Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vKHq0GIVPxZbzrRy1AqDAf7xtAc.roa
File: vKHq0GIVPxZbzrRy1AqDAf7xtAc.roa (raw, json)
Hash identifier: nVLp5F9/fR81JaB1lV/6+Rv8d2edo/VbsD88CYj7veM=
Subject key identifier: BC:A1:EA:D0:62:15:3F:16:5B:CE:B4:72:D4:0A:83:01:FE:F1:B4:07
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019427485093C603FACC1CD369DF63F2955C
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vKHq0GIVPxZbzrRy1AqDAf7xtAc.roa
Signing time: Thu 02 Jan 2025 13:50:38 +0000
ROA not before: Thu 02 Jan 2025 13:50:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35790
IP address blocks: 192.176.52.0/22 maxlen: 24
193.180.88.0/22 maxlen: 24
193.234.40.0/22 maxlen: 24
194.103.104.0/22 maxlen: 24
194.103.108.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:50:93:c6:03:fa:cc:1c:d3:69:df:63:f2:95:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bca1ead062153f165bceb472d40a8301fef1b407
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e8:ce:30:c9:33:e1:60:bf:8d:1b:7b:01:25:
b5:bb:b5:1c:77:06:e6:24:7c:7c:1d:71:cf:5b:76:
9c:d9:87:46:71:41:c6:7d:4a:b0:3c:56:82:eb:92:
c1:8a:4a:d7:91:51:c0:16:b3:ce:2e:93:43:a4:9f:
ea:55:d8:a7:00:63:7d:66:8b:09:5a:ce:6b:df:4b:
bc:66:7c:13:26:56:fc:bd:a4:48:ec:6d:aa:cf:21:
dc:c2:20:d5:12:44:41:ad:86:7a:b6:cf:df:95:27:
08:4d:f5:98:f2:db:bc:9d:87:cc:88:62:41:a9:3d:
f8:43:cb:9e:88:1c:b6:af:d9:93:9b:82:d9:64:d7:
24:7d:f1:4f:46:d6:0e:6e:08:c5:ee:96:ac:a1:87:
42:f7:30:d8:07:8c:87:bf:11:d6:d7:2f:15:8f:38:
01:ea:8b:b7:35:83:4f:fc:ef:b8:95:1f:3e:74:84:
e9:bf:c4:3a:96:18:90:91:58:cf:f2:23:2b:2e:31:
6f:f2:00:d1:a7:63:cc:8b:e9:64:6f:86:25:03:2f:
0a:e5:49:9b:be:b9:1c:a5:f6:49:c7:45:c6:48:f0:
bd:c0:75:a9:70:86:45:a4:d7:25:a3:21:f2:e8:df:
08:a2:91:06:07:d8:fd:fb:77:a4:38:5b:ab:ef:e4:
b8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A1:EA:D0:62:15:3F:16:5B:CE:B4:72:D4:0A:83:01:FE:F1:B4:07
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vKHq0GIVPxZbzrRy1AqDAf7xtAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.176.52.0/22
193.180.88.0/22
193.234.40.0/22
194.103.104.0/21
Signature Algorithm: sha256WithRSAEncryption
50:d5:ed:5c:76:49:73:11:ae:ec:f7:e0:18:cb:1d:24:f4:25:
cc:70:0c:a8:03:ca:e5:0a:b0:98:82:c6:c4:03:4c:e5:8e:c0:
37:dc:61:4f:a2:ba:a7:5f:eb:bb:00:9c:4f:ba:20:94:b8:f0:
00:74:28:f7:18:27:23:b4:8d:58:57:c7:8a:f1:7c:fe:f3:56:
c1:82:a2:f3:75:72:3d:98:4c:ee:3a:b3:b2:0d:26:d5:09:24:
29:42:b4:fe:c6:24:5f:09:e6:2e:44:49:ed:32:04:88:7f:4e:
9c:21:e6:9c:50:72:90:d9:1e:93:ec:77:40:0f:34:ed:ee:31:
5e:46:ba:5e:b5:f7:4c:b8:52:e9:eb:44:3d:3e:2c:14:a0:2a:
d4:82:91:36:06:fb:31:86:d5:a7:51:2e:97:1f:a0:ea:31:0e:
de:b8:28:71:1e:6b:97:ba:3f:33:28:1a:20:af:a1:2a:55:e5:
bb:8a:08:1f:dd:a5:c8:92:4f:07:5d:0f:92:41:e4:6f:ec:b3:
08:65:c3:76:cd:72:b4:3c:b0:36:f4:89:21:a9:1d:61:7b:00:
c6:e7:b7:40:0e:94:b1:f9:49:b8:62:72:aa:ae:9a:2f:99:97:
d9:34:04:07:12:39:d8:a4:9d:7c:40:7b:04:3a:e7:c6:6f:ce:
93:88:16:03
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnSFCTxgP6zBzTad9j8pVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2ExZWFkMDYyMTUzZjE2NWJjZWI0NzJkNDBhODMwMWZlZjFiNDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OjOMMkz4WC/jRt7ASW1u7Ucdwbm
JHx8HXHPW3ac2YdGcUHGfUqwPFaC65LBikrXkVHAFrPOLpNDpJ/qVdinAGN9ZosJ
Ws5r30u8ZnwTJlb8vaRI7G2qzyHcwiDVEkRBrYZ6ts/flScITfWY8tu8nYfMiGJB
qT34Q8ueiBy2r9mTm4LZZNckffFPRtYObgjF7pasoYdC9zDYB4yHvxHW1y8VjzgB
6ou3NYNP/O+4lR8+dITpv8Q6lhiQkVjP8iMrLjFv8gDRp2PMi+lkb4YlAy8K5Umb
vrkcpfZJx0XGSPC9wHWpcIZFpNcloyHy6N8IopEGB9j9+3ekOFur7+S4OQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLyh6tBiFT8WW860ctQKgwH+8bQHMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvdktIcTBHSVZQeFpienJSeTFBcURBZjd4dEFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCwLA0AwQC
wbRYAwQCweooAwQDwmdoMA0GCSqGSIb3DQEBCwUAA4IBAQBQ1e1cdklzEa7s9+AY
yx0k9CXMcAyoA8rlCrCYgsbEA0zljsA33GFPorqnX+u7AJxPuiCUuPAAdCj3GCcj
tI1YV8eK8Xz+81bBgqLzdXI9mEzuOrOyDSbVCSQpQrT+xiRfCeYuREntMgSIf06c
IeacUHKQ2R6T7HdADzTt7jFeRrpetfdMuFLp60Q9PiwUoCrUgpE2BvsxhtWnUS6X
H6DqMQ7euChxHmuXuj8zKBogr6EqVeW7iggf3aXIkk8HXQ+SQeRv7LMIZcN2zXK0
PLA29IkhqR1hewDG57dADpSx+Um4YnKqrpovmZfZNAQHEjnYpJ18QHsEOufGb86T
iBYD
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:06 2025 by rpki-client