Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/dbND3yVE0f5VWYwdtyX8OGm0v2c.roa
File: dbND3yVE0f5VWYwdtyX8OGm0v2c.roa (raw, json)
Hash identifier: aj6eX+XmZWlTiHabqSvMVfiOCoSamWPxHjbSblIh0ug=
Subject key identifier: 75:B3:43:DF:25:44:D1:FE:55:59:8C:1D:B7:25:FC:38:69:B4:BF:67
Certificate issuer: /CN=9944f812a0e002c38e84e47628bdba038598090b
Certificate serial: 018CC26D7835248DE010815E8E274C27E1AA
Authority key identifier: 99:44:F8:12:A0:E0:02:C3:8E:84:E4:76:28:BD:BA:03:85:98:09:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mUT4EqDgAsOOhOR2KL26A4WYCQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/dbND3yVE0f5VWYwdtyX8OGm0v2c.roa
Signing time: Mon 01 Jan 2024 00:30:03 +0000
ROA not before: Mon 01 Jan 2024 00:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61071
IP address blocks: 88.213.211.0/24 maxlen: 24
88.213.210.0/24 maxlen: 24
88.213.213.0/24 maxlen: 24
88.213.215.0/24 maxlen: 24
88.213.214.0/23 maxlen: 23
88.213.214.0/24 maxlen: 24
178.217.88.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/mUT4EqDgAsOOhOR2KL26A4WYCQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/mUT4EqDgAsOOhOR2KL26A4WYCQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mUT4EqDgAsOOhOR2KL26A4WYCQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:78:35:24:8d:e0:10:81:5e:8e:27:4c:27:e1:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9944f812a0e002c38e84e47628bdba038598090b
Validity
Not Before: Jan 1 00:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75b343df2544d1fe55598c1db725fc3869b4bf67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ab:86:60:f7:53:1e:0d:1e:f8:34:4d:9c:9c:
ce:ff:ff:1e:9b:e0:f0:fa:e6:38:a8:f8:dc:a2:63:
20:c9:78:38:76:6c:8b:b7:cf:0b:be:00:a6:98:10:
83:e6:2b:48:38:9c:be:69:1d:3a:65:b0:d9:5c:af:
56:7c:e3:75:50:3d:c8:e2:39:54:bc:37:bf:22:f4:
60:6e:64:dc:08:39:e3:5d:a7:98:d8:69:24:40:7a:
da:ec:1a:97:dd:9f:5e:00:29:b1:b8:eb:6b:05:ce:
74:02:79:d5:c5:67:22:e6:c4:0b:89:c4:a3:c7:f6:
64:25:3a:3a:45:25:37:cd:41:73:6e:9d:ca:ca:db:
d8:5b:9c:eb:9d:c2:97:03:74:b2:b1:c5:42:11:03:
d5:fc:77:bd:27:64:ae:a1:05:a7:31:fc:32:55:17:
2e:c2:42:ab:82:a2:b5:45:40:63:4a:ad:7e:2c:2b:
93:a3:f9:e9:f1:37:34:40:f9:d1:6f:fe:1f:dc:ea:
3d:eb:20:3f:98:22:81:57:c0:f5:17:a6:5a:1b:64:
89:96:ca:b9:6a:1c:ef:88:9e:2f:c4:6a:fc:b9:1d:
9c:20:b3:30:fd:dc:e6:11:ae:0e:04:79:6b:a1:bc:
ec:e0:28:23:7a:4c:bb:f7:52:9b:12:85:77:5d:6b:
7a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B3:43:DF:25:44:D1:FE:55:59:8C:1D:B7:25:FC:38:69:B4:BF:67
X509v3 Authority Key Identifier:
keyid:99:44:F8:12:A0:E0:02:C3:8E:84:E4:76:28:BD:BA:03:85:98:09:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mUT4EqDgAsOOhOR2KL26A4WYCQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/dbND3yVE0f5VWYwdtyX8OGm0v2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/mUT4EqDgAsOOhOR2KL26A4WYCQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.213.210.0/23
88.213.213.0-88.213.215.255
178.217.88.0/22
Signature Algorithm: sha256WithRSAEncryption
ca:94:2c:51:3d:00:07:78:f5:82:56:d4:23:3e:1c:be:a2:4f:
61:31:fa:6d:26:3a:7a:5a:cc:3e:08:32:ce:b1:06:d0:04:de:
54:3a:81:df:40:31:98:2e:e5:f5:d1:ea:5a:73:16:06:4b:8d:
f8:f6:e0:e2:cc:5e:a6:0c:f4:55:2d:65:67:a1:58:92:ae:66:
e4:0d:65:d9:d3:fe:20:b9:d5:2b:69:df:bb:9d:8f:fb:bb:54:
36:ca:16:ed:1c:08:ce:c2:31:01:c6:63:0e:c1:59:b0:04:4d:
1e:ef:68:be:32:51:ec:dc:05:4a:9d:a5:fb:83:f8:bf:d8:75:
b5:f2:18:f9:7d:2c:81:88:2e:cb:2c:0b:8b:31:e4:06:d4:0b:
ac:49:f5:8a:1d:fb:4f:b2:34:5b:d3:fe:b3:d4:cb:56:f7:d3:
95:a4:4d:fb:6c:35:aa:c6:29:71:ac:35:fb:ea:8b:8a:b4:e7:
41:d5:38:58:98:ff:b3:1b:e6:21:ca:d0:83:78:a1:6e:f8:01:
74:0b:f4:19:3a:c2:05:d7:57:88:72:a9:13:51:36:4e:f2:62:
69:b9:16:d3:bb:f0:4d:5b:82:f5:d0:70:e8:f5:3e:79:32:30:
d8:20:ba:b6:94:0d:c5:65:ee:88:e5:a0:6e:c0:c8:1a:ff:ec:
6e:fd:cb:d4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzCbXg1JI3gEIFejidMJ+GqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NDRmODEyYTBlMDAyYzM4ZTg0ZTQ3NjI4YmRiYTAzODU5
ODA5MGIwHhcNMjQwMTAxMDAzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWIzNDNkZjI1NDRkMWZlNTU1OThjMWRiNzI1ZmMzODY5YjRiZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoquGYPdTHg0e+DRNnJzO//8em+Dw
+uY4qPjcomMgyXg4dmyLt88LvgCmmBCD5itIOJy+aR06ZbDZXK9WfON1UD3I4jlU
vDe/IvRgbmTcCDnjXaeY2GkkQHra7BqX3Z9eACmxuOtrBc50AnnVxWci5sQLicSj
x/ZkJTo6RSU3zUFzbp3KytvYW5zrncKXA3SyscVCEQPV/He9J2SuoQWnMfwyVRcu
wkKrgqK1RUBjSq1+LCuTo/np8Tc0QPnRb/4f3Oo96yA/mCKBV8D1F6ZaG2SJlsq5
ahzviJ4vxGr8uR2cILMw/dzmEa4OBHlrobzs4Cgjeky791KbEoV3XWt6SQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHWzQ98lRNH+VVmMHbcl/DhptL9nMB8GA1UdIwQY
MBaAFJlE+BKg4ALDjoTkdii9ugOFmAkLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVVUNEVxRGdBc09PaE9SMktMMjZBNFdZQ1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zYzZjYjUtYTcyYy00NzAxLWFlNmMt
MzA2YzU2NTEzNDNlLzEvZGJORDN5VkUwZjVWV1l3ZHR5WDhPR20wdjJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zYzZjYjUtYTcyYy00NzAxLWFlNmMtMzA2YzU2NTEzNDNl
LzEvbVVUNEVxRGdBc09PaE9SMktMMjZBNFdZQ1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBWNXSMAwD
BABY1dUDBANY1dADBAKy2VgwDQYJKoZIhvcNAQELBQADggEBAMqULFE9AAd49YJW
1CM+HL6iT2Ex+m0mOnpazD4IMs6xBtAE3lQ6gd9AMZgu5fXR6lpzFgZLjfj24OLM
XqYM9FUtZWehWJKuZuQNZdnT/iC51Stp37udj/u7VDbKFu0cCM7CMQHGYw7BWbAE
TR7vaL4yUezcBUqdpfuD+L/YdbXyGPl9LIGILsssC4sx5AbUC6xJ9Yod+0+yNFvT
/rPUy1b305WkTftsNarGKXGsNfvqi4q050HVOFiY/7Mb5iHK0IN4oW74AXQL9Bk6
wgXXV4hyqRNRNk7yYmm5FtO78E1bgvXQcOj1PnkyMNgguraUDcVl7ojloG7AyBr/
7G79y9Q=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:14:46 2024 by rpki-client on console-fra.rpki-client.org