Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/9de5da-2db2-4e06-8563-a3d9d614f197/1/PrzTAVuCxeQw2ruz6WdWPAWqZ5g.roa
File: PrzTAVuCxeQw2ruz6WdWPAWqZ5g.roa (raw, json)
Hash identifier: tb3aNt67TrBdJwkm4d+fVohV+7CwQKg8PNgJqxZwFFM=
Subject key identifier: 3E:BC:D3:01:5B:82:C5:E4:30:DA:BB:B3:E9:67:56:3C:05:AA:67:98
Certificate issuer: /CN=327ce64ace02ccd330ceef98d05df0fb20317a91
Certificate serial: 018CC2DB5BC920BE8DB179BB2D83BC012311
Authority key identifier: 32:7C:E6:4A:CE:02:CC:D3:30:CE:EF:98:D0:5D:F0:FB:20:31:7A:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MnzmSs4CzNMwzu-Y0F3w-yAxepE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/9de5da-2db2-4e06-8563-a3d9d614f197/1/PrzTAVuCxeQw2ruz6WdWPAWqZ5g.roa
Signing time: Mon 01 Jan 2024 02:30:04 +0000
ROA not before: Mon 01 Jan 2024 02:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198024
IP address blocks: 45.88.44.0/22 maxlen: 22
2a07:3b00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/9de5da-2db2-4e06-8563-a3d9d614f197/1/MnzmSs4CzNMwzu-Y0F3w-yAxepE.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/9de5da-2db2-4e06-8563-a3d9d614f197/1/MnzmSs4CzNMwzu-Y0F3w-yAxepE.mft
rsync://rpki.ripe.net/repository/DEFAULT/MnzmSs4CzNMwzu-Y0F3w-yAxepE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:5b:c9:20:be:8d:b1:79:bb:2d:83:bc:01:23:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=327ce64ace02ccd330ceef98d05df0fb20317a91
Validity
Not Before: Jan 1 02:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ebcd3015b82c5e430dabbb3e967563c05aa6798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6f:f9:79:f4:15:7d:a3:02:8d:79:f4:ba:4d:
b8:c5:9f:ff:b8:5a:5c:fb:26:cd:1b:3a:58:bb:04:
e4:8d:8a:23:2d:dc:5f:89:bd:87:c7:e7:00:2f:87:
4c:7d:66:e3:6f:7f:e5:49:19:6b:30:7c:4d:e3:41:
eb:2f:49:12:9f:56:49:66:9e:b5:bf:ab:30:85:77:
74:b9:d3:a8:74:b2:34:d7:71:c0:22:34:30:80:6b:
59:9f:b5:c5:63:e9:70:a1:eb:14:a3:db:76:e7:00:
36:fe:c6:cb:15:89:c9:2b:c7:1a:66:06:c1:18:80:
51:67:67:4c:15:6d:6c:7c:25:06:1a:e7:af:77:c1:
69:ca:fa:1f:ea:06:56:d3:bd:8a:b5:05:d2:cc:78:
3a:1b:c9:28:79:ce:e2:09:7a:d6:b8:93:4a:8b:39:
b5:d2:c0:92:45:ab:21:47:3f:eb:56:a7:17:3d:d0:
95:8d:f4:8c:36:87:e7:1e:d4:54:47:8b:23:24:32:
8d:7f:85:11:01:63:b9:fa:4b:58:33:33:16:57:7b:
0d:b7:27:e4:c5:5f:ea:cb:84:2a:39:af:77:cb:ea:
a3:46:6c:a4:f4:60:ae:a6:93:f2:6f:e5:96:b2:e2:
ce:d2:9e:45:30:96:20:b2:b8:1f:74:f3:3f:d5:c8:
ac:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:BC:D3:01:5B:82:C5:E4:30:DA:BB:B3:E9:67:56:3C:05:AA:67:98
X509v3 Authority Key Identifier:
keyid:32:7C:E6:4A:CE:02:CC:D3:30:CE:EF:98:D0:5D:F0:FB:20:31:7A:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MnzmSs4CzNMwzu-Y0F3w-yAxepE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/9de5da-2db2-4e06-8563-a3d9d614f197/1/PrzTAVuCxeQw2ruz6WdWPAWqZ5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/9de5da-2db2-4e06-8563-a3d9d614f197/1/MnzmSs4CzNMwzu-Y0F3w-yAxepE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.44.0/22
IPv6:
2a07:3b00::/29
Signature Algorithm: sha256WithRSAEncryption
0d:e3:e8:27:14:bb:a7:60:02:2e:04:c5:62:09:f3:6d:70:01:
6b:af:8d:92:d8:1d:28:40:3b:a3:66:9e:65:44:d5:c0:dc:1e:
a3:ae:4e:0b:a9:92:b7:a1:50:6a:0d:42:63:5b:b3:a0:51:76:
34:7e:c2:69:f4:08:d5:da:ce:e0:ef:35:69:c2:da:9c:b5:3a:
37:dc:4d:e8:2e:57:5b:ae:ed:19:b9:03:f1:8a:c3:31:1b:65:
1a:7f:36:96:5b:ca:d2:39:9b:a3:3f:af:af:c8:04:dc:50:20:
18:da:43:e4:c3:a6:c1:dc:da:72:8d:c2:0e:86:1c:e7:2f:39:
07:f0:c3:44:23:22:ab:9b:42:44:f7:cc:de:22:b7:43:a6:b4:
cc:86:6b:ca:99:67:55:ba:a4:8e:53:66:8a:ff:59:0f:4a:83:
e5:07:65:d0:48:6e:a3:db:c7:12:c6:0e:54:c0:fc:ad:bf:c6:
b0:f1:44:9b:9c:db:b3:f8:f8:0f:26:69:5c:a2:e6:d9:30:62:
a5:a6:c8:94:96:86:32:8c:0f:4d:e7:77:9e:85:13:f0:f1:fc:
ab:2a:4b:89:82:25:cf:c0:67:be:0e:e4:5d:4f:7d:10:84:c4:
3c:0b:f7:b5:56:d6:5a:ba:47:38:e7:d6:e7:86:24:8c:7a:22:
5f:cc:da:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC21vJIL6NsXm7LYO8ASMRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyN2NlNjRhY2UwMmNjZDMzMGNlZWY5OGQwNWRmMGZiMjAz
MTdhOTEwHhcNMjQwMTAxMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWJjZDMwMTViODJjNWU0MzBkYWJiYjNlOTY3NTYzYzA1YWE2Nzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0G/5efQVfaMCjXn0uk24xZ//uFpc
+ybNGzpYuwTkjYojLdxfib2Hx+cAL4dMfWbjb3/lSRlrMHxN40HrL0kSn1ZJZp61
v6swhXd0udOodLI013HAIjQwgGtZn7XFY+lwoesUo9t25wA2/sbLFYnJK8caZgbB
GIBRZ2dMFW1sfCUGGuevd8Fpyvof6gZW072KtQXSzHg6G8koec7iCXrWuJNKizm1
0sCSRashRz/rVqcXPdCVjfSMNofnHtRUR4sjJDKNf4URAWO5+ktYMzMWV3sNtyfk
xV/qy4QqOa93y+qjRmyk9GCuppPyb+WWsuLO0p5FMJYgsrgfdPM/1cisDwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD680wFbgsXkMNq7s+lnVjwFqmeYMB8GA1UdIwQY
MBaAFDJ85krOAszTMM7vmNBd8PsgMXqRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW56bVNzNEN6Tk13enUtWTBGM3cteUF4ZXBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS85ZGU1ZGEtMmRiMi00ZTA2LTg1NjMt
YTNkOWQ2MTRmMTk3LzEvUHJ6VEFWdUN4ZVF3MnJ1ejZXZFdQQVdxWjVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS85ZGU1ZGEtMmRiMi00ZTA2LTg1NjMtYTNkOWQ2MTRmMTk3
LzEvTW56bVNzNEN6Tk13enUtWTBGM3cteUF4ZXBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVgsMA0E
AgACMAcDBQMqBzsAMA0GCSqGSIb3DQEBCwUAA4IBAQAN4+gnFLunYAIuBMViCfNt
cAFrr42S2B0oQDujZp5lRNXA3B6jrk4LqZK3oVBqDUJjW7OgUXY0fsJp9AjV2s7g
7zVpwtqctTo33E3oLldbru0ZuQPxisMxG2UafzaWW8rSOZujP6+vyATcUCAY2kPk
w6bB3NpyjcIOhhznLzkH8MNEIyKrm0JE98zeIrdDprTMhmvKmWdVuqSOU2aK/1kP
SoPlB2XQSG6j28cSxg5UwPytv8aw8USbnNuz+PgPJmlcoubZMGKlpsiUloYyjA9N
53eehRPw8fyrKkuJgiXPwGe+DuRdT30QhMQ8C/e1VtZaukc459bnhiSMeiJfzNpG
-----END CERTIFICATE-----
Generated at Wed Jun 26 09:03:11 2024 by rpki-client on console-ams.rpki-client.org