Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/360b17-7e17-451b-abd5-85a534f180fd/1/oU28c1s-ycsQLCFqJgR6MeIP1zM.roa
File: oU28c1s-ycsQLCFqJgR6MeIP1zM.roa (raw, json)
Hash identifier: 7c/AJUIOTJ0l8YYqt7pZwb0ES63c+/e50yfRYmJkgJc=
Subject key identifier: A1:4D:BC:73:5B:3E:C9:CB:10:2C:21:6A:26:04:7A:31:E2:0F:D7:33
Certificate issuer: /CN=28ac9edd240bfc4520ce0bc9b245963d24e2bfe2
Certificate serial: 018CC8DF1A4B0F449CA4954F4A6790079B2C
Authority key identifier: 28:AC:9E:DD:24:0B:FC:45:20:CE:0B:C9:B2:45:96:3D:24:E2:BF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KKye3SQL_EUgzgvJskWWPSTiv-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/360b17-7e17-451b-abd5-85a534f180fd/1/oU28c1s-ycsQLCFqJgR6MeIP1zM.roa
Signing time: Tue 02 Jan 2024 06:31:53 +0000
ROA not before: Tue 02 Jan 2024 06:31:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60945
IP address blocks: 92.60.44.0/22 maxlen: 24
91.218.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/360b17-7e17-451b-abd5-85a534f180fd/1/KKye3SQL_EUgzgvJskWWPSTiv-I.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/360b17-7e17-451b-abd5-85a534f180fd/1/KKye3SQL_EUgzgvJskWWPSTiv-I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KKye3SQL_EUgzgvJskWWPSTiv-I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:1a:4b:0f:44:9c:a4:95:4f:4a:67:90:07:9b:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28ac9edd240bfc4520ce0bc9b245963d24e2bfe2
Validity
Not Before: Jan 2 06:31:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a14dbc735b3ec9cb102c216a26047a31e20fd733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:64:9f:81:a6:0a:b5:68:18:24:97:ff:f2:59:
d1:b2:72:b0:09:1b:f5:72:4d:d6:08:3f:e7:f2:6f:
d1:32:9e:92:6e:12:aa:49:ef:3f:0d:a8:68:e6:72:
83:98:a0:5d:b4:34:75:45:71:37:30:1d:7b:94:2a:
6b:55:ff:bd:c8:f1:b2:8b:50:24:4e:e5:11:35:e0:
28:08:fb:78:3d:e5:70:33:e5:69:a6:40:a4:53:3e:
23:49:b0:96:a5:de:94:85:a0:6f:2b:71:e2:48:f0:
5c:e0:86:85:94:14:a1:04:33:6f:5c:78:47:55:2a:
28:99:76:41:c0:21:0e:b4:85:a3:a5:ab:96:57:19:
15:08:e5:8f:a9:a4:a3:66:a1:a9:4f:96:22:45:6c:
64:f9:d5:08:af:1b:c7:81:73:10:cc:7c:7a:df:ea:
35:87:4d:e0:4e:f8:eb:f2:58:9f:76:ac:42:ca:31:
c6:2f:97:62:29:4f:66:c4:c0:c8:3f:b4:7d:bd:a8:
8a:a5:24:ef:e1:93:da:67:9f:f2:2f:ce:aa:7d:0e:
14:eb:31:6e:f9:35:2f:ab:b6:88:c7:0a:c5:86:63:
0e:90:37:eb:56:93:0c:cd:b8:37:5e:7e:0b:08:89:
09:6c:c4:13:d5:02:95:51:9c:1a:8d:f4:f3:84:12:
f8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:4D:BC:73:5B:3E:C9:CB:10:2C:21:6A:26:04:7A:31:E2:0F:D7:33
X509v3 Authority Key Identifier:
keyid:28:AC:9E:DD:24:0B:FC:45:20:CE:0B:C9:B2:45:96:3D:24:E2:BF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KKye3SQL_EUgzgvJskWWPSTiv-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/360b17-7e17-451b-abd5-85a534f180fd/1/oU28c1s-ycsQLCFqJgR6MeIP1zM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/360b17-7e17-451b-abd5-85a534f180fd/1/KKye3SQL_EUgzgvJskWWPSTiv-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.58.0/24
92.60.44.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:30:30:db:07:6a:85:e7:46:0d:48:dd:19:f0:18:1d:ea:12:
06:4c:7f:6b:34:36:81:cd:60:9e:05:fc:0e:7f:ce:80:ed:84:
0b:3a:80:3d:b4:c3:1d:d9:3d:21:50:76:93:9c:20:74:81:6d:
f7:fa:96:2f:d1:2f:1a:a5:2b:93:15:3a:4c:62:63:05:4d:74:
16:e6:79:44:32:7d:17:4d:44:da:40:6c:af:8b:97:d4:45:2b:
25:6d:47:99:61:5b:2a:f1:38:43:a8:03:77:71:2a:23:5f:dd:
93:71:65:a5:5f:44:da:1e:f1:03:0d:09:eb:ef:14:7c:a7:a6:
5c:6c:2e:70:98:ae:b4:79:5c:5d:5c:38:0a:ec:69:56:48:99:
92:24:0c:46:56:04:ee:55:e4:86:3d:5c:b6:56:87:79:bd:73:
6c:b4:a7:7b:f1:6b:ff:24:d4:20:84:2c:b8:49:68:1b:f8:56:
f3:b2:52:5d:26:ea:6f:51:de:f8:d7:f7:27:a6:b1:95:00:b8:
dd:42:c9:6b:02:79:a6:eb:d6:21:99:45:5a:2a:23:47:72:ea:
5b:22:f1:66:af:63:99:d4:bf:d5:45:f1:49:bd:50:a5:2e:58:
81:09:9d:5e:43:4a:4c:3b:ea:14:e2:0b:3a:68:9d:ec:41:fa:
11:fe:d5:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3xpLD0ScpJVPSmeQB5ssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YWM5ZWRkMjQwYmZjNDUyMGNlMGJjOWIyNDU5NjNkMjRl
MmJmZTIwHhcNMjQwMTAyMDYzMTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTRkYmM3MzViM2VjOWNiMTAyYzIxNmEyNjA0N2EzMWUyMGZkNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmSfgaYKtWgYJJf/8lnRsnKwCRv1
ck3WCD/n8m/RMp6SbhKqSe8/Daho5nKDmKBdtDR1RXE3MB17lCprVf+9yPGyi1Ak
TuURNeAoCPt4PeVwM+VppkCkUz4jSbCWpd6UhaBvK3HiSPBc4IaFlBShBDNvXHhH
VSoomXZBwCEOtIWjpauWVxkVCOWPqaSjZqGpT5YiRWxk+dUIrxvHgXMQzHx63+o1
h03gTvjr8lifdqxCyjHGL5diKU9mxMDIP7R9vaiKpSTv4ZPaZ5/yL86qfQ4U6zFu
+TUvq7aIxwrFhmMOkDfrVpMMzbg3Xn4LCIkJbMQT1QKVUZwajfTzhBL4cQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKFNvHNbPsnLECwhaiYEejHiD9czMB8GA1UdIwQY
MBaAFCisnt0kC/xFIM4LybJFlj0k4r/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0t5ZTNTUUxfRVVnemd2SnNrV1dQU1Rpdi1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8zNjBiMTctN2UxNy00NTFiLWFiZDUt
ODVhNTM0ZjE4MGZkLzEvb1UyOGMxcy15Y3NRTENGcUpnUjZNZUlQMXpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8zNjBiMTctN2UxNy00NTFiLWFiZDUtODVhNTM0ZjE4MGZk
LzEvS0t5ZTNTUUxfRVVnemd2SnNrV1dQU1Rpdi1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9o6AwQC
XDwsMA0GCSqGSIb3DQEBCwUAA4IBAQB8MDDbB2qF50YNSN0Z8Bgd6hIGTH9rNDaB
zWCeBfwOf86A7YQLOoA9tMMd2T0hUHaTnCB0gW33+pYv0S8apSuTFTpMYmMFTXQW
5nlEMn0XTUTaQGyvi5fURSslbUeZYVsq8ThDqAN3cSojX92TcWWlX0TaHvEDDQnr
7xR8p6ZcbC5wmK60eVxdXDgK7GlWSJmSJAxGVgTuVeSGPVy2Vod5vXNstKd78Wv/
JNQghCy4SWgb+FbzslJdJupvUd741/cnprGVALjdQslrAnmm69YhmUVaKiNHcupb
IvFmr2OZ1L/VRfFJvVClLliBCZ1eQ0pMO+oU4gs6aJ3sQfoR/tVm
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:10:31 2024 by rpki-client on console-ams.rpki-client.org