Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/OqobHIZLFLbZk0OR9E-PF1zk1Lw.roa
File: OqobHIZLFLbZk0OR9E-PF1zk1Lw.roa (raw, json)
Hash identifier: Op02L+M19/z5j79qbmcRNqPT6icOYzM0VJzQXj5mmv8=
Subject key identifier: 3A:AA:1B:1C:86:4B:14:B6:D9:93:43:91:F4:4F:8F:17:5C:E4:D4:BC
Certificate issuer: /CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Certificate serial: 019424B3BE6F6CC8551FFA9DA04DE2B33CB9
Authority key identifier: 32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/OqobHIZLFLbZk0OR9E-PF1zk1Lw.roa
Signing time: Thu 02 Jan 2025 01:49:06 +0000
ROA not before: Thu 02 Jan 2025 01:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210025
IP address blocks: 88.218.207.0/24 maxlen: 24
2a09:b280::/48 maxlen: 48
2a09:b280:1000::/48 maxlen: 48
2a09:b280:1010::/48 maxlen: 48
2a09:b280:1020::/48 maxlen: 48
2a09:b280:1030::/48 maxlen: 48
2a09:b280:1100::/47 maxlen: 47
2a09:b280:ccc0::/48 maxlen: 48
2a09:b280:ccc1::/48 maxlen: 48
2a09:b280:cccc::/48 maxlen: 48
2a09:b280:ffb0::/48 maxlen: 48
2a09:b280:ffb1::/48 maxlen: 48
2a09:b280:ffb2::/48 maxlen: 48
2a09:b280:ffb5::/48 maxlen: 48
2a09:b280:ffb7::/48 maxlen: 48
2a09:b280:ffb8::/48 maxlen: 48
2a09:b280:ffb9::/48 maxlen: 48
2a09:b280:ffba::/48 maxlen: 48
2a09:b280:ffbb::/48 maxlen: 48
2a09:b280:ffbc::/48 maxlen: 48
2a09:b280:ffbd::/48 maxlen: 48
2a09:b280:ffbe::/48 maxlen: 48
2a09:b280:ffbf::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/MlCPt4HKbb2CIfLC-VSjp0RrK0I.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/MlCPt4HKbb2CIfLC-VSjp0RrK0I.mft
rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 04:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:be:6f:6c:c8:55:1f:fa:9d:a0:4d:e2:b3:3c:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Validity
Not Before: Jan 2 01:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3aaa1b1c864b14b6d9934391f44f8f175ce4d4bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ae:7e:d0:a2:ac:b3:df:80:c6:97:91:10:a3:
d2:af:3e:82:6c:6c:da:55:2a:69:ca:e1:7b:72:f1:
e8:ca:c4:12:32:ab:f2:56:92:8e:ef:51:90:3f:ea:
b2:5e:ca:cd:6b:d4:36:9a:4b:cf:36:63:ea:ff:88:
84:1e:6a:ce:95:5b:06:52:3d:84:6b:3a:4a:af:d2:
03:bc:8a:21:fb:0e:94:5b:ca:f7:2e:13:6d:4d:1a:
42:b6:49:cc:d8:80:0d:20:c9:0a:9a:cb:78:96:1f:
85:ae:77:61:d7:d6:1b:6d:44:ea:e1:ab:c8:3a:fc:
30:d2:ff:84:42:ea:5a:3f:63:79:af:0c:e3:f3:47:
e6:f8:8e:af:4a:18:28:56:fd:fa:93:e0:56:fd:a1:
c2:e6:14:92:77:4a:65:ef:0b:6e:55:62:4c:64:86:
26:72:e7:d2:7c:8c:94:fe:81:fb:fd:37:ed:94:fe:
e6:8c:84:ab:b9:3b:00:67:5b:35:89:fb:17:fb:f8:
03:82:ea:e0:f3:79:11:15:01:b7:84:ec:9c:27:05:
c0:d6:3b:ef:8a:f0:c2:de:15:5d:da:4a:d9:12:af:
4b:c1:a8:b0:6e:98:9f:31:13:a1:b5:d5:f9:97:bc:
f6:63:21:f7:29:b9:c1:c3:dc:d9:34:65:14:2b:43:
a4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:AA:1B:1C:86:4B:14:B6:D9:93:43:91:F4:4F:8F:17:5C:E4:D4:BC
X509v3 Authority Key Identifier:
keyid:32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/OqobHIZLFLbZk0OR9E-PF1zk1Lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/MlCPt4HKbb2CIfLC-VSjp0RrK0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.207.0/24
IPv6:
2a09:b280::/48
2a09:b280:1000::/48
2a09:b280:1010::/48
2a09:b280:1020::/48
2a09:b280:1030::/48
2a09:b280:1100::/47
2a09:b280:ccc0::/47
2a09:b280:cccc::/48
2a09:b280:ffb0::-2a09:b280:ffb2:ffff:ffff:ffff:ffff:ffff
2a09:b280:ffb5::/48
2a09:b280:ffb7::-2a09:b280:ffbf:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
32:75:7c:91:3f:1b:d9:1e:9f:48:6f:46:79:14:68:fc:8a:fd:
96:4f:bb:4d:8f:1e:70:2d:22:0d:02:34:f9:08:20:9e:ff:07:
28:bb:19:d8:b1:8b:2f:a9:65:75:5f:38:6c:07:65:6f:a6:eb:
9c:e6:d2:8b:f9:df:45:2f:38:ad:1f:21:ae:9d:5b:7d:38:3c:
04:02:1b:b6:cf:19:30:d7:83:fb:fb:d2:95:42:47:d8:a8:92:
a2:28:65:24:a4:d2:8b:22:1d:59:56:ea:01:ef:53:5c:f1:55:
72:76:cc:cd:d0:bf:54:da:65:42:a5:06:5b:5d:6c:b1:08:30:
fe:03:62:85:89:88:e8:a1:64:43:8d:75:f9:d3:c7:32:eb:e4:
61:2d:a2:c5:79:b1:eb:1b:74:ca:fe:75:57:d2:c2:d2:0d:87:
68:73:ed:0a:d9:f8:c3:66:9a:94:77:61:f9:0b:d4:dd:a7:b6:
b2:c3:6f:55:9e:2b:d4:40:61:5f:86:7f:87:70:87:97:1c:63:
c8:8c:41:6a:73:24:18:74:e1:8c:74:92:65:64:d9:c1:0e:c5:
02:0f:d4:13:43:7f:e4:99:dc:d9:c4:ce:72:1c:64:8d:00:5e:
8d:10:b7:57:d7:30:64:cf:ac:20:cc:4f:e9:ef:17:83:27:a6:
ea:57:1c:39
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAZQks75vbMhVH/qdoE3iszy5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTA4ZmI3ODFjYTZkYmQ4MjIxZjJjMmY5NTRhM2E3NDQ2
YjJiNDIwHhcNMjUwMTAyMDE0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWFhMWIxYzg2NGIxNGI2ZDk5MzQzOTFmNDRmOGYxNzVjZTRkNGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAya5+0KKss9+AxpeREKPSrz6CbGza
VSppyuF7cvHoysQSMqvyVpKO71GQP+qyXsrNa9Q2mkvPNmPq/4iEHmrOlVsGUj2E
azpKr9IDvIoh+w6UW8r3LhNtTRpCtknM2IANIMkKmst4lh+Frndh19YbbUTq4avI
Ovww0v+EQupaP2N5rwzj80fm+I6vShgoVv36k+BW/aHC5hSSd0pl7wtuVWJMZIYm
cufSfIyU/oH7/TftlP7mjISruTsAZ1s1ifsX+/gDgurg83kRFQG3hOycJwXA1jvv
ivDC3hVd2krZEq9LwaiwbpifMROhtdX5l7z2YyH3KbnBw9zZNGUUK0OkKwIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFDqqGxyGSxS22ZNDkfRPjxdc5NS8MB8GA1UdIwQY
MBaAFDJQj7eBym29giHywvlUo6dEaytCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxDUHQ0SEtiYjJDSWZMQy1WU2pwMFJySzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82YzIwM2QtNjIyMS00NjBhLWFmNDkt
YzEyMjE4NzY1MTU0LzEvT3FvYkhJWkxGTGJaazBPUjlFLVBGMXprMUx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82YzIwM2QtNjIyMS00NjBhLWFmNDktYzEyMjE4NzY1MTU0
LzEvTWxDUHQ0SEtiYjJDSWZMQy1WU2pwMFJySzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzAMBAIAATAGAwQAWNrP
MH8EAgACMHkDBwAqCbKAAAADBwAqCbKAEAADBwAqCbKAEBADBwAqCbKAECADBwAq
CbKAEDADBwEqCbKAEQADBwEqCbKAzMADBwAqCbKAzMwwEgMHBCoJsoD/sAMHACoJ
soD/sgMHACoJsoD/tTASAwcAKgmygP+3AwcGKgmygP+AMA0GCSqGSIb3DQEBCwUA
A4IBAQAydXyRPxvZHp9Ib0Z5FGj8iv2WT7tNjx5wLSINAjT5CCCe/wcouxnYsYsv
qWV1XzhsB2Vvpuuc5tKL+d9FLzitHyGunVt9ODwEAhu2zxkw14P7+9KVQkfYqJKi
KGUkpNKLIh1ZVuoB71Nc8VVydszN0L9U2mVCpQZbXWyxCDD+A2KFiYjooWRDjXX5
08cy6+RhLaLFebHrG3TK/nVX0sLSDYdoc+0K2fjDZpqUd2H5C9Tdp7ayw29VnivU
QGFfhn+HcIeXHGPIjEFqcyQYdOGMdJJlZNnBDsUCD9QTQ3/kmdzZxM5yHGSNAF6N
ELdX1zBkz6wgzE/p7xeDJ6bqVxw5
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:50:19 2025 by rpki-client