Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/RBTbCW5svUL6Cw1MIQlw5NXmiIA.roa
File: RBTbCW5svUL6Cw1MIQlw5NXmiIA.roa (raw, json)
Hash identifier: u5ALsd3YagCY6CP2gAQK7C+3YkJeTGAXRJm4HepnwlY=
Subject key identifier: 44:14:DB:09:6E:6C:BD:42:FA:0B:0D:4C:21:09:70:E4:D5:E6:88:80
Certificate issuer: /CN=73e373fee780eeab2a90422d0ad514e084a8d611
Certificate serial: 01946E57E8BC2588452E0EEEE32662694B0C
Authority key identifier: 73:E3:73:FE:E7:80:EE:AB:2A:90:42:2D:0A:D5:14:E0:84:A8:D6:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-Nz_ueA7qsqkEItCtUU4ISo1hE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/RBTbCW5svUL6Cw1MIQlw5NXmiIA.roa
Signing time: Thu 16 Jan 2025 09:00:42 +0000
ROA not before: Thu 16 Jan 2025 09:00:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8468
IP address blocks: 88.83.96.0/24 maxlen: 24
88.83.104.0/24 maxlen: 24
88.83.106.0/24 maxlen: 24
88.83.109.0/24 maxlen: 24
88.83.111.0/24 maxlen: 24
88.83.116.0/24 maxlen: 24
88.83.118.0/23 maxlen: 24
88.83.124.0/23 maxlen: 24
88.83.126.0/24 maxlen: 24
195.80.1.0/24 maxlen: 24
195.80.2.0/24 maxlen: 24
195.80.5.0/24 maxlen: 24
195.80.6.0/24 maxlen: 24
195.80.14.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/c-Nz_ueA7qsqkEItCtUU4ISo1hE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/c-Nz_ueA7qsqkEItCtUU4ISo1hE.mft
rsync://rpki.ripe.net/repository/DEFAULT/c-Nz_ueA7qsqkEItCtUU4ISo1hE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:57:e8:bc:25:88:45:2e:0e:ee:e3:26:62:69:4b:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73e373fee780eeab2a90422d0ad514e084a8d611
Validity
Not Before: Jan 16 09:00:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4414db096e6cbd42fa0b0d4c210970e4d5e68880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:59:89:e4:4b:99:79:5d:e1:b9:42:9f:44:10:
8c:40:eb:40:39:22:e3:1e:d2:5b:69:c9:93:41:04:
5f:a2:d3:17:5c:5e:b2:b4:42:51:f7:48:94:63:f5:
95:32:70:36:ac:d5:f3:12:a0:85:4c:ca:30:6f:f2:
c3:79:79:e2:b3:51:e4:1e:3e:86:d4:10:6f:e0:cc:
a7:30:51:a1:8d:96:05:76:03:79:5d:9e:af:bd:d0:
f0:36:12:9b:6d:18:e8:a1:ba:46:20:62:0c:7e:65:
23:a9:bb:59:8c:ba:33:1c:f4:bd:6f:4c:84:cc:b5:
81:c1:ff:e3:d7:c5:85:09:87:b3:6a:e0:1b:22:ff:
76:a9:2d:66:45:26:05:bb:b3:fd:b5:b2:4e:d9:78:
54:2c:1e:e2:82:2b:ed:57:b8:0a:76:f3:6f:c4:2d:
1d:3c:2c:96:70:3c:25:26:41:f8:af:f1:25:2e:82:
f7:3b:1c:e8:74:af:39:64:bb:3c:07:35:10:60:7c:
af:0f:3e:66:7e:23:75:27:a2:a4:21:00:17:f5:97:
18:61:ad:44:0a:be:d1:b2:bf:51:fd:c7:ed:f8:a4:
55:7d:53:51:e2:fe:0e:18:7b:c0:cd:c9:69:2b:a9:
e9:3b:59:24:25:28:a1:24:cd:a1:93:05:4a:d8:a4:
85:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:14:DB:09:6E:6C:BD:42:FA:0B:0D:4C:21:09:70:E4:D5:E6:88:80
X509v3 Authority Key Identifier:
keyid:73:E3:73:FE:E7:80:EE:AB:2A:90:42:2D:0A:D5:14:E0:84:A8:D6:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-Nz_ueA7qsqkEItCtUU4ISo1hE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/RBTbCW5svUL6Cw1MIQlw5NXmiIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/c-Nz_ueA7qsqkEItCtUU4ISo1hE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.83.96.0/24
88.83.104.0/24
88.83.106.0/24
88.83.109.0/24
88.83.111.0/24
88.83.116.0/24
88.83.118.0/23
88.83.124.0-88.83.126.255
195.80.1.0-195.80.2.255
195.80.5.0-195.80.6.255
195.80.14.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:7c:9c:95:2d:fb:50:77:db:2e:97:c8:53:91:5f:fa:45:07:
59:4a:ef:82:3b:b0:ee:91:7e:74:ee:9c:d3:cc:50:a2:a8:bf:
9b:e1:4a:23:9f:f2:f4:4d:70:b3:b4:5b:a5:00:f3:2a:68:31:
c8:6e:4d:55:b6:3a:b7:a5:75:a7:b1:39:db:8e:8b:bc:47:06:
64:74:b8:84:e0:9b:a7:69:f7:30:1b:dd:2e:90:07:09:77:a4:
48:89:c6:de:64:a8:7f:28:9b:c2:ad:27:86:88:a2:34:17:fc:
33:6c:45:f7:8f:3b:7c:bb:96:e7:26:fb:a6:cc:d6:fa:3d:6b:
1d:f4:90:b8:34:d9:ff:f5:ba:de:b6:9a:58:27:4f:24:41:9d:
d5:7b:a7:ea:96:e6:e2:c1:d9:50:ad:5f:ab:9e:8c:d1:37:06:
2e:d4:a1:64:36:45:97:27:5d:e9:1a:d5:c8:10:0c:3c:13:e6:
e8:7c:17:9f:27:f4:93:10:10:b2:49:57:bf:3f:3e:7e:66:b5:
1a:3d:0b:87:a0:1e:60:e6:90:3b:7e:74:ed:9b:fd:b9:33:01:
7a:bb:72:bf:24:7f:a0:d0:5d:7d:68:fb:3b:6e:d3:e3:68:bf:
38:d1:5b:8e:6f:2d:8a:a8:3f:51:2f:2e:6c:df:81:f8:af:85:
46:a7:db:cb
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZRuV+i8JYhFLg7u4yZiaUsMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZTM3M2ZlZTc4MGVlYWIyYTkwNDIyZDBhZDUxNGUwODRh
OGQ2MTEwHhcNMjUwMTE2MDkwMDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDE0ZGIwOTZlNmNiZDQyZmEwYjBkNGMyMTA5NzBlNGQ1ZTY4ODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VmJ5EuZeV3huUKfRBCMQOtAOSLj
HtJbacmTQQRfotMXXF6ytEJR90iUY/WVMnA2rNXzEqCFTMowb/LDeXnis1HkHj6G
1BBv4MynMFGhjZYFdgN5XZ6vvdDwNhKbbRjoobpGIGIMfmUjqbtZjLozHPS9b0yE
zLWBwf/j18WFCYezauAbIv92qS1mRSYFu7P9tbJO2XhULB7igivtV7gKdvNvxC0d
PCyWcDwlJkH4r/ElLoL3OxzodK85ZLs8BzUQYHyvDz5mfiN1J6KkIQAX9ZcYYa1E
Cr7Rsr9R/cft+KRVfVNR4v4OGHvAzclpK6npO1kkJSihJM2hkwVK2KSFfQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFEQU2wlubL1C+gsNTCEJcOTV5oiAMB8GA1UdIwQY
MBaAFHPjc/7ngO6rKpBCLQrVFOCEqNYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy1Oel91ZUE3cXNxa0VJdEN0VVU0SVNvMWhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lMGU0MzMtOWIzNi00N2E2LTkzYTIt
MDQxZmQ0YzZmZmQ0LzEvUkJUYkNXNXN2VUw2Q3cxTUlRbHc1TlhtaUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9lMGU0MzMtOWIzNi00N2E2LTkzYTItMDQxZmQ0YzZmZmQ0
LzEvYy1Oel91ZUE3cXNxa0VJdEN0VVU0SVNvMWhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAWFNgAwQA
WFNoAwQAWFNqAwQAWFNtAwQAWFNvAwQAWFN0AwQBWFN2MAwDBAJYU3wDBABYU34w
DAMEAMNQAQMEAMNQAjAMAwQAw1AFAwQAw1AGAwQBw1AOMA0GCSqGSIb3DQEBCwUA
A4IBAQCbfJyVLftQd9sul8hTkV/6RQdZSu+CO7DukX507pzTzFCiqL+b4Uojn/L0
TXCztFulAPMqaDHIbk1Vtjq3pXWnsTnbjou8RwZkdLiE4JunafcwG90ukAcJd6RI
icbeZKh/KJvCrSeGiKI0F/wzbEX3jzt8u5bnJvumzNb6PWsd9JC4NNn/9bretppY
J08kQZ3Ve6fqlubiwdlQrV+rnozRNwYu1KFkNkWXJ13pGtXIEAw8E+bofBefJ/ST
EBCySVe/Pz5+ZrUaPQuHoB5g5pA7fnTtm/25MwF6u3K/JH+g0F19aPs7btPjaL84
0VuOby2KqD9RLy5s34H4r4VGp9vL
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:02:16 2025 by rpki-client