Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/24fd15-22a9-4bd6-a232-8b36e9d063a1/1/xWz79t6A7nNBlz18f_XTjGjlem4.roa
File: xWz79t6A7nNBlz18f_XTjGjlem4.roa (raw, json)
Hash identifier: 09ITprOCkmAUezK4IAMhLZ/Y0pwiFpYAM61TTE3IhJw=
Subject key identifier: C5:6C:FB:F6:DE:80:EE:73:41:97:3D:7C:7F:F5:D3:8C:68:E5:7A:6E
Certificate issuer: /CN=88f342dd1127c67af1116ab1f997e27cb4c884e8
Certificate serial: 018CC6B77D5A7C1889B283A0CC0335A5DF71
Authority key identifier: 88:F3:42:DD:11:27:C6:7A:F1:11:6A:B1:F9:97:E2:7C:B4:C8:84:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iPNC3REnxnrxEWqx-ZfifLTIhOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/24fd15-22a9-4bd6-a232-8b36e9d063a1/1/xWz79t6A7nNBlz18f_XTjGjlem4.roa
Signing time: Mon 01 Jan 2024 20:29:23 +0000
ROA not before: Mon 01 Jan 2024 20:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39841
IP address blocks: 185.88.4.0/24 maxlen: 24
185.88.7.0/24 maxlen: 24
185.88.5.0/24 maxlen: 24
185.88.6.0/24 maxlen: 24
2a03:7d20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/24fd15-22a9-4bd6-a232-8b36e9d063a1/1/iPNC3REnxnrxEWqx-ZfifLTIhOg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/24fd15-22a9-4bd6-a232-8b36e9d063a1/1/iPNC3REnxnrxEWqx-ZfifLTIhOg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iPNC3REnxnrxEWqx-ZfifLTIhOg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:03:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:7d:5a:7c:18:89:b2:83:a0:cc:03:35:a5:df:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88f342dd1127c67af1116ab1f997e27cb4c884e8
Validity
Not Before: Jan 1 20:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c56cfbf6de80ee7341973d7c7ff5d38c68e57a6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:eb:e0:9f:d2:02:11:94:57:3d:ca:37:10:0d:
43:7e:19:d5:01:4c:bd:f2:0e:d8:ef:ef:dd:ce:f3:
f8:d6:d0:54:7f:ee:53:ad:d6:5e:83:ee:5b:d8:c3:
78:39:e5:fe:f3:27:3c:ac:e3:da:c5:a2:01:b7:c4:
dd:d3:fb:81:8d:cd:16:e8:b1:00:77:c8:ab:1f:b6:
e9:b2:ff:ed:ec:ac:be:45:05:2d:9e:5b:4d:a8:49:
bb:f7:e6:84:e8:21:32:12:32:2a:18:5c:88:91:da:
a7:fb:22:88:22:62:79:a9:a8:9f:b0:3c:ae:4f:c6:
1a:ef:46:33:a5:94:3e:4a:5a:01:05:4a:8b:fd:ea:
9e:25:35:7f:a1:4d:05:54:ee:ed:9f:65:c8:5c:fc:
63:87:c1:c9:09:66:dc:70:5c:d6:da:a3:f1:93:b1:
c5:66:c1:55:b3:ba:af:21:13:d6:dc:3e:04:fe:f5:
a8:00:f7:8c:97:15:9c:02:41:55:81:15:59:46:80:
00:4e:1a:74:f9:b2:e2:65:c1:12:88:13:c4:84:23:
e7:b6:e6:ad:a5:37:39:0f:a4:f3:87:fb:89:2f:c5:
76:c3:4d:ef:23:0c:96:4a:fb:cc:22:1a:84:b0:1b:
be:cd:10:2f:5b:5b:e7:74:ea:d2:04:7d:05:7a:a9:
be:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:6C:FB:F6:DE:80:EE:73:41:97:3D:7C:7F:F5:D3:8C:68:E5:7A:6E
X509v3 Authority Key Identifier:
keyid:88:F3:42:DD:11:27:C6:7A:F1:11:6A:B1:F9:97:E2:7C:B4:C8:84:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPNC3REnxnrxEWqx-ZfifLTIhOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/24fd15-22a9-4bd6-a232-8b36e9d063a1/1/xWz79t6A7nNBlz18f_XTjGjlem4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/24fd15-22a9-4bd6-a232-8b36e9d063a1/1/iPNC3REnxnrxEWqx-ZfifLTIhOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.4.0/22
IPv6:
2a03:7d20::/32
Signature Algorithm: sha256WithRSAEncryption
32:9a:6c:a8:a0:8e:52:67:e9:d1:a8:e6:75:21:fe:32:fc:56:
93:17:1b:aa:76:49:d3:69:c5:27:f5:54:ca:e9:80:ba:ba:d0:
29:c2:11:3c:87:40:03:47:b6:12:53:ec:27:d0:0a:ed:10:a2:
40:fb:45:70:d9:5f:65:8f:3d:76:db:b6:99:65:a9:d2:ed:1d:
b5:c6:d2:6b:95:86:7b:25:4a:f8:76:3c:42:a6:41:a2:ee:cc:
b7:5b:1c:aa:88:1b:82:54:f0:ba:59:2e:90:b3:65:a9:d8:81:
8f:96:cc:12:9e:f2:5b:3a:a1:95:9f:de:2a:c4:69:ed:f5:ed:
0b:ca:cf:76:9f:6c:99:2d:ed:f2:e6:97:b3:28:88:10:a0:54:
c5:e2:99:1f:4e:cc:d5:65:ab:76:31:91:3d:07:82:ba:73:9e:
e7:5a:c8:3e:55:5a:a2:9c:68:2f:90:a1:ac:84:55:26:11:9d:
b5:21:92:37:5e:37:da:31:fb:7b:d0:29:a7:38:b3:8a:48:6c:
1d:1c:2d:2f:5b:78:0c:42:87:6b:41:78:0b:ca:4d:aa:3d:af:
8c:ae:f2:98:3f:2f:4b:0e:93:9d:1d:45:c7:aa:25:1b:52:ee:
f1:20:9a:4e:3c:27:59:90:98:df:ca:5a:da:99:b2:9c:4b:70:
d7:c6:e7:b9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGt31afBiJsoOgzAM1pd9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZjM0MmRkMTEyN2M2N2FmMTExNmFiMWY5OTdlMjdjYjRj
ODg0ZTgwHhcNMjQwMTAxMjAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTZjZmJmNmRlODBlZTczNDE5NzNkN2M3ZmY1ZDM4YzY4ZTU3YTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+vgn9ICEZRXPco3EA1DfhnVAUy9
8g7Y7+/dzvP41tBUf+5TrdZeg+5b2MN4OeX+8yc8rOPaxaIBt8Td0/uBjc0W6LEA
d8irH7bpsv/t7Ky+RQUtnltNqEm79+aE6CEyEjIqGFyIkdqn+yKIImJ5qaifsDyu
T8Ya70YzpZQ+SloBBUqL/eqeJTV/oU0FVO7tn2XIXPxjh8HJCWbccFzW2qPxk7HF
ZsFVs7qvIRPW3D4E/vWoAPeMlxWcAkFVgRVZRoAAThp0+bLiZcESiBPEhCPntuat
pTc5D6Tzh/uJL8V2w03vIwyWSvvMIhqEsBu+zRAvW1vndOrSBH0Feqm+NwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMVs+/begO5zQZc9fH/104xo5XpuMB8GA1UdIwQY
MBaAFIjzQt0RJ8Z68RFqsfmX4ny0yIToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVBOQzNSRW54bnJ4RVdxeC1aZmlmTFRJaE9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yNGZkMTUtMjJhOS00YmQ2LWEyMzIt
OGIzNmU5ZDA2M2ExLzEveFd6Nzl0NkE3bk5CbHoxOGZfWFRqR2psZW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yNGZkMTUtMjJhOS00YmQ2LWEyMzItOGIzNmU5ZDA2M2Ex
LzEvaVBOQzNSRW54bnJ4RVdxeC1aZmlmTFRJaE9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVgEMA0E
AgACMAcDBQAqA30gMA0GCSqGSIb3DQEBCwUAA4IBAQAymmyooI5SZ+nRqOZ1If4y
/FaTFxuqdknTacUn9VTK6YC6utApwhE8h0ADR7YSU+wn0ArtEKJA+0Vw2V9ljz12
27aZZanS7R21xtJrlYZ7JUr4djxCpkGi7sy3WxyqiBuCVPC6WS6Qs2Wp2IGPlswS
nvJbOqGVn94qxGnt9e0Lys92n2yZLe3y5pezKIgQoFTF4pkfTszVZat2MZE9B4K6
c57nWsg+VVqinGgvkKGshFUmEZ21IZI3XjfaMft70CmnOLOKSGwdHC0vW3gMQodr
QXgLyk2qPa+MrvKYPy9LDpOdHUXHqiUbUu7xIJpOPCdZkJjfylrambKcS3DXxue5
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:35:00 2024 by rpki-client on console-ams.rpki-client.org