Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/P6atv-vgYvnHaLmCD-wbQ1czhjA.roa
File: P6atv-vgYvnHaLmCD-wbQ1czhjA.roa (raw, json)
Hash identifier: e6VF+J4ZZPgGVtXrA5QD4DhLOx0MgiytkDqBPYxDytw=
Subject key identifier: 3F:A6:AD:BF:EB:E0:62:F9:C7:68:B9:82:0F:EC:1B:43:57:33:86:30
Certificate issuer: /CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Certificate serial: 018F337BE4A0C68C267752B8A18F726CD351
Authority key identifier: 2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/P6atv-vgYvnHaLmCD-wbQ1czhjA.roa
Signing time: Wed 01 May 2024 09:28:28 +0000
ROA not before: Wed 01 May 2024 09:28:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209275
IP address blocks: 88.214.40.0/24 maxlen: 24
88.214.42.0/24 maxlen: 24
185.225.198.0/24 maxlen: 24
2a09:9d00::/29 maxlen: 48
2a09:9d00:1::/48 maxlen: 48
2a09:9d00:2::/48 maxlen: 48
2a09:9d00:3::/48 maxlen: 48
2a09:9d00:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/LkPayOpVaTQ53RuLSBK6cYNPEDE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/LkPayOpVaTQ53RuLSBK6cYNPEDE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:33:7b:e4:a0:c6:8c:26:77:52:b8:a1:8f:72:6c:d3:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Validity
Not Before: May 1 09:28:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fa6adbfebe062f9c768b9820fec1b4357338630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d5:c3:6d:02:d2:10:4f:7f:1c:bc:26:e8:58:
22:44:36:67:ee:42:28:22:04:71:dc:e1:bc:a9:52:
20:69:9b:c7:87:dd:44:9c:76:04:ae:36:ab:27:80:
86:dd:33:08:a7:fa:12:1a:23:f3:9e:4b:b0:b4:1e:
89:e8:d1:a6:46:58:e8:9d:d3:18:24:30:97:d5:b9:
25:bf:a1:ce:ba:de:55:68:15:1a:56:e7:07:87:91:
ae:94:81:28:04:0e:c6:ca:1a:99:f6:96:ee:09:91:
d7:7d:97:14:4f:08:63:2a:3d:52:d9:e3:e4:e6:d0:
9c:e4:b8:62:61:74:c5:6e:24:7c:0a:3f:d3:65:63:
b2:31:02:2d:9a:dc:a8:91:e9:7d:22:7f:be:52:a8:
8a:ee:a2:15:b8:01:69:54:5d:3c:49:86:c2:0b:94:
d6:37:65:19:0a:ee:be:9f:34:05:37:7f:87:10:23:
1a:79:e3:70:fa:2d:b0:f0:7e:1f:06:5e:4e:4c:61:
83:ed:6a:9a:43:4b:b6:d3:5c:e5:77:65:46:88:e7:
df:1a:46:25:a2:52:5b:77:32:d3:b3:bd:55:ce:1c:
20:5e:73:0f:12:a7:c1:85:57:4a:9c:b3:fa:52:da:
ef:63:0d:4b:f6:97:ca:1c:ed:61:9b:41:94:66:0a:
b3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:A6:AD:BF:EB:E0:62:F9:C7:68:B9:82:0F:EC:1B:43:57:33:86:30
X509v3 Authority Key Identifier:
keyid:2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/P6atv-vgYvnHaLmCD-wbQ1czhjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/LkPayOpVaTQ53RuLSBK6cYNPEDE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.40.0/24
88.214.42.0/24
185.225.198.0/24
IPv6:
2a09:9d00::/29
Signature Algorithm: sha256WithRSAEncryption
8e:2f:69:77:32:9a:af:2c:b1:18:8e:9d:fb:8b:67:cf:35:73:
10:a1:8f:8b:49:69:37:fb:67:74:f4:75:1b:d8:ef:53:e5:18:
87:d7:cb:e3:18:be:fc:47:d6:0b:02:cf:60:44:46:df:54:ab:
2a:ca:91:c3:2b:e1:23:4d:79:4e:be:57:9f:e8:d0:d3:9a:98:
57:e8:e4:34:fe:86:1a:4b:c1:3b:ba:05:cb:39:f6:73:bb:c4:
82:90:b0:83:7c:35:18:ad:bf:b0:65:4a:e8:d3:bf:d5:28:c6:
9c:f1:ae:96:cf:d4:22:df:46:81:80:40:5a:49:35:d4:31:14:
75:57:13:ba:29:27:39:47:7f:50:06:80:f2:77:1c:e0:89:76:
ac:34:39:0f:cf:bf:92:50:08:65:43:cf:c0:13:b0:f2:1c:d7:
8c:09:32:3e:44:90:8f:95:67:3b:76:c1:3f:d0:fe:d2:de:d4:
bc:e9:4f:fd:7e:8a:96:d6:bc:7c:a8:81:e3:af:95:67:c5:bd:
98:ab:df:99:82:9f:4a:8f:23:89:30:0c:9d:60:cc:be:13:91:
ac:1a:04:8e:7c:1a:99:16:6f:23:7d:6f:33:1d:06:b7:80:27:
87:d4:ee:9f:1b:2e:3b:f1:09:80:91:80:0a:20:18:c4:4f:80:
5d:5b:54:79
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8ze+Sgxowmd1K4oY9ybNNRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNDNkYWM4ZWE1NTY5MzQzOWRkMWI4YjQ4MTJiYTcxODM0
ZjEwMzEwHhcNMjQwNTAxMDkyODI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmE2YWRiZmViZTA2MmY5Yzc2OGI5ODIwZmVjMWI0MzU3MzM4NjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNXDbQLSEE9/HLwm6FgiRDZn7kIo
IgRx3OG8qVIgaZvHh91EnHYErjarJ4CG3TMIp/oSGiPznkuwtB6J6NGmRljondMY
JDCX1bklv6HOut5VaBUaVucHh5GulIEoBA7GyhqZ9pbuCZHXfZcUTwhjKj1S2ePk
5tCc5LhiYXTFbiR8Cj/TZWOyMQItmtyokel9In++UqiK7qIVuAFpVF08SYbCC5TW
N2UZCu6+nzQFN3+HECMaeeNw+i2w8H4fBl5OTGGD7WqaQ0u201zld2VGiOffGkYl
olJbdzLTs71VzhwgXnMPEqfBhVdKnLP6UtrvYw1L9pfKHO1hm0GUZgqzpQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD+mrb/r4GL5x2i5gg/sG0NXM4YwMB8GA1UdIwQY
MBaAFC5D2sjqVWk0Od0bi0gSunGDTxAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGtQYXlPcFZhVFE1M1J1TFNCSzZjWU5QRURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84NmJhMzYtNzhiOC00NGJiLTlmYjQt
MjZjN2M5NjNhNzY5LzEvUDZhdHYtdmdZdm5IYUxtQ0Qtd2JRMWN6aGpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84NmJhMzYtNzhiOC00NGJiLTlmYjQtMjZjN2M5NjNhNzY5
LzEvTGtQYXlPcFZhVFE1M1J1TFNCSzZjWU5QRURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAWNYoAwQA
WNYqAwQAueHGMA0EAgACMAcDBQMqCZ0AMA0GCSqGSIb3DQEBCwUAA4IBAQCOL2l3
MpqvLLEYjp37i2fPNXMQoY+LSWk3+2d09HUb2O9T5RiH18vjGL78R9YLAs9gREbf
VKsqypHDK+EjTXlOvlef6NDTmphX6OQ0/oYaS8E7ugXLOfZzu8SCkLCDfDUYrb+w
ZUro07/VKMac8a6Wz9Qi30aBgEBaSTXUMRR1VxO6KSc5R39QBoDydxzgiXasNDkP
z7+SUAhlQ8/AE7DyHNeMCTI+RJCPlWc7dsE/0P7S3tS86U/9foqW1rx8qIHjr5Vn
xb2Yq9+Zgp9KjyOJMAydYMy+E5GsGgSOfBqZFm8jfW8zHQa3gCeH1O6fGy478QmA
kYAKIBjET4BdW1R5
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:33:31 2024 by rpki-client on console-ams.rpki-client.org