Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/X5Qfh7Wewrp8xHgOfsM1Qtf5J9g.roa
File: X5Qfh7Wewrp8xHgOfsM1Qtf5J9g.roa (raw, json)
Hash identifier: pNwq9wAeM2pLlYsbCrX9fSsGDK6wJzlzNkE9TJooB9s=
Subject key identifier: 5F:94:1F:87:B5:9E:C2:BA:7C:C4:78:0E:7E:C3:35:42:D7:F9:27:D8
Certificate issuer: /CN=3b5c2467546f4b078a0224da1ccac5c287e93453
Certificate serial: 019425217798AD76408AFB09A3A11A77B55E
Authority key identifier: 3B:5C:24:67:54:6F:4B:07:8A:02:24:DA:1C:CA:C5:C2:87:E9:34:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O1wkZ1RvSweKAiTaHMrFwofpNFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/X5Qfh7Wewrp8xHgOfsM1Qtf5J9g.roa
Signing time: Thu 02 Jan 2025 03:48:57 +0000
ROA not before: Thu 02 Jan 2025 03:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34078
IP address blocks: 88.135.33.0/24 maxlen: 24
88.135.34.0/24 maxlen: 24
88.135.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/O1wkZ1RvSweKAiTaHMrFwofpNFM.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/O1wkZ1RvSweKAiTaHMrFwofpNFM.mft
rsync://rpki.ripe.net/repository/DEFAULT/O1wkZ1RvSweKAiTaHMrFwofpNFM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:77:98:ad:76:40:8a:fb:09:a3:a1:1a:77:b5:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b5c2467546f4b078a0224da1ccac5c287e93453
Validity
Not Before: Jan 2 03:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f941f87b59ec2ba7cc4780e7ec33542d7f927d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:bd:27:ed:95:30:70:f8:50:46:e5:aa:c3:70:
29:a1:eb:84:15:5a:9a:28:20:85:55:65:e2:8d:bd:
e4:f7:78:0d:ed:fe:f0:5c:a0:8f:56:20:03:ab:10:
63:c0:a7:f2:64:8d:ce:e8:ae:47:e7:32:bc:3b:be:
64:5d:8b:28:ca:5a:d1:e6:a8:2f:07:ef:40:8e:d1:
18:a6:81:2e:59:97:d8:4a:6b:1a:8e:73:ed:76:f2:
6d:32:91:44:45:0c:c1:8e:79:22:4b:60:bf:f5:94:
e5:70:d6:9f:be:2a:3c:8b:e2:16:ab:d2:ba:94:72:
d9:b3:91:5f:0c:43:e1:99:10:8d:4f:6e:fe:8c:34:
aa:f8:00:98:b0:37:85:0e:0d:ae:41:48:02:01:62:
90:fa:e0:a7:90:77:ac:41:7f:7b:ed:a4:07:25:2f:
8c:18:87:75:9c:8e:a9:99:a6:8c:61:56:bb:af:a6:
42:1e:3b:57:d3:2b:bd:10:f4:ca:84:b8:ad:87:f9:
43:58:f8:5f:42:e5:64:00:1e:17:ce:ea:48:c0:ef:
71:00:14:9d:da:8c:65:80:dd:07:17:47:b4:f2:44:
cc:dc:39:84:f6:9e:c9:c0:00:a3:bc:26:53:70:c7:
c5:f5:d9:55:3b:03:45:59:25:06:e8:22:f8:62:14:
32:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:94:1F:87:B5:9E:C2:BA:7C:C4:78:0E:7E:C3:35:42:D7:F9:27:D8
X509v3 Authority Key Identifier:
keyid:3B:5C:24:67:54:6F:4B:07:8A:02:24:DA:1C:CA:C5:C2:87:E9:34:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1wkZ1RvSweKAiTaHMrFwofpNFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/X5Qfh7Wewrp8xHgOfsM1Qtf5J9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/O1wkZ1RvSweKAiTaHMrFwofpNFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.33.0-88.135.35.255
Signature Algorithm: sha256WithRSAEncryption
a5:37:9b:b4:32:27:a1:a7:2b:8a:78:d8:d7:83:d8:be:5d:9b:
94:e0:ce:cc:92:d2:a4:74:ab:74:05:fc:10:e7:32:d5:f1:29:
09:28:5f:54:87:8e:62:cc:22:a2:e1:24:36:67:46:4d:19:b7:
76:de:17:18:6b:58:eb:66:21:03:fb:a4:59:d8:46:28:be:9e:
d0:11:bb:f1:ff:ee:8a:78:6a:41:9d:b7:15:53:29:eb:bf:e0:
11:ad:8c:4a:af:f4:99:ed:bc:8a:0c:7e:0c:a4:f8:8e:61:67:
ca:a7:76:fc:12:51:79:2d:a7:9f:de:e3:1d:66:41:5e:62:35:
64:7e:b5:e3:8d:24:ac:f6:41:b4:ce:c0:ba:af:e5:33:eb:f5:
a5:18:85:02:c4:eb:03:01:75:e2:77:fa:a5:2b:1d:0f:bf:82:
18:d2:61:5d:e0:97:2e:36:cb:77:34:ea:ba:d5:d7:91:33:38:
5c:f8:11:b7:09:6a:c9:68:69:59:27:f6:46:e9:cb:27:a3:32:
d4:76:d9:f3:09:40:63:91:de:7b:9d:13:03:09:f0:e5:b1:f2:
4d:18:fd:11:fe:02:1b:12:02:b2:79:60:41:5c:0c:66:07:a1:
b2:ef:bb:58:13:21:46:5d:6a:ab:15:6a:57:95:ea:d7:ec:b9:
23:24:96:0e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQlIXeYrXZAivsJo6Ead7VeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNWMyNDY3NTQ2ZjRiMDc4YTAyMjRkYTFjY2FjNWMyODdl
OTM0NTMwHhcNMjUwMTAyMDM0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjk0MWY4N2I1OWVjMmJhN2NjNDc4MGU3ZWMzMzU0MmQ3ZjkyN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3b0n7ZUwcPhQRuWqw3ApoeuEFVqa
KCCFVWXijb3k93gN7f7wXKCPViADqxBjwKfyZI3O6K5H5zK8O75kXYsoylrR5qgv
B+9AjtEYpoEuWZfYSmsajnPtdvJtMpFERQzBjnkiS2C/9ZTlcNafvio8i+IWq9K6
lHLZs5FfDEPhmRCNT27+jDSq+ACYsDeFDg2uQUgCAWKQ+uCnkHesQX977aQHJS+M
GId1nI6pmaaMYVa7r6ZCHjtX0yu9EPTKhLith/lDWPhfQuVkAB4XzupIwO9xABSd
2oxlgN0HF0e08kTM3DmE9p7JwACjvCZTcMfF9dlVOwNFWSUG6CL4YhQybwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFF+UH4e1nsK6fMR4Dn7DNULX+SfYMB8GA1UdIwQY
MBaAFDtcJGdUb0sHigIk2hzKxcKH6TRTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzF3a1oxUnZTd2VLQWlUYUhNckZ3b2ZwTkZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iNThkOTQtYjU2NC00ZDQ5LWE4ZmQt
NWMwOTZhODdiYjA3LzEvWDVRZmg3V2V3cnA4eEhnT2ZzTTFRdGY1SjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iNThkOTQtYjU2NC00ZDQ5LWE4ZmQtNWMwOTZhODdiYjA3
LzEvTzF3a1oxUnZTd2VLQWlUYUhNckZ3b2ZwTkZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABYhyED
BAJYhyAwDQYJKoZIhvcNAQELBQADggEBAKU3m7QyJ6GnK4p42NeD2L5dm5TgzsyS
0qR0q3QF/BDnMtXxKQkoX1SHjmLMIqLhJDZnRk0Zt3beFxhrWOtmIQP7pFnYRii+
ntARu/H/7op4akGdtxVTKeu/4BGtjEqv9JntvIoMfgyk+I5hZ8qndvwSUXktp5/e
4x1mQV5iNWR+teONJKz2QbTOwLqv5TPr9aUYhQLE6wMBdeJ3+qUrHQ+/ghjSYV3g
ly42y3c06rrV15EzOFz4EbcJasloaVkn9kbpyyejMtR22fMJQGOR3nudEwMJ8OWx
8k0Y/RH+AhsSArJ5YEFcDGYHobLvu1gTIUZdaqsValeV6tfsuSMklg4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:14 2025 by rpki-client