Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/h0fDBd0621iUnaLS032yNwEhpLU.roa
File: h0fDBd0621iUnaLS032yNwEhpLU.roa (raw, json)
Hash identifier: +K0JnGR4vAISVEuG/r18PbWUi02m2Lba6MuQu3Xec+M=
Subject key identifier: 87:47:C3:05:DD:3A:DB:58:94:9D:A2:D2:D3:7D:B2:37:01:21:A4:B5
Certificate issuer: /CN=ab7aaabb23cd245bfa828fb02521d644c6d5b566
Certificate serial: 01926B385D331B80DF676B6E69E05C545C6B
Authority key identifier: AB:7A:AA:BB:23:CD:24:5B:FA:82:8F:B0:25:21:D6:44:C6:D5:B5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3qquyPNJFv6go-wJSHWRMbVtWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/h0fDBd0621iUnaLS032yNwEhpLU.roa
Signing time: Tue 08 Oct 2024 08:21:48 +0000
ROA not before: Tue 08 Oct 2024 08:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212345
IP address blocks: 88.218.113.0/24 maxlen: 24
88.218.115.0/24 maxlen: 24
93.179.90.0/23 maxlen: 24
178.57.68.0/24 maxlen: 24
2a0f:52c1:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/q3qquyPNJFv6go-wJSHWRMbVtWY.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/q3qquyPNJFv6go-wJSHWRMbVtWY.mft
rsync://rpki.ripe.net/repository/DEFAULT/q3qquyPNJFv6go-wJSHWRMbVtWY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6b:38:5d:33:1b:80:df:67:6b:6e:69:e0:5c:54:5c:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab7aaabb23cd245bfa828fb02521d644c6d5b566
Validity
Not Before: Oct 8 08:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8747c305dd3adb58949da2d2d37db2370121a4b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:09:57:a0:9a:d0:9f:35:c9:9f:e4:9c:22:9b:
1d:1b:43:0e:0d:85:6d:82:4c:5f:f2:4f:cf:5b:1c:
99:90:8b:b1:ff:cf:13:35:cb:a3:9b:1a:e1:1e:6c:
45:d5:8e:7b:7a:ac:37:04:57:c6:ac:ec:df:67:6a:
e7:66:69:44:7e:c3:ef:cd:9b:38:10:9d:91:3a:fe:
3f:4e:8e:c8:dd:42:f7:a4:a7:85:ef:15:72:68:78:
8f:1a:aa:59:f7:77:1d:eb:89:d8:d4:87:10:96:0f:
b7:5e:75:bc:d6:6a:a7:30:6b:48:42:1b:60:ef:6b:
0a:80:6c:62:37:19:a1:ab:12:09:de:1a:89:2e:f8:
2b:c6:5b:80:d8:63:af:c0:30:30:98:25:78:c8:db:
66:ac:79:48:66:a7:b7:6e:8d:08:44:17:e5:b7:79:
c2:5d:de:88:ce:06:9a:bb:e1:f3:21:6e:4c:fb:23:
2f:74:5e:83:91:50:0e:77:b7:8d:a6:30:dd:16:07:
ee:67:a9:0f:c0:c6:b8:29:f1:b3:55:00:c3:2a:7a:
47:b0:ea:42:a6:fc:7b:4b:9d:58:ea:2e:2e:fb:72:
f4:d0:38:9b:83:18:c6:64:2e:a3:ad:78:3d:39:e3:
93:51:e0:0a:47:06:3f:ed:97:80:07:53:6c:75:47:
8c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:47:C3:05:DD:3A:DB:58:94:9D:A2:D2:D3:7D:B2:37:01:21:A4:B5
X509v3 Authority Key Identifier:
keyid:AB:7A:AA:BB:23:CD:24:5B:FA:82:8F:B0:25:21:D6:44:C6:D5:B5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3qquyPNJFv6go-wJSHWRMbVtWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/h0fDBd0621iUnaLS032yNwEhpLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/q3qquyPNJFv6go-wJSHWRMbVtWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.113.0/24
88.218.115.0/24
93.179.90.0/23
178.57.68.0/24
IPv6:
2a0f:52c1:1::/48
Signature Algorithm: sha256WithRSAEncryption
11:eb:22:11:70:e4:f4:7c:7c:7f:57:00:18:2b:1d:9f:a9:d7:
81:47:50:92:4a:48:fa:89:51:d4:6f:3d:ed:a7:15:85:96:8d:
c7:b7:0f:51:b6:01:ef:50:c9:e2:19:10:8b:08:9b:42:2a:0d:
03:1c:34:ca:5d:36:e4:fa:6d:8f:28:75:d3:ef:75:aa:8b:f2:
e9:c0:db:46:51:eb:e7:15:6a:49:e7:99:db:f8:69:01:b7:4e:
b7:70:28:62:1f:1c:91:0c:f9:b2:76:56:59:44:2c:aa:2a:f0:
a5:fe:a5:f7:84:a7:b8:d7:7f:47:d6:48:92:bb:ff:31:9e:73:
6d:93:32:ed:45:e7:94:b2:c2:0e:34:f6:fb:17:04:a3:77:b2:
be:dc:9a:25:17:2a:05:8f:93:dd:ee:fc:ee:17:ef:7c:50:b4:
01:db:55:88:c4:f9:4a:43:64:3a:9d:76:9c:ea:61:85:68:0c:
41:83:8e:62:a1:32:90:08:3f:c2:0d:79:31:ce:1c:c3:05:38:
db:6c:a8:4b:10:09:0f:c2:77:8b:44:1e:a4:16:65:16:50:54:
3e:3a:03:e9:91:00:97:03:ed:01:f0:d7:dd:aa:f0:73:b0:41:
60:43:69:34:7a:97:29:f9:f0:bc:4e:bb:b9:1a:4f:86:2f:88:
7a:69:fe:55
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZJrOF0zG4DfZ2tuaeBcVFxrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FhYWJiMjNjZDI0NWJmYTgyOGZiMDI1MjFkNjQ0YzZk
NWI1NjYwHhcNMjQxMDA4MDgyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzQ3YzMwNWRkM2FkYjU4OTQ5ZGEyZDJkMzdkYjIzNzAxMjFhNGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAlXoJrQnzXJn+ScIpsdG0MODYVt
gkxf8k/PWxyZkIux/88TNcujmxrhHmxF1Y57eqw3BFfGrOzfZ2rnZmlEfsPvzZs4
EJ2ROv4/To7I3UL3pKeF7xVyaHiPGqpZ93cd64nY1IcQlg+3XnW81mqnMGtIQhtg
72sKgGxiNxmhqxIJ3hqJLvgrxluA2GOvwDAwmCV4yNtmrHlIZqe3bo0IRBflt3nC
Xd6Izgaau+HzIW5M+yMvdF6DkVAOd7eNpjDdFgfuZ6kPwMa4KfGzVQDDKnpHsOpC
pvx7S51Y6i4u+3L00DibgxjGZC6jrXg9OeOTUeAKRwY/7ZeAB1NsdUeMZQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFIdHwwXdOttYlJ2i0tN9sjcBIaS1MB8GA1UdIwQY
MBaAFKt6qrsjzSRb+oKPsCUh1kTG1bVmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNxcXV5UE5KRnY2Z28td0pTSFdSTWJWdFdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80NmRlYzUtYzM4ZC00YzFkLTljZWMt
OWVhZDgxZGEyZTQ0LzEvaDBmREJkMDYyMWlVbmFMUzAzMnlOd0VocExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80NmRlYzUtYzM4ZC00YzFkLTljZWMtOWVhZDgxZGEyZTQ0
LzEvcTNxcXV5UE5KRnY2Z28td0pTSFdSTWJWdFdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAWNpxAwQA
WNpzAwQBXbNaAwQAsjlEMA8EAgACMAkDBwAqD1LBAAEwDQYJKoZIhvcNAQELBQAD
ggEBABHrIhFw5PR8fH9XABgrHZ+p14FHUJJKSPqJUdRvPe2nFYWWjce3D1G2Ae9Q
yeIZEIsIm0IqDQMcNMpdNuT6bY8oddPvdaqL8unA20ZR6+cVaknnmdv4aQG3Trdw
KGIfHJEM+bJ2VllELKoq8KX+pfeEp7jXf0fWSJK7/zGec22TMu1F55Sywg409vsX
BKN3sr7cmiUXKgWPk93u/O4X73xQtAHbVYjE+UpDZDqddpzqYYVoDEGDjmKhMpAI
P8INeTHOHMMFONtsqEsQCQ/Cd4tEHqQWZRZQVD46A+mRAJcD7QHw192q8HOwQWBD
aTR6lyn58LxOu7kaT4YviHpp/lU=
-----END CERTIFICATE-----
Generated at Sat Nov 23 21:59:42 2024 by rpki-client on console-fra.rpki-client.org