Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/8450a1-66db-48c6-93b8-947859c0ecc4/1/W_Z79dw5TV3Lt1WvS0tUq9GtgTw.roa
File: W_Z79dw5TV3Lt1WvS0tUq9GtgTw.roa (raw, json)
Hash identifier: FgvkbGgj8BeYwq44GugdPGTIGJaW+QVAoTL2KDzogQw=
Subject key identifier: 5B:F6:7B:F5:DC:39:4D:5D:CB:B7:55:AF:4B:4B:54:AB:D1:AD:81:3C
Certificate issuer: /CN=9a62e26a1cafff5530a70190c8d000c10f24b966
Certificate serial: 018CC94AC734ECC225CFB611E1A0145BC955
Authority key identifier: 9A:62:E2:6A:1C:AF:FF:55:30:A7:01:90:C8:D0:00:C1:0F:24:B9:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mmLiahyv_1UwpwGQyNAAwQ8kuWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/8450a1-66db-48c6-93b8-947859c0ecc4/1/W_Z79dw5TV3Lt1WvS0tUq9GtgTw.roa
Signing time: Tue 02 Jan 2024 08:29:30 +0000
ROA not before: Tue 02 Jan 2024 08:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209624
IP address blocks: 139.28.148.0/22 maxlen: 22
2a09:7c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/8450a1-66db-48c6-93b8-947859c0ecc4/1/mmLiahyv_1UwpwGQyNAAwQ8kuWY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/8450a1-66db-48c6-93b8-947859c0ecc4/1/mmLiahyv_1UwpwGQyNAAwQ8kuWY.mft
rsync://rpki.ripe.net/repository/DEFAULT/mmLiahyv_1UwpwGQyNAAwQ8kuWY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:c7:34:ec:c2:25:cf:b6:11:e1:a0:14:5b:c9:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a62e26a1cafff5530a70190c8d000c10f24b966
Validity
Not Before: Jan 2 08:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5bf67bf5dc394d5dcbb755af4b4b54abd1ad813c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5f:60:cb:6b:94:04:44:2b:d3:89:74:6a:66:
fc:cc:e3:1a:9d:8e:a4:c8:3d:9c:a1:bb:b3:b2:ff:
81:12:51:55:72:95:82:8d:6b:06:65:ca:cf:b2:9a:
f6:6b:66:e4:3c:4b:f2:3b:a0:41:4b:1f:0d:e1:df:
22:93:e4:34:21:96:4a:3a:96:2d:32:db:ad:1a:ce:
8e:0a:f3:3e:11:50:89:95:fb:85:ef:3d:02:67:ed:
83:61:5f:ae:36:36:b8:8a:09:88:ee:08:8f:d5:90:
0d:b8:7f:07:c5:ed:83:0f:75:06:2d:8f:5e:02:97:
6a:d5:34:1a:32:fd:c5:62:09:3e:31:3c:35:dd:a0:
99:fa:1e:cf:94:3b:e3:11:ac:77:b8:ef:79:d1:fb:
08:1f:23:00:20:c2:55:1b:5a:43:28:11:8a:55:ae:
70:17:c1:31:0e:19:40:9a:11:ef:e4:40:07:fc:b3:
25:58:93:f5:92:d9:18:60:3a:ff:2c:ad:bc:a8:54:
cb:de:72:c7:9b:38:bf:d8:92:1a:9b:93:10:a2:d4:
29:6a:6f:0e:07:20:e3:c6:fd:ac:25:b0:eb:6d:78:
1c:ef:19:d5:48:67:15:b9:3a:34:76:17:63:57:55:
86:64:32:1f:e4:c8:dd:18:d1:d3:cd:d2:c7:8f:c9:
15:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:F6:7B:F5:DC:39:4D:5D:CB:B7:55:AF:4B:4B:54:AB:D1:AD:81:3C
X509v3 Authority Key Identifier:
keyid:9A:62:E2:6A:1C:AF:FF:55:30:A7:01:90:C8:D0:00:C1:0F:24:B9:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mmLiahyv_1UwpwGQyNAAwQ8kuWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/8450a1-66db-48c6-93b8-947859c0ecc4/1/W_Z79dw5TV3Lt1WvS0tUq9GtgTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/8450a1-66db-48c6-93b8-947859c0ecc4/1/mmLiahyv_1UwpwGQyNAAwQ8kuWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.148.0/22
IPv6:
2a09:7c0::/29
Signature Algorithm: sha256WithRSAEncryption
7f:b4:8d:02:f7:0b:f2:3e:57:47:83:0c:5d:85:c9:13:37:bf:
fb:49:c5:e2:28:ef:cd:fd:ae:bd:80:2f:cc:8d:f0:a4:af:7d:
cd:c5:4c:7a:31:47:e6:32:1f:93:61:75:52:47:1e:78:86:8b:
bf:d2:09:31:60:20:4b:90:cc:ef:b2:74:ef:a1:51:53:df:ed:
db:89:cb:ec:19:c2:92:eb:ec:c5:13:04:a2:03:94:56:d0:6b:
a2:3d:ca:49:76:5e:52:20:9e:6e:9c:2c:ab:4a:81:8a:6b:1f:
3a:a7:ca:ca:8a:45:e8:9f:7e:d6:14:3d:28:74:fb:a1:bc:19:
e0:62:61:3e:95:e5:94:d2:d5:41:ba:3b:e8:f9:37:a5:6f:36:
6b:27:3c:98:45:1b:a7:22:c2:7b:1c:88:93:e3:55:90:82:c4:
a1:59:94:13:63:f2:5e:d2:c0:20:6c:64:bb:e4:c2:b7:12:97:
92:53:20:8a:b1:a4:f0:ec:48:69:d4:1a:80:93:25:a4:9c:9e:
3f:67:f9:7d:5f:25:4f:99:46:24:bf:e9:3b:8f:2a:1f:a8:66:
6a:74:ff:fb:2a:0b:6c:1d:cd:b0:19:1f:d7:f1:bb:a7:2d:23:
78:4a:8e:e2:37:8f:c9:61:17:fc:4b:60:5b:c6:c4:5a:8b:18:
2b:17:e1:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJSsc07MIlz7YR4aAUW8lVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNjJlMjZhMWNhZmZmNTUzMGE3MDE5MGM4ZDAwMGMxMGYy
NGI5NjYwHhcNMjQwMTAyMDgyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmY2N2JmNWRjMzk0ZDVkY2JiNzU1YWY0YjRiNTRhYmQxYWQ4MTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnF9gy2uUBEQr04l0amb8zOManY6k
yD2cobuzsv+BElFVcpWCjWsGZcrPspr2a2bkPEvyO6BBSx8N4d8ik+Q0IZZKOpYt
MtutGs6OCvM+EVCJlfuF7z0CZ+2DYV+uNja4igmI7giP1ZANuH8Hxe2DD3UGLY9e
Apdq1TQaMv3FYgk+MTw13aCZ+h7PlDvjEax3uO950fsIHyMAIMJVG1pDKBGKVa5w
F8ExDhlAmhHv5EAH/LMlWJP1ktkYYDr/LK28qFTL3nLHmzi/2JIam5MQotQpam8O
ByDjxv2sJbDrbXgc7xnVSGcVuTo0dhdjV1WGZDIf5MjdGNHTzdLHj8kVPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFv2e/XcOU1dy7dVr0tLVKvRrYE8MB8GA1UdIwQY
MBaAFJpi4mocr/9VMKcBkMjQAMEPJLlmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW1MaWFoeXZfMVV3cHdHUXlOQUF3UThrdVdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy84NDUwYTEtNjZkYi00OGM2LTkzYjgt
OTQ3ODU5YzBlY2M0LzEvV19aNzlkdzVUVjNMdDFXdlMwdFVxOUd0Z1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy84NDUwYTEtNjZkYi00OGM2LTkzYjgtOTQ3ODU5YzBlY2M0
LzEvbW1MaWFoeXZfMVV3cHdHUXlOQUF3UThrdVdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCixyUMA0E
AgACMAcDBQMqCQfAMA0GCSqGSIb3DQEBCwUAA4IBAQB/tI0C9wvyPldHgwxdhckT
N7/7ScXiKO/N/a69gC/MjfCkr33NxUx6MUfmMh+TYXVSRx54hou/0gkxYCBLkMzv
snTvoVFT3+3bicvsGcKS6+zFEwSiA5RW0GuiPcpJdl5SIJ5unCyrSoGKax86p8rK
ikXon37WFD0odPuhvBngYmE+leWU0tVBujvo+TelbzZrJzyYRRunIsJ7HIiT41WQ
gsShWZQTY/Je0sAgbGS75MK3EpeSUyCKsaTw7Ehp1BqAkyWknJ4/Z/l9XyVPmUYk
v+k7jyofqGZqdP/7KgtsHc2wGR/X8bunLSN4So7iN4/JYRf8S2BbxsRaixgrF+FG
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:41:52 2024 by rpki-client on console-ams.rpki-client.org