Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/jP2hUUSq-SoUvjctKqakxy0FX-0.roa
File: jP2hUUSq-SoUvjctKqakxy0FX-0.roa (raw, json)
Hash identifier: 34H49knyzEOR0dcgwXPPlFWFIVptz1A9kV7rvxjIzXE=
Subject key identifier: 8C:FD:A1:51:44:AA:F9:2A:14:BE:37:2D:2A:A6:A4:C7:2D:05:5F:ED
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019422FB8FA5E9645419A4C810D46838D5E6
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/jP2hUUSq-SoUvjctKqakxy0FX-0.roa
Signing time: Wed 01 Jan 2025 17:48:19 +0000
ROA not before: Wed 01 Jan 2025 17:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 88.209.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 01:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:8f:a5:e9:64:54:19:a4:c8:10:d4:68:38:d5:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 17:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8cfda15144aaf92a14be372d2aa6a4c72d055fed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:73:21:2f:59:27:65:02:58:af:0d:84:46:2f:
90:0b:3d:2e:aa:ff:33:79:c9:ce:91:36:50:eb:ed:
77:cf:83:0e:d9:19:c5:d2:1e:11:cf:e5:27:e1:f5:
4e:e5:2d:67:f5:19:45:3b:ce:56:a8:a7:c4:b6:f9:
44:9a:52:66:81:2d:e6:8d:44:b4:91:26:f5:5f:2e:
6b:86:49:29:13:c3:e7:c2:6a:a3:c1:b6:ff:5b:54:
d8:86:d7:fd:00:02:8e:ab:a8:8c:f0:d3:ae:d5:92:
81:2b:04:87:05:05:2b:86:7b:90:15:e9:a9:b9:13:
e3:17:88:30:59:a1:2e:30:5e:42:fa:05:33:f8:6e:
d9:4a:9e:e7:42:39:ab:02:06:2a:a5:2a:b6:9f:f0:
0d:a2:f2:74:19:89:7c:ca:35:07:aa:af:5c:52:2f:
6d:90:e2:8a:f3:dc:fd:74:7c:59:b8:88:97:d4:90:
38:90:dc:97:78:59:2f:a8:0d:17:0b:42:21:d5:8b:
06:5b:02:a4:c6:b6:05:f1:b5:7c:bb:91:10:48:be:
bc:be:43:27:bb:dc:0b:12:9e:29:e8:d5:5e:55:5a:
29:14:26:f4:4a:b7:41:eb:2e:25:ad:41:ee:b8:67:
a6:b4:d7:fc:85:fe:1b:6d:12:f2:c0:ca:a5:31:4f:
d2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:FD:A1:51:44:AA:F9:2A:14:BE:37:2D:2A:A6:A4:C7:2D:05:5F:ED
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/jP2hUUSq-SoUvjctKqakxy0FX-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.240.0/22
Signature Algorithm: sha256WithRSAEncryption
84:a6:2d:f7:d8:2f:77:4d:7f:b6:43:17:5c:82:bd:ad:7a:62:
99:a2:16:93:29:d4:4b:69:ae:37:f3:50:d0:64:b1:44:49:29:
89:cf:c7:58:23:14:35:93:82:61:8a:ba:2e:2d:07:14:9d:b2:
40:72:e7:fc:f0:4a:a7:1b:1f:05:1d:4c:20:9c:7a:50:71:9c:
f2:b1:8e:57:5d:f4:7a:f7:0b:51:cf:d5:f6:59:47:9d:f6:d2:
44:fa:d4:98:b1:45:6a:f6:a8:b0:53:01:f9:d6:84:77:dd:fe:
cd:b8:0b:80:50:7b:f7:d9:f4:c3:9d:85:22:ff:a9:5a:9e:87:
1c:94:03:49:d0:83:cd:fb:77:d1:01:15:85:29:03:35:f5:e9:
dc:a7:d3:66:e5:7a:f6:20:02:44:54:b8:46:a2:69:a1:db:6e:
4c:e9:60:da:07:df:0e:f6:50:f0:07:e2:8d:f9:6f:a4:dd:c4:
09:d2:b4:df:2c:98:1a:e4:5d:87:86:f6:be:d2:6b:00:e9:dc:
7e:13:5b:70:83:1c:ac:d2:65:97:b7:07:bc:df:d2:3f:b7:bc:
f4:66:ad:30:dd:e0:46:60:94:2a:89:7c:5c:c0:2b:b2:93:84:
63:41:64:77:51:0e:01:66:f9:97:91:9a:b3:d4:c9:36:1b:08:
37:98:d1:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+4+l6WRUGaTIENRoONXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMTAxMTc0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2ZkYTE1MTQ0YWFmOTJhMTRiZTM3MmQyYWE2YTRjNzJkMDU1ZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnMhL1knZQJYrw2ERi+QCz0uqv8z
ecnOkTZQ6+13z4MO2RnF0h4Rz+Un4fVO5S1n9RlFO85WqKfEtvlEmlJmgS3mjUS0
kSb1Xy5rhkkpE8Pnwmqjwbb/W1TYhtf9AAKOq6iM8NOu1ZKBKwSHBQUrhnuQFemp
uRPjF4gwWaEuMF5C+gUz+G7ZSp7nQjmrAgYqpSq2n/ANovJ0GYl8yjUHqq9cUi9t
kOKK89z9dHxZuIiX1JA4kNyXeFkvqA0XC0Ih1YsGWwKkxrYF8bV8u5EQSL68vkMn
u9wLEp4p6NVeVVopFCb0SrdB6y4lrUHuuGemtNf8hf4bbRLywMqlMU/SxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIz9oVFEqvkqFL43LSqmpMctBV/tMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvalAyaFVVU3EtU29VdmpjdEtxYWt4eTBGWC0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWNHwMA0G
CSqGSIb3DQEBCwUAA4IBAQCEpi332C93TX+2Qxdcgr2temKZohaTKdRLaa4381DQ
ZLFESSmJz8dYIxQ1k4JhirouLQcUnbJAcuf88EqnGx8FHUwgnHpQcZzysY5XXfR6
9wtRz9X2WUed9tJE+tSYsUVq9qiwUwH51oR33f7NuAuAUHv32fTDnYUi/6lanocc
lANJ0IPN+3fRARWFKQM19encp9Nm5Xr2IAJEVLhGommh225M6WDaB98O9lDwB+KN
+W+k3cQJ0rTfLJga5F2Hhva+0msA6dx+E1twgxys0mWXtwe839I/t7z0Zq0w3eBG
YJQqiXxcwCuyk4RjQWR3UQ4BZvmXkZqz1Mk2Gwg3mNHQ
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:53:28 2025 by rpki-client