Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/1-tIKLppcC_x50ywEog_wMS6OXdY.roa
File: 1-tIKLppcC_x50ywEog_wMS6OXdY.roa (raw, json)
Hash identifier: aBlzLCkx4goimQh4gnJFH4o0RYnD0T0wyvWh/azyG4c=
Subject key identifier: FA:D2:0A:2E:9A:5C:0B:FC:79:D3:2C:04:A2:0F:F0:31:2E:8E:5D:D6
Certificate issuer: /CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Certificate serial: 0192FCCEC2818FE2FBE193839CED4AF68F43
Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/1-tIKLppcC_x50ywEog_wMS6OXdY.roa
Signing time: Tue 05 Nov 2024 14:51:01 +0000
ROA not before: Tue 05 Nov 2024 14:51:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215000
IP address blocks: 88.97.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.mft
rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fc:ce:c2:81:8f:e2:fb:e1:93:83:9c:ed:4a:f6:8f:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Validity
Not Before: Nov 5 14:51:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fad20a2e9a5c0bfc79d32c04a20ff0312e8e5dd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f5:95:4f:12:0b:fd:e7:aa:6b:62:84:c9:64:
4c:93:c9:73:d2:e1:79:6f:2c:2b:97:5e:3b:2a:13:
20:c3:ea:4b:77:d4:22:98:75:86:6e:a3:83:d6:67:
1c:de:1c:7e:da:78:b2:ef:c5:86:26:c5:e3:1a:a2:
1f:73:4a:f1:50:55:d4:14:1e:ec:4b:9e:5d:34:13:
d6:cd:e7:83:0a:2c:0a:43:ab:b8:73:a9:38:7c:7e:
05:2f:c3:9f:61:10:fc:94:4a:2f:e8:05:6b:cc:b4:
ac:14:d2:ee:08:f0:0f:a2:0a:58:be:86:ec:ef:22:
54:a2:ce:24:ad:96:9d:e0:c9:5d:bf:3d:a3:a0:89:
63:c1:79:07:af:df:cc:91:d0:db:d1:7e:f8:18:e4:
0e:03:02:5f:80:e5:79:89:97:b7:37:55:c1:34:a0:
08:93:3a:6c:a5:5b:cc:59:e2:75:b1:87:dd:03:d4:
65:7f:39:b9:46:b9:0c:cd:33:9d:7b:72:84:ea:84:
10:82:b4:ec:38:3d:13:90:a5:7a:dd:ea:c7:cc:87:
f3:9d:1c:ee:8f:5b:15:70:26:d8:2f:09:2c:b0:8a:
39:b3:a7:83:9f:c5:57:9a:98:97:e9:6e:95:d2:26:
8f:69:0f:da:19:05:78:04:1c:17:14:c7:87:c8:12:
9a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D2:0A:2E:9A:5C:0B:FC:79:D3:2C:04:A2:0F:F0:31:2E:8E:5D:D6
X509v3 Authority Key Identifier:
keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/1-tIKLppcC_x50ywEog_wMS6OXdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.97.172.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:05:c2:1e:0f:53:0f:57:97:88:bd:80:92:30:f1:6a:87:b6:
d3:4f:22:b4:31:cc:01:32:3d:3b:01:07:61:cb:3f:05:69:c4:
a1:c3:c7:c4:d2:c0:27:13:a6:cc:3f:21:07:e9:93:fd:69:b0:
ec:7f:3b:27:7f:d6:96:92:6f:09:bc:f9:d0:dc:0d:52:d4:ad:
0e:01:5e:00:79:84:e3:ef:9e:0d:8a:61:f9:c3:e2:e8:46:da:
1b:dc:9d:35:6f:4c:1f:a4:86:99:b1:f2:3b:fe:e0:63:e3:7e:
21:2b:6e:1d:1c:bd:e4:20:58:cf:c9:eb:f8:ce:22:4c:12:a7:
9c:70:1a:4f:ea:d5:c8:93:70:37:ba:9f:10:7c:59:43:c3:6d:
f1:20:56:e8:0e:b6:12:26:61:ef:2d:ba:4d:07:99:f1:6e:70:
39:8f:b8:b5:91:95:e8:da:a4:16:0a:5b:f3:c6:30:05:d6:83:
89:ec:31:90:6f:d2:15:fa:fc:f2:55:94:d9:eb:c8:59:8b:39:
ad:ff:b5:4f:40:e5:c3:84:fe:71:a0:5f:d2:f7:c9:22:d5:34:
2b:26:a1:98:e6:24:df:6a:ea:5b:62:01:e2:82:dd:63:3a:83:
0b:ec:a4:65:70:90:61:53:ad:68:6b:f4:6f:f2:a3:e1:5b:24:
d9:6f:e4:00
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZL8zsKBj+L74ZODnO1K9o9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjQ1MDFiNzU1MDAyZDkxNDNlOGZhNjczNjgxNWU5ZjBm
OTM2OTUwHhcNMjQxMTA1MTQ1MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQyMGEyZTlhNWMwYmZjNzlkMzJjMDRhMjBmZjAzMTJlOGU1ZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfWVTxIL/eeqa2KEyWRMk8lz0uF5
bywrl147KhMgw+pLd9QimHWGbqOD1mcc3hx+2niy78WGJsXjGqIfc0rxUFXUFB7s
S55dNBPWzeeDCiwKQ6u4c6k4fH4FL8OfYRD8lEov6AVrzLSsFNLuCPAPogpYvobs
7yJUos4krZad4Mldvz2joIljwXkHr9/MkdDb0X74GOQOAwJfgOV5iZe3N1XBNKAI
kzpspVvMWeJ1sYfdA9Rlfzm5RrkMzTOde3KE6oQQgrTsOD0TkKV63erHzIfznRzu
j1sVcCbYLwkssIo5s6eDn8VXmpiX6W6V0iaPaQ/aGQV4BBwXFMeHyBKajwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPrSCi6aXAv8edMsBKIP8DEujl3WMB8GA1UdIwQY
MBaAFFz0UBt1UALZFD6PpnNoFenw+TaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUt
NjBjZjlhYjFiMTNlLzEvMS10SUtMcHBjQ194NTB5d0VvZ193TVM2T1hkWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmYvYzFjYTA3LTk2NTgtNDQ0Ni04Y2I1LTYwY2Y5YWIxYjEz
ZS8xL1hQUlFHM1ZRQXRrVVBvLW1jMmdWNmZENU5wVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlhhrDAN
BgkqhkiG9w0BAQsFAAOCAQEAXAXCHg9TD1eXiL2AkjDxaoe2008itDHMATI9OwEH
Ycs/BWnEocPHxNLAJxOmzD8hB+mT/Wmw7H87J3/WlpJvCbz50NwNUtStDgFeAHmE
4++eDYph+cPi6EbaG9ydNW9MH6SGmbHyO/7gY+N+IStuHRy95CBYz8nr+M4iTBKn
nHAaT+rVyJNwN7qfEHxZQ8Nt8SBW6A62EiZh7y26TQeZ8W5wOY+4tZGV6NqkFgpb
88YwBdaDiewxkG/SFfr88lWU2evIWYs5rf+1T0Dlw4T+caBf0vfJItU0KyahmOYk
32rqW2IB4oLdYzqDC+ykZXCQYVOtaGv0b/Kj4Vsk2W/kAA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:57:17 2024 by rpki-client on console-ams.rpki-client.org