Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/o6DCl-735Gw3HFRiuslykk0QhfI.roa
File: o6DCl-735Gw3HFRiuslykk0QhfI.roa (raw, json)
Hash identifier: lIT76ir20Zao6uadVXXIzXS/4JbZTWcIUB1lpgUbsF0=
Subject key identifier: A3:A0:C2:97:EE:F7:E4:6C:37:1C:54:62:BA:C9:72:92:4D:10:85:F2
Certificate issuer: /CN=179301dcc7fae4f7ce01e4987a77cb82a336abff
Certificate serial: 018CC26CF4CB7071F15570D174A9FB2EE494
Authority key identifier: 17:93:01:DC:C7:FA:E4:F7:CE:01:E4:98:7A:77:CB:82:A3:36:AB:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/o6DCl-735Gw3HFRiuslykk0QhfI.roa
Signing time: Mon 01 Jan 2024 00:29:29 +0000
ROA not before: Mon 01 Jan 2024 00:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200176
IP address blocks: 88.199.130.0/24 maxlen: 24
88.199.128.0/23 maxlen: 23
88.199.44.0/24 maxlen: 24
88.199.54.0/23 maxlen: 23
88.199.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/F5MB3Mf65PfOAeSYenfLgqM2q_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/F5MB3Mf65PfOAeSYenfLgqM2q_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 04:03:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f4:cb:70:71:f1:55:70:d1:74:a9:fb:2e:e4:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=179301dcc7fae4f7ce01e4987a77cb82a336abff
Validity
Not Before: Jan 1 00:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3a0c297eef7e46c371c5462bac972924d1085f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3c:6b:57:6b:cc:0b:d6:10:28:ce:4f:86:6b:
a6:f9:d2:3a:3c:84:75:16:8e:70:7a:4c:ad:67:76:
1f:cc:c4:98:66:98:9e:7a:bd:46:b2:67:96:69:4b:
f9:e4:ff:f6:42:9e:89:8f:a5:d1:60:01:ad:bd:21:
06:37:ec:e7:e7:3b:80:70:6b:ab:e1:4d:44:33:4f:
b8:15:82:1f:c9:4b:37:13:9f:8b:0a:ac:f1:5c:49:
67:2d:6a:52:dc:2a:2c:0a:37:58:70:c0:85:29:89:
cc:60:95:1f:75:eb:0c:cd:61:3c:91:56:8a:16:8a:
ff:3d:c2:4f:15:dd:bf:64:0f:46:70:67:88:09:c3:
8b:c1:b6:79:cd:25:3a:8c:71:48:6e:95:9f:8f:91:
3c:e1:e8:3e:bc:24:fd:06:48:74:bc:b6:27:4e:e3:
5a:01:0b:2c:d1:e5:ca:bf:49:d3:3c:50:0c:e3:86:
8f:b1:01:ba:8a:7e:eb:39:4f:46:00:89:09:7e:3f:
91:3c:7c:b0:2d:ea:03:56:ee:1f:32:35:e2:ff:28:
b1:c4:b6:f9:ea:08:0f:0b:18:70:5c:43:21:ec:99:
92:e3:0f:03:98:7c:fa:a0:9f:ec:5c:84:27:34:05:
c5:c2:93:b1:e9:10:31:1b:1f:e6:db:f5:b8:50:6f:
c3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:A0:C2:97:EE:F7:E4:6C:37:1C:54:62:BA:C9:72:92:4D:10:85:F2
X509v3 Authority Key Identifier:
keyid:17:93:01:DC:C7:FA:E4:F7:CE:01:E4:98:7A:77:CB:82:A3:36:AB:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/o6DCl-735Gw3HFRiuslykk0QhfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/F5MB3Mf65PfOAeSYenfLgqM2q_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.199.44.0/24
88.199.53.0-88.199.55.255
88.199.128.0-88.199.130.255
Signature Algorithm: sha256WithRSAEncryption
22:6f:9c:3a:88:3f:c4:49:09:03:f9:f6:74:c6:89:6c:93:2f:
63:05:6b:5c:17:ee:ec:a4:21:a0:c6:07:54:7d:10:64:a9:ec:
ec:e8:88:8e:ee:6c:8f:0b:a3:48:9e:8d:16:e8:0b:21:7f:13:
20:2d:c0:d9:cc:17:45:28:56:cd:69:90:92:42:79:80:e4:9c:
c7:fb:13:74:96:fc:c3:d0:57:1d:67:05:3a:69:fe:a3:04:f6:
ec:29:41:72:fe:15:78:5e:42:20:33:61:05:8a:c4:a2:11:74:
6c:42:80:24:0b:dd:63:f0:d1:60:d5:c6:be:3a:df:3b:5a:94:
75:d4:23:ed:76:1f:3d:6d:7f:4a:52:25:dd:df:82:88:b5:8a:
c3:e3:a8:7d:92:38:22:48:cb:e3:7d:d1:61:9d:2f:0d:7b:84:
72:95:4e:f7:91:a1:8b:cf:c8:f6:2b:d1:88:3d:bd:83:34:8c:
94:6d:52:f7:a1:23:ae:94:6a:61:72:4b:f3:46:a9:90:b8:42:
ae:08:76:39:8e:36:69:7e:19:c5:b0:ca:27:3d:2a:56:eb:3b:
3a:62:b3:2d:b5:51:b1:29:b5:35:17:49:66:c3:e3:bc:a7:ee:
9a:d9:cd:5f:b1:0f:1f:b7:25:8c:ff:9c:b4:ca:cf:15:80:4e:
c9:8c:b4:14
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzCbPTLcHHxVXDRdKn7LuSUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTMwMWRjYzdmYWU0ZjdjZTAxZTQ5ODdhNzdjYjgyYTMz
NmFiZmYwHhcNMjQwMTAxMDAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2EwYzI5N2VlZjdlNDZjMzcxYzU0NjJiYWM5NzI5MjRkMTA4NWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozxrV2vMC9YQKM5Phmum+dI6PIR1
Fo5wekytZ3YfzMSYZpieer1GsmeWaUv55P/2Qp6Jj6XRYAGtvSEGN+zn5zuAcGur
4U1EM0+4FYIfyUs3E5+LCqzxXElnLWpS3CosCjdYcMCFKYnMYJUfdesMzWE8kVaK
For/PcJPFd2/ZA9GcGeICcOLwbZ5zSU6jHFIbpWfj5E84eg+vCT9Bkh0vLYnTuNa
AQss0eXKv0nTPFAM44aPsQG6in7rOU9GAIkJfj+RPHywLeoDVu4fMjXi/yixxLb5
6ggPCxhwXEMh7JmS4w8DmHz6oJ/sXIQnNAXFwpOx6RAxGx/m2/W4UG/DgwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKOgwpfu9+RsNxxUYrrJcpJNEIXyMB8GA1UdIwQY
MBaAFBeTAdzH+uT3zgHkmHp3y4KjNqv/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVNQjNNZjY1UGZPQWVTWWVuZkxncU0ycV84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9lZDc5NjMtNzJlYS00YzFkLWFkZGQt
YWZmOTJjMTZkOGUzLzEvbzZEQ2wtNzM1R3czSEZSaXVzbHlrazBRaGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9lZDc5NjMtNzJlYS00YzFkLWFkZGQtYWZmOTJjMTZkOGUz
LzEvRjVNQjNNZjY1UGZPQWVTWWVuZkxncU0ycV84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAWMcsMAwD
BABYxzUDBANYxzAwDAMEB1jHgAMEAFjHgjANBgkqhkiG9w0BAQsFAAOCAQEAIm+c
Oog/xEkJA/n2dMaJbJMvYwVrXBfu7KQhoMYHVH0QZKns7OiIju5sjwujSJ6NFugL
IX8TIC3A2cwXRShWzWmQkkJ5gOScx/sTdJb8w9BXHWcFOmn+owT27ClBcv4VeF5C
IDNhBYrEohF0bEKAJAvdY/DRYNXGvjrfO1qUddQj7XYfPW1/SlIl3d+CiLWKw+Oo
fZI4IkjL433RYZ0vDXuEcpVO95Ghi8/I9ivRiD29gzSMlG1S96EjrpRqYXJL80ap
kLhCrgh2OY42aX4ZxbDKJz0qVus7OmKzLbVRsSm1NRdJZsPjvKfumtnNX7EPH7cl
jP+ctMrPFYBOyYy0FA==
-----END CERTIFICATE-----
Generated at Tue May 28 09:28:18 2024 by rpki-client on console-fra.rpki-client.org