Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/1-2nkQy8xVvyeeTSWaf-YiBW5lrI.roa
File: 1-2nkQy8xVvyeeTSWaf-YiBW5lrI.roa (raw, json)
Hash identifier: a1ImM42LpM8DiL7ktEQ9/xXGrlO1MXyE3BwfxKPy2k0=
Subject key identifier: FB:69:E4:43:2F:31:56:FC:9E:79:34:96:69:FF:98:88:15:B9:96:B2
Certificate issuer: /CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Certificate serial: 018D36A9270935A0E061E3EA86556BC93990
Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/1-2nkQy8xVvyeeTSWaf-YiBW5lrI.roa
Signing time: Tue 23 Jan 2024 14:11:11 +0000
ROA not before: Tue 23 Jan 2024 14:11:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58273
IP address blocks: 88.97.112.0/20 maxlen: 24
88.97.128.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.mft
rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 03:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:a9:27:09:35:a0:e0:61:e3:ea:86:55:6b:c9:39:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Validity
Not Before: Jan 23 14:11:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb69e4432f3156fc9e79349669ff988815b996b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3f:af:eb:ab:2b:e7:95:f8:92:0f:48:d0:15:
78:a6:76:23:fe:37:6c:fa:f7:9a:ef:ed:c5:80:95:
14:ce:de:90:0c:59:fa:4a:3c:75:4b:00:f8:b6:db:
da:29:c1:b3:9e:63:7f:d5:8b:14:df:87:e3:d8:94:
16:6a:6e:d7:31:bd:c8:4b:88:d9:8a:f0:ea:e5:28:
ae:a3:7c:f6:1d:f2:a0:f7:8f:4f:08:e8:68:35:36:
46:f4:9d:d3:89:01:7a:1d:29:77:ab:ae:58:0e:13:
5d:43:0f:ce:3a:86:1c:11:7a:0a:54:af:30:69:92:
b3:85:a8:5c:01:2f:08:38:a2:11:94:68:66:06:80:
79:6a:60:da:6f:8d:73:40:60:41:03:7a:f7:17:7f:
a6:07:b9:2a:3b:58:a7:19:1b:ca:37:d5:ec:3e:2d:
c8:b5:5d:2f:09:89:16:78:8d:93:86:36:98:58:ea:
fe:37:ba:85:26:e6:c1:c7:a2:3a:38:09:a4:58:32:
11:d6:8e:26:35:2a:f7:cf:7b:20:4c:c8:de:43:5e:
a7:9b:38:27:d7:f6:75:6c:c7:d9:d3:af:bb:14:d0:
6a:be:b9:18:20:2c:a9:c3:65:44:4e:e5:17:0e:34:
45:b4:30:39:14:06:a9:92:f9:a4:d8:d1:45:4f:2a:
f8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:69:E4:43:2F:31:56:FC:9E:79:34:96:69:FF:98:88:15:B9:96:B2
X509v3 Authority Key Identifier:
keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/1-2nkQy8xVvyeeTSWaf-YiBW5lrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.97.112.0-88.97.159.255
Signature Algorithm: sha256WithRSAEncryption
25:d6:2e:64:b9:28:bc:51:9d:b8:1e:16:11:52:87:5b:da:6e:
db:ed:24:3d:c8:41:70:c3:bc:1b:9a:9f:a3:38:cf:e8:4c:e4:
4b:26:19:33:be:34:9c:5e:2e:b2:87:63:32:f5:b9:74:23:8e:
ca:21:fa:a7:f3:9c:ba:29:e9:fe:69:fb:c8:6f:fd:7d:1e:25:
33:a6:c1:59:68:3b:d3:27:11:48:a6:d2:49:4e:35:de:c4:5a:
70:15:35:50:be:e1:71:7e:47:62:d3:19:fe:4b:06:11:9d:26:
50:62:9f:b3:35:e5:a2:5c:81:b9:4e:7a:8e:13:5d:c9:c9:5e:
6a:56:07:6a:d7:0a:2e:33:b3:e9:e7:14:48:f8:21:18:5b:0d:
af:93:06:74:15:cc:5d:07:44:11:bf:f9:fd:1e:6c:18:6f:09:
5b:e7:a1:a4:0a:f2:37:41:86:59:35:52:5a:85:70:2a:1b:f1:
54:9c:63:be:48:28:bd:31:85:19:f8:ed:59:c4:61:3e:01:ea:
39:1f:30:4e:7b:ca:f3:14:c1:4e:16:d2:65:d3:89:54:68:7f:
11:a1:a7:1b:f6:75:bd:33:22:32:8f:5d:f5:ac:a0:58:95:5b:
ec:ff:70:37:0f:25:73:80:0c:f3:3c:53:8a:e6:5c:21:39:12:
6f:c4:42:ca
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAY02qScJNaDgYePqhlVryTmQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjQ1MDFiNzU1MDAyZDkxNDNlOGZhNjczNjgxNWU5ZjBm
OTM2OTUwHhcNMjQwMTIzMTQxMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjY5ZTQ0MzJmMzE1NmZjOWU3OTM0OTY2OWZmOTg4ODE1Yjk5NmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApz+v66sr55X4kg9I0BV4pnYj/jds
+vea7+3FgJUUzt6QDFn6Sjx1SwD4ttvaKcGznmN/1YsU34fj2JQWam7XMb3IS4jZ
ivDq5Siuo3z2HfKg949PCOhoNTZG9J3TiQF6HSl3q65YDhNdQw/OOoYcEXoKVK8w
aZKzhahcAS8IOKIRlGhmBoB5amDab41zQGBBA3r3F3+mB7kqO1inGRvKN9XsPi3I
tV0vCYkWeI2ThjaYWOr+N7qFJubBx6I6OAmkWDIR1o4mNSr3z3sgTMjeQ16nmzgn
1/Z1bMfZ06+7FNBqvrkYICypw2VETuUXDjRFtDA5FAapkvmk2NFFTyr4jQIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPtp5EMvMVb8nnk0lmn/mIgVuZayMB8GA1UdIwQY
MBaAFFz0UBt1UALZFD6PpnNoFenw+TaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUt
NjBjZjlhYjFiMTNlLzEvMS0ybmtReTh4VnZ5ZWVUU1dhZi1ZaUJXNWxySS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmYvYzFjYTA3LTk2NTgtNDQ0Ni04Y2I1LTYwY2Y5YWIxYjEz
ZS8xL1hQUlFHM1ZRQXRrVVBvLW1jMmdWNmZENU5wVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQEWGFw
AwQFWGGAMA0GCSqGSIb3DQEBCwUAA4IBAQAl1i5kuSi8UZ24HhYRUodb2m7b7SQ9
yEFww7wbmp+jOM/oTORLJhkzvjScXi6yh2My9bl0I47KIfqn85y6Ken+afvIb/19
HiUzpsFZaDvTJxFIptJJTjXexFpwFTVQvuFxfkdi0xn+SwYRnSZQYp+zNeWiXIG5
TnqOE13JyV5qVgdq1wouM7Pp5xRI+CEYWw2vkwZ0FcxdB0QRv/n9HmwYbwlb56Gk
CvI3QYZZNVJahXAqG/FUnGO+SCi9MYUZ+O1ZxGE+Aeo5HzBOe8rzFMFOFtJl04lU
aH8Roacb9nW9MyIyj131rKBYlVvs/3A3DyVzgAzzPFOK5lwhORJvxELK
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:49:26 2024 by rpki-client on console-ams.rpki-client.org