Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/b7d1sUp5_kltG_LCH8jcnPPW8zQ.roa
File: b7d1sUp5_kltG_LCH8jcnPPW8zQ.roa (raw, json)
Hash identifier: MEnOX7MUUzUyDP6zKBTOPDU9NjHFdZXGeCmCNAffkvU=
Subject key identifier: 6F:B7:75:B1:4A:79:FE:49:6D:1B:F2:C2:1F:C8:DC:9C:F3:D6:F3:34
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC501394CE6C493507C7D39EDAAD2714D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/b7d1sUp5_kltG_LCH8jcnPPW8zQ.roa
Signing time: Mon 01 Jan 2024 12:30:40 +0000
ROA not before: Mon 01 Jan 2024 12:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8764
IP address blocks: 88.216.139.0/24 maxlen: 24
88.216.138.0/24 maxlen: 24
88.216.142.0/24 maxlen: 24
88.216.143.0/24 maxlen: 24
88.216.140.0/24 maxlen: 24
88.216.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:39:4c:e6:c4:93:50:7c:7d:39:ed:aa:d2:71:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 12:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fb775b14a79fe496d1bf2c21fc8dc9cf3d6f334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a1:a0:62:80:d0:9f:f9:de:64:cd:a7:5e:c8:
6c:d8:21:f0:3d:9f:e9:f4:f5:4e:4d:9f:df:13:05:
c2:21:83:e2:00:30:b9:80:2f:e9:47:3d:09:d5:26:
c4:b3:0e:ef:94:df:09:2f:f5:fa:89:a4:49:ce:bf:
68:3a:eb:ae:88:01:53:1e:a5:ea:c9:3e:0e:9c:cd:
da:ce:ec:76:dc:53:ce:df:16:47:ca:5e:5a:b6:1f:
d9:9e:a7:10:47:00:cf:89:35:cc:b5:fa:8e:01:a7:
2b:c0:57:99:d3:f2:90:00:81:30:fd:f3:31:bc:7a:
d6:37:28:77:4d:97:77:ed:73:18:dc:08:ba:0f:46:
91:c1:f3:dd:55:b0:7b:54:43:f6:42:88:43:ef:5d:
69:39:5e:e2:d6:cf:f3:1f:d5:50:bd:8f:49:9b:91:
d3:c7:b6:ae:f5:45:0d:1e:dc:79:36:1c:5e:83:ef:
ac:47:d2:80:3d:71:59:a8:d5:f8:e5:32:a6:da:2a:
50:a1:c0:56:db:7c:73:5c:4a:17:5a:38:bb:7f:90:
dc:da:ce:18:b3:13:d6:a2:da:1e:92:a7:b0:f2:5e:
69:e1:d4:03:31:0b:a9:63:6c:77:5f:c1:13:55:b1:
f8:a6:66:a7:cf:49:a0:a6:97:7f:4c:c3:88:d2:c5:
08:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:B7:75:B1:4A:79:FE:49:6D:1B:F2:C2:1F:C8:DC:9C:F3:D6:F3:34
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/b7d1sUp5_kltG_LCH8jcnPPW8zQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.138.0-88.216.143.255
Signature Algorithm: sha256WithRSAEncryption
21:51:dd:71:5d:52:6d:75:e6:38:d2:8d:03:33:31:db:cc:1f:
8e:ff:37:be:fb:e2:87:f5:d0:7b:22:f4:fb:24:93:38:a0:df:
01:1a:8c:e2:e4:ff:1b:52:20:a2:8f:3e:13:16:76:94:4d:96:
b8:2c:e4:f0:66:b9:a3:10:87:df:a8:af:02:27:b0:44:92:d5:
8f:6b:15:c7:3b:74:fb:44:af:fe:41:0a:4d:b4:72:d3:bc:bb:
bd:e3:a1:f0:d2:eb:d9:18:50:54:13:b0:bd:dd:64:12:8c:37:
01:df:ff:ec:45:38:1c:12:c2:d8:f4:5c:84:56:16:bc:f1:5c:
cc:15:7d:45:d1:bd:b7:6c:bd:7f:e4:ca:bd:8a:e6:00:4e:61:
04:2a:1f:02:c2:bf:9c:b8:83:ad:ac:ef:74:bb:02:e5:da:bc:
05:f5:9c:ee:a1:3c:30:30:bc:d7:92:56:b5:93:4f:ad:5e:1e:
6d:a5:cb:46:b1:2b:ad:f9:8c:42:25:19:7f:7e:93:83:40:d9:
f1:84:e7:30:79:8b:3f:d6:e3:6a:31:62:e2:5c:d6:8f:29:07:
47:31:ad:d9:ec:7f:69:ad:22:e7:5c:aa:4f:c1:65:1a:7c:28:
b8:39:89:e8:c1:10:a6:83:69:18:d4:89:ae:11:21:4e:c7:e4:
09:60:e6:2d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzFATlM5sSTUHx9Oe2q0nFNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmI3NzViMTRhNzlmZTQ5NmQxYmYyYzIxZmM4ZGM5Y2YzZDZmMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6GgYoDQn/neZM2nXshs2CHwPZ/p
9PVOTZ/fEwXCIYPiADC5gC/pRz0J1SbEsw7vlN8JL/X6iaRJzr9oOuuuiAFTHqXq
yT4OnM3azux23FPO3xZHyl5ath/ZnqcQRwDPiTXMtfqOAacrwFeZ0/KQAIEw/fMx
vHrWNyh3TZd37XMY3Ai6D0aRwfPdVbB7VEP2QohD711pOV7i1s/zH9VQvY9Jm5HT
x7au9UUNHtx5Nhxeg++sR9KAPXFZqNX45TKm2ipQocBW23xzXEoXWji7f5Dc2s4Y
sxPWotoekqew8l5p4dQDMQupY2x3X8ETVbH4pmanz0mgppd/TMOI0sUI0QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFG+3dbFKef5JbRvywh/I3Jzz1vM0MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvYjdkMXNVcDVfa2x0R19MQ0g4amNuUFBXOHpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFY2IoD
BARY2IAwDQYJKoZIhvcNAQELBQADggEBACFR3XFdUm115jjSjQMzMdvMH47/N777
4of10Hsi9Pskkzig3wEajOLk/xtSIKKPPhMWdpRNlrgs5PBmuaMQh9+orwInsESS
1Y9rFcc7dPtEr/5BCk20ctO8u73jofDS69kYUFQTsL3dZBKMNwHf/+xFOBwSwtj0
XIRWFrzxXMwVfUXRvbdsvX/kyr2K5gBOYQQqHwLCv5y4g62s73S7AuXavAX1nO6h
PDAwvNeSVrWTT61eHm2ly0axK635jEIlGX9+k4NA2fGE5zB5iz/W42oxYuJc1o8p
B0cxrdnsf2mtIudcqk/BZRp8KLg5iejBEKaDaRjUia4RIU7H5Alg5i0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:51:53 2024 by rpki-client on console-fra.rpki-client.org