Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/lIMMzuelmTtgqjOxHaRTqdqqmCg.roa
File: lIMMzuelmTtgqjOxHaRTqdqqmCg.roa (raw, json)
Hash identifier: oAXORQQzBcD1CuqGWWvy24tc3Kzv/fZflGEe6S8skYw=
Subject key identifier: 94:83:0C:CE:E7:A5:99:3B:60:AA:33:B1:1D:A4:53:A9:DA:AA:98:28
Certificate issuer: /CN=1caad93908aad8d246eb69f7e66aa70de5bd5a17
Certificate serial: 018CC94DA3C16CDF9542E0CFE118EE95EE84
Authority key identifier: 1C:AA:D9:39:08:AA:D8:D2:46:EB:69:F7:E6:6A:A7:0D:E5:BD:5A:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HKrZOQiq2NJG62n35mqnDeW9Whc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/lIMMzuelmTtgqjOxHaRTqdqqmCg.roa
Signing time: Tue 02 Jan 2024 08:32:37 +0000
ROA not before: Tue 02 Jan 2024 08:32:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207681
IP address blocks: 185.199.88.0/24 maxlen: 24
185.199.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.mft
rsync://rpki.ripe.net/repository/DEFAULT/HKrZOQiq2NJG62n35mqnDeW9Whc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:a3:c1:6c:df:95:42:e0:cf:e1:18:ee:95:ee:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1caad93908aad8d246eb69f7e66aa70de5bd5a17
Validity
Not Before: Jan 2 08:32:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94830ccee7a5993b60aa33b11da453a9daaa9828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:50:22:8d:5e:74:f8:fa:cd:47:a3:f8:c5:b2:
db:3f:f9:32:da:67:20:5a:2e:30:79:1d:88:72:ba:
04:c3:53:37:58:64:ae:80:35:66:32:b8:da:2b:77:
1e:7d:a4:87:1d:70:ca:a5:f0:af:40:9d:be:d1:d6:
7c:05:7b:74:90:51:0e:a3:a4:ff:74:5a:fa:1a:cc:
a4:3c:76:f6:a9:54:a5:50:ea:c1:52:b7:a5:00:bc:
54:83:43:b4:09:47:94:34:78:db:5a:fa:90:20:49:
aa:fb:36:c9:0f:e0:6b:a5:60:8c:af:7a:4a:df:0a:
69:69:83:e8:10:d9:6b:bd:a5:22:c7:8f:55:16:7f:
c7:46:a6:2c:7b:9c:53:99:f3:de:99:90:25:56:7a:
6a:b0:09:d1:f9:33:7f:75:9b:9d:f9:f1:a1:4b:a4:
e9:cc:6f:fc:42:f9:b4:a4:36:0b:dc:bd:f5:a1:73:
76:f1:f6:d8:98:8c:f6:f2:0c:34:30:ac:e2:b0:d6:
1d:7e:b2:c2:3f:5a:8e:76:0f:14:b3:33:21:50:5d:
d7:96:9d:c8:8a:d8:e6:63:e1:54:7e:c9:db:ba:bb:
9d:b0:6f:41:f4:a1:b2:a3:ac:90:9f:97:6c:b7:72:
3a:60:6f:f1:08:bb:9b:b1:b5:8b:83:43:52:36:e9:
3c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:83:0C:CE:E7:A5:99:3B:60:AA:33:B1:1D:A4:53:A9:DA:AA:98:28
X509v3 Authority Key Identifier:
keyid:1C:AA:D9:39:08:AA:D8:D2:46:EB:69:F7:E6:6A:A7:0D:E5:BD:5A:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKrZOQiq2NJG62n35mqnDeW9Whc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/lIMMzuelmTtgqjOxHaRTqdqqmCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.88.0/22
Signature Algorithm: sha256WithRSAEncryption
59:d1:c7:80:76:a8:54:41:1f:c5:33:8f:8b:88:c6:f4:52:b4:
4b:09:7a:aa:5d:8c:9e:10:4c:ac:68:88:b3:1f:3d:35:85:41:
1f:23:5c:dc:7d:e1:b9:d7:15:2b:a4:85:58:3f:ef:c9:20:e2:
81:4e:2c:a8:1d:e3:30:0c:fe:a7:0d:a1:ae:17:c4:3b:5e:4c:
80:06:46:4a:0c:82:05:d0:31:61:de:d8:39:91:ab:99:79:0f:
03:f4:e1:09:c7:14:06:70:02:c1:4d:b7:40:84:3a:da:ad:85:
f5:c1:41:2b:1f:c0:74:9c:44:6a:88:ab:f7:0d:b4:da:76:5e:
93:d3:3b:cc:e9:0d:d5:64:a1:e0:26:cc:0f:b1:7f:16:e3:82:
0b:95:45:d8:ce:7b:8b:24:7a:6d:d2:d4:f7:e0:22:4a:c3:e6:
3b:a4:a5:de:a4:43:c4:e4:c5:9d:c6:99:c3:e7:b6:66:35:d3:
5b:9a:5a:38:99:0c:d8:43:78:16:24:0b:b9:9c:cc:1b:a0:a7:
1d:67:4e:70:2e:64:f6:66:00:b9:c0:df:9d:35:34:08:12:dd:
c7:8b:01:21:27:e6:48:e1:71:70:89:bc:e5:90:ed:39:51:ec:
68:12:dd:bc:60:1e:42:74:cc:d9:e1:d7:5a:cf:e7:39:3a:a1:
14:f9:33:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTaPBbN+VQuDP4Rjule6EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYWFkOTM5MDhhYWQ4ZDI0NmViNjlmN2U2NmFhNzBkZTVi
ZDVhMTcwHhcNMjQwMTAyMDgzMjM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDgzMGNjZWU3YTU5OTNiNjBhYTMzYjExZGE0NTNhOWRhYWE5ODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1AijV50+PrNR6P4xbLbP/ky2mcg
Wi4weR2IcroEw1M3WGSugDVmMrjaK3cefaSHHXDKpfCvQJ2+0dZ8BXt0kFEOo6T/
dFr6GsykPHb2qVSlUOrBUrelALxUg0O0CUeUNHjbWvqQIEmq+zbJD+BrpWCMr3pK
3wppaYPoENlrvaUix49VFn/HRqYse5xTmfPemZAlVnpqsAnR+TN/dZud+fGhS6Tp
zG/8Qvm0pDYL3L31oXN28fbYmIz28gw0MKzisNYdfrLCP1qOdg8UszMhUF3Xlp3I
itjmY+FUfsnburudsG9B9KGyo6yQn5dst3I6YG/xCLubsbWLg0NSNuk8RQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJSDDM7npZk7YKozsR2kU6naqpgoMB8GA1UdIwQY
MBaAFByq2TkIqtjSRutp9+Zqpw3lvVoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEtyWk9RaXEyTkpHNjJuMzVtcW5EZVc5V2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9hYmI2Y2EtMWExMS00YmE1LTllZTMt
YTc5OGJkYzczMTFmLzEvbElNTXp1ZWxtVHRncWpPeEhhUlRxZHFxbUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9hYmI2Y2EtMWExMS00YmE1LTllZTMtYTc5OGJkYzczMTFm
LzEvSEtyWk9RaXEyTkpHNjJuMzVtcW5EZVc5V2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucdYMA0G
CSqGSIb3DQEBCwUAA4IBAQBZ0ceAdqhUQR/FM4+LiMb0UrRLCXqqXYyeEEysaIiz
Hz01hUEfI1zcfeG51xUrpIVYP+/JIOKBTiyoHeMwDP6nDaGuF8Q7XkyABkZKDIIF
0DFh3tg5kauZeQ8D9OEJxxQGcALBTbdAhDrarYX1wUErH8B0nERqiKv3DbTadl6T
0zvM6Q3VZKHgJswPsX8W44ILlUXYznuLJHpt0tT34CJKw+Y7pKXepEPE5MWdxpnD
57ZmNdNbmlo4mQzYQ3gWJAu5nMwboKcdZ05wLmT2ZgC5wN+dNTQIEt3HiwEhJ+ZI
4XFwibzlkO05UexoEt28YB5CdMzZ4ddaz+c5OqEU+TNT
-----END CERTIFICATE-----
Generated at Sun May 19 08:29:46 2024 by rpki-client on console-fra.rpki-client.org