Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/9e5f54-ba3f-4b6e-9da9-bfafd622e89f/1/A_sN8-oHFXTPEMvKVIvtyFuFxGM.roa
File: A_sN8-oHFXTPEMvKVIvtyFuFxGM.roa (raw, json)
Hash identifier: PYZ+KKuIkHy+vDMaxY0vzYwlSEISSyXxJzyaIrV2ci4=
Subject key identifier: 03:FB:0D:F3:EA:07:15:74:CF:10:CB:CA:54:8B:ED:C8:5B:85:C4:63
Certificate issuer: /CN=1d6b6b6a5061a4115d53040cffdc64b3b0d71a78
Certificate serial: 018CC793484AAF3217DC6DD22298B5BD0EEF
Authority key identifier: 1D:6B:6B:6A:50:61:A4:11:5D:53:04:0C:FF:DC:64:B3:B0:D7:1A:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HWtralBhpBFdUwQM_9xks7DXGng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/9e5f54-ba3f-4b6e-9da9-bfafd622e89f/1/A_sN8-oHFXTPEMvKVIvtyFuFxGM.roa
Signing time: Tue 02 Jan 2024 00:29:27 +0000
ROA not before: Tue 02 Jan 2024 00:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200706
IP address blocks: 185.88.16.0/23 maxlen: 23
185.88.16.0/24 maxlen: 24
185.88.17.0/24 maxlen: 24
185.88.16.0/22 maxlen: 22
185.88.19.0/24 maxlen: 24
185.88.18.0/24 maxlen: 24
185.88.18.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/9e5f54-ba3f-4b6e-9da9-bfafd622e89f/1/HWtralBhpBFdUwQM_9xks7DXGng.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/9e5f54-ba3f-4b6e-9da9-bfafd622e89f/1/HWtralBhpBFdUwQM_9xks7DXGng.mft
rsync://rpki.ripe.net/repository/DEFAULT/HWtralBhpBFdUwQM_9xks7DXGng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:48:4a:af:32:17:dc:6d:d2:22:98:b5:bd:0e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d6b6b6a5061a4115d53040cffdc64b3b0d71a78
Validity
Not Before: Jan 2 00:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03fb0df3ea071574cf10cbca548bedc85b85c463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:82:50:72:1c:4f:98:a4:dd:9b:bb:af:1f:ba:
61:99:7e:1f:a9:bb:59:30:ed:f7:65:36:5f:77:d0:
19:71:bb:a0:6f:18:7d:55:8b:23:11:9c:e6:70:14:
46:49:18:b7:f6:50:9a:39:3f:c5:06:35:70:58:fd:
20:db:67:b6:0e:9f:28:9a:a9:7b:42:5f:51:b3:29:
78:f8:6e:55:6a:58:77:c6:64:4f:2e:ab:90:fa:75:
e4:e2:cc:e8:1e:68:8f:d2:70:98:07:38:05:4f:04:
6c:17:f6:a4:18:38:12:46:88:6f:eb:48:9f:09:54:
0f:68:71:70:69:52:ad:49:dc:b9:4e:2e:c8:9d:bc:
aa:fa:34:86:dc:f3:d3:82:2a:99:79:fe:05:5f:72:
a3:81:30:7a:4a:12:d5:49:64:d7:c4:40:1f:9b:0d:
97:22:3a:11:c4:bc:d8:a4:1d:8f:3f:19:ab:dd:38:
da:b4:c6:bd:4c:02:73:c0:a9:0c:a8:60:61:b5:ed:
76:36:e2:3c:21:9a:e5:0e:70:f9:7b:be:67:1c:c4:
8c:0b:ae:e2:c3:07:92:78:a7:2d:f4:e3:b0:87:cf:
5b:75:b0:71:e7:23:33:10:f4:ad:de:74:f3:c3:2b:
ed:3d:ba:62:85:61:14:bb:c3:15:49:62:5f:67:01:
b9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:FB:0D:F3:EA:07:15:74:CF:10:CB:CA:54:8B:ED:C8:5B:85:C4:63
X509v3 Authority Key Identifier:
keyid:1D:6B:6B:6A:50:61:A4:11:5D:53:04:0C:FF:DC:64:B3:B0:D7:1A:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HWtralBhpBFdUwQM_9xks7DXGng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/9e5f54-ba3f-4b6e-9da9-bfafd622e89f/1/A_sN8-oHFXTPEMvKVIvtyFuFxGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/9e5f54-ba3f-4b6e-9da9-bfafd622e89f/1/HWtralBhpBFdUwQM_9xks7DXGng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.16.0/22
Signature Algorithm: sha256WithRSAEncryption
46:45:27:f2:a8:13:a7:0c:0d:a7:04:3b:b8:56:ed:92:58:fe:
c5:2f:bc:68:d0:cf:22:7b:66:2c:23:46:ad:69:e3:3f:6f:c0:
78:2b:cd:5a:fa:2a:d6:e2:b7:7a:e2:32:8f:45:e3:58:39:87:
c3:12:75:b3:31:73:8f:f0:3f:a8:84:63:eb:9e:93:cc:f2:8f:
26:37:c1:8f:09:19:e7:85:96:2f:4e:2c:32:3c:a2:9b:a5:b2:
a7:cf:d6:5f:4b:34:80:5c:e4:cc:b6:d2:3f:f2:ec:fe:8d:a8:
a4:34:1d:99:34:57:b1:12:9e:e9:ab:b6:e6:52:ef:4a:1d:4e:
a4:7c:84:98:17:ff:80:55:29:e1:cb:37:56:8e:f2:ff:3d:01:
15:1f:53:e7:14:2c:59:ec:0e:68:07:c4:9b:ce:5a:6e:74:5d:
13:13:25:09:18:8a:3c:7b:84:8a:3a:fa:43:eb:3e:95:54:79:
84:c3:df:b1:65:e2:bd:47:72:ea:1e:d7:2e:b5:d5:35:29:83:
3d:ce:66:59:02:02:86:84:4f:09:92:23:75:37:92:9e:dd:52:
9b:4f:72:fb:72:70:41:70:35:c4:81:72:ef:20:ed:4f:96:61:
b6:ec:4f:c1:6a:0a:a1:ee:dd:c8:c0:d9:e2:de:de:5a:a6:66:
dc:66:a1:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHk0hKrzIX3G3SIpi1vQ7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNmI2YjZhNTA2MWE0MTE1ZDUzMDQwY2ZmZGM2NGIzYjBk
NzFhNzgwHhcNMjQwMTAyMDAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2ZiMGRmM2VhMDcxNTc0Y2YxMGNiY2E1NDhiZWRjODViODVjNDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroJQchxPmKTdm7uvH7phmX4fqbtZ
MO33ZTZfd9AZcbugbxh9VYsjEZzmcBRGSRi39lCaOT/FBjVwWP0g22e2Dp8omql7
Ql9Rsyl4+G5Valh3xmRPLquQ+nXk4szoHmiP0nCYBzgFTwRsF/akGDgSRohv60if
CVQPaHFwaVKtSdy5Ti7Inbyq+jSG3PPTgiqZef4FX3KjgTB6ShLVSWTXxEAfmw2X
IjoRxLzYpB2PPxmr3TjatMa9TAJzwKkMqGBhte12NuI8IZrlDnD5e75nHMSMC67i
wweSeKct9OOwh89bdbBx5yMzEPSt3nTzwyvtPbpihWEUu8MVSWJfZwG5wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAP7DfPqBxV0zxDLylSL7chbhcRjMB8GA1UdIwQY
MBaAFB1ra2pQYaQRXVMEDP/cZLOw1xp4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFd0cmFsQmhwQkZkVXdRTV85eGtzN0RYR25nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC85ZTVmNTQtYmEzZi00YjZlLTlkYTkt
YmZhZmQ2MjJlODlmLzEvQV9zTjgtb0hGWFRQRU12S1ZJdnR5RnVGeEdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC85ZTVmNTQtYmEzZi00YjZlLTlkYTktYmZhZmQ2MjJlODlm
LzEvSFd0cmFsQmhwQkZkVXdRTV85eGtzN0RYR25nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVgQMA0G
CSqGSIb3DQEBCwUAA4IBAQBGRSfyqBOnDA2nBDu4Vu2SWP7FL7xo0M8ie2YsI0at
aeM/b8B4K81a+irW4rd64jKPReNYOYfDEnWzMXOP8D+ohGPrnpPM8o8mN8GPCRnn
hZYvTiwyPKKbpbKnz9ZfSzSAXOTMttI/8uz+jaikNB2ZNFexEp7pq7bmUu9KHU6k
fISYF/+AVSnhyzdWjvL/PQEVH1PnFCxZ7A5oB8SbzlpudF0TEyUJGIo8e4SKOvpD
6z6VVHmEw9+xZeK9R3LqHtcutdU1KYM9zmZZAgKGhE8JkiN1N5Ke3VKbT3L7cnBB
cDXEgXLvIO1PlmG27E/Bagqh7t3IwNni3t5apmbcZqHe
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:34:57 2024 by rpki-client on console-ams.rpki-client.org