Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/549477-4a82-42bc-839e-4f9840defa1f/1/fzSlZWgW7_F4XyWVEMmZGMKv3c0.roa
File: fzSlZWgW7_F4XyWVEMmZGMKv3c0.roa (raw, json)
Hash identifier: RVqjmwZDTLJP9s0BQoNE8by4fqsbBMJ84X6m2nYibOk=
Subject key identifier: 7F:34:A5:65:68:16:EF:F1:78:5F:25:95:10:C9:99:18:C2:AF:DD:CD
Certificate issuer: /CN=d05a85c45bf53c3d88a76695aafebbd4aa77bbc1
Certificate serial: 018CC4930F13ABA74B1F0BA45CC25A1410BA
Authority key identifier: D0:5A:85:C4:5B:F5:3C:3D:88:A7:66:95:AA:FE:BB:D4:AA:77:BB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0FqFxFv1PD2Ip2aVqv671Kp3u8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/549477-4a82-42bc-839e-4f9840defa1f/1/fzSlZWgW7_F4XyWVEMmZGMKv3c0.roa
Signing time: Mon 01 Jan 2024 10:30:21 +0000
ROA not before: Mon 01 Jan 2024 10:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41071
IP address blocks: 185.88.116.0/23 maxlen: 23
185.88.116.0/22 maxlen: 22
185.88.118.0/23 maxlen: 23
2a05:ca40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/549477-4a82-42bc-839e-4f9840defa1f/1/0FqFxFv1PD2Ip2aVqv671Kp3u8E.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/549477-4a82-42bc-839e-4f9840defa1f/1/0FqFxFv1PD2Ip2aVqv671Kp3u8E.mft
rsync://rpki.ripe.net/repository/DEFAULT/0FqFxFv1PD2Ip2aVqv671Kp3u8E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:0f:13:ab:a7:4b:1f:0b:a4:5c:c2:5a:14:10:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d05a85c45bf53c3d88a76695aafebbd4aa77bbc1
Validity
Not Before: Jan 1 10:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f34a5656816eff1785f259510c99918c2afddcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:46:8f:96:7e:0c:d7:f6:7b:cd:1e:c7:db:c7:
f8:69:f8:da:3e:a2:8e:a6:17:35:2c:32:26:20:02:
86:1f:4c:d3:44:8e:97:3c:9e:65:e4:23:75:21:1c:
61:ca:5d:66:fb:39:26:39:a8:cf:e6:b7:af:43:7e:
a8:0a:f2:ea:08:f4:11:4b:33:a9:e1:57:bf:ea:3e:
79:6e:58:99:02:ee:54:1b:7b:0d:9b:40:f2:06:d6:
dd:10:98:88:ec:bb:33:47:01:d7:75:2d:f4:af:f7:
fc:1d:13:30:9f:72:d9:57:66:ba:f5:e8:33:18:70:
d7:f8:4a:97:08:92:dc:cc:2f:45:1e:b3:c9:e2:3e:
1f:23:6d:70:86:8e:61:92:19:07:9e:97:ea:d9:67:
b9:79:97:9a:fa:0f:b2:d2:ab:74:9e:d6:09:65:5f:
4c:e6:d4:3c:31:8e:9a:0f:07:4d:17:89:dc:68:a9:
80:81:41:3a:54:2c:33:bc:f0:d2:2c:47:d6:66:a7:
01:c1:2e:a8:b1:d9:93:b4:ab:b9:2c:5b:ad:ba:07:
88:e7:3e:dc:a2:d6:d3:76:01:54:6e:d2:ec:52:7f:
b2:59:b3:39:be:67:0d:ac:c0:17:80:e3:12:cb:5e:
34:cc:c0:b2:4f:1e:80:0c:09:be:bc:20:1d:07:0b:
9d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:34:A5:65:68:16:EF:F1:78:5F:25:95:10:C9:99:18:C2:AF:DD:CD
X509v3 Authority Key Identifier:
keyid:D0:5A:85:C4:5B:F5:3C:3D:88:A7:66:95:AA:FE:BB:D4:AA:77:BB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0FqFxFv1PD2Ip2aVqv671Kp3u8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/549477-4a82-42bc-839e-4f9840defa1f/1/fzSlZWgW7_F4XyWVEMmZGMKv3c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/549477-4a82-42bc-839e-4f9840defa1f/1/0FqFxFv1PD2Ip2aVqv671Kp3u8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.116.0/22
IPv6:
2a05:ca40::/29
Signature Algorithm: sha256WithRSAEncryption
7e:9b:b9:69:37:70:fa:a5:b5:70:73:1a:7a:aa:54:aa:ad:4a:
1f:3c:8d:94:ef:8f:c9:b5:7c:bc:46:7f:c7:82:64:d1:02:f5:
fb:6a:96:be:aa:e5:6e:0a:ea:d8:e9:6e:2b:6f:38:92:db:59:
45:b4:22:bd:2a:d8:48:7c:99:87:53:00:ca:86:b0:26:79:36:
b1:7b:5e:64:49:32:c6:da:ff:73:e0:fd:c5:de:a8:b7:eb:70:
b2:52:2e:38:5c:0a:fe:8f:11:53:ac:43:6f:3b:78:92:cf:3a:
b0:ed:aa:73:ee:d2:c4:20:3a:7e:14:9b:80:8d:85:90:4c:20:
ba:99:6f:e0:9b:57:cc:3c:b6:fa:2d:86:91:f8:01:10:0f:24:
e6:98:ae:2a:51:0e:b3:a3:85:0c:2e:0d:51:a0:8a:a7:11:7d:
dd:cf:b7:92:63:a7:b7:38:f2:b6:01:b8:0a:01:f7:72:ea:b2:
b3:ce:a2:b2:6a:73:c1:fd:76:d5:ae:d4:ef:96:2e:cf:f7:2a:
0a:1b:42:a2:d2:3c:69:64:2a:8f:ab:99:c4:37:19:7c:1c:b3:
24:b4:1d:68:63:f2:bd:fe:7e:db:8d:25:2b:3d:5a:a4:b7:d0:
0f:42:8b:94:62:dd:db:14:bf:bc:e2:12:39:3c:15:1a:62:e0:
7d:34:8c:0c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEkw8Tq6dLHwukXMJaFBC6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNWE4NWM0NWJmNTNjM2Q4OGE3NjY5NWFhZmViYmQ0YWE3
N2JiYzEwHhcNMjQwMTAxMTAzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjM0YTU2NTY4MTZlZmYxNzg1ZjI1OTUxMGM5OTkxOGMyYWZkZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUaPln4M1/Z7zR7H28f4afjaPqKO
phc1LDImIAKGH0zTRI6XPJ5l5CN1IRxhyl1m+zkmOajP5revQ36oCvLqCPQRSzOp
4Ve/6j55bliZAu5UG3sNm0DyBtbdEJiI7LszRwHXdS30r/f8HRMwn3LZV2a69egz
GHDX+EqXCJLczC9FHrPJ4j4fI21who5hkhkHnpfq2We5eZea+g+y0qt0ntYJZV9M
5tQ8MY6aDwdNF4ncaKmAgUE6VCwzvPDSLEfWZqcBwS6osdmTtKu5LFutugeI5z7c
otbTdgFUbtLsUn+yWbM5vmcNrMAXgOMSy140zMCyTx6ADAm+vCAdBwudLwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH80pWVoFu/xeF8llRDJmRjCr93NMB8GA1UdIwQY
MBaAFNBahcRb9Tw9iKdmlar+u9Sqd7vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEZxRnhGdjFQRDJJcDJhVnF2NjcxS3AzdThFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81NDk0NzctNGE4Mi00MmJjLTgzOWUt
NGY5ODQwZGVmYTFmLzEvZnpTbFpXZ1c3X0Y0WHlXVkVNbVpHTUt2M2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81NDk0NzctNGE4Mi00MmJjLTgzOWUtNGY5ODQwZGVmYTFm
LzEvMEZxRnhGdjFQRDJJcDJhVnF2NjcxS3AzdThFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVh0MA0E
AgACMAcDBQMqBcpAMA0GCSqGSIb3DQEBCwUAA4IBAQB+m7lpN3D6pbVwcxp6qlSq
rUofPI2U74/JtXy8Rn/HgmTRAvX7apa+quVuCurY6W4rbziS21lFtCK9KthIfJmH
UwDKhrAmeTaxe15kSTLG2v9z4P3F3qi363CyUi44XAr+jxFTrENvO3iSzzqw7apz
7tLEIDp+FJuAjYWQTCC6mW/gm1fMPLb6LYaR+AEQDyTmmK4qUQ6zo4UMLg1RoIqn
EX3dz7eSY6e3OPK2AbgKAfdy6rKzzqKyanPB/XbVrtTvli7P9yoKG0Ki0jxpZCqP
q5nENxl8HLMktB1oY/K9/n7bjSUrPVqkt9APQouUYt3bFL+84hI5PBUaYuB9NIwM
-----END CERTIFICATE-----
Generated at Sat Jun 22 09:01:12 2024 by rpki-client on console-ams.rpki-client.org