Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/WsQa8MBxBBzwmP7QePid2TzNtgM.roa
File: WsQa8MBxBBzwmP7QePid2TzNtgM.roa (raw, json)
Hash identifier: Ff7YwzulyVDJC3VHStzpoOfJzOMrAMcIAkkXl69wr2g=
Subject key identifier: 5A:C4:1A:F0:C0:71:04:1C:F0:98:FE:D0:78:F8:9D:D9:3C:CD:B6:03
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018FC50CD1D1439B86674E810A9B1D9C14ED
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/WsQa8MBxBBzwmP7QePid2TzNtgM.roa
Signing time: Wed 29 May 2024 15:51:42 +0000
ROA not before: Wed 29 May 2024 15:51:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202147
IP address blocks: 88.98.112.0/20 maxlen: 24
188.241.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c5:0c:d1:d1:43:9b:86:67:4e:81:0a:9b:1d:9c:14:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: May 29 15:51:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ac41af0c071041cf098fed078f89dd93ccdb603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a1:bd:8f:ef:e8:e2:e4:59:8b:09:ff:34:72:
de:86:40:d6:af:3e:59:78:88:7a:95:9f:6f:ce:18:
79:c2:19:c4:d0:41:52:c4:47:e9:21:ac:93:be:db:
66:53:ee:7f:42:a5:eb:8e:28:20:40:9b:d1:b6:49:
0c:bc:1c:71:eb:9e:46:65:56:cb:ab:40:d7:52:97:
62:4d:1f:a5:cf:ee:18:ad:d9:09:1b:45:16:18:8a:
49:07:df:4d:11:e9:40:32:c8:90:7b:9f:7d:42:7e:
42:21:ab:43:e5:56:ad:8e:04:90:bd:d3:0a:6d:b2:
6a:2a:64:09:92:1d:c9:68:1e:a3:5f:c8:8a:8e:5f:
60:e3:46:b4:4c:49:17:ba:a0:12:9b:58:d8:64:c4:
f6:d8:9d:99:9a:5c:1c:7b:87:13:ec:a8:fe:4f:e4:
cc:6e:47:50:a3:07:36:63:f6:fb:f7:bb:e4:68:05:
e1:26:eb:24:4e:1c:f0:00:93:74:f4:48:89:c8:c4:
57:c3:d5:5a:67:d5:dd:a9:97:8b:ff:41:f3:58:2f:
4a:7c:79:e3:35:d5:da:b8:96:94:cc:f7:49:7c:b2:
cc:df:66:d2:f0:54:88:0e:c5:8d:5d:a9:4a:d9:d8:
40:6a:b1:ae:ca:8c:4f:1b:53:c9:69:82:5a:3d:51:
36:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C4:1A:F0:C0:71:04:1C:F0:98:FE:D0:78:F8:9D:D9:3C:CD:B6:03
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/WsQa8MBxBBzwmP7QePid2TzNtgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.98.112.0/20
188.241.96.0/21
Signature Algorithm: sha256WithRSAEncryption
45:59:4c:8e:b0:f0:94:6e:ca:43:fc:02:c4:e3:b2:53:fb:a3:
66:a7:e0:3b:03:1b:2c:61:de:6a:23:58:38:e1:c0:8a:e5:d7:
34:16:6b:f1:0e:6a:8e:b7:e9:27:a5:20:4a:55:42:9f:72:af:
d5:d1:7c:2b:f1:9a:50:6a:9b:ba:98:2f:c0:1d:67:32:6c:08:
07:29:f9:68:09:e4:55:dd:4c:b8:56:e5:bb:b4:70:15:44:4c:
f1:d0:90:e1:fb:fc:9b:f6:62:f6:a2:4e:01:03:2c:7b:6a:47:
49:e2:30:89:44:bb:99:67:e3:2a:1e:45:37:fe:57:e3:77:2e:
93:d6:df:16:0b:fc:7e:92:bb:39:9d:62:13:3d:8b:95:57:e7:
aa:23:a5:61:ce:16:27:36:3e:89:1e:59:26:13:84:b7:b1:56:
3f:48:8d:83:b2:1c:e6:3c:af:c1:3b:0c:07:95:e8:ad:90:67:
0d:14:fc:6b:84:97:c9:63:f8:0a:52:6a:2d:98:c9:9a:16:aa:
87:f9:1d:9f:52:bb:b1:43:7e:46:5f:9e:59:1b:5c:f3:a1:58:
c4:5c:bb:94:82:ef:ae:12:80:5b:b0:fb:6a:99:82:f4:35:37:
bb:a7:1d:56:a6:4d:cf:c5:a4:98:b7:f1:fb:5e:03:36:6d:f0:
7e:d8:7e:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/FDNHRQ5uGZ06BCpsdnBTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwNTI5MTU1MTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWM0MWFmMGMwNzEwNDFjZjA5OGZlZDA3OGY4OWRkOTNjY2RiNjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqG9j+/o4uRZiwn/NHLehkDWrz5Z
eIh6lZ9vzhh5whnE0EFSxEfpIayTvttmU+5/QqXrjiggQJvRtkkMvBxx655GZVbL
q0DXUpdiTR+lz+4YrdkJG0UWGIpJB99NEelAMsiQe599Qn5CIatD5VatjgSQvdMK
bbJqKmQJkh3JaB6jX8iKjl9g40a0TEkXuqASm1jYZMT22J2Zmlwce4cT7Kj+T+TM
bkdQowc2Y/b797vkaAXhJuskThzwAJN09EiJyMRXw9VaZ9XdqZeL/0HzWC9KfHnj
NdXauJaUzPdJfLLM32bS8FSIDsWNXalK2dhAarGuyoxPG1PJaYJaPVE2uwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFrEGvDAcQQc8Jj+0Hj4ndk8zbYDMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvV3NRYThNQnhCQnp3bVA3UWVQaWQyVHpOdGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEWGJwAwQD
vPFgMA0GCSqGSIb3DQEBCwUAA4IBAQBFWUyOsPCUbspD/ALE47JT+6Nmp+A7Axss
Yd5qI1g44cCK5dc0FmvxDmqOt+knpSBKVUKfcq/V0Xwr8ZpQapu6mC/AHWcybAgH
KfloCeRV3Uy4VuW7tHAVREzx0JDh+/yb9mL2ok4BAyx7akdJ4jCJRLuZZ+MqHkU3
/lfjdy6T1t8WC/x+krs5nWITPYuVV+eqI6VhzhYnNj6JHlkmE4S3sVY/SI2Dshzm
PK/BOwwHleitkGcNFPxrhJfJY/gKUmotmMmaFqqH+R2fUruxQ35GX55ZG1zzoVjE
XLuUgu+uEoBbsPtqmYL0NTe7px1Wpk3PxaSYt/H7XgM2bfB+2H7P
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:24:34 2024 by rpki-client on console-fra.rpki-client.org