Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/w3CqmE4Mx0IhAXA5JnORZt0r7sI.roa
File: w3CqmE4Mx0IhAXA5JnORZt0r7sI.roa (raw, json)
Hash identifier: kcMqlgS6/WaOGko/MRqDhEp85DkUSe+XKgBfRdcQAA4=
Subject key identifier: C3:70:AA:98:4E:0C:C7:42:21:01:70:39:26:73:91:66:DD:2B:EE:C2
Certificate issuer: /CN=3b5c2467546f4b078a0224da1ccac5c287e93453
Certificate serial: 018FFCFB701092C1CAE946DC4F14A1521243
Authority key identifier: 3B:5C:24:67:54:6F:4B:07:8A:02:24:DA:1C:CA:C5:C2:87:E9:34:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O1wkZ1RvSweKAiTaHMrFwofpNFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/w3CqmE4Mx0IhAXA5JnORZt0r7sI.roa
Signing time: Sun 09 Jun 2024 12:31:27 +0000
ROA not before: Sun 09 Jun 2024 12:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210392
IP address blocks: 88.135.33.0/24 maxlen: 24
88.135.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/O1wkZ1RvSweKAiTaHMrFwofpNFM.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/O1wkZ1RvSweKAiTaHMrFwofpNFM.mft
rsync://rpki.ripe.net/repository/DEFAULT/O1wkZ1RvSweKAiTaHMrFwofpNFM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:fc:fb:70:10:92:c1:ca:e9:46:dc:4f:14:a1:52:12:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b5c2467546f4b078a0224da1ccac5c287e93453
Validity
Not Before: Jun 9 12:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c370aa984e0cc7422101703926739166dd2beec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:36:8f:d7:8c:8e:bf:bd:15:66:05:83:70:a4:
40:93:34:41:99:9f:a5:d7:a1:9a:13:4d:bd:d0:95:
0e:9f:f9:d1:4f:42:c3:cb:4c:a4:d7:92:b0:d2:b2:
7e:eb:e3:3e:a4:3d:7d:c3:76:72:75:ff:2b:ac:f6:
5c:d5:eb:ec:18:d7:c6:26:8d:04:9f:0e:96:e8:70:
36:e1:33:0e:ff:61:1f:9c:04:50:eb:52:f9:1f:bd:
c5:52:78:07:ac:28:6a:71:81:9e:0d:3c:58:bf:82:
77:0e:af:e6:1a:41:b0:66:72:59:d9:77:b9:04:dd:
1e:f2:20:ee:c8:ef:29:20:d7:92:07:33:ec:ad:d1:
0b:7b:b0:9e:89:5c:8c:a5:8b:c1:1c:0e:c3:e7:86:
ad:58:2d:ac:ca:c2:22:79:fe:04:96:30:b3:f7:e1:
21:0d:c4:3b:0a:78:f5:f2:07:bb:cc:87:41:e5:4b:
55:47:35:55:2d:68:a3:2f:13:7f:22:25:d3:d6:eb:
9a:8a:70:d9:c9:54:13:3d:18:70:cc:84:ba:f1:12:
ca:08:97:b3:e1:6f:1c:e7:f0:b1:5c:48:0a:94:06:
9a:7c:34:23:97:8e:0b:92:fb:97:d3:c1:df:c2:9f:
81:3c:99:d5:99:e4:21:af:2c:57:b6:33:07:dc:e3:
1a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:70:AA:98:4E:0C:C7:42:21:01:70:39:26:73:91:66:DD:2B:EE:C2
X509v3 Authority Key Identifier:
keyid:3B:5C:24:67:54:6F:4B:07:8A:02:24:DA:1C:CA:C5:C2:87:E9:34:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1wkZ1RvSweKAiTaHMrFwofpNFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/w3CqmE4Mx0IhAXA5JnORZt0r7sI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/O1wkZ1RvSweKAiTaHMrFwofpNFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.33.0/24
88.135.35.0/24
Signature Algorithm: sha256WithRSAEncryption
01:31:29:ef:e5:c9:b7:06:4a:f0:d6:53:30:73:0f:e1:52:73:
f7:fe:7d:90:cd:4d:d9:94:aa:0d:5f:e3:ef:5c:69:e3:e6:6b:
30:0a:ce:96:26:6b:bd:70:65:a6:43:31:b4:39:40:b6:8b:bc:
66:73:b2:57:3f:c2:c6:86:fe:8b:51:49:04:cb:94:01:b7:7c:
49:08:5e:d8:d6:90:71:f8:38:a5:53:e1:cd:4e:67:d3:bc:77:
b7:ad:1b:0f:68:80:d3:43:9e:39:ee:5e:46:b2:c3:68:ad:11:
61:68:5d:6e:1e:9a:86:c5:af:52:d4:cf:63:af:41:c0:ff:da:
c8:00:e9:e1:db:93:58:d6:60:15:61:3b:fe:df:80:16:4b:c7:
2c:e4:c5:c7:f1:15:55:d3:0a:1c:aa:77:2c:47:58:64:bb:50:
3a:45:69:15:d3:7b:7d:c2:b4:31:14:97:44:48:f0:8f:5f:68:
d5:fc:8a:16:aa:99:91:a0:f7:bf:1f:f9:24:37:b5:96:2a:b2:
a7:08:5c:00:9f:59:05:fc:b9:6f:d4:f6:89:bd:e5:3b:1b:3c:
f7:af:d1:40:54:92:e4:30:ff:23:4d:ba:a0:e2:34:76:84:62:
72:16:3f:e7:03:65:57:47:1c:be:a7:2e:04:94:80:b3:22:38:
a7:61:fa:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/8+3AQksHK6UbcTxShUhJDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNWMyNDY3NTQ2ZjRiMDc4YTAyMjRkYTFjY2FjNWMyODdl
OTM0NTMwHhcNMjQwNjA5MTIzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzcwYWE5ODRlMGNjNzQyMjEwMTcwMzkyNjczOTE2NmRkMmJlZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTaP14yOv70VZgWDcKRAkzRBmZ+l
16GaE0290JUOn/nRT0LDy0yk15Kw0rJ+6+M+pD19w3Zydf8rrPZc1evsGNfGJo0E
nw6W6HA24TMO/2EfnARQ61L5H73FUngHrChqcYGeDTxYv4J3Dq/mGkGwZnJZ2Xe5
BN0e8iDuyO8pINeSBzPsrdELe7CeiVyMpYvBHA7D54atWC2sysIief4EljCz9+Eh
DcQ7Cnj18ge7zIdB5UtVRzVVLWijLxN/IiXT1uuainDZyVQTPRhwzIS68RLKCJez
4W8c5/CxXEgKlAaafDQjl44LkvuX08Hfwp+BPJnVmeQhryxXtjMH3OMaOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMNwqphODMdCIQFwOSZzkWbdK+7CMB8GA1UdIwQY
MBaAFDtcJGdUb0sHigIk2hzKxcKH6TRTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzF3a1oxUnZTd2VLQWlUYUhNckZ3b2ZwTkZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iNThkOTQtYjU2NC00ZDQ5LWE4ZmQt
NWMwOTZhODdiYjA3LzEvdzNDcW1FNE14MEloQVhBNUpuT1JadDByN3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iNThkOTQtYjU2NC00ZDQ5LWE4ZmQtNWMwOTZhODdiYjA3
LzEvTzF3a1oxUnZTd2VLQWlUYUhNckZ3b2ZwTkZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWIchAwQA
WIcjMA0GCSqGSIb3DQEBCwUAA4IBAQABMSnv5cm3Bkrw1lMwcw/hUnP3/n2QzU3Z
lKoNX+PvXGnj5mswCs6WJmu9cGWmQzG0OUC2i7xmc7JXP8LGhv6LUUkEy5QBt3xJ
CF7Y1pBx+DilU+HNTmfTvHe3rRsPaIDTQ5457l5GssNorRFhaF1uHpqGxa9S1M9j
r0HA/9rIAOnh25NY1mAVYTv+34AWS8cs5MXH8RVV0wocqncsR1hku1A6RWkV03t9
wrQxFJdESPCPX2jV/IoWqpmRoPe/H/kkN7WWKrKnCFwAn1kF/Llv1PaJveU7Gzz3
r9FAVJLkMP8jTbqg4jR2hGJyFj/nA2VXRxy+py4ElICzIjinYfoM
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:03:58 2024 by rpki-client on console-fra.rpki-client.org