Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/VLdvUfmHvC1hqOSMTobEXarMlpM.roa
File: VLdvUfmHvC1hqOSMTobEXarMlpM.roa (raw, json)
Hash identifier: 1ysemnvowpOJjOHE64++cJltGoHAxDw4h5grztYLEms=
Subject key identifier: 54:B7:6F:51:F9:87:BC:2D:61:A8:E4:8C:4E:86:C4:5D:AA:CC:96:93
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018DCA848AF8C448B21FBEE07ECF53D9EAA2
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/VLdvUfmHvC1hqOSMTobEXarMlpM.roa
Signing time: Wed 21 Feb 2024 07:15:00 +0000
ROA not before: Wed 21 Feb 2024 07:15:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 88.209.230.0/24 maxlen: 24
88.209.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 08:39:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ca:84:8a:f8:c4:48:b2:1f:be:e0:7e:cf:53:d9:ea:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 21 07:15:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54b76f51f987bc2d61a8e48c4e86c45daacc9693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3f:c2:ee:16:8a:f5:fa:88:11:52:82:9b:ab:
9b:d2:c8:81:ad:53:bd:0e:84:cc:25:2d:d5:ea:e3:
cf:14:70:7a:73:64:e6:ca:3b:68:ac:fd:95:58:c5:
a1:84:ba:ad:17:8f:11:6e:6d:1f:11:0f:a9:0d:40:
2f:16:bd:6b:7f:be:c9:1b:5a:35:4c:c9:c2:c1:64:
34:2f:99:bf:6f:81:c6:5a:2f:62:6d:05:60:ed:c9:
7e:f1:9b:5b:c5:85:fd:1c:89:eb:15:e4:6f:2f:f3:
59:71:39:cb:4c:6c:02:a9:79:05:9e:ef:5f:eb:75:
1e:2c:b8:bf:a2:86:04:63:6f:d0:16:ae:ad:ea:76:
19:a5:29:33:98:62:98:e3:95:20:de:09:67:25:f1:
ea:ec:fc:65:96:5a:f0:71:dc:ab:41:2a:ed:c8:c8:
ef:26:d5:ab:c5:ff:09:bd:2a:85:b5:9b:24:d5:aa:
95:30:e5:13:dc:99:ad:f3:14:47:b5:52:7b:a8:4e:
67:fb:ac:ae:89:ed:6f:56:ee:3c:df:22:09:f9:0c:
13:85:da:31:d4:be:23:81:44:31:7c:76:42:42:11:
4f:8d:de:aa:c7:53:99:e4:61:7b:3b:1f:c4:75:ca:
ba:e0:17:0c:a7:c1:32:73:a6:a0:88:01:90:5c:5c:
9b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:B7:6F:51:F9:87:BC:2D:61:A8:E4:8C:4E:86:C4:5D:AA:CC:96:93
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/VLdvUfmHvC1hqOSMTobEXarMlpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.230.0/24
88.209.255.0/24
Signature Algorithm: sha256WithRSAEncryption
32:d3:94:f2:f5:86:a3:75:6b:7f:ec:5d:00:2d:73:70:4f:77:
78:2d:5e:14:3d:b0:70:b6:8b:9c:d3:cd:ed:02:29:1b:4e:e4:
b5:f2:e3:48:3a:08:48:73:3c:a8:75:c3:62:9d:0e:4e:d1:6e:
ac:9a:bf:18:4d:35:b9:9f:b8:18:71:c1:07:44:7d:1c:0c:f0:
ae:1b:b3:02:13:0a:27:aa:16:33:9e:ef:37:fc:9f:b5:f4:4b:
92:3e:e0:21:4f:24:61:31:1f:18:6d:25:28:b0:74:fc:55:bc:
91:1a:cd:a4:5e:a6:17:fe:b6:25:f0:3f:ad:2f:9e:e3:17:31:
bf:45:af:b5:7c:5d:3a:8f:7c:bf:ae:52:0a:0a:1b:55:ff:20:
7f:56:34:c4:bb:0d:6c:19:cb:28:36:38:f0:70:3b:93:69:d7:
a5:60:5a:7a:1f:23:ab:80:1b:ba:7d:49:37:10:0f:e7:de:6b:
a2:43:51:04:24:f1:b5:95:15:ae:77:98:50:83:24:82:c3:b3:
33:76:ab:98:ba:1b:55:87:8f:1d:23:02:4d:1b:bd:94:b1:90:
13:b6:d0:93:12:28:1d:2f:7f:bc:6c:2b:0e:86:71:d2:aa:8c:
18:ee:bd:12:e9:79:cd:67:e7:7f:42:2a:1d:4b:ab:8c:5b:1b:
56:0a:cb:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3KhIr4xEiyH77gfs9T2eqiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMjIxMDcxNTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGI3NmY1MWY5ODdiYzJkNjFhOGU0OGM0ZTg2YzQ1ZGFhY2M5NjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkD/C7haK9fqIEVKCm6ub0siBrVO9
DoTMJS3V6uPPFHB6c2TmyjtorP2VWMWhhLqtF48Rbm0fEQ+pDUAvFr1rf77JG1o1
TMnCwWQ0L5m/b4HGWi9ibQVg7cl+8ZtbxYX9HInrFeRvL/NZcTnLTGwCqXkFnu9f
63UeLLi/ooYEY2/QFq6t6nYZpSkzmGKY45Ug3glnJfHq7PxlllrwcdyrQSrtyMjv
JtWrxf8JvSqFtZsk1aqVMOUT3Jmt8xRHtVJ7qE5n+6yuie1vVu483yIJ+QwThdox
1L4jgUQxfHZCQhFPjd6qx1OZ5GF7Ox/Edcq64BcMp8Eyc6agiAGQXFybSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFS3b1H5h7wtYajkjE6GxF2qzJaTMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVkxkdlVmbUh2QzFocU9TTVRvYkVYYXJNbHBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNHmAwQA
WNH/MA0GCSqGSIb3DQEBCwUAA4IBAQAy05Ty9YajdWt/7F0ALXNwT3d4LV4UPbBw
touc083tAikbTuS18uNIOghIczyodcNinQ5O0W6smr8YTTW5n7gYccEHRH0cDPCu
G7MCEwonqhYznu83/J+19EuSPuAhTyRhMR8YbSUosHT8VbyRGs2kXqYX/rYl8D+t
L57jFzG/Ra+1fF06j3y/rlIKChtV/yB/VjTEuw1sGcsoNjjwcDuTadelYFp6HyOr
gBu6fUk3EA/n3muiQ1EEJPG1lRWud5hQgySCw7MzdquYuhtVh48dIwJNG72UsZAT
ttCTEigdL3+8bCsOhnHSqowY7r0S6XnNZ+d/QiodS6uMWxtWCstl
-----END CERTIFICATE-----
Generated at Fri May 3 13:43:07 2024 by rpki-client on console-fra.rpki-client.org