Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vNY81ktdcel23dUqaZkJvtR1tZA.roa
File: vNY81ktdcel23dUqaZkJvtR1tZA.roa (raw, json)
Hash identifier: odKuU+zn0LtbEHYLZhWuDpuGUf9xQlnwy7Up1w1oVYU=
Subject key identifier: BC:D6:3C:D6:4B:5D:71:E9:76:DD:D5:2A:69:99:09:BE:D4:75:B5:90
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194274871F3781FD3EF1BB772893E439479
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vNY81ktdcel23dUqaZkJvtR1tZA.roa
Signing time: Thu 02 Jan 2025 13:50:46 +0000
ROA not before: Thu 02 Jan 2025 13:50:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203426
IP address blocks: 193.235.52.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:71:f3:78:1f:d3:ef:1b:b7:72:89:3e:43:94:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bcd63cd64b5d71e976ddd52a699909bed475b590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:64:38:a5:a9:17:c2:91:8e:3b:c0:fd:cf:09:
16:67:c4:13:30:c5:4c:0f:2a:a6:f0:ff:0e:51:a9:
5e:81:4e:8f:ac:42:0a:da:9d:74:b8:de:f3:4a:2e:
07:59:7e:1c:ce:ee:21:ec:a3:85:ac:31:92:cf:cb:
84:97:d2:69:f0:c8:79:cd:d2:39:da:50:0c:fc:0c:
fc:f8:b2:09:02:8a:78:07:fc:9a:6c:35:59:6f:00:
db:91:d6:06:39:a9:47:90:67:35:3d:86:53:9d:30:
86:1e:ab:82:8f:30:62:1d:cc:dc:d3:c3:11:ce:f5:
dd:83:c4:24:4f:1f:eb:71:ba:8a:c9:18:42:87:8a:
dd:2e:97:45:91:a0:5d:0c:7f:e8:b3:0c:65:57:4a:
bc:88:39:c9:22:6e:1e:0a:f7:55:fc:0f:4c:ad:a0:
3f:99:30:f9:1a:4f:5b:6f:21:da:4d:ab:7d:e6:89:
2b:f4:3e:24:ed:ad:2f:3d:5b:cc:e6:b9:df:19:bd:
d9:3a:39:6f:8d:74:52:72:e0:ea:5f:5d:24:e9:73:
78:a5:f1:d9:1b:ad:69:87:26:b2:9d:29:f4:1d:06:
eb:f1:2a:46:54:d4:03:ea:bf:86:b8:1a:56:e9:4f:
6d:40:36:e7:4e:1e:04:3c:7b:03:61:26:b9:6f:70:
f6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:D6:3C:D6:4B:5D:71:E9:76:DD:D5:2A:69:99:09:BE:D4:75:B5:90
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vNY81ktdcel23dUqaZkJvtR1tZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.235.52.0/23
Signature Algorithm: sha256WithRSAEncryption
03:39:d1:87:75:e0:78:8f:38:04:89:88:d3:0d:d9:90:04:6b:
2f:5c:8f:d4:d0:4f:c9:62:77:c1:64:63:3c:dd:01:e3:17:39:
08:c9:fa:b0:1a:3d:a9:de:71:5b:45:a4:fc:c9:71:19:21:ed:
0b:d4:46:41:f5:0e:5d:2d:50:ba:05:36:1a:78:bb:4e:df:86:
b8:8b:c5:b6:6d:aa:eb:31:aa:54:77:f8:74:81:5a:c4:2a:a6:
0c:8f:3e:96:d5:84:b8:8c:e7:21:6e:e4:03:64:0a:05:ed:7e:
e2:e7:f0:7c:ff:06:e1:42:25:eb:83:e7:27:cb:22:84:00:04:
e8:81:6a:ad:cb:7f:e6:16:2d:75:eb:7c:64:56:51:cf:6f:20:
3b:08:90:e8:a6:b3:be:51:ed:a5:9d:c5:c7:1e:f0:7c:7a:65:
0a:f7:80:cb:66:9d:ac:12:13:32:a0:7c:37:53:64:e7:97:82:
a0:a4:f9:85:d4:d2:65:89:26:0d:5c:b6:30:f6:74:82:7a:6a:
19:b8:ef:5e:81:48:c7:dc:66:e4:76:bd:07:c6:1b:89:37:e4:
e9:00:91:6e:a0:54:e7:3a:11:ae:3d:ea:53:21:58:fb:be:0b:
55:4e:97:a7:f8:70:4c:8a:93:fd:81:a2:87:cd:19:86:41:18:
b9:d8:e0:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSHHzeB/T7xu3cok+Q5R5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2Q2M2NkNjRiNWQ3MWU5NzZkZGQ1MmE2OTk5MDliZWQ0NzViNTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWQ4pakXwpGOO8D9zwkWZ8QTMMVM
Dyqm8P8OUalegU6PrEIK2p10uN7zSi4HWX4czu4h7KOFrDGSz8uEl9Jp8Mh5zdI5
2lAM/Az8+LIJAop4B/yabDVZbwDbkdYGOalHkGc1PYZTnTCGHquCjzBiHczc08MR
zvXdg8QkTx/rcbqKyRhCh4rdLpdFkaBdDH/oswxlV0q8iDnJIm4eCvdV/A9MraA/
mTD5Gk9bbyHaTat95okr9D4k7a0vPVvM5rnfGb3ZOjlvjXRScuDqX10k6XN4pfHZ
G61phyaynSn0HQbr8SpGVNQD6r+GuBpW6U9tQDbnTh4EPHsDYSa5b3D27QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLzWPNZLXXHpdt3VKmmZCb7UdbWQMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvdk5ZODFrdGRjZWwyM2RVcWFaa0p2dFIxdFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwes0MA0G
CSqGSIb3DQEBCwUAA4IBAQADOdGHdeB4jzgEiYjTDdmQBGsvXI/U0E/JYnfBZGM8
3QHjFzkIyfqwGj2p3nFbRaT8yXEZIe0L1EZB9Q5dLVC6BTYaeLtO34a4i8W2barr
MapUd/h0gVrEKqYMjz6W1YS4jOchbuQDZAoF7X7i5/B8/wbhQiXrg+cnyyKEAATo
gWqty3/mFi1163xkVlHPbyA7CJDoprO+Ue2lncXHHvB8emUK94DLZp2sEhMyoHw3
U2Tnl4KgpPmF1NJliSYNXLYw9nSCemoZuO9egUjH3Gbkdr0HxhuJN+TpAJFuoFTn
OhGuPepTIVj7vgtVTpen+HBMipP9gaKHzRmGQRi52OCe
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:33 2025 by rpki-client