Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/3222e2-6456-4c6a-b197-205895961493/1/28sYzr6HlrUfyxwjjh8ERZZsoLY.roa
File: 28sYzr6HlrUfyxwjjh8ERZZsoLY.roa (raw, json)
Hash identifier: OeyX3pMkG5v2yI2ClLjBwXa/3mCRuPeoxeZU0e/eXlw=
Subject key identifier: DB:CB:18:CE:BE:87:96:B5:1F:CB:1C:23:8E:1F:04:45:96:6C:A0:B6
Certificate issuer: /CN=8f281090c400a56166fc88b4f37a5cbaed2185f0
Certificate serial: 018CC94BDF1F4207BE4E0F64C169819C9539
Authority key identifier: 8F:28:10:90:C4:00:A5:61:66:FC:88:B4:F3:7A:5C:BA:ED:21:85:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygQkMQApWFm_Ii083pcuu0hhfA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/3222e2-6456-4c6a-b197-205895961493/1/28sYzr6HlrUfyxwjjh8ERZZsoLY.roa
Signing time: Tue 02 Jan 2024 08:30:41 +0000
ROA not before: Tue 02 Jan 2024 08:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55081
IP address blocks: 185.239.172.0/22 maxlen: 22
2a0c:5c86::/32 maxlen: 32
2a0c:5c84::/32 maxlen: 32
2a0c:5c82::/32 maxlen: 32
2a0c:5c80::/32 maxlen: 32
2a0c:5c83::/32 maxlen: 32
2a0c:5c85::/32 maxlen: 32
2a0c:5c87::/32 maxlen: 32
2a0c:5c81::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/3222e2-6456-4c6a-b197-205895961493/1/jygQkMQApWFm_Ii083pcuu0hhfA.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/3222e2-6456-4c6a-b197-205895961493/1/jygQkMQApWFm_Ii083pcuu0hhfA.mft
rsync://rpki.ripe.net/repository/DEFAULT/jygQkMQApWFm_Ii083pcuu0hhfA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4b:df:1f:42:07:be:4e:0f:64:c1:69:81:9c:95:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f281090c400a56166fc88b4f37a5cbaed2185f0
Validity
Not Before: Jan 2 08:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbcb18cebe8796b51fcb1c238e1f0445966ca0b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:31:fa:91:43:45:13:87:52:52:ed:62:f6:7e:
87:83:db:23:8e:5e:01:2b:13:9f:8d:16:aa:55:98:
cf:ab:93:4f:21:f0:7a:05:21:ef:d1:f2:0d:51:05:
64:12:74:a2:2c:ee:4a:ba:ca:ad:f8:db:a1:4e:0e:
2d:ab:cf:09:16:66:d4:f5:7c:32:b7:41:97:f6:dc:
64:72:1d:4f:a6:78:f5:18:30:67:aa:9c:d3:31:d1:
97:58:7a:de:5c:cc:82:09:7e:98:16:e3:50:56:91:
22:d4:90:18:76:1e:a0:5c:d4:48:74:c5:e1:7b:35:
e1:21:d0:98:29:55:c4:14:a3:6a:6b:f2:b8:09:48:
8d:6e:d2:9e:b3:29:66:cc:65:b6:5c:38:1c:f2:3f:
a7:af:90:df:43:9c:35:11:c7:00:11:15:0b:80:c8:
d5:1c:9c:ba:2b:cc:cb:b8:c3:cd:be:c5:7f:c0:6c:
9b:d0:2b:28:18:88:bb:4d:1c:db:4f:20:d3:11:49:
1a:c7:1f:2a:d0:de:83:67:89:6b:3f:4d:1e:5e:d1:
1c:6a:77:fb:ed:3a:6e:ff:0c:8b:0e:17:f4:8b:d2:
9b:f6:b6:e5:c2:95:f5:69:21:cc:bc:ca:16:8b:3d:
6e:d0:c6:7b:2c:57:fc:42:ca:90:19:59:06:33:7e:
12:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:CB:18:CE:BE:87:96:B5:1F:CB:1C:23:8E:1F:04:45:96:6C:A0:B6
X509v3 Authority Key Identifier:
keyid:8F:28:10:90:C4:00:A5:61:66:FC:88:B4:F3:7A:5C:BA:ED:21:85:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygQkMQApWFm_Ii083pcuu0hhfA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/3222e2-6456-4c6a-b197-205895961493/1/28sYzr6HlrUfyxwjjh8ERZZsoLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/3222e2-6456-4c6a-b197-205895961493/1/jygQkMQApWFm_Ii083pcuu0hhfA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.172.0/22
IPv6:
2a0c:5c80::/29
Signature Algorithm: sha256WithRSAEncryption
6a:99:07:92:83:ad:d8:7a:0e:f6:1f:04:83:b6:3d:cc:4d:95:
2c:ba:64:21:fa:c4:a0:fc:67:3b:f8:e4:45:64:3b:10:ec:39:
c5:46:03:46:73:8e:e2:8f:f4:66:c5:fa:df:72:10:72:40:7d:
97:75:0f:a9:9b:88:e3:9d:de:7d:c0:92:87:57:0e:ff:8d:b9:
0a:51:52:88:6a:af:ef:5c:42:0b:14:ba:b2:78:77:00:ec:87:
9a:1c:01:12:0d:aa:be:f1:96:08:4c:24:02:35:5d:0a:5a:85:
69:9c:19:e7:e3:6c:26:de:fe:6c:43:e0:85:2b:51:2e:f2:09:
13:b0:0d:0e:99:e9:fe:5b:0a:e3:0d:5a:12:de:d5:73:e6:50:
c3:7d:46:bc:43:b5:46:ec:1a:2a:2a:8a:fb:19:cb:8f:a3:e3:
1d:61:c2:37:3a:ab:c6:9c:ee:0c:8d:be:29:e2:a6:5e:1b:7f:
83:24:44:90:fc:fd:a0:8b:39:c6:d6:89:1b:ba:85:f8:9f:7e:
6d:d2:e3:ad:62:e5:23:28:7b:71:47:ef:0b:a3:21:a3:ce:eb:
62:20:8d:a8:e2:7f:df:93:e6:1d:1d:0f:90:7f:43:f7:2f:2a:
a7:e7:55:ff:c3:74:78:38:34:a7:b8:5f:67:fe:d3:b0:29:c5:
d6:7d:38:ab
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJS98fQge+Tg9kwWmBnJU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgxMDkwYzQwMGE1NjE2NmZjODhiNGYzN2E1Y2JhZWQy
MTg1ZjAwHhcNMjQwMTAyMDgzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmNiMThjZWJlODc5NmI1MWZjYjFjMjM4ZTFmMDQ0NTk2NmNhMGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDH6kUNFE4dSUu1i9n6Hg9sjjl4B
KxOfjRaqVZjPq5NPIfB6BSHv0fINUQVkEnSiLO5Kusqt+NuhTg4tq88JFmbU9Xwy
t0GX9txkch1Ppnj1GDBnqpzTMdGXWHreXMyCCX6YFuNQVpEi1JAYdh6gXNRIdMXh
ezXhIdCYKVXEFKNqa/K4CUiNbtKesylmzGW2XDgc8j+nr5DfQ5w1EccAERULgMjV
HJy6K8zLuMPNvsV/wGyb0CsoGIi7TRzbTyDTEUkaxx8q0N6DZ4lrP00eXtEcanf7
7Tpu/wyLDhf0i9Kb9rblwpX1aSHMvMoWiz1u0MZ7LFf8QsqQGVkGM34SPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNvLGM6+h5a1H8scI44fBEWWbKC2MB8GA1UdIwQY
MBaAFI8oEJDEAKVhZvyItPN6XLrtIYXwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlnUWtNUUFwV0ZtX0lpMDgzcGN1dTBoaGZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8zMjIyZTItNjQ1Ni00YzZhLWIxOTct
MjA1ODk1OTYxNDkzLzEvMjhzWXpyNkhsclVmeXh3ampoOEVSWlpzb0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8zMjIyZTItNjQ1Ni00YzZhLWIxOTctMjA1ODk1OTYxNDkz
LzEvanlnUWtNUUFwV0ZtX0lpMDgzcGN1dTBoaGZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCue+sMA0E
AgACMAcDBQMqDFyAMA0GCSqGSIb3DQEBCwUAA4IBAQBqmQeSg63Yeg72HwSDtj3M
TZUsumQh+sSg/Gc7+ORFZDsQ7DnFRgNGc47ij/RmxfrfchByQH2XdQ+pm4jjnd59
wJKHVw7/jbkKUVKIaq/vXEILFLqyeHcA7IeaHAESDaq+8ZYITCQCNV0KWoVpnBnn
42wm3v5sQ+CFK1Eu8gkTsA0Omen+WwrjDVoS3tVz5lDDfUa8Q7VG7BoqKor7GcuP
o+MdYcI3OqvGnO4Mjb4p4qZeG3+DJESQ/P2giznG1okbuoX4n35t0uOtYuUjKHtx
R+8LoyGjzutiII2o4n/fk+YdHQ+Qf0P3Lyqn51X/w3R4ODSnuF9n/tOwKcXWfTir
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:55:10 2024 by rpki-client on console-ams.rpki-client.org