Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/u2Z1R8T1bbpJK0H2v0kvqbozIsE.roa
File: u2Z1R8T1bbpJK0H2v0kvqbozIsE.roa (raw, json)
Hash identifier: yORJ5nHPRftRw1xXXKketG1j8Qdp5hwz1jIYw/2a6cc=
Subject key identifier: BB:66:75:47:C4:F5:6D:BA:49:2B:41:F6:BF:49:2F:A9:BA:33:22:C1
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194274887B7CCA8FCD098AE06DD1F59A07C
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/u2Z1R8T1bbpJK0H2v0kvqbozIsE.roa
Signing time: Thu 02 Jan 2025 13:50:52 +0000
ROA not before: Thu 02 Jan 2025 13:50:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395189
IP address blocks: 194.68.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:87:b7:cc:a8:fc:d0:98:ae:06:dd:1f:59:a0:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb667547c4f56dba492b41f6bf492fa9ba3322c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b7:84:0b:81:54:4a:94:fc:22:38:25:ac:52:
05:3c:ee:a8:7a:78:d8:92:f7:0d:ea:38:8e:61:76:
db:16:8e:b1:73:ca:1f:82:06:69:07:b3:fb:d6:34:
11:b2:27:d3:e5:14:04:21:b1:4f:46:e6:3e:99:87:
ba:81:d4:f1:65:12:31:41:33:67:f4:7c:65:d0:fd:
6d:ca:e5:39:3f:45:d6:16:e0:00:c6:14:01:b3:be:
03:b0:35:3c:91:7f:48:ed:e5:69:9d:22:be:d6:e6:
bc:8b:80:e2:0f:03:40:1e:fc:85:49:ed:85:eb:0b:
a7:96:47:d4:20:f4:c1:83:6d:06:6f:43:8a:b1:69:
68:6a:d3:a8:ce:e9:7d:63:18:ea:d6:be:9f:1a:8b:
e0:62:07:27:ab:d1:cc:c1:a1:cd:59:9c:48:77:ad:
77:8f:02:ec:17:ac:55:05:f8:f7:16:b6:da:25:ff:
cb:c1:9e:cf:e6:06:17:b8:2b:86:2f:69:ae:fb:ab:
b4:00:67:a7:ad:d2:52:a2:45:7a:6a:0f:ff:eb:40:
cb:36:42:0b:99:14:6b:7e:c9:f4:e5:cc:f4:d9:2e:
19:2b:b7:07:fb:f4:0a:a5:75:89:17:fb:14:60:ef:
c9:6f:27:3e:6a:5b:63:68:b8:f4:56:39:7e:01:aa:
66:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:66:75:47:C4:F5:6D:BA:49:2B:41:F6:BF:49:2F:A9:BA:33:22:C1
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/u2Z1R8T1bbpJK0H2v0kvqbozIsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.68.36.0/24
Signature Algorithm: sha256WithRSAEncryption
88:de:e9:67:4d:98:cc:73:85:e8:e3:1b:48:da:7a:ce:82:37:
4b:de:19:a2:3f:cc:b7:ba:62:da:65:4f:51:8f:7f:07:8e:bd:
3a:f7:22:42:90:4b:ad:17:fc:df:5f:db:26:dd:67:1d:35:a0:
58:11:71:04:8f:90:00:ac:2c:73:e2:d5:ae:fd:a3:09:b1:26:
ce:be:1b:b6:89:2f:bd:f9:71:ee:7e:38:b0:a8:a6:a5:10:40:
62:b2:0f:1a:5c:bc:41:c9:a3:1e:36:2e:e7:69:82:92:3d:6a:
7a:06:66:6f:10:14:ec:39:b0:b1:5b:bf:f7:2c:1b:b1:d4:78:
5c:fc:48:9a:66:89:5b:0f:25:14:2e:54:df:8b:ed:70:83:dd:
e3:95:cd:35:d5:86:52:55:75:b8:d1:54:f0:fc:74:b4:67:04:
20:40:a6:2a:6e:8a:c4:95:bf:07:50:26:38:c8:8e:71:a7:1e:
83:f9:cc:39:00:38:56:66:2b:80:73:60:62:78:2d:cb:66:dc:
f7:cf:9a:5c:3c:3f:8b:d8:51:cf:4b:10:2f:d0:7c:64:44:d6:
9a:6e:9c:e8:86:57:04:06:c7:99:b1:67:72:9f:4f:d1:6b:79:
03:2e:60:d9:38:d4:d5:1a:f7:5a:c0:f6:bc:a8:8f:6e:1e:5b:
fb:d4:f7:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSIe3zKj80JiuBt0fWaB8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjY2NzU0N2M0ZjU2ZGJhNDkyYjQxZjZiZjQ5MmZhOWJhMzMyMmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbeEC4FUSpT8IjglrFIFPO6oenjY
kvcN6jiOYXbbFo6xc8ofggZpB7P71jQRsifT5RQEIbFPRuY+mYe6gdTxZRIxQTNn
9Hxl0P1tyuU5P0XWFuAAxhQBs74DsDU8kX9I7eVpnSK+1ua8i4DiDwNAHvyFSe2F
6wunlkfUIPTBg20Gb0OKsWloatOozul9Yxjq1r6fGovgYgcnq9HMwaHNWZxId613
jwLsF6xVBfj3FrbaJf/LwZ7P5gYXuCuGL2mu+6u0AGenrdJSokV6ag//60DLNkIL
mRRrfsn05cz02S4ZK7cH+/QKpXWJF/sUYO/Jbyc+altjaLj0Vjl+AapmywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtmdUfE9W26SStB9r9JL6m6MyLBMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvdTJaMVI4VDFiYnBKSzBIMnYwa3ZxYm96SXNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkQkMA0G
CSqGSIb3DQEBCwUAA4IBAQCI3ulnTZjMc4Xo4xtI2nrOgjdL3hmiP8y3umLaZU9R
j38Hjr069yJCkEutF/zfX9sm3WcdNaBYEXEEj5AArCxz4tWu/aMJsSbOvhu2iS+9
+XHufjiwqKalEEBisg8aXLxByaMeNi7naYKSPWp6BmZvEBTsObCxW7/3LBux1Hhc
/EiaZolbDyUULlTfi+1wg93jlc011YZSVXW40VTw/HS0ZwQgQKYqborElb8HUCY4
yI5xpx6D+cw5ADhWZiuAc2BieC3LZtz3z5pcPD+L2FHPSxAv0HxkRNaabpzohlcE
BseZsWdyn0/Ra3kDLmDZONTVGvdawPa8qI9uHlv71PeE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:05 2025 by rpki-client