Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/z-2M4kgQAaA-9-dU_4l_91IBNP4.roa
File: z-2M4kgQAaA-9-dU_4l_91IBNP4.roa (raw, json)
Hash identifier: AsNd9vB4SVKm7QjcwczwbbL9oziTi9RJWDBGvUXCAao=
Subject key identifier: CF:ED:8C:E2:48:10:01:A0:3E:F7:E7:54:FF:89:7F:F7:52:01:34:FE
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 018DC6C510E16CE389837505C87CFCB5ECD3
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/z-2M4kgQAaA-9-dU_4l_91IBNP4.roa
Signing time: Tue 20 Feb 2024 13:47:00 +0000
ROA not before: Tue 20 Feb 2024 13:47:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 88.80.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.mft
rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 17:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c6:c5:10:e1:6c:e3:89:83:75:05:c8:7c:fc:b5:ec:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Feb 20 13:47:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfed8ce2481001a03ef7e754ff897ff7520134fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:12:ef:77:87:ce:7f:68:d4:b4:1c:ca:2d:29:
0f:b0:42:c7:84:c4:0a:c8:df:b3:9e:e4:12:7e:90:
9a:a0:5e:f3:18:29:35:c1:c8:0b:e1:e9:3a:c7:d6:
5d:fc:05:f5:fd:31:d7:1a:85:1b:05:37:90:bf:bb:
23:98:21:31:50:c6:1a:3b:15:16:38:e0:08:96:6f:
08:39:e2:2a:66:48:43:4e:53:27:21:10:3b:da:0f:
a4:0c:91:ec:cf:32:0e:a7:95:26:14:16:94:40:25:
df:94:12:b6:68:4e:c4:15:a3:72:ff:3f:05:1b:47:
cb:bc:b1:79:3a:77:dd:0b:f0:ad:ac:ad:30:2c:2e:
ce:77:a1:27:6b:82:e3:01:3f:98:45:01:87:ba:f8:
29:8f:e2:00:ee:dc:68:44:14:aa:76:1c:8a:33:96:
55:63:b6:7f:99:d2:e2:c8:dc:b7:15:f5:09:76:f7:
76:06:5e:5d:5a:20:b4:e9:00:88:09:68:01:ed:31:
e1:cf:05:0e:11:7f:7b:40:b6:c8:e2:e3:28:66:16:
a7:ad:d8:e5:81:fe:e4:68:e5:ed:1e:fa:94:1a:5d:
c1:39:ae:ee:c8:55:40:e9:32:75:4b:84:43:83:bf:
6b:ea:32:af:e8:a7:dd:66:d6:c1:25:d1:29:ee:29:
e6:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:ED:8C:E2:48:10:01:A0:3E:F7:E7:54:FF:89:7F:F7:52:01:34:FE
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/z-2M4kgQAaA-9-dU_4l_91IBNP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.80.141.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:5c:a1:d8:1d:eb:0d:5e:0b:2e:61:d4:a2:6f:27:1f:00:0d:
02:88:50:65:3b:b8:0b:95:33:7e:08:a5:11:88:68:c5:ee:69:
90:65:e1:d8:01:72:e2:2a:08:ce:6c:a4:7f:f4:2f:13:58:42:
ca:c5:89:8e:11:d7:24:c3:dc:4b:c3:16:27:13:e9:b6:d0:45:
e2:e5:62:ab:59:ba:b4:34:24:38:8d:c8:7f:d7:26:8c:6e:89:
d1:db:78:c7:24:fc:e4:6c:1c:0a:9a:63:a4:22:83:24:96:7d:
57:11:84:71:0c:ba:2b:f5:c9:9d:57:67:1d:42:bc:11:28:a1:
c4:f6:51:de:ee:7c:b7:dd:35:7e:b0:b6:dd:dd:71:4e:06:ab:
ee:b4:15:41:74:c5:f9:bb:7c:ca:49:65:20:c6:b3:00:1d:e7:
f4:89:3f:c7:85:2c:80:5a:66:a5:b1:07:e4:30:70:70:69:66:
aa:41:67:29:e6:75:b6:4e:8d:79:dc:35:52:1e:5a:3f:30:0f:
88:5c:a6:49:a6:63:dc:7d:9b:e4:2b:a8:fd:cf:58:aa:a8:33:
96:26:3f:f1:ff:d6:54:1d:65:f6:b6:7e:ff:da:1d:39:8b:f0:
c6:fc:79:11:a5:63:c1:07:86:9a:66:85:b9:e6:cf:48:f0:87:
41:a3:0f:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3GxRDhbOOJg3UFyHz8tezTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwMjIwMTM0NzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmVkOGNlMjQ4MTAwMWEwM2VmN2U3NTRmZjg5N2ZmNzUyMDEzNGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBLvd4fOf2jUtBzKLSkPsELHhMQK
yN+znuQSfpCaoF7zGCk1wcgL4ek6x9Zd/AX1/THXGoUbBTeQv7sjmCExUMYaOxUW
OOAIlm8IOeIqZkhDTlMnIRA72g+kDJHszzIOp5UmFBaUQCXflBK2aE7EFaNy/z8F
G0fLvLF5OnfdC/CtrK0wLC7Od6Ena4LjAT+YRQGHuvgpj+IA7txoRBSqdhyKM5ZV
Y7Z/mdLiyNy3FfUJdvd2Bl5dWiC06QCICWgB7THhzwUOEX97QLbI4uMoZhanrdjl
gf7kaOXtHvqUGl3BOa7uyFVA6TJ1S4RDg79r6jKv6KfdZtbBJdEp7inmXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM/tjOJIEAGgPvfnVP+Jf/dSATT+MB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvei0yTTRrZ1FBYUEtOS1kVV80bF85MUlCTlA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWFCNMA0G
CSqGSIb3DQEBCwUAA4IBAQCOXKHYHesNXgsuYdSibycfAA0CiFBlO7gLlTN+CKUR
iGjF7mmQZeHYAXLiKgjObKR/9C8TWELKxYmOEdckw9xLwxYnE+m20EXi5WKrWbq0
NCQ4jch/1yaMbonR23jHJPzkbBwKmmOkIoMkln1XEYRxDLor9cmdV2cdQrwRKKHE
9lHe7ny33TV+sLbd3XFOBqvutBVBdMX5u3zKSWUgxrMAHef0iT/HhSyAWmalsQfk
MHBwaWaqQWcp5nW2To153DVSHlo/MA+IXKZJpmPcfZvkK6j9z1iqqDOWJj/x/9ZU
HWX2tn7/2h05i/DG/HkRpWPBB4aaZoW55s9I8IdBow9Y
-----END CERTIFICATE-----
Generated at Sun Apr 28 01:54:07 2024 by rpki-client on console-ams.rpki-client.org