Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/3511af-0b4e-40b3-bf8f-479c114656fc/1/z68IgboXGZiKQ6dzJS-V8KNFxGc.roa
File: z68IgboXGZiKQ6dzJS-V8KNFxGc.roa (raw, json)
Hash identifier: fUSaPwcqpcN4c4L8zqNawHhhpxaNcUgQCRY6lsKpqsI=
Subject key identifier: CF:AF:08:81:BA:17:19:98:8A:43:A7:73:25:2F:95:F0:A3:45:C4:67
Certificate issuer: /CN=de4682e6b28660bd88a9b4d28cb1d75ef7cc6d7f
Certificate serial: 018CC348E5640D68D6E6F1F06D1160E16AB3
Authority key identifier: DE:46:82:E6:B2:86:60:BD:88:A9:B4:D2:8C:B1:D7:5E:F7:CC:6D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3kaC5rKGYL2IqbTSjLHXXvfMbX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/3511af-0b4e-40b3-bf8f-479c114656fc/1/z68IgboXGZiKQ6dzJS-V8KNFxGc.roa
Signing time: Mon 01 Jan 2024 04:29:43 +0000
ROA not before: Mon 01 Jan 2024 04:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25160
IP address blocks: 45.88.112.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/3511af-0b4e-40b3-bf8f-479c114656fc/1/3kaC5rKGYL2IqbTSjLHXXvfMbX8.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/3511af-0b4e-40b3-bf8f-479c114656fc/1/3kaC5rKGYL2IqbTSjLHXXvfMbX8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3kaC5rKGYL2IqbTSjLHXXvfMbX8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:e5:64:0d:68:d6:e6:f1:f0:6d:11:60:e1:6a:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de4682e6b28660bd88a9b4d28cb1d75ef7cc6d7f
Validity
Not Before: Jan 1 04:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfaf0881ba1719988a43a773252f95f0a345c467
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:98:06:d4:2c:36:7c:91:2c:3a:e5:3e:e9:ef:
d0:54:a5:32:31:ac:b5:59:13:ee:64:a2:73:7d:30:
23:3d:fd:20:e2:49:0a:25:7f:8e:c6:f6:b0:67:60:
96:4f:34:99:91:27:83:37:36:c9:37:45:ba:42:f5:
ce:f1:89:80:ac:d4:a5:2b:f3:60:d9:b4:fe:f0:14:
a8:84:9c:15:a8:f1:a5:bf:11:6d:ad:14:8a:85:12:
66:64:f5:f2:78:37:c4:8f:a4:8a:64:54:4f:69:3c:
f9:b8:53:03:f3:2f:17:89:50:5e:fa:8a:37:d0:75:
35:16:d2:52:94:b3:4e:56:19:ce:56:9e:07:e2:5e:
74:be:b5:02:a0:57:dd:04:ed:fc:72:9c:75:18:3c:
9f:2d:c0:bf:75:76:98:20:b3:5b:6a:3e:41:37:91:
a9:b3:82:c7:49:ae:a2:fb:6a:83:42:5f:73:5d:44:
21:9b:83:c4:11:d8:d7:8b:8c:b2:38:ba:f6:bc:34:
a9:e8:77:1d:37:e2:77:eb:5a:87:a3:ff:0d:94:55:
de:a8:bc:15:78:c5:f5:35:f0:8e:b6:1a:5e:ee:2d:
1c:59:e4:5f:c6:ba:cf:c5:db:79:93:93:ca:c2:26:
21:57:6f:c1:1a:6a:22:06:f2:27:3c:4c:83:8d:8e:
16:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:AF:08:81:BA:17:19:98:8A:43:A7:73:25:2F:95:F0:A3:45:C4:67
X509v3 Authority Key Identifier:
keyid:DE:46:82:E6:B2:86:60:BD:88:A9:B4:D2:8C:B1:D7:5E:F7:CC:6D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kaC5rKGYL2IqbTSjLHXXvfMbX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/3511af-0b4e-40b3-bf8f-479c114656fc/1/z68IgboXGZiKQ6dzJS-V8KNFxGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/3511af-0b4e-40b3-bf8f-479c114656fc/1/3kaC5rKGYL2IqbTSjLHXXvfMbX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.112.0/22
Signature Algorithm: sha256WithRSAEncryption
25:3d:a2:1e:7b:88:9f:ae:17:b3:1a:94:8d:7e:00:2b:11:58:
ff:b8:17:61:68:33:76:df:c7:bb:12:4e:ee:54:fe:57:68:eb:
fe:96:82:47:c4:80:51:74:15:a3:21:73:64:91:6a:20:eb:10:
c6:35:f3:73:76:42:47:ab:7a:3f:68:7d:7a:b0:e2:1c:08:03:
9d:3b:b1:e6:51:6a:1f:e2:c3:9b:17:f0:b6:a4:05:fe:28:1e:
58:d7:98:ff:7f:df:f7:93:05:ba:05:e0:dd:41:d5:b5:11:ad:
16:da:2b:e0:98:98:19:4e:45:db:15:99:a3:ba:1a:79:9d:a2:
d8:d8:46:21:fd:9b:e4:91:ca:22:c6:65:43:9c:a6:82:07:e4:
49:98:87:cb:bd:59:93:65:60:2e:41:c0:84:bc:99:4b:23:4d:
f9:5e:fd:c4:e1:a8:17:c7:88:83:da:39:81:4e:7f:d4:77:8c:
4d:64:80:de:5f:af:7a:e8:29:ba:f0:a5:e0:f2:66:20:78:3a:
79:f9:fc:ed:10:27:41:b0:5f:35:82:42:c7:b0:0c:02:69:57:
03:92:de:db:22:96:88:4b:80:21:ce:9c:8e:31:e0:7b:33:e7:
de:07:80:f9:bc:ab:d5:e3:ac:ec:1e:c1:32:c7:9d:c2:10:80:
f5:0f:87:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSOVkDWjW5vHwbRFg4WqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDY4MmU2YjI4NjYwYmQ4OGE5YjRkMjhjYjFkNzVlZjdj
YzZkN2YwHhcNMjQwMTAxMDQyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmFmMDg4MWJhMTcxOTk4OGE0M2E3NzMyNTJmOTVmMGEzNDVjNDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpgG1Cw2fJEsOuU+6e/QVKUyMay1
WRPuZKJzfTAjPf0g4kkKJX+OxvawZ2CWTzSZkSeDNzbJN0W6QvXO8YmArNSlK/Ng
2bT+8BSohJwVqPGlvxFtrRSKhRJmZPXyeDfEj6SKZFRPaTz5uFMD8y8XiVBe+oo3
0HU1FtJSlLNOVhnOVp4H4l50vrUCoFfdBO38cpx1GDyfLcC/dXaYILNbaj5BN5Gp
s4LHSa6i+2qDQl9zXUQhm4PEEdjXi4yyOLr2vDSp6HcdN+J361qHo/8NlFXeqLwV
eMX1NfCOthpe7i0cWeRfxrrPxdt5k5PKwiYhV2/BGmoiBvInPEyDjY4W5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM+vCIG6FxmYikOncyUvlfCjRcRnMB8GA1UdIwQY
MBaAFN5GguayhmC9iKm00oyx1173zG1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2thQzVyS0dZTDJJcWJUU2pMSFhYdmZNYlg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8zNTExYWYtMGI0ZS00MGIzLWJmOGYt
NDc5YzExNDY1NmZjLzEvejY4SWdib1hHWmlLUTZkekpTLVY4S05GeEdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8zNTExYWYtMGI0ZS00MGIzLWJmOGYtNDc5YzExNDY1NmZj
LzEvM2thQzVyS0dZTDJJcWJUU2pMSFhYdmZNYlg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVhwMA0G
CSqGSIb3DQEBCwUAA4IBAQAlPaIee4ifrhezGpSNfgArEVj/uBdhaDN238e7Ek7u
VP5XaOv+loJHxIBRdBWjIXNkkWog6xDGNfNzdkJHq3o/aH16sOIcCAOdO7HmUWof
4sObF/C2pAX+KB5Y15j/f9/3kwW6BeDdQdW1Ea0W2ivgmJgZTkXbFZmjuhp5naLY
2EYh/ZvkkcoixmVDnKaCB+RJmIfLvVmTZWAuQcCEvJlLI035Xv3E4agXx4iD2jmB
Tn/Ud4xNZIDeX6966Cm68KXg8mYgeDp5+fztECdBsF81gkLHsAwCaVcDkt7bIpaI
S4AhzpyOMeB7M+feB4D5vKvV46zsHsEyx53CEID1D4fp
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:21:20 2024 by rpki-client on console-ams.rpki-client.org