Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/To3MA4BpWRqwixoVnhewSjEYzT4.roa
File: To3MA4BpWRqwixoVnhewSjEYzT4.roa (raw, json)
Hash identifier: 9lbf2v9hyi9SM1tsdgIMsqC0/VTZFt0QJ3oOnF+VAtU=
Subject key identifier: 4E:8D:CC:03:80:69:59:1A:B0:8B:1A:15:9E:17:B0:4A:31:18:CD:3E
Certificate issuer: /CN=179301dcc7fae4f7ce01e4987a77cb82a336abff
Certificate serial: 018CC26CF69E78EC25639AD5A74EDEA4648D
Authority key identifier: 17:93:01:DC:C7:FA:E4:F7:CE:01:E4:98:7A:77:CB:82:A3:36:AB:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/To3MA4BpWRqwixoVnhewSjEYzT4.roa
Signing time: Mon 01 Jan 2024 00:29:30 +0000
ROA not before: Mon 01 Jan 2024 00:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201549
IP address blocks: 88.199.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/F5MB3Mf65PfOAeSYenfLgqM2q_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/F5MB3Mf65PfOAeSYenfLgqM2q_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f6:9e:78:ec:25:63:9a:d5:a7:4e:de:a4:64:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=179301dcc7fae4f7ce01e4987a77cb82a336abff
Validity
Not Before: Jan 1 00:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e8dcc038069591ab08b1a159e17b04a3118cd3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b6:98:01:b4:6e:d5:b4:01:e8:6a:99:09:b0:
0f:b6:a3:b8:61:70:6a:af:43:cb:d1:ea:0f:f3:94:
c9:42:e0:38:c9:94:30:dd:4c:53:39:65:5b:30:53:
c1:cc:7a:b1:ab:8b:c8:98:03:9a:5f:39:e5:6a:09:
40:8d:b9:c2:79:a6:18:b8:6c:48:47:15:2b:43:6a:
30:83:f8:1e:ee:c9:74:ed:77:a9:d6:ff:5f:66:5a:
71:9a:34:8d:ee:92:2f:1d:a1:4c:21:26:60:dc:bb:
b0:87:39:88:3d:34:e2:fa:64:91:57:8d:7e:fe:ba:
f4:2c:10:97:b3:d3:f2:f6:e4:2a:f5:22:31:cc:95:
49:47:56:fd:7b:30:38:a7:3c:09:ed:cf:13:2a:e9:
22:2d:2a:df:e8:2f:8c:5b:69:5c:c0:80:55:aa:cf:
da:76:28:9f:13:50:c5:46:a9:67:a1:f4:de:d5:67:
f9:d1:c2:57:19:c2:93:79:48:c3:fe:68:cf:34:c8:
50:8c:b5:56:5d:d9:fc:ff:a4:f8:90:50:f0:c8:e5:
ea:9e:c3:a8:af:da:e9:11:21:0a:7a:65:ab:61:f0:
5a:cf:d4:7a:8d:93:a9:5d:0c:6b:2f:0f:87:97:fa:
4e:58:39:87:f7:35:bc:9f:bf:4d:3b:cf:54:ea:ae:
97:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:8D:CC:03:80:69:59:1A:B0:8B:1A:15:9E:17:B0:4A:31:18:CD:3E
X509v3 Authority Key Identifier:
keyid:17:93:01:DC:C7:FA:E4:F7:CE:01:E4:98:7A:77:CB:82:A3:36:AB:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/To3MA4BpWRqwixoVnhewSjEYzT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/F5MB3Mf65PfOAeSYenfLgqM2q_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.199.97.0/24
Signature Algorithm: sha256WithRSAEncryption
13:7a:d9:1e:cc:f8:59:f1:7d:09:bc:8c:64:6f:ed:4f:f4:1a:
39:e2:d9:4b:00:e4:82:8f:b0:75:f7:06:cb:3e:22:20:29:61:
ee:78:2b:22:9e:67:90:56:22:66:33:9a:91:0a:51:4f:57:0c:
03:46:ac:a7:83:7e:f9:a0:25:b6:40:8c:66:a1:16:c5:d1:d4:
82:b1:c5:78:58:5f:7c:b0:80:c3:e0:ac:cb:c1:3e:db:4d:89:
b0:a7:0f:ab:ce:6a:10:c5:39:26:ec:be:44:18:34:d7:3e:d6:
83:9d:dd:73:ce:0a:c4:da:58:5b:cc:c6:6d:bc:39:2d:94:d9:
e0:91:8c:54:8b:d4:50:59:cd:91:da:96:1e:b6:4d:16:d9:f7:
f3:3b:72:cd:5e:61:2e:9d:07:ee:bc:5f:f7:e8:49:ed:1f:aa:
6f:9f:f4:02:e9:1c:91:90:d6:85:4b:79:55:b1:e7:0d:92:e5:
63:99:59:b0:15:3d:a9:e6:30:99:91:06:5e:f8:4f:08:32:6d:
20:53:77:86:06:ba:31:13:8e:1c:df:37:af:60:79:72:a9:f4:
da:e9:df:80:0d:94:96:1b:b8:2b:cd:a5:c4:59:0c:49:c6:b9:
85:b9:22:bb:b2:bf:9c:44:e9:d2:7a:d9:9a:c1:9a:bc:0a:fa:
fa:4e:18:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbPaeeOwlY5rVp07epGSNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTMwMWRjYzdmYWU0ZjdjZTAxZTQ5ODdhNzdjYjgyYTMz
NmFiZmYwHhcNMjQwMTAxMDAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZThkY2MwMzgwNjk1OTFhYjA4YjFhMTU5ZTE3YjA0YTMxMThjZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLaYAbRu1bQB6GqZCbAPtqO4YXBq
r0PL0eoP85TJQuA4yZQw3UxTOWVbMFPBzHqxq4vImAOaXznlaglAjbnCeaYYuGxI
RxUrQ2owg/ge7sl07Xep1v9fZlpxmjSN7pIvHaFMISZg3LuwhzmIPTTi+mSRV41+
/rr0LBCXs9Py9uQq9SIxzJVJR1b9ezA4pzwJ7c8TKukiLSrf6C+MW2lcwIBVqs/a
diifE1DFRqlnofTe1Wf50cJXGcKTeUjD/mjPNMhQjLVWXdn8/6T4kFDwyOXqnsOo
r9rpESEKemWrYfBaz9R6jZOpXQxrLw+Hl/pOWDmH9zW8n79NO89U6q6XvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE6NzAOAaVkasIsaFZ4XsEoxGM0+MB8GA1UdIwQY
MBaAFBeTAdzH+uT3zgHkmHp3y4KjNqv/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVNQjNNZjY1UGZPQWVTWWVuZkxncU0ycV84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9lZDc5NjMtNzJlYS00YzFkLWFkZGQt
YWZmOTJjMTZkOGUzLzEvVG8zTUE0QnBXUnF3aXhvVm5oZXdTakVZelQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9lZDc5NjMtNzJlYS00YzFkLWFkZGQtYWZmOTJjMTZkOGUz
LzEvRjVNQjNNZjY1UGZPQWVTWWVuZkxncU0ycV84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWMdhMA0G
CSqGSIb3DQEBCwUAA4IBAQATetkezPhZ8X0JvIxkb+1P9Bo54tlLAOSCj7B19wbL
PiIgKWHueCsinmeQViJmM5qRClFPVwwDRqyng375oCW2QIxmoRbF0dSCscV4WF98
sIDD4KzLwT7bTYmwpw+rzmoQxTkm7L5EGDTXPtaDnd1zzgrE2lhbzMZtvDktlNng
kYxUi9RQWc2R2pYetk0W2ffzO3LNXmEunQfuvF/36EntH6pvn/QC6RyRkNaFS3lV
secNkuVjmVmwFT2p5jCZkQZe+E8IMm0gU3eGBroxE44c3zevYHlyqfTa6d+ADZSW
G7grzaXEWQxJxrmFuSK7sr+cROnSetmawZq8Cvr6ThhP
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:42:45 2024 by rpki-client on console-ams.rpki-client.org