Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/7lGBTkKYJ_WPAzyZzTtGImaphjo.roa
File: 7lGBTkKYJ_WPAzyZzTtGImaphjo.roa (raw, json)
Hash identifier: efiPd2dZMuMzPfsAapnr7OZ3fhRlGkVsj2SemJKw3Hs=
Subject key identifier: EE:51:81:4E:42:98:27:F5:8F:03:3C:99:CD:3B:46:22:66:A9:86:3A
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018E40FED0C28D070043C382D7A86444DFF3
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/7lGBTkKYJ_WPAzyZzTtGImaphjo.roa
Signing time: Fri 15 Mar 2024 07:23:45 +0000
ROA not before: Fri 15 Mar 2024 07:23:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39629
IP address blocks: 139.28.8.0/22 maxlen: 24
2a10:c300::/30 maxlen: 30
2a10:c304::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 06:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:40:fe:d0:c2:8d:07:00:43:c3:82:d7:a8:64:44:df:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Mar 15 07:23:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee51814e429827f58f033c99cd3b462266a9863a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7e:ac:be:2d:ed:00:54:59:e9:7c:bf:f4:45:
12:c0:cb:06:e5:01:b0:64:45:58:ce:a4:7b:a9:87:
67:0b:6e:e6:14:48:87:c6:c7:40:53:03:5c:0d:d2:
b5:04:1c:47:c6:89:aa:ad:07:96:af:20:3e:dd:31:
49:c9:cc:08:84:17:7a:95:55:d3:eb:58:c4:e4:a0:
62:cc:a9:b6:17:59:2b:80:de:72:0b:12:1c:b7:ba:
e8:d2:bd:84:25:09:16:6f:32:f7:0b:b9:4e:7d:43:
78:d9:72:07:84:33:72:ea:36:c7:ef:e0:fe:24:41:
81:b4:1d:b5:6b:52:f1:d0:fe:df:b8:af:1c:c7:cf:
4e:7f:9f:86:21:31:5e:7b:85:c3:2e:bb:9a:74:58:
f6:27:2f:27:be:07:44:83:04:85:bc:4c:e3:5b:fe:
1e:e3:c2:87:6a:75:c2:97:45:56:62:77:53:c1:53:
27:ec:99:b8:53:9f:25:bc:62:ba:d6:58:1c:e0:07:
3c:0e:45:a3:4b:e8:08:28:e5:bf:19:2c:49:5a:0a:
11:9d:61:8e:3b:07:ed:5a:a8:21:6e:a6:5e:8b:b1:
b6:b6:23:35:59:a1:d1:53:8a:fc:81:76:0a:d0:8e:
be:9e:78:69:b9:88:d6:5c:f7:16:47:ae:00:b3:a0:
71:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:51:81:4E:42:98:27:F5:8F:03:3C:99:CD:3B:46:22:66:A9:86:3A
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/7lGBTkKYJ_WPAzyZzTtGImaphjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.8.0/22
IPv6:
2a10:c300::/29
Signature Algorithm: sha256WithRSAEncryption
5f:3b:25:c0:97:1d:b4:ef:5f:a5:3f:8a:5d:89:55:29:03:c6:
d6:eb:56:16:a2:63:ae:0b:71:31:76:61:03:b5:fa:bf:15:34:
f9:9b:e9:33:93:9c:06:d4:f5:73:c2:89:da:3f:e8:d9:00:12:
2b:dd:50:cd:a9:af:5d:82:23:cf:76:d7:d4:3c:cd:03:5c:68:
c5:5d:64:4b:89:72:ee:91:e1:27:9c:a2:f3:5b:22:d4:2e:e6:
c3:61:d1:61:69:9b:f3:62:03:77:a4:f5:3d:a5:4b:11:e7:1d:
7e:5c:79:08:dd:90:79:1f:40:e7:d6:e2:3a:24:55:66:43:f9:
aa:8b:b1:63:29:cc:9a:2b:44:d9:7c:13:45:21:9b:f3:01:4e:
34:db:55:7a:2b:fc:c8:2d:cd:2e:c6:0f:e7:0f:56:56:d2:fe:
b7:bb:c4:7a:91:4e:9c:37:08:c3:65:f1:3b:4f:28:b4:d5:7a:
a7:27:da:a9:0e:c8:1e:f3:e2:a5:88:1e:67:2b:16:53:7c:a2:
36:78:5e:18:c8:81:aa:b1:86:ef:09:2e:ae:2e:f8:d7:89:0d:
c7:48:07:91:01:85:b6:67:05:50:83:d9:b2:e5:91:fa:2b:33:
bb:43:dc:f6:19:f8:96:ed:42:50:d6:a9:02:9d:bf:9c:b0:d2:
38:7e:36:ad
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY5A/tDCjQcAQ8OC16hkRN/zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwMzE1MDcyMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTUxODE0ZTQyOTgyN2Y1OGYwMzNjOTljZDNiNDYyMjY2YTk4NjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmn6svi3tAFRZ6Xy/9EUSwMsG5QGw
ZEVYzqR7qYdnC27mFEiHxsdAUwNcDdK1BBxHxomqrQeWryA+3TFJycwIhBd6lVXT
61jE5KBizKm2F1krgN5yCxIct7ro0r2EJQkWbzL3C7lOfUN42XIHhDNy6jbH7+D+
JEGBtB21a1Lx0P7fuK8cx89Of5+GITFee4XDLruadFj2Jy8nvgdEgwSFvEzjW/4e
48KHanXCl0VWYndTwVMn7Jm4U58lvGK61lgc4Ac8DkWjS+gIKOW/GSxJWgoRnWGO
OwftWqghbqZei7G2tiM1WaHRU4r8gXYK0I6+nnhpuYjWXPcWR64As6BxCwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO5RgU5CmCf1jwM8mc07RiJmqYY6MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvN2xHQlRrS1lKX1dQQXp5WnpUdEdJbWFwaGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCixwIMA0E
AgACMAcDBQMqEMMAMA0GCSqGSIb3DQEBCwUAA4IBAQBfOyXAlx2071+lP4pdiVUp
A8bW61YWomOuC3ExdmEDtfq/FTT5m+kzk5wG1PVzwonaP+jZABIr3VDNqa9dgiPP
dtfUPM0DXGjFXWRLiXLukeEnnKLzWyLULubDYdFhaZvzYgN3pPU9pUsR5x1+XHkI
3ZB5H0Dn1uI6JFVmQ/mqi7FjKcyaK0TZfBNFIZvzAU4021V6K/zILc0uxg/nD1ZW
0v63u8R6kU6cNwjDZfE7Tyi01XqnJ9qpDsge8+KliB5nKxZTfKI2eF4YyIGqsYbv
CS6uLvjXiQ3HSAeRAYW2ZwVQg9my5ZH6KzO7Q9z2GfiW7UJQ1qkCnb+csNI4fjat
-----END CERTIFICATE-----
Generated at Mon May 20 13:21:30 2024 by rpki-client on console-fra.rpki-client.org