Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/ODFUWKpYaPLOOmJRIlRL0pQTI-w.roa
File: ODFUWKpYaPLOOmJRIlRL0pQTI-w.roa (raw, json)
Hash identifier: HpDjnMyeNXyUzKx7D/ZEuNgQ0V3sG7+U1ei4TAQZwOE=
Subject key identifier: 38:31:54:58:AA:58:68:F2:CE:3A:62:51:22:54:4B:D2:94:13:23:EC
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 019427B67FBDEC54BF84C29AD9C0A88390C9
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/ODFUWKpYaPLOOmJRIlRL0pQTI-w.roa
Signing time: Thu 02 Jan 2025 15:50:59 +0000
ROA not before: Thu 02 Jan 2025 15:50:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31108
IP address blocks: 88.221.82.0/24 maxlen: 24
88.221.86.0/24 maxlen: 24
2a02:26f0:1c::/48 maxlen: 48
2a02:26f0:3d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:7f:bd:ec:54:bf:84:c2:9a:d9:c0:a8:83:90:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 2 15:50:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38315458aa5868f2ce3a625122544bd2941323ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b6:8b:18:84:cf:17:25:b0:04:38:7c:75:68:
89:41:45:07:ae:76:b2:68:5a:3e:11:ea:42:b8:03:
04:4f:d5:db:d1:1f:ce:b0:75:e2:42:a6:c7:6a:cd:
d5:aa:10:a1:22:c1:e0:28:e8:94:d6:58:c2:66:e4:
2d:ae:6c:96:e5:af:cb:56:9d:cf:ec:44:5f:5a:a4:
9e:eb:c9:7a:e4:b7:2b:e9:7e:23:b2:1c:0f:b0:72:
73:96:c9:b7:6c:ca:12:50:09:83:b3:a4:83:89:41:
56:d1:c3:1f:bd:fa:0a:cb:63:f3:c9:53:94:7c:b9:
09:c5:8e:a9:a8:ef:04:4d:fc:d5:a0:44:cf:c3:22:
1a:f3:57:e2:a3:39:19:98:1b:0f:77:c9:51:eb:44:
31:95:96:7e:b2:25:1a:7f:73:20:b7:64:96:d9:6b:
81:e2:44:25:4f:e2:ee:19:d1:47:96:91:4b:7c:88:
b3:2e:df:11:ce:33:d7:6e:d1:57:70:af:84:77:9a:
e9:cf:76:0e:70:2b:f7:0a:e7:1e:e5:af:8f:44:f0:
81:3f:e9:be:b3:ac:27:4c:3b:6c:73:64:d6:65:69:
b1:c4:1c:cd:6b:5f:65:3e:74:89:f9:35:7d:9e:56:
ca:d3:9a:43:9d:cb:80:67:64:2f:99:98:43:de:87:
80:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:31:54:58:AA:58:68:F2:CE:3A:62:51:22:54:4B:D2:94:13:23:EC
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/ODFUWKpYaPLOOmJRIlRL0pQTI-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.221.82.0/24
88.221.86.0/24
IPv6:
2a02:26f0:1c::/48
2a02:26f0:3d::/48
Signature Algorithm: sha256WithRSAEncryption
81:ab:71:ac:8d:76:e9:0b:c4:d0:b7:18:d9:c5:a3:38:67:ba:
38:f4:93:ad:b2:e4:b9:62:1d:3b:c1:54:d0:3a:02:ce:90:38:
e6:7c:1f:ef:dc:54:1b:9e:56:f2:ae:0f:d4:a5:a2:74:2f:c8:
9a:2d:f7:6c:38:80:cf:a1:44:3e:1e:d0:c9:2f:30:28:c3:4b:
2e:94:ce:a8:96:04:9b:5d:41:06:be:e9:b0:a8:0b:ea:31:99:
29:64:6b:d9:77:0f:30:22:5b:08:3c:b9:73:dd:e5:1b:74:44:
c9:40:87:5f:af:b4:5c:28:15:2e:d6:39:9d:bf:34:0f:f6:fd:
4c:ea:a1:ab:48:64:d0:3c:2c:e6:67:82:7b:2a:cf:1e:0b:f4:
75:22:b4:56:10:54:67:7e:f7:8d:fa:42:40:45:ac:93:d3:58:
b2:5d:2a:cc:8f:d4:b6:9a:e8:1d:19:eb:48:3f:eb:aa:0a:9e:
be:3f:c2:99:ef:a2:ca:50:12:78:8d:de:93:f2:eb:ed:eb:1a:
e8:fa:23:6f:02:53:08:e3:13:7c:e0:46:1f:33:64:af:7d:60:
70:08:c8:41:f8:6c:40:cc:6d:0e:6a:b8:ee:48:69:92:1f:74:
71:69:d8:73:9e:f1:06:a7:c2:08:0c:12:24:6e:a6:bc:bd:c1:
4d:9b:b3:8e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQntn+97FS/hMKa2cCog5DJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjUwMTAyMTU1MDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODMxNTQ1OGFhNTg2OGYyY2UzYTYyNTEyMjU0NGJkMjk0MTMyM2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7aLGITPFyWwBDh8dWiJQUUHrnay
aFo+EepCuAMET9Xb0R/OsHXiQqbHas3VqhChIsHgKOiU1ljCZuQtrmyW5a/LVp3P
7ERfWqSe68l65Lcr6X4jshwPsHJzlsm3bMoSUAmDs6SDiUFW0cMfvfoKy2PzyVOU
fLkJxY6pqO8ETfzVoETPwyIa81fiozkZmBsPd8lR60QxlZZ+siUaf3Mgt2SW2WuB
4kQlT+LuGdFHlpFLfIizLt8RzjPXbtFXcK+Ed5rpz3YOcCv3Cuce5a+PRPCBP+m+
s6wnTDtsc2TWZWmxxBzNa19lPnSJ+TV9nlbK05pDncuAZ2QvmZhD3oeA0wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDgxVFiqWGjyzjpiUSJUS9KUEyPsMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvT0RGVVdLcFlhUExPT21KUklsUkwwcFFUSS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAWN1SAwQA
WN1WMBgEAgACMBIDBwAqAibwABwDBwAqAibwAD0wDQYJKoZIhvcNAQELBQADggEB
AIGrcayNdukLxNC3GNnFozhnujj0k62y5LliHTvBVNA6As6QOOZ8H+/cVBueVvKu
D9SlonQvyJot92w4gM+hRD4e0MkvMCjDSy6UzqiWBJtdQQa+6bCoC+oxmSlka9l3
DzAiWwg8uXPd5Rt0RMlAh1+vtFwoFS7WOZ2/NA/2/UzqoatIZNA8LOZngnsqzx4L
9HUitFYQVGd+9436QkBFrJPTWLJdKsyP1Laa6B0Z60g/66oKnr4/wpnvospQEniN
3pPy6+3rGuj6I28CUwjjE3zgRh8zZK99YHAIyEH4bEDMbQ5quO5IaZIfdHFp2HOe
8QanwggMEiRupry9wU2bs44=
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:13:13 2025 by rpki-client