
5a:0d:0d:4b:69:4f:dd:75:66:1b:aa:44:3d:7f:69:
72:f8:02:db:25:8a:88:a9:d3:45:b2:47:c5:51:e6:
a3:01:f7:94:7d:30:bc:02:d0:48:46:e5:93:68:99:
d8:69:68:d5:e2:52:97:eb:4c:58:1a:72:92:e0:53:
01:67:eb:a7:f5:49:ee:db:b9:2b:60:13:b2:a0:dd:
1f:c4:3e:e0:00:cc:70:39:e7:9c:7e:22:0a:5a:bd:
7e:c3:7e:8a:f2:8b:2b:12:43:a6:3b:1c:41:51:0f:
78:93:71:af:0b:71:52:47:0f:7d:04:91:5e:bb:f5:
20:a0:f3:52:9a:7d:d4:28:a9:12:84:d6:6b:ed:89:
92:a8:1d:e7:aa:d8:a6:13:53:6b:29:e2:90:05:2c:
12:57:14:63:49:dd:29:e4:79:c9:dc:a5:29:fb:ed:
b7:c9:9e:65:05:35:68:b6:76:67:ae:33:8a:8f:d2:
9b:fb:3c:c6:1e:92:45:71:05:ac:09:38:c2:55:12:
d0:8a:f1:8e:12:86:b9:4a:7e:5d:59:e7:18:7a:b2:
56:4d:a6:b2:92:81:c0:e9:c1:ea:a7:4a:cd:f8:29:
41:c8:14:b3:c8:06:52:c4:4a:e9:c5:5f:36:a1:43:
94:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:B6:BB:B4:D7:D0:E1:33:11:C3:8B:F9:7B:26:E7:9C:73:B9:C0:62
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/sra7tNfQ4TMRw4v5eybnnHO5wGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.22.0/24
192.36.208.0/24
192.165.178.0/23
193.180.23.0/24
193.180.96.0/22
193.180.164.0/23
193.182.111.0/24
193.183.116.0/24
194.68.170.0/23
194.68.220.0/23
194.71.216.0/23
194.103.80.0/22
194.132.9.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:86:90:b5:b6:63:04:2d:a1:98:e9:fc:86:b8:2a:14:23:2a:
87:3a:33:db:7e:6b:f2:6d:be:90:32:78:f2:e6:f0:4e:2f:84:
50:c2:6f:cd:88:ef:4e:69:2d:74:88:f1:66:a1:5b:f9:ab:2a:
5c:b9:5b:ba:e8:cb:41:06:e1:18:85:f4:1d:9c:2f:6a:87:23:
cf:c6:4d:1b:e3:01:db:bc:12:22:bf:e3:fb:a9:2f:2e:09:e6:
b3:d3:0e:8e:48:f8:84:60:59:9b:cf:af:89:37:23:a8:21:6c:
a8:4b:8a:dd:4f:76:a3:05:81:1e:da:12:f7:da:bd:56:22:ce:
11:75:df:c1:49:95:20:59:34:c7:37:f1:d4:43:d7:28:fa:0d:
81:cc:1b:cc:0b:78:b7:55:7a:f9:a7:2c:b9:b0:64:a1:d3:ae:
3c:33:11:7a:aa:0a:3f:85:b9:ec:3b:9f:28:cf:6c:da:8a:ad:
a7:8f:ff:6f:a3:61:54:fd:75:2d:56:3d:39:02:c2:8d:cf:b9:
b2:46:c6:18:c5:c4:90:c1:0d:78:81:43:97:1c:df:9b:c5:ab:
f9:1b:f3:c3:64:e0:4f:95:f2:2f:c9:cb:0e:57:f1:99:b7:47:
62:05:d5:bf:19:de:88:a1:11:e1:5a:c0:4a:a5:da:1b:96:05:
29:17:da:ff
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYzQHswCoWqKHPPp6WAhErDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAzMTYxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmI2YmJiNGQ3ZDBlMTMzMTFjMzhiZjk3YjI2ZTc5YzczYjljMDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmz90SmJ848WExFA5Lk9aDQ1LaU/d
dWYbqkQ9f2ly+ALbJYqIqdNFskfFUeajAfeUfTC8AtBIRuWTaJnYaWjV4lKX60xY
GnKS4FMBZ+un9Unu27krYBOyoN0fxD7gAMxwOeecfiIKWr1+w36K8osrEkOmOxxB
UQ94k3GvC3FSRw99BJFeu/UgoPNSmn3UKKkShNZr7YmSqB3nqtimE1NrKeKQBSwS
VxRjSd0p5HnJ3KUp++23yZ5lBTVotnZnrjOKj9Kb+zzGHpJFcQWsCTjCVRLQivGO
Eoa5Sn5dWecYerJWTaaykoHA6cHqp0rN+ClByBSzyAZSxErpxV82oUOUkwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFLK2u7TX0OEzEcOL+Xsm55xzucBiMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvc3JhN3ROZlE0VE1SdzR2NWV5Ym5uSE81d0dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAwCQWAwQA
wCTQAwQBwKWyAwQAwbQXAwQCwbRgAwQBwbSkAwQAwbZvAwQAwbd0AwQBwkSqAwQB
wkTcAwQBwkfYAwQCwmdQAwQAwoQJMA0GCSqGSIb3DQEBCwUAA4IBAQAbhpC1tmME
LaGY6fyGuCoUIyqHOjPbfmvybb6QMnjy5vBOL4RQwm/NiO9OaS10iPFmoVv5qypc
uVu66MtBBuEYhfQdnC9qhyPPxk0b4wHbvBIiv+P7qS8uCeaz0w6OSPiEYFmbz6+J
NyOoIWyoS4rdT3ajBYEe2hL32r1WIs4Rdd/BSZUgWTTHN/HUQ9co+g2BzBvMC3i3
VXr5pyy5sGSh0648MxF6qgo/hbnsO58oz2zaiq2nj/9vo2FU/XUtVj05AsKNz7my
RsYYxcSQwQ14gUOXHN+bxav5G/PDZOBPlfIvycsOV/GZt0diBdW/Gd6IoRHhWsBK
pdoblgUpF9r/
-----END CERTIFICATE-----
Generated at Sat May 18 17:02:14 2024 by rpki-client on console-fra.rpki-client.org