Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/tAQ520jEqo9JzpC8zZMMVy0eOLU.roa
File: tAQ520jEqo9JzpC8zZMMVy0eOLU.roa (raw, json)
Hash identifier: VbxXovHTk1FdMuCPZ6NFrZ/j+UrhZIt1GO9zZZnDuRA=
Subject key identifier: B4:04:39:DB:48:C4:AA:8F:49:CE:90:BC:CD:93:0C:57:2D:1E:38:B5
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01957035AA173E6C9F266F48B226CF7567C2
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/tAQ520jEqo9JzpC8zZMMVy0eOLU.roa
Signing time: Fri 07 Mar 2025 10:45:19 +0000
ROA not before: Fri 07 Mar 2025 10:45:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208514
IP address blocks: 192.121.55.0/24 maxlen: 24
193.181.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:70:35:aa:17:3e:6c:9f:26:6f:48:b2:26:cf:75:67:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 7 10:45:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b40439db48c4aa8f49ce90bccd930c572d1e38b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f2:e8:cc:41:6d:49:06:ee:4b:42:f9:33:3b:
06:50:68:27:e4:11:06:5c:b0:a9:f4:84:75:f8:e2:
a4:e1:2e:af:b3:65:02:88:f3:2f:d7:ee:4e:b7:34:
c7:ea:e7:5a:2a:b1:8f:5c:32:4e:54:7a:f8:e2:3d:
33:a0:91:6b:2d:d5:c0:ef:60:d7:07:28:bf:53:7c:
f3:f2:f2:39:bc:e6:7a:1a:6d:28:13:46:2a:85:bd:
55:eb:e7:fb:ab:82:2c:18:d0:71:b8:17:3d:02:e0:
83:19:f5:84:19:44:af:b6:80:6c:f5:be:97:1b:20:
6f:02:d5:93:fc:b9:1c:39:39:10:e3:5e:c8:72:d3:
08:44:d6:a0:17:43:5c:35:48:eb:82:40:7e:a7:3b:
8c:06:06:72:34:86:11:75:20:ea:fa:57:70:27:93:
de:98:43:c4:dd:58:bd:a2:00:3a:7e:e7:ed:24:72:
43:ef:39:c1:75:aa:69:15:20:48:f7:42:d1:43:af:
2f:d6:75:75:f7:a2:52:e5:2a:8a:8d:02:cf:17:08:
63:f5:67:89:6a:8b:c4:6d:28:68:ea:e1:df:6e:08:
2f:d6:1f:91:f1:4c:63:f5:b9:7c:e4:42:ed:24:f0:
33:da:a3:f8:c3:e4:c7:05:be:3d:e3:21:74:ec:5c:
04:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:04:39:DB:48:C4:AA:8F:49:CE:90:BC:CD:93:0C:57:2D:1E:38:B5
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/tAQ520jEqo9JzpC8zZMMVy0eOLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.55.0/24
193.181.33.0/24
Signature Algorithm: sha256WithRSAEncryption
74:47:71:9f:6e:b2:cb:ca:a3:a8:67:9c:ed:7e:e2:a4:c9:3a:
fa:70:79:70:ed:53:25:15:1e:cc:ab:91:dd:91:8d:c3:26:05:
49:e3:26:c7:83:a9:ec:c0:b6:69:08:e7:3b:23:b9:78:72:8e:
34:c0:86:90:e2:28:24:cd:14:6c:89:1d:ff:11:d8:58:97:9f:
2a:96:22:e9:16:2a:01:1a:f7:50:a2:b6:70:99:5f:d5:67:b2:
5d:3b:db:b2:e2:ea:95:ae:a9:47:13:f3:cf:7d:cf:70:f5:25:
49:a1:26:02:e7:e9:1b:26:98:09:a9:1d:68:69:29:43:06:65:
a4:d9:aa:83:cc:74:39:0e:f2:d8:3e:74:02:b8:79:c2:90:5e:
f8:54:da:5e:b1:6f:47:c3:03:cd:fc:9b:cb:4d:38:db:24:53:
d2:2c:f8:87:28:1e:71:54:f4:31:be:6d:20:03:0e:e3:0d:37:
94:14:4e:17:da:c4:e0:e9:d1:30:ba:c8:f8:4c:34:b3:3b:ca:
ee:a9:fc:65:c0:3a:53:da:28:3c:d6:8a:cd:ec:60:3f:51:6b:
38:2e:34:9f:5a:1d:61:03:a4:a3:1e:39:5c:aa:eb:00:e8:d0:
1b:04:95:a2:e2:96:0a:c3:fb:1d:6f:9b:f7:1b:ab:02:fa:8c:
5b:78:98:84
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVwNaoXPmyfJm9IsibPdWfCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMzA3MTA0NTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDA0MzlkYjQ4YzRhYThmNDljZTkwYmNjZDkzMGM1NzJkMWUzOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/LozEFtSQbuS0L5MzsGUGgn5BEG
XLCp9IR1+OKk4S6vs2UCiPMv1+5OtzTH6udaKrGPXDJOVHr44j0zoJFrLdXA72DX
Byi/U3zz8vI5vOZ6Gm0oE0Yqhb1V6+f7q4IsGNBxuBc9AuCDGfWEGUSvtoBs9b6X
GyBvAtWT/LkcOTkQ417IctMIRNagF0NcNUjrgkB+pzuMBgZyNIYRdSDq+ldwJ5Pe
mEPE3Vi9ogA6fuftJHJD7znBdappFSBI90LRQ68v1nV196JS5SqKjQLPFwhj9WeJ
aovEbSho6uHfbggv1h+R8Uxj9bl85ELtJPAz2qP4w+THBb494yF07FwEYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLQEOdtIxKqPSc6QvM2TDFctHji1MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvdEFRNTIwakVxbzlKenBDOHpaTU1WeTBlT0xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwHk3AwQA
wbUhMA0GCSqGSIb3DQEBCwUAA4IBAQB0R3GfbrLLyqOoZ5ztfuKkyTr6cHlw7VMl
FR7Mq5HdkY3DJgVJ4ybHg6nswLZpCOc7I7l4co40wIaQ4igkzRRsiR3/EdhYl58q
liLpFioBGvdQorZwmV/VZ7JdO9uy4uqVrqlHE/PPfc9w9SVJoSYC5+kbJpgJqR1o
aSlDBmWk2aqDzHQ5DvLYPnQCuHnCkF74VNpesW9HwwPN/JvLTTjbJFPSLPiHKB5x
VPQxvm0gAw7jDTeUFE4X2sTg6dEwusj4TDSzO8ruqfxlwDpT2ig81orN7GA/UWs4
LjSfWh1hA6SjHjlcqusA6NAbBJWi4pYKw/sdb5v3G6sC+oxbeJiE
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:17:45 2025 by rpki-client