Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/28QOmOD4ScW7rhoYoGh3m18al8Y.roa
File: 28QOmOD4ScW7rhoYoGh3m18al8Y.roa (raw, json)
Hash identifier: fYBEkzHxrlwYYzKO7jRwUnvmpSj7a+qKJROSzU+i80o=
Subject key identifier: DB:C4:0E:98:E0:F8:49:C5:BB:AE:1A:18:A0:68:77:9B:5F:1A:97:C6
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018F34ACE913AE229CC0F25F7C834A12233B
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/28QOmOD4ScW7rhoYoGh3m18al8Y.roa
Signing time: Wed 01 May 2024 15:01:38 +0000
ROA not before: Wed 01 May 2024 15:01:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215001
IP address blocks: 93.171.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:34:ac:e9:13:ae:22:9c:c0:f2:5f:7c:83:4a:12:23:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: May 1 15:01:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbc40e98e0f849c5bbae1a18a068779b5f1a97c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c4:0c:26:14:eb:2b:d9:95:c4:f3:6d:6f:9e:
25:48:db:dc:83:8d:fd:b9:cb:34:fe:2f:44:66:b5:
bb:db:11:85:40:db:4a:0d:54:a0:0e:c0:d4:27:6f:
d5:f1:d0:ce:ae:30:cc:d7:3b:47:c4:96:04:9b:c9:
42:77:5d:4e:70:7e:fb:83:57:be:7d:c3:6a:b5:12:
a2:8a:74:a6:c4:cf:57:68:c2:7a:3e:ad:a4:fe:c6:
12:c8:d1:e2:eb:2b:50:c6:e4:df:78:33:ed:d2:4c:
80:09:47:55:e9:8f:eb:0a:34:53:01:eb:00:32:01:
0d:52:00:86:00:05:f1:bb:10:93:b7:25:5a:b9:63:
7f:cb:15:2b:e3:bf:ca:02:7a:5c:5a:fb:98:09:b8:
ba:da:8e:34:94:d9:83:1b:c8:68:4d:18:b9:00:ac:
a7:8f:e7:d5:8b:c8:b1:64:78:4f:af:23:fe:69:c7:
c2:ff:48:db:35:03:e6:94:2e:00:e3:9f:04:3b:93:
35:b0:bb:51:ca:55:f4:6a:08:5a:53:84:d7:70:4a:
ad:e1:01:d2:e3:25:cc:6e:52:ad:a5:59:1b:14:0a:
c9:13:50:f3:7c:4f:c1:e9:a4:12:1d:da:44:36:b6:
08:60:79:ba:12:a3:e4:ab:07:6a:9f:24:81:28:21:
0f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C4:0E:98:E0:F8:49:C5:BB:AE:1A:18:A0:68:77:9B:5F:1A:97:C6
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/28QOmOD4ScW7rhoYoGh3m18al8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.138.0/24
Signature Algorithm: sha256WithRSAEncryption
32:80:08:34:1e:2d:fd:db:14:ad:43:c4:60:1c:f9:d1:c5:6f:
92:ab:6e:d7:18:5c:2d:fc:19:35:0f:f9:5c:93:2a:a2:ee:01:
e0:69:15:70:46:ee:f7:c5:4c:a4:f3:15:a2:4b:46:c7:19:5d:
6e:01:6b:3b:34:3e:6c:6f:31:bf:c0:9b:9e:bb:a8:3d:85:c8:
c2:40:08:d7:00:e2:6f:aa:68:55:83:3d:c0:99:68:1a:2f:76:
2f:1f:4b:b8:0a:93:e7:53:c1:9c:41:09:68:a9:f0:5e:a5:02:
d5:74:75:1e:d2:ff:08:2c:e6:11:c3:88:b2:ec:e3:48:f4:31:
19:16:a1:9c:77:0b:9a:48:97:4e:d3:91:15:9c:24:ac:b4:27:
40:52:18:fa:92:f3:7c:d2:30:ad:35:db:54:42:64:fb:b9:76:
23:a2:ac:d9:8f:0b:00:b8:bc:f4:1d:21:c8:53:2a:8f:0e:97:
23:ab:df:22:8c:ec:c9:a8:af:71:de:8d:db:ed:2a:59:54:4a:
e3:5a:c5:5d:86:7f:70:60:0e:3b:35:c2:c5:e9:ea:e5:2b:32:
c9:a9:9e:38:ad:9c:b5:e0:6a:49:a8:84:ff:91:0e:5f:c2:e2:
ee:81:60:de:73:0e:af:fd:dd:3a:cd:61:3b:a3:40:2b:86:d0:
75:d1:63:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY80rOkTriKcwPJffINKEiM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwNTAxMTUwMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmM0MGU5OGUwZjg0OWM1YmJhZTFhMThhMDY4Nzc5YjVmMWE5N2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8QMJhTrK9mVxPNtb54lSNvcg439
ucs0/i9EZrW72xGFQNtKDVSgDsDUJ2/V8dDOrjDM1ztHxJYEm8lCd11OcH77g1e+
fcNqtRKiinSmxM9XaMJ6Pq2k/sYSyNHi6ytQxuTfeDPt0kyACUdV6Y/rCjRTAesA
MgENUgCGAAXxuxCTtyVauWN/yxUr47/KAnpcWvuYCbi62o40lNmDG8hoTRi5AKyn
j+fVi8ixZHhPryP+acfC/0jbNQPmlC4A458EO5M1sLtRylX0aghaU4TXcEqt4QHS
4yXMblKtpVkbFArJE1DzfE/B6aQSHdpENrYIYHm6EqPkqwdqnySBKCEPjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNvEDpjg+EnFu64aGKBod5tfGpfGMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMjhRT21PRDRTY1c3cmhvWW9HaDNtMThhbDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXauKMA0G
CSqGSIb3DQEBCwUAA4IBAQAygAg0Hi392xStQ8RgHPnRxW+Sq27XGFwt/Bk1D/lc
kyqi7gHgaRVwRu73xUyk8xWiS0bHGV1uAWs7ND5sbzG/wJueu6g9hcjCQAjXAOJv
qmhVgz3AmWgaL3YvH0u4CpPnU8GcQQloqfBepQLVdHUe0v8ILOYRw4iy7ONI9DEZ
FqGcdwuaSJdO05EVnCSstCdAUhj6kvN80jCtNdtUQmT7uXYjoqzZjwsAuLz0HSHI
UyqPDpcjq98ijOzJqK9x3o3b7SpZVErjWsVdhn9wYA47NcLF6erlKzLJqZ44rZy1
4GpJqIT/kQ5fwuLugWDecw6v/d06zWE7o0ArhtB10WPm
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:25:41 2024 by rpki-client on console-ams.rpki-client.org