Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/hLzNLaMrpK77FJpSSD6dl5-8yXo.roa
File: hLzNLaMrpK77FJpSSD6dl5-8yXo.roa (raw, json)
Hash identifier: knU9IbSZm0jP9pfizsZ9i28JukQU2DxOpf6tzDIThno=
Subject key identifier: 84:BC:CD:2D:A3:2B:A4:AE:FB:14:9A:52:48:3E:9D:97:9F:BC:C9:7A
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018CC2DADC51AB7A31D816D6DD371116582A
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/hLzNLaMrpK77FJpSSD6dl5-8yXo.roa
Signing time: Mon 01 Jan 2024 02:29:32 +0000
ROA not before: Mon 01 Jan 2024 02:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199823
IP address blocks: 88.220.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft
rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:dc:51:ab:7a:31:d8:16:d6:dd:37:11:16:58:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 02:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84bccd2da32ba4aefb149a52483e9d979fbcc97a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:71:fa:35:1d:49:d8:27:2a:5a:39:93:b1:55:
fd:f3:74:66:c1:e0:59:e0:02:89:9f:b7:7d:a2:af:
ac:ee:62:77:77:26:47:f1:de:b4:de:33:f7:11:ff:
34:cc:2c:6d:19:1f:81:84:08:e8:e8:87:25:83:7b:
11:2f:6a:3c:17:8c:49:45:80:15:fe:07:f3:70:76:
9d:8d:93:49:aa:80:77:b2:a0:46:8d:8d:5d:8a:b1:
93:c9:6d:65:29:cd:e2:a0:c4:26:77:c7:9a:64:60:
7e:94:56:49:45:e8:c4:e0:f3:1e:50:42:a8:1e:1c:
7f:a8:2d:84:29:eb:5d:d7:c3:32:f2:c6:a7:ec:0a:
37:25:68:87:67:0d:49:ec:4e:26:41:f6:71:2b:53:
f0:3b:58:89:a0:0d:c7:2e:87:09:84:a8:e3:8a:b6:
71:48:7c:0d:2e:22:ae:58:18:3e:34:7b:b8:7c:29:
7d:22:39:d5:e8:81:aa:8c:78:0a:33:58:69:5b:c3:
ed:a6:80:02:c1:43:ff:07:d8:b5:6a:62:23:49:b3:
61:36:c9:9a:56:07:63:7f:23:49:6a:ef:bb:f0:e9:
42:d3:2a:fa:99:31:73:05:42:12:b4:40:76:8c:48:
3a:af:2f:0b:25:e5:0e:92:e4:54:9a:f0:eb:ca:ea:
20:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:BC:CD:2D:A3:2B:A4:AE:FB:14:9A:52:48:3E:9D:97:9F:BC:C9:7A
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/hLzNLaMrpK77FJpSSD6dl5-8yXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.220.72.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:0b:9e:18:9f:35:13:37:b5:39:a6:53:de:d8:16:a8:e8:87:
24:85:b8:89:a9:49:62:18:4a:9f:09:34:f5:19:ed:70:04:d3:
64:97:a0:78:aa:fe:fd:12:62:b0:42:cf:e5:3a:79:ed:56:79:
92:80:00:d6:93:a0:02:57:a8:92:71:fb:22:45:2d:74:24:a4:
e5:83:d3:61:90:32:17:25:d4:30:8a:87:9e:0e:a8:cc:cf:9d:
d0:df:89:1b:85:c7:3c:92:92:23:3d:1c:43:12:9f:46:7f:2b:
ab:10:77:93:17:c8:cf:ac:c8:94:8e:2a:b3:8f:57:c5:28:cf:
8a:52:2b:97:ec:8a:3b:9b:91:f7:4c:16:d1:56:2d:f8:bb:67:
7b:db:f4:69:87:84:86:bb:09:a0:cb:8a:e2:28:59:4f:a0:1f:
07:2f:bd:57:b0:b7:9b:94:48:fe:d0:f2:35:0d:18:93:05:8c:
79:50:1c:2b:07:95:84:7e:95:ad:af:57:49:8f:62:a1:11:7b:
d3:3f:5f:a3:f4:d3:25:07:75:68:7b:9c:a9:38:da:8d:af:8e:
d6:b6:e8:75:91:f4:9d:69:a9:a9:50:69:67:9a:03:fd:d2:a6:
41:27:18:f2:aa:93:95:12:24:14:de:ac:24:f0:d3:ed:1b:81:
45:48:0f:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2txRq3ox2BbW3TcRFlgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjQwMTAxMDIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGJjY2QyZGEzMmJhNGFlZmIxNDlhNTI0ODNlOWQ5NzlmYmNjOTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHH6NR1J2CcqWjmTsVX983RmweBZ
4AKJn7d9oq+s7mJ3dyZH8d603jP3Ef80zCxtGR+BhAjo6Iclg3sRL2o8F4xJRYAV
/gfzcHadjZNJqoB3sqBGjY1dirGTyW1lKc3ioMQmd8eaZGB+lFZJRejE4PMeUEKo
Hhx/qC2EKetd18My8san7Ao3JWiHZw1J7E4mQfZxK1PwO1iJoA3HLocJhKjjirZx
SHwNLiKuWBg+NHu4fCl9IjnV6IGqjHgKM1hpW8PtpoACwUP/B9i1amIjSbNhNsma
VgdjfyNJau+78OlC0yr6mTFzBUIStEB2jEg6ry8LJeUOkuRUmvDryuogRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIS8zS2jK6Su+xSaUkg+nZefvMl6MB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvaEx6TkxhTXJwSzc3RkpwU1NENmRsNS04eVhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNxIMA0G
CSqGSIb3DQEBCwUAA4IBAQBOC54YnzUTN7U5plPe2Bao6IckhbiJqUliGEqfCTT1
Ge1wBNNkl6B4qv79EmKwQs/lOnntVnmSgADWk6ACV6iScfsiRS10JKTlg9NhkDIX
JdQwioeeDqjMz53Q34kbhcc8kpIjPRxDEp9GfyurEHeTF8jPrMiUjiqzj1fFKM+K
UiuX7Io7m5H3TBbRVi34u2d72/Rph4SGuwmgy4riKFlPoB8HL71XsLeblEj+0PI1
DRiTBYx5UBwrB5WEfpWtr1dJj2KhEXvTP1+j9NMlB3Voe5ypONqNr47Wtuh1kfSd
aampUGlnmgP90qZBJxjyqpOVEiQU3qwk8NPtG4FFSA/e
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:47:44 2024 by rpki-client on console-fra.rpki-client.org