Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/c65587-f3ec-43ce-ab76-f1d349823504/1/W3bPbByV0AKpq4hK_u3W1NHcDhg.roa
File: W3bPbByV0AKpq4hK_u3W1NHcDhg.roa (raw, json)
Hash identifier: Lj4mTzxHLzKdMz1KdrcJ5WcR92ENETQzPFTD4Vdtm8Q=
Subject key identifier: 5B:76:CF:6C:1C:95:D0:02:A9:AB:88:4A:FE:ED:D6:D4:D1:DC:0E:18
Certificate issuer: /CN=7934f7ee5d04a026223c3aa31912bf610d00db7b
Certificate serial: 018CC8012BA649EA23616EB7F970F12A8808
Authority key identifier: 79:34:F7:EE:5D:04:A0:26:22:3C:3A:A3:19:12:BF:61:0D:00:DB:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eTT37l0EoCYiPDqjGRK_YQ0A23s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/c65587-f3ec-43ce-ab76-f1d349823504/1/W3bPbByV0AKpq4hK_u3W1NHcDhg.roa
Signing time: Tue 02 Jan 2024 02:29:29 +0000
ROA not before: Tue 02 Jan 2024 02:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48152
IP address blocks: 194.88.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/c65587-f3ec-43ce-ab76-f1d349823504/1/eTT37l0EoCYiPDqjGRK_YQ0A23s.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/c65587-f3ec-43ce-ab76-f1d349823504/1/eTT37l0EoCYiPDqjGRK_YQ0A23s.mft
rsync://rpki.ripe.net/repository/DEFAULT/eTT37l0EoCYiPDqjGRK_YQ0A23s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:2b:a6:49:ea:23:61:6e:b7:f9:70:f1:2a:88:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7934f7ee5d04a026223c3aa31912bf610d00db7b
Validity
Not Before: Jan 2 02:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b76cf6c1c95d002a9ab884afeedd6d4d1dc0e18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a0:40:be:8f:aa:2c:8b:eb:fc:f5:55:c2:b7:
a7:18:e5:4c:00:0b:82:cb:49:ec:a3:9e:34:6e:d6:
e8:71:fa:62:23:08:fb:ba:2d:6a:28:5a:b9:3d:25:
9c:22:23:b0:3a:f0:d7:c6:d5:ac:d7:18:b1:f1:5d:
d9:ac:ef:04:e3:b2:6c:57:b0:90:ae:31:7e:6d:d0:
d1:87:7c:c2:55:2b:89:9c:ab:8b:32:42:17:25:d2:
af:ed:2b:b5:ff:cb:af:42:78:8d:44:b9:67:b7:24:
22:d0:0d:b6:a9:a1:6c:5e:2a:64:49:84:82:c8:c0:
9d:99:e0:c0:65:04:a3:d2:28:97:fc:d7:a2:e4:0c:
f3:73:64:33:04:52:ce:7c:9b:d0:54:b2:08:55:fe:
8f:cb:ec:c1:fa:1b:3f:e6:17:48:f3:2d:07:42:dc:
6d:ed:f4:85:27:c9:4a:ce:ea:96:20:24:67:e2:90:
16:66:69:38:f0:dd:1b:64:37:fe:c2:59:a0:18:2b:
94:d2:5d:a1:c1:62:42:b9:f9:74:51:a6:a1:31:f5:
d4:40:87:f6:7c:00:fd:09:c0:7b:f2:cc:c7:1c:29:
eb:c5:30:14:26:5c:52:0f:05:ce:c5:83:04:8e:5b:
c8:6a:4f:87:60:4d:f1:ba:1d:37:02:8e:ab:12:66:
bd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:76:CF:6C:1C:95:D0:02:A9:AB:88:4A:FE:ED:D6:D4:D1:DC:0E:18
X509v3 Authority Key Identifier:
keyid:79:34:F7:EE:5D:04:A0:26:22:3C:3A:A3:19:12:BF:61:0D:00:DB:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eTT37l0EoCYiPDqjGRK_YQ0A23s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/c65587-f3ec-43ce-ab76-f1d349823504/1/W3bPbByV0AKpq4hK_u3W1NHcDhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/c65587-f3ec-43ce-ab76-f1d349823504/1/eTT37l0EoCYiPDqjGRK_YQ0A23s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.88.0.0/24
Signature Algorithm: sha256WithRSAEncryption
33:8d:40:7a:dc:40:41:30:5b:9f:0b:78:c5:d9:9b:00:61:f2:
e4:36:c9:fe:0d:c1:e6:f6:97:f3:1c:e2:62:a9:d5:7f:6a:ce:
4d:0a:3a:e2:39:8d:32:a7:81:6e:47:b3:e6:51:a2:19:be:0e:
8f:93:6c:d5:a4:00:4d:5f:ef:04:ac:35:28:3b:32:56:8e:ea:
d9:8c:7d:02:f6:1e:fb:62:27:6c:61:72:e1:e2:1d:37:77:c7:
42:a5:00:c5:1b:10:6f:a2:ca:29:18:3a:5c:28:96:99:94:96:
10:a6:f3:8a:e3:eb:55:be:80:c2:a0:09:d2:5d:f2:cf:dd:3b:
d5:bd:05:65:40:14:3a:b6:56:7b:80:6a:58:c4:1e:43:2b:c4:
8c:37:f0:e5:8a:51:05:67:ee:54:0a:38:3f:40:26:9c:e9:9e:
64:23:d4:38:27:db:46:57:a8:b1:bd:d1:6e:0d:e1:e8:b3:dd:
10:44:f8:7b:f8:7c:f8:d8:81:84:4a:80:eb:66:53:e9:11:61:
03:41:e1:b7:b9:d7:95:d4:62:69:17:44:94:49:06:48:76:c4:
6f:f3:e1:a2:e5:79:b7:a0:c8:9d:72:c5:d7:aa:3a:65:87:67:
88:fd:80:ac:ef:27:be:50:46:f2:20:e9:56:0e:21:91:eb:3d:
c5:0d:bd:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIASumSeojYW63+XDxKogIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5MzRmN2VlNWQwNGEwMjYyMjNjM2FhMzE5MTJiZjYxMGQw
MGRiN2IwHhcNMjQwMTAyMDIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yjc2Y2Y2YzFjOTVkMDAyYTlhYjg4NGFmZWVkZDZkNGQxZGMwZTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaBAvo+qLIvr/PVVwrenGOVMAAuC
y0nso540btbocfpiIwj7ui1qKFq5PSWcIiOwOvDXxtWs1xix8V3ZrO8E47JsV7CQ
rjF+bdDRh3zCVSuJnKuLMkIXJdKv7Su1/8uvQniNRLlntyQi0A22qaFsXipkSYSC
yMCdmeDAZQSj0iiX/Nei5Azzc2QzBFLOfJvQVLIIVf6Py+zB+hs/5hdI8y0HQtxt
7fSFJ8lKzuqWICRn4pAWZmk48N0bZDf+wlmgGCuU0l2hwWJCufl0UaahMfXUQIf2
fAD9CcB78szHHCnrxTAUJlxSDwXOxYMEjlvIak+HYE3xuh03Ao6rEma9JwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFt2z2wcldACqauISv7t1tTR3A4YMB8GA1UdIwQY
MBaAFHk09+5dBKAmIjw6oxkSv2ENANt7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVRUMzdsMEVvQ1lpUERxakdSS19ZUTBBMjNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9jNjU1ODctZjNlYy00M2NlLWFiNzYt
ZjFkMzQ5ODIzNTA0LzEvVzNiUGJCeVYwQUtwcTRoS191M1cxTkhjRGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9jNjU1ODctZjNlYy00M2NlLWFiNzYtZjFkMzQ5ODIzNTA0
LzEvZVRUMzdsMEVvQ1lpUERxakdSS19ZUTBBMjNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlgAMA0G
CSqGSIb3DQEBCwUAA4IBAQAzjUB63EBBMFufC3jF2ZsAYfLkNsn+DcHm9pfzHOJi
qdV/as5NCjriOY0yp4FuR7PmUaIZvg6Pk2zVpABNX+8ErDUoOzJWjurZjH0C9h77
YidsYXLh4h03d8dCpQDFGxBvosopGDpcKJaZlJYQpvOK4+tVvoDCoAnSXfLP3TvV
vQVlQBQ6tlZ7gGpYxB5DK8SMN/DlilEFZ+5UCjg/QCac6Z5kI9Q4J9tGV6ixvdFu
DeHos90QRPh7+Hz42IGESoDrZlPpEWEDQeG3udeV1GJpF0SUSQZIdsRv8+Gi5Xm3
oMidcsXXqjplh2eI/YCs7ye+UEbyIOlWDiGR6z3FDb2F
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:21:57 2024 by rpki-client on console-ams.rpki-client.org