Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/sS0fxhlxEWRjsQnEqbS6yWekaY0.roa
File: sS0fxhlxEWRjsQnEqbS6yWekaY0.roa (raw, json)
Hash identifier: k3UwApZeg9rkiGbd9RxIU7LsmtmI1sA6qY1pt+k7ypo=
Subject key identifier: B1:2D:1F:C6:19:71:11:64:63:B1:09:C4:A9:B4:BA:C9:67:A4:69:8D
Certificate issuer: /CN=6090cdd31d3a71da1ce4a4bd85f1987e3ca4eafa
Certificate serial: 018CC94E4F8576F67FCC1E9711C84318A70A
Authority key identifier: 60:90:CD:D3:1D:3A:71:DA:1C:E4:A4:BD:85:F1:98:7E:3C:A4:EA:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJDN0x06cdoc5KS9hfGYfjyk6vo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/sS0fxhlxEWRjsQnEqbS6yWekaY0.roa
Signing time: Tue 02 Jan 2024 08:33:21 +0000
ROA not before: Tue 02 Jan 2024 08:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50289
IP address blocks: 88.84.193.0/24 maxlen: 24
88.84.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/YJDN0x06cdoc5KS9hfGYfjyk6vo.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/YJDN0x06cdoc5KS9hfGYfjyk6vo.mft
rsync://rpki.ripe.net/repository/DEFAULT/YJDN0x06cdoc5KS9hfGYfjyk6vo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:4f:85:76:f6:7f:cc:1e:97:11:c8:43:18:a7:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6090cdd31d3a71da1ce4a4bd85f1987e3ca4eafa
Validity
Not Before: Jan 2 08:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b12d1fc61971116463b109c4a9b4bac967a4698d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:80:6c:4c:54:07:f7:e2:9c:36:f7:2a:0f:77:
d4:af:a5:f9:d0:7b:df:20:58:ee:c7:d4:81:5e:94:
cd:be:c6:a5:35:eb:7d:af:8f:b2:9b:9b:2c:fc:d4:
6b:96:68:82:15:12:2d:fc:02:8c:31:7c:01:2a:12:
ae:08:9f:c4:7c:ae:85:10:bf:cf:90:7e:ba:8e:fe:
df:9b:b6:33:84:bd:66:67:6d:4c:1b:6d:8d:71:8a:
f6:fa:50:64:e3:7c:41:ae:f9:96:a3:17:83:89:4a:
7d:43:b5:e2:8b:ce:35:32:a4:1f:07:11:d3:d5:17:
06:d3:4b:25:29:c2:75:ee:e5:f5:91:d1:1f:10:e0:
61:01:1b:d0:97:8b:b0:bd:71:cf:cf:45:8a:18:ca:
39:f9:bc:ef:8d:75:95:a3:0c:10:6d:e5:7b:05:4b:
53:85:d0:65:71:a7:4f:53:c8:60:d1:2b:d1:f7:dc:
78:10:57:e5:7b:e5:2b:dc:65:24:8a:63:1b:7d:d9:
41:f1:90:26:d0:fb:42:3c:2c:db:a1:97:39:a5:f9:
bf:80:48:00:44:19:3b:86:a1:f0:32:3d:fd:11:19:
97:84:f2:e4:84:c7:fa:b1:1a:74:2a:51:39:06:5f:
33:33:f5:10:e4:41:16:db:8d:ae:fc:5b:46:12:75:
ca:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:2D:1F:C6:19:71:11:64:63:B1:09:C4:A9:B4:BA:C9:67:A4:69:8D
X509v3 Authority Key Identifier:
keyid:60:90:CD:D3:1D:3A:71:DA:1C:E4:A4:BD:85:F1:98:7E:3C:A4:EA:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJDN0x06cdoc5KS9hfGYfjyk6vo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/sS0fxhlxEWRjsQnEqbS6yWekaY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/YJDN0x06cdoc5KS9hfGYfjyk6vo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.84.193.0/24
88.84.208.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:e6:f9:9e:ab:8f:75:04:64:87:d0:28:65:0e:3c:04:50:88:
00:10:cc:43:4a:35:71:b0:61:44:48:ea:5b:34:0c:bf:46:4f:
f3:a3:7b:33:94:28:2f:fd:50:42:0d:4b:34:4d:b5:9b:60:ac:
bf:48:77:d8:88:d5:2d:90:c0:66:a4:7f:82:f8:dd:4f:76:ff:
71:a9:cf:1f:3d:95:d2:d5:91:ff:c9:ab:fc:e4:c8:31:e2:52:
24:b4:f3:79:89:12:66:c9:38:fe:98:db:1d:e6:77:43:6e:35:
73:ec:ad:e2:19:7c:e5:f8:4e:72:9b:fa:ad:ec:50:f3:ee:b4:
9b:95:6f:40:af:36:a2:d9:0f:69:59:e9:69:ed:3f:e0:0c:e9:
34:7a:43:3e:20:34:9f:25:fe:c2:1c:3f:de:a8:40:a6:51:92:
c0:39:dd:50:64:ca:81:40:36:03:43:96:2f:89:99:78:e4:25:
7e:7f:da:ef:d0:99:5a:1b:0c:2d:f8:6c:f3:04:d1:99:e0:36:
39:6a:d2:5c:e0:31:e0:95:ba:a6:98:38:82:c9:34:88:29:92:
26:49:52:1b:c9:e1:10:99:6c:d7:17:8d:05:91:d1:9a:ff:8b:
de:3b:e4:e1:c0:d2:ac:a8:d8:c8:36:ca:4b:cf:ba:b7:74:bb:
68:21:72:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTk+FdvZ/zB6XEchDGKcKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTBjZGQzMWQzYTcxZGExY2U0YTRiZDg1ZjE5ODdlM2Nh
NGVhZmEwHhcNMjQwMTAyMDgzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTJkMWZjNjE5NzExMTY0NjNiMTA5YzRhOWI0YmFjOTY3YTQ2OThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoBsTFQH9+KcNvcqD3fUr6X50Hvf
IFjux9SBXpTNvsalNet9r4+ym5ss/NRrlmiCFRIt/AKMMXwBKhKuCJ/EfK6FEL/P
kH66jv7fm7YzhL1mZ21MG22NcYr2+lBk43xBrvmWoxeDiUp9Q7Xii841MqQfBxHT
1RcG00slKcJ17uX1kdEfEOBhARvQl4uwvXHPz0WKGMo5+bzvjXWVowwQbeV7BUtT
hdBlcadPU8hg0SvR99x4EFfle+Ur3GUkimMbfdlB8ZAm0PtCPCzboZc5pfm/gEgA
RBk7hqHwMj39ERmXhPLkhMf6sRp0KlE5Bl8zM/UQ5EEW242u/FtGEnXK8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLEtH8YZcRFkY7EJxKm0uslnpGmNMB8GA1UdIwQY
MBaAFGCQzdMdOnHaHOSkvYXxmH48pOr6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpETjB4MDZjZG9jNUtTOWhmR1lmanlrNnZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8wODkwMGYtYjM2MS00N2FkLTg5M2Yt
NzM1MWY4NjliNDJiLzEvc1MwZnhobHhFV1Jqc1FuRXFiUzZ5V2VrYVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8wODkwMGYtYjM2MS00N2FkLTg5M2YtNzM1MWY4NjliNDJi
LzEvWUpETjB4MDZjZG9jNUtTOWhmR1lmanlrNnZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWFTBAwQA
WFTQMA0GCSqGSIb3DQEBCwUAA4IBAQB85vmeq491BGSH0ChlDjwEUIgAEMxDSjVx
sGFESOpbNAy/Rk/zo3szlCgv/VBCDUs0TbWbYKy/SHfYiNUtkMBmpH+C+N1Pdv9x
qc8fPZXS1ZH/yav85Mgx4lIktPN5iRJmyTj+mNsd5ndDbjVz7K3iGXzl+E5ym/qt
7FDz7rSblW9Arzai2Q9pWelp7T/gDOk0ekM+IDSfJf7CHD/eqECmUZLAOd1QZMqB
QDYDQ5YviZl45CV+f9rv0JlaGwwt+GzzBNGZ4DY5atJc4DHglbqmmDiCyTSIKZIm
SVIbyeEQmWzXF40FkdGa/4veO+ThwNKsqNjINspLz7q3dLtoIXLv
-----END CERTIFICATE-----
Generated at Fri Jun 7 15:45:13 2024 by rpki-client on console-fra.rpki-client.org