Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/ku4XOGXPsccAevu5NibMRcp_NUs.roa
File: ku4XOGXPsccAevu5NibMRcp_NUs.roa (raw, json)
Hash identifier: lOOowGzSSjJaIeUdHyZX2WYKb0OTMsc9s3r0Pqhwwz0=
Subject key identifier: 92:EE:17:38:65:CF:B1:C7:00:7A:FB:B9:36:26:CC:45:CA:7F:35:4B
Certificate issuer: /CN=3b5c2467546f4b078a0224da1ccac5c287e93453
Certificate serial: 018CC5DC579EFD4455EB4132FB55BBB4461C
Authority key identifier: 3B:5C:24:67:54:6F:4B:07:8A:02:24:DA:1C:CA:C5:C2:87:E9:34:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O1wkZ1RvSweKAiTaHMrFwofpNFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/ku4XOGXPsccAevu5NibMRcp_NUs.roa
Signing time: Mon 01 Jan 2024 16:30:01 +0000
ROA not before: Mon 01 Jan 2024 16:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50177
IP address blocks: 88.135.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/O1wkZ1RvSweKAiTaHMrFwofpNFM.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/O1wkZ1RvSweKAiTaHMrFwofpNFM.mft
rsync://rpki.ripe.net/repository/DEFAULT/O1wkZ1RvSweKAiTaHMrFwofpNFM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:57:9e:fd:44:55:eb:41:32:fb:55:bb:b4:46:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b5c2467546f4b078a0224da1ccac5c287e93453
Validity
Not Before: Jan 1 16:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92ee173865cfb1c7007afbb93626cc45ca7f354b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9c:8a:7c:49:22:be:ae:a3:e3:cf:ea:0f:e4:
44:ad:a7:7a:f6:57:33:60:a2:65:76:69:c4:5d:a8:
ac:44:63:aa:18:fb:1c:5f:c1:63:1a:c7:f8:6d:0b:
a3:3c:0f:16:2e:a0:f3:19:0b:e0:e4:cd:69:00:42:
a2:b5:69:73:7f:b2:42:ad:ff:95:c5:6c:8d:04:ed:
20:bb:cd:0e:b3:d5:b2:87:d0:10:6d:52:13:76:8b:
72:c6:c4:e8:21:1b:50:e8:26:c0:f3:b1:7d:dc:24:
e4:f5:7a:89:39:1a:b5:8c:79:29:fb:2b:5d:ea:4e:
f3:1d:26:22:29:9b:60:5c:9e:25:c2:48:93:1d:8a:
05:8c:59:5e:78:fc:50:ca:af:4c:28:e9:13:c7:bd:
e5:ec:61:1b:74:f3:75:61:9a:87:51:f8:a8:bf:74:
a2:4d:13:9c:f1:2c:87:71:ce:80:d6:c6:0c:95:4d:
c3:a1:f9:06:0e:be:5c:bf:3d:d3:0c:0d:95:71:59:
5a:dd:f5:9e:6b:d1:6d:32:11:a8:21:be:8d:d3:fe:
fb:16:49:de:af:21:46:0b:b7:dc:03:ce:0f:57:a5:
2c:dc:af:ea:15:3f:b8:50:4d:78:81:79:78:43:19:
3e:0f:3b:02:2a:f2:fd:8e:7c:fc:91:bb:47:13:53:
d2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:EE:17:38:65:CF:B1:C7:00:7A:FB:B9:36:26:CC:45:CA:7F:35:4B
X509v3 Authority Key Identifier:
keyid:3B:5C:24:67:54:6F:4B:07:8A:02:24:DA:1C:CA:C5:C2:87:E9:34:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1wkZ1RvSweKAiTaHMrFwofpNFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/ku4XOGXPsccAevu5NibMRcp_NUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/O1wkZ1RvSweKAiTaHMrFwofpNFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.32.0/24
Signature Algorithm: sha256WithRSAEncryption
04:92:cc:71:d8:6e:f9:11:2d:93:44:49:cc:5a:ab:25:59:cf:
fd:ec:c6:4e:f1:ee:4d:bb:d3:01:7d:a6:40:05:bb:08:20:85:
d4:1e:1f:ec:60:ef:79:e6:a0:61:27:33:7b:f5:d4:47:6d:25:
92:99:53:53:3d:42:6a:01:1e:7e:37:f3:89:c9:65:61:fc:4b:
6b:58:6e:8f:df:07:17:c9:b1:4a:98:e4:dc:07:58:bf:2a:bf:
41:6b:0f:d0:e8:aa:96:a8:0e:ce:6c:ca:b9:08:49:97:7b:bd:
95:ee:83:f1:8d:75:6c:0e:82:bd:d5:bf:59:70:17:33:f2:d8:
fb:19:d3:1c:8b:5f:17:06:27:fc:b8:11:2c:81:5d:a8:0b:07:
f8:1f:59:97:3a:99:6d:85:b9:ce:48:b6:1e:ce:5e:8e:7d:e8:
cc:2b:62:3b:f4:1a:55:15:e3:a8:3c:3a:49:df:3f:3b:db:8a:
a4:ac:40:e0:3f:61:c4:5d:ce:ad:41:58:7e:be:c9:66:f1:6a:
e6:d0:4c:65:c5:3d:13:93:9f:b1:83:7a:48:d0:58:45:f3:cd:
16:42:fd:75:66:18:95:d6:9d:8c:9e:66:61:da:2d:58:6c:7b:
81:97:52:7e:61:0a:4a:9e:f5:3e:b2:e7:b6:75:d7:0f:f9:d3:
f8:20:8f:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Fee/URV60Ey+1W7tEYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNWMyNDY3NTQ2ZjRiMDc4YTAyMjRkYTFjY2FjNWMyODdl
OTM0NTMwHhcNMjQwMTAxMTYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmVlMTczODY1Y2ZiMWM3MDA3YWZiYjkzNjI2Y2M0NWNhN2YzNTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJyKfEkivq6j48/qD+RErad69lcz
YKJldmnEXaisRGOqGPscX8FjGsf4bQujPA8WLqDzGQvg5M1pAEKitWlzf7JCrf+V
xWyNBO0gu80Os9Wyh9AQbVITdotyxsToIRtQ6CbA87F93CTk9XqJORq1jHkp+ytd
6k7zHSYiKZtgXJ4lwkiTHYoFjFleePxQyq9MKOkTx73l7GEbdPN1YZqHUfiov3Si
TROc8SyHcc6A1sYMlU3DofkGDr5cvz3TDA2VcVla3fWea9FtMhGoIb6N0/77Fkne
ryFGC7fcA84PV6Us3K/qFT+4UE14gXl4Qxk+DzsCKvL9jnz8kbtHE1PSBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJLuFzhlz7HHAHr7uTYmzEXKfzVLMB8GA1UdIwQY
MBaAFDtcJGdUb0sHigIk2hzKxcKH6TRTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzF3a1oxUnZTd2VLQWlUYUhNckZ3b2ZwTkZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iNThkOTQtYjU2NC00ZDQ5LWE4ZmQt
NWMwOTZhODdiYjA3LzEva3U0WE9HWFBzY2NBZXZ1NU5pYk1SY3BfTlVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iNThkOTQtYjU2NC00ZDQ5LWE4ZmQtNWMwOTZhODdiYjA3
LzEvTzF3a1oxUnZTd2VLQWlUYUhNckZ3b2ZwTkZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWIcgMA0G
CSqGSIb3DQEBCwUAA4IBAQAEksxx2G75ES2TREnMWqslWc/97MZO8e5Nu9MBfaZA
BbsIIIXUHh/sYO955qBhJzN79dRHbSWSmVNTPUJqAR5+N/OJyWVh/EtrWG6P3wcX
ybFKmOTcB1i/Kr9Baw/Q6KqWqA7ObMq5CEmXe72V7oPxjXVsDoK91b9ZcBcz8tj7
GdMci18XBif8uBEsgV2oCwf4H1mXOplthbnOSLYezl6OfejMK2I79BpVFeOoPDpJ
3z8724qkrEDgP2HEXc6tQVh+vslm8Wrm0ExlxT0Tk5+xg3pI0FhF880WQv11ZhiV
1p2MnmZh2i1YbHuBl1J+YQpKnvU+sue2ddcP+dP4II/A
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:17:28 2024 by rpki-client on console-fra.rpki-client.org