Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Ut0GWWrjpXgJBXhNZsL1nQJtzXQ.roa
File: Ut0GWWrjpXgJBXhNZsL1nQJtzXQ.roa (raw, json)
Hash identifier: YhATTWjiuMXY5dXW7m2vmgONAPrYPIoCr94lFRWz2Js=
Subject key identifier: 52:DD:06:59:6A:E3:A5:78:09:05:78:4D:66:C2:F5:9D:02:6D:CD:74
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018CC3B6C2D0CD499F4DE3A5C7462C78CDB5
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Ut0GWWrjpXgJBXhNZsL1nQJtzXQ.roa
Signing time: Mon 01 Jan 2024 06:29:43 +0000
ROA not before: Mon 01 Jan 2024 06:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212384
IP address blocks: 88.209.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:c2:d0:cd:49:9f:4d:e3:a5:c7:46:2c:78:cd:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 06:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52dd06596ae3a5780905784d66c2f59d026dcd74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:96:7c:2d:4b:08:e0:08:49:47:7f:56:95:3d:
f1:88:d5:91:60:9b:bd:cb:05:09:b8:f9:76:be:14:
9d:1a:5b:f0:18:1f:36:ad:31:31:7a:86:d8:82:a9:
1d:70:4f:ae:a5:dc:19:8a:05:64:12:ed:84:d5:da:
be:a4:44:d6:68:b8:9a:37:2c:4e:43:fa:7e:9c:a6:
a8:6d:42:20:2f:ed:97:80:5c:6c:2d:9a:72:65:81:
e4:b8:af:d7:84:d6:52:e1:e3:5e:eb:e3:57:ee:fc:
e6:42:ea:85:5b:4d:0b:d8:21:62:65:dc:fc:b8:70:
64:50:27:34:95:ff:1e:74:7d:9b:a2:b7:6f:58:16:
be:87:92:0d:f1:9e:57:a8:a8:5f:86:de:ff:f0:53:
33:e3:43:b1:72:f7:08:3a:aa:2d:f7:64:74:86:28:
7b:f3:c1:77:d0:69:17:81:bc:6d:06:34:50:5f:8a:
5f:1f:35:dd:39:86:ae:b7:ba:79:00:1c:95:18:ff:
2b:8d:1d:5c:87:15:ed:60:46:72:f5:20:02:cd:a1:
5e:40:db:0b:da:85:bf:e6:98:c1:6c:0e:7f:a6:cf:
6b:bc:a5:63:a2:5a:40:48:74:9a:11:1d:ba:4e:ab:
dc:ea:47:bc:36:33:b9:05:f9:bb:9a:0a:1f:14:06:
6c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:DD:06:59:6A:E3:A5:78:09:05:78:4D:66:C2:F5:9D:02:6D:CD:74
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Ut0GWWrjpXgJBXhNZsL1nQJtzXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.231.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:59:03:98:e6:a6:04:3b:c1:65:e9:7d:3e:b0:e1:ef:0f:34:
69:19:0a:3c:79:e2:f9:de:b1:6a:91:42:cc:bb:14:e2:45:33:
22:ff:c1:c1:84:fd:9f:4d:f0:b3:95:a8:44:14:b1:4a:86:94:
5d:af:8b:3b:59:00:2c:3b:a8:0a:ba:72:82:1b:28:bd:60:57:
93:12:cc:e5:c9:55:8b:93:fc:65:56:ea:a8:15:35:ea:b6:cf:
e5:9a:89:7b:19:da:1f:bf:c0:90:dc:07:a3:11:dd:84:37:95:
01:f9:e9:a1:05:10:f5:69:40:26:71:38:18:a4:d9:b5:38:6a:
3f:86:f0:5a:b7:84:a2:46:2e:e0:68:10:20:8b:a3:3f:69:aa:
58:28:1d:36:00:bd:41:01:f4:ee:49:2e:cd:55:a9:75:88:db:
98:44:8b:af:2d:61:89:83:6c:1a:6f:e9:ec:97:16:f9:23:09:
e0:ad:6b:d4:14:bb:32:d6:c6:57:bd:04:08:57:bd:a4:2f:4c:
a1:cb:53:2e:72:6c:88:0f:3d:af:6f:e4:62:e3:0f:0d:96:f9:
33:39:50:48:db:27:34:56:58:55:21:47:2b:0a:66:92:8f:a2:
ca:86:91:ce:eb:05:6a:97:96:a8:eb:0f:18:47:80:d5:df:6e:
45:9d:13:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtsLQzUmfTeOlx0YseM21MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMTAxMDYyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmRkMDY1OTZhZTNhNTc4MDkwNTc4NGQ2NmMyZjU5ZDAyNmRjZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJZ8LUsI4AhJR39WlT3xiNWRYJu9
ywUJuPl2vhSdGlvwGB82rTExeobYgqkdcE+updwZigVkEu2E1dq+pETWaLiaNyxO
Q/p+nKaobUIgL+2XgFxsLZpyZYHkuK/XhNZS4eNe6+NX7vzmQuqFW00L2CFiZdz8
uHBkUCc0lf8edH2bordvWBa+h5IN8Z5XqKhfht7/8FMz40OxcvcIOqot92R0hih7
88F30GkXgbxtBjRQX4pfHzXdOYaut7p5AByVGP8rjR1chxXtYEZy9SACzaFeQNsL
2oW/5pjBbA5/ps9rvKVjolpASHSaER26Tqvc6ke8NjO5Bfm7mgofFAZsmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFLdBllq46V4CQV4TWbC9Z0Cbc10MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVXQwR1dXcmpwWGdKQlhoTlpzTDFuUUp0elhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNHnMA0G
CSqGSIb3DQEBCwUAA4IBAQA8WQOY5qYEO8Fl6X0+sOHvDzRpGQo8eeL53rFqkULM
uxTiRTMi/8HBhP2fTfCzlahEFLFKhpRdr4s7WQAsO6gKunKCGyi9YFeTEszlyVWL
k/xlVuqoFTXqts/lmol7Gdofv8CQ3AejEd2EN5UB+emhBRD1aUAmcTgYpNm1OGo/
hvBat4SiRi7gaBAgi6M/aapYKB02AL1BAfTuSS7NVal1iNuYRIuvLWGJg2wab+ns
lxb5IwngrWvUFLsy1sZXvQQIV72kL0yhy1MucmyIDz2vb+Ri4w8NlvkzOVBI2yc0
VlhVIUcrCmaSj6LKhpHO6wVql5ao6w8YR4DV325FnRPg
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:09:22 2024 by rpki-client on console-ams.rpki-client.org