Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/LJvZDYzdOkFbi23H_vghmU8WGo0.roa
File: LJvZDYzdOkFbi23H_vghmU8WGo0.roa (raw, json)
Hash identifier: 1zWCHa3ZoLRo7ZTYMDqjq+E5QgvUheIu3bEdHyESJDc=
Subject key identifier: 2C:9B:D9:0D:8C:DD:3A:41:5B:8B:6D:C7:FE:F8:21:99:4F:16:1A:8D
Certificate issuer: /CN=ab7aaabb23cd245bfa828fb02521d644c6d5b566
Certificate serial: 018CC6B7938CC10B29BB39A373FD1B1C0FDA
Authority key identifier: AB:7A:AA:BB:23:CD:24:5B:FA:82:8F:B0:25:21:D6:44:C6:D5:B5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3qquyPNJFv6go-wJSHWRMbVtWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/LJvZDYzdOkFbi23H_vghmU8WGo0.roa
Signing time: Mon 01 Jan 2024 20:29:28 +0000
ROA not before: Mon 01 Jan 2024 20:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212319
IP address blocks: 88.218.112.0/24 maxlen: 24
2a0f:52c1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/q3qquyPNJFv6go-wJSHWRMbVtWY.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/q3qquyPNJFv6go-wJSHWRMbVtWY.mft
rsync://rpki.ripe.net/repository/DEFAULT/q3qquyPNJFv6go-wJSHWRMbVtWY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:93:8c:c1:0b:29:bb:39:a3:73:fd:1b:1c:0f:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab7aaabb23cd245bfa828fb02521d644c6d5b566
Validity
Not Before: Jan 1 20:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c9bd90d8cdd3a415b8b6dc7fef821994f161a8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:77:4a:64:f0:c5:0c:96:c1:1f:71:cb:5c:f3:
81:e2:8e:9a:1d:16:bd:10:09:6f:c7:8c:16:59:55:
66:13:54:a3:2f:65:e0:ad:83:8a:ee:9c:be:4a:6a:
5a:7e:62:e2:37:9d:b6:3c:9b:a0:52:16:4a:ac:fa:
26:56:bb:c8:39:78:97:41:36:14:b5:8f:d9:d1:a8:
5d:b7:5e:0c:e8:a9:17:70:27:95:e3:c3:da:d2:4c:
ba:37:1c:82:a9:92:f6:38:0b:ae:15:40:e4:94:46:
f6:0f:73:92:ff:c3:9b:16:a5:f5:0b:b4:d1:47:67:
9d:e0:ca:b9:7a:30:4a:5c:50:e9:c3:2d:66:d8:46:
c3:35:c1:e8:8d:5a:b0:d9:75:07:46:4a:e5:65:0e:
9d:dd:8e:1b:05:b7:76:be:28:b8:8d:7e:18:e3:1b:
56:64:42:47:99:27:25:eb:8f:8d:7f:69:8a:48:48:
99:7c:1e:b3:af:aa:fb:b9:71:c1:89:a3:98:66:09:
df:44:3d:1c:dc:fd:86:3f:ab:37:87:6d:ce:9d:17:
6b:4a:e6:b0:07:7e:3a:9d:3c:f8:37:8f:d5:d2:12:
1f:3e:73:ea:0a:62:6f:15:20:2c:0c:33:9b:28:8b:
c2:34:20:96:30:f5:fe:a5:a1:ab:ba:1d:cf:86:08:
de:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:9B:D9:0D:8C:DD:3A:41:5B:8B:6D:C7:FE:F8:21:99:4F:16:1A:8D
X509v3 Authority Key Identifier:
keyid:AB:7A:AA:BB:23:CD:24:5B:FA:82:8F:B0:25:21:D6:44:C6:D5:B5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3qquyPNJFv6go-wJSHWRMbVtWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/LJvZDYzdOkFbi23H_vghmU8WGo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/q3qquyPNJFv6go-wJSHWRMbVtWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.112.0/24
IPv6:
2a0f:52c1::/48
Signature Algorithm: sha256WithRSAEncryption
95:10:23:67:a0:3d:21:01:17:92:e5:25:ef:9e:85:b8:c3:9d:
43:96:fc:c0:7f:47:4f:8c:7e:45:0a:26:50:dd:16:dc:f8:38:
a8:9f:00:6a:f4:19:6f:5f:35:f1:04:b4:5f:cb:e8:20:75:ce:
23:30:e2:d5:0b:76:b4:2c:5a:34:01:f0:f1:f7:fe:c5:95:ae:
5c:a0:e4:24:2a:ff:00:10:d8:f9:99:e4:67:53:e5:1b:78:25:
5c:bf:b0:1f:03:e2:88:c6:ee:84:c4:f2:ad:65:32:97:b3:4b:
9c:b6:05:be:03:c0:7f:e3:a0:59:3e:a2:e3:e8:3c:92:08:06:
53:42:3a:f6:00:da:51:fa:5e:83:dd:3c:ba:61:08:34:2a:50:
2a:f5:b9:01:76:68:ed:0e:37:26:7c:95:5b:37:ef:a3:ce:b7:
06:4e:9b:9f:a9:48:f6:1e:f9:18:93:e9:26:b0:54:68:eb:68:
eb:e9:0b:69:36:54:f3:c1:47:dc:80:f8:e0:3a:18:9e:c7:93:
a8:3e:29:2a:5f:70:63:10:b8:18:b6:ef:b3:0d:e7:de:4d:c4:
3c:06:1f:b5:5c:1e:fc:03:ca:02:5c:de:56:42:bc:07:a1:06:
e8:75:53:af:b1:be:8f:2b:ab:a6:20:7b:b8:f0:de:f8:e7:ed:
91:25:47:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGt5OMwQspuzmjc/0bHA/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FhYWJiMjNjZDI0NWJmYTgyOGZiMDI1MjFkNjQ0YzZk
NWI1NjYwHhcNMjQwMTAxMjAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzliZDkwZDhjZGQzYTQxNWI4YjZkYzdmZWY4MjE5OTRmMTYxYThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXdKZPDFDJbBH3HLXPOB4o6aHRa9
EAlvx4wWWVVmE1SjL2XgrYOK7py+SmpafmLiN522PJugUhZKrPomVrvIOXiXQTYU
tY/Z0ahdt14M6KkXcCeV48Pa0ky6NxyCqZL2OAuuFUDklEb2D3OS/8ObFqX1C7TR
R2ed4Mq5ejBKXFDpwy1m2EbDNcHojVqw2XUHRkrlZQ6d3Y4bBbd2vii4jX4Y4xtW
ZEJHmScl64+Nf2mKSEiZfB6zr6r7uXHBiaOYZgnfRD0c3P2GP6s3h23OnRdrSuaw
B346nTz4N4/V0hIfPnPqCmJvFSAsDDObKIvCNCCWMPX+paGruh3PhgjeTQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCyb2Q2M3TpBW4ttx/74IZlPFhqNMB8GA1UdIwQY
MBaAFKt6qrsjzSRb+oKPsCUh1kTG1bVmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNxcXV5UE5KRnY2Z28td0pTSFdSTWJWdFdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80NmRlYzUtYzM4ZC00YzFkLTljZWMt
OWVhZDgxZGEyZTQ0LzEvTEp2WkRZemRPa0ZiaTIzSF92Z2htVThXR28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80NmRlYzUtYzM4ZC00YzFkLTljZWMtOWVhZDgxZGEyZTQ0
LzEvcTNxcXV5UE5KRnY2Z28td0pTSFdSTWJWdFdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWNpwMA8E
AgACMAkDBwAqD1LBAAAwDQYJKoZIhvcNAQELBQADggEBAJUQI2egPSEBF5LlJe+e
hbjDnUOW/MB/R0+MfkUKJlDdFtz4OKifAGr0GW9fNfEEtF/L6CB1ziMw4tULdrQs
WjQB8PH3/sWVrlyg5CQq/wAQ2PmZ5GdT5Rt4JVy/sB8D4ojG7oTE8q1lMpezS5y2
Bb4DwH/joFk+ouPoPJIIBlNCOvYA2lH6XoPdPLphCDQqUCr1uQF2aO0ONyZ8lVs3
76POtwZOm5+pSPYe+RiT6SawVGjraOvpC2k2VPPBR9yA+OA6GJ7Hk6g+KSpfcGMQ
uBi277MN595NxDwGH7VcHvwDygJc3lZCvAehBuh1U6+xvo8rq6Yge7jw3vjn7ZEl
R6A=
-----END CERTIFICATE-----
Generated at Sat Nov 23 21:59:42 2024 by rpki-client on console-fra.rpki-client.org