Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/6WzV27VQOT_W3DI6w__OOUdX9NM.roa
File: 6WzV27VQOT_W3DI6w__OOUdX9NM.roa (raw, json)
Hash identifier: eeqPRoCbSyiphNpHuze8Ndb3BWGt8ITomgmYIiQv/Bg=
Subject key identifier: E9:6C:D5:DB:B5:50:39:3F:D6:DC:32:3A:C3:FF:CE:39:47:57:F4:D3
Certificate issuer: /CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Certificate serial: 0192F69FCF6956C97DFA96522DC9699EAEEE
Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/6WzV27VQOT_W3DI6w__OOUdX9NM.roa
Signing time: Mon 04 Nov 2024 10:02:01 +0000
ROA not before: Mon 04 Nov 2024 10:02:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212655
IP address blocks: 88.97.192.0/18 maxlen: 18
88.97.192.0/21 maxlen: 21
88.97.200.0/21 maxlen: 21
88.97.208.0/21 maxlen: 21
88.97.216.0/21 maxlen: 21
88.97.224.0/21 maxlen: 21
88.97.232.0/21 maxlen: 21
88.97.240.0/22 maxlen: 22
88.97.244.0/22 maxlen: 22
88.97.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.mft
rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f6:9f:cf:69:56:c9:7d:fa:96:52:2d:c9:69:9e:ae:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Validity
Not Before: Nov 4 10:02:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e96cd5dbb550393fd6dc323ac3ffce394757f4d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:62:34:d8:ce:bd:7d:20:e8:d0:5d:99:59:75:
b1:d3:6e:14:6f:36:ff:30:ab:79:a2:db:d6:a2:48:
c7:d7:f9:18:d5:01:12:82:ea:02:e5:48:06:5a:f0:
fd:00:fa:64:03:ca:df:1e:ad:8d:36:54:a2:49:e7:
c5:84:77:b2:ad:86:7b:43:02:45:d5:c6:0d:36:fc:
20:16:80:3e:20:d4:05:a3:45:94:d5:01:94:3a:6d:
cf:7b:e1:8d:fd:e0:6a:7a:b7:08:0b:59:d6:15:a2:
7b:fc:4a:d4:6d:f4:49:06:48:5e:1b:41:37:81:6c:
1d:db:d6:0a:d2:e7:c4:05:e7:f6:fc:53:16:c9:52:
6d:04:8e:69:80:8a:7a:65:c1:a3:7b:5e:90:de:86:
fb:0f:d2:99:78:08:fb:a4:0d:cd:4b:49:e2:44:cc:
9e:8d:8f:c2:42:e2:dd:8f:a4:09:ae:bd:36:f8:97:
ff:ff:94:b5:5e:24:0f:01:1e:65:6e:fb:72:77:01:
77:53:0b:07:f2:e2:dc:2c:d5:59:1a:19:6f:64:39:
14:54:5f:26:99:f4:38:1e:38:21:02:fe:0e:1a:23:
f5:63:14:4b:f4:ff:12:07:64:f4:06:4a:91:9b:0b:
4a:4d:19:e0:37:bf:ae:8b:1c:bb:98:04:65:fd:d5:
19:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:6C:D5:DB:B5:50:39:3F:D6:DC:32:3A:C3:FF:CE:39:47:57:F4:D3
X509v3 Authority Key Identifier:
keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/6WzV27VQOT_W3DI6w__OOUdX9NM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.97.192.0/18
Signature Algorithm: sha256WithRSAEncryption
80:72:3b:f9:9f:05:46:19:cd:23:ab:f3:b5:2c:69:d7:b3:43:
85:db:c1:f5:51:51:a0:c2:a6:5f:e3:04:94:c5:b9:c5:36:d9:
51:4c:1c:0b:b4:ff:ec:96:71:58:9b:fd:4e:e0:1b:d1:00:00:
3d:89:b9:e4:eb:e7:9e:0d:e6:48:45:94:6c:d4:1a:0b:95:d9:
16:33:38:f0:fb:7c:89:93:0f:26:b2:eb:b7:54:fc:54:e4:0d:
02:f2:2a:3a:66:c1:00:bd:bf:56:e1:32:e6:3c:19:cb:fe:35:
53:08:00:31:e0:57:01:7d:f4:f0:90:49:5e:ac:ab:bd:78:c1:
a0:5a:9c:ef:57:2c:c8:ce:73:05:b3:64:15:d9:1d:f5:bc:b4:
8e:5b:7f:21:59:b2:e4:4e:00:ca:00:89:c3:e2:ed:e8:b5:a2:
58:4f:b1:48:35:eb:25:13:db:67:3c:c6:2b:6e:8e:cd:91:dd:
9d:fd:5f:67:66:9f:d4:c0:d2:59:1c:15:f3:c7:9d:49:e7:bc:
71:d6:db:10:cb:a4:b4:67:bb:88:a1:92:b2:73:a8:2e:13:69:
31:aa:e9:38:8b:e6:98:c7:ab:15:16:85:bd:e1:9f:ae:e0:30:
98:bd:28:09:f4:c9:2f:f7:8e:8a:56:27:f5:e6:66:f1:5e:29:
a2:ce:fa:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZL2n89pVsl9+pZSLclpnq7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjQ1MDFiNzU1MDAyZDkxNDNlOGZhNjczNjgxNWU5ZjBm
OTM2OTUwHhcNMjQxMTA0MTAwMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTZjZDVkYmI1NTAzOTNmZDZkYzMyM2FjM2ZmY2UzOTQ3NTdmNGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumI02M69fSDo0F2ZWXWx024Ubzb/
MKt5otvWokjH1/kY1QESguoC5UgGWvD9APpkA8rfHq2NNlSiSefFhHeyrYZ7QwJF
1cYNNvwgFoA+INQFo0WU1QGUOm3Pe+GN/eBqercIC1nWFaJ7/ErUbfRJBkheG0E3
gWwd29YK0ufEBef2/FMWyVJtBI5pgIp6ZcGje16Q3ob7D9KZeAj7pA3NS0niRMye
jY/CQuLdj6QJrr02+Jf//5S1XiQPAR5lbvtydwF3UwsH8uLcLNVZGhlvZDkUVF8m
mfQ4HjghAv4OGiP1YxRL9P8SB2T0BkqRmwtKTRngN7+uixy7mARl/dUZcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOls1du1UDk/1twyOsP/zjlHV/TTMB8GA1UdIwQY
MBaAFFz0UBt1UALZFD6PpnNoFenw+TaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUt
NjBjZjlhYjFiMTNlLzEvNld6VjI3VlFPVF9XM0RJNndfX09PVWRYOU5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUtNjBjZjlhYjFiMTNl
LzEvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGWGHAMA0G
CSqGSIb3DQEBCwUAA4IBAQCAcjv5nwVGGc0jq/O1LGnXs0OF28H1UVGgwqZf4wSU
xbnFNtlRTBwLtP/slnFYm/1O4BvRAAA9ibnk6+eeDeZIRZRs1BoLldkWMzjw+3yJ
kw8msuu3VPxU5A0C8io6ZsEAvb9W4TLmPBnL/jVTCAAx4FcBffTwkElerKu9eMGg
WpzvVyzIznMFs2QV2R31vLSOW38hWbLkTgDKAInD4u3otaJYT7FINeslE9tnPMYr
bo7Nkd2d/V9nZp/UwNJZHBXzx51J57xx1tsQy6S0Z7uIoZKyc6guE2kxquk4i+aY
x6sVFoW94Z+u4DCYvSgJ9Mkv946KVif15mbxXimizvpl
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:02:00 2024 by rpki-client on console-fra.rpki-client.org