Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/Qzw3QMKklDVTV524qlcJCbTkjXY.roa
File: Qzw3QMKklDVTV524qlcJCbTkjXY.roa (raw, json)
Hash identifier: QKVSwwGLYqYZ4oA09EQdxh6e4vjhtWOIa6EXv/vGtBA=
Subject key identifier: 43:3C:37:40:C2:A4:94:35:53:57:9D:B8:AA:57:09:09:B4:E4:8D:76
Certificate issuer: /CN=56c8a1713c7476e00ed2b77fd98fd89330365d87
Certificate serial: 018CC348FC287D809B8162FE117BAB45EF1E
Authority key identifier: 56:C8:A1:71:3C:74:76:E0:0E:D2:B7:7F:D9:8F:D8:93:30:36:5D:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VsihcTx0duAO0rd_2Y_YkzA2XYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/Qzw3QMKklDVTV524qlcJCbTkjXY.roa
Signing time: Mon 01 Jan 2024 04:29:49 +0000
ROA not before: Mon 01 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204641
IP address blocks: 88.80.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/VsihcTx0duAO0rd_2Y_YkzA2XYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/VsihcTx0duAO0rd_2Y_YkzA2XYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/VsihcTx0duAO0rd_2Y_YkzA2XYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fc:28:7d:80:9b:81:62:fe:11:7b:ab:45:ef:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56c8a1713c7476e00ed2b77fd98fd89330365d87
Validity
Not Before: Jan 1 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=433c3740c2a4943553579db8aa570909b4e48d76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:93:81:a5:69:6b:b7:14:d4:6a:03:2d:78:24:
66:2c:76:88:2f:f6:0d:0d:94:e4:9d:f7:bd:aa:90:
ed:12:de:b8:97:f4:8f:38:cc:6c:d7:df:c5:c8:ff:
fa:ce:b4:3b:15:86:6f:3c:00:76:d9:23:f8:1a:e3:
57:5f:18:d5:e8:82:d9:68:61:e4:08:e4:29:b5:7c:
5e:fc:c2:4f:3d:55:c7:08:75:fd:30:dd:0c:80:4a:
15:5d:cf:34:30:1b:66:8a:2a:a2:03:e3:ea:7a:96:
ba:85:52:80:a5:f4:23:8e:dc:e2:08:96:5e:5e:32:
46:7e:1f:df:ff:a3:97:c5:d9:61:1d:15:cf:3c:00:
46:da:8e:fb:e2:f9:c8:1a:6d:eb:45:77:4d:b9:32:
7a:15:8b:b4:4d:39:8e:b9:6d:83:9d:f8:cc:85:22:
63:a3:84:60:9a:78:ba:20:7d:42:c4:d1:59:5a:68:
69:e8:86:77:d2:41:42:b5:16:9f:2a:d7:89:25:ff:
01:ee:ee:db:06:5a:f3:cf:4d:9d:6b:f3:44:ec:db:
b5:97:70:2a:85:6d:76:76:84:37:b3:e7:a5:16:00:
e8:6e:da:a9:f5:66:9f:26:3e:1f:e8:80:c6:a8:89:
16:3e:93:63:95:24:58:53:e0:1a:f1:04:93:a2:80:
97:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:3C:37:40:C2:A4:94:35:53:57:9D:B8:AA:57:09:09:B4:E4:8D:76
X509v3 Authority Key Identifier:
keyid:56:C8:A1:71:3C:74:76:E0:0E:D2:B7:7F:D9:8F:D8:93:30:36:5D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VsihcTx0duAO0rd_2Y_YkzA2XYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/Qzw3QMKklDVTV524qlcJCbTkjXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/VsihcTx0duAO0rd_2Y_YkzA2XYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.80.144.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:be:2c:16:99:93:5a:a0:bd:11:ad:e3:e9:c3:12:45:bf:8f:
2c:13:63:2e:3e:a2:2a:5c:e5:a4:bb:73:be:a9:94:82:af:c8:
70:b2:41:2c:a3:4f:51:72:17:05:5a:04:0b:f2:74:28:07:8d:
01:c3:c9:e6:0f:30:02:d6:f8:60:fb:d3:2e:b8:29:ef:05:7a:
50:2f:fe:4c:26:f7:c5:92:cf:0f:33:0b:e1:55:1e:4e:88:3b:
43:ab:84:b3:d6:68:7e:c7:a7:9d:a2:ba:65:7c:59:74:55:b9:
04:ca:27:44:f5:fc:1d:80:3c:49:a1:16:50:8b:e3:7e:61:22:
d6:23:b5:2f:15:bb:70:0a:67:27:8c:1e:4c:81:95:a9:43:e1:
a1:85:97:8e:64:59:f7:9a:08:43:5e:5a:a4:5c:bd:06:61:0a:
05:31:3a:52:38:ca:0a:ec:9b:a1:9e:38:07:5e:b4:f0:b5:80:
0a:bc:dd:4e:83:26:91:84:ac:ae:1a:53:7a:4b:4c:fe:33:c5:
65:02:3d:72:60:30:f1:62:c7:04:a3:41:76:4d:27:34:a6:9f:
38:e0:72:0a:e3:78:cf:f0:94:43:fb:db:61:09:bd:26:8f:ba:
5c:6f:c9:fb:8a:2f:a6:87:46:37:11:32:75:fe:8d:59:30:52:
57:48:51:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSPwofYCbgWL+EXurRe8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YzhhMTcxM2M3NDc2ZTAwZWQyYjc3ZmQ5OGZkODkzMzAz
NjVkODcwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzNjMzc0MGMyYTQ5NDM1NTM1NzlkYjhhYTU3MDkwOWI0ZTQ4ZDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5OBpWlrtxTUagMteCRmLHaIL/YN
DZTknfe9qpDtEt64l/SPOMxs19/FyP/6zrQ7FYZvPAB22SP4GuNXXxjV6ILZaGHk
COQptXxe/MJPPVXHCHX9MN0MgEoVXc80MBtmiiqiA+Pqepa6hVKApfQjjtziCJZe
XjJGfh/f/6OXxdlhHRXPPABG2o774vnIGm3rRXdNuTJ6FYu0TTmOuW2DnfjMhSJj
o4Rgmni6IH1CxNFZWmhp6IZ30kFCtRafKteJJf8B7u7bBlrzz02da/NE7Nu1l3Aq
hW12doQ3s+elFgDobtqp9WafJj4f6IDGqIkWPpNjlSRYU+Aa8QSTooCXKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEM8N0DCpJQ1U1eduKpXCQm05I12MB8GA1UdIwQY
MBaAFFbIoXE8dHbgDtK3f9mP2JMwNl2HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnNpaGNUeDBkdUFPMHJkXzJZX1lrekEyWFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8yM2Q1MjUtODI5Ni00ZjljLTlkZTQt
OTFlMzJjNTE3MTUyLzEvUXp3M1FNS2tsRFZUVjUyNHFsY0pDYlRralhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8yM2Q1MjUtODI5Ni00ZjljLTlkZTQtOTFlMzJjNTE3MTUy
LzEvVnNpaGNUeDBkdUFPMHJkXzJZX1lrekEyWFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWFCQMA0G
CSqGSIb3DQEBCwUAA4IBAQAKviwWmZNaoL0RrePpwxJFv48sE2MuPqIqXOWku3O+
qZSCr8hwskEso09RchcFWgQL8nQoB40Bw8nmDzAC1vhg+9MuuCnvBXpQL/5MJvfF
ks8PMwvhVR5OiDtDq4Sz1mh+x6edorplfFl0VbkEyidE9fwdgDxJoRZQi+N+YSLW
I7UvFbtwCmcnjB5MgZWpQ+GhhZeOZFn3mghDXlqkXL0GYQoFMTpSOMoK7JuhnjgH
XrTwtYAKvN1OgyaRhKyuGlN6S0z+M8VlAj1yYDDxYscEo0F2TSc0pp844HIK43jP
8JRD+9thCb0mj7pcb8n7ii+mh0Y3ETJ1/o1ZMFJXSFGr
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:17:21 2024 by rpki-client on console-ams.rpki-client.org