Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/ijXl-r-i7f2qR9QwcJk0kyGmKKo.roa
File: ijXl-r-i7f2qR9QwcJk0kyGmKKo.roa (raw, json)
Hash identifier: Boly7fdLbsYvL9MXfjtJcuOrKaIeFFPlFUPvnUYW4Z8=
Subject key identifier: 8A:35:E5:FA:BF:A2:ED:FD:AA:47:D4:30:70:99:34:93:21:A6:28:AA
Certificate issuer: /CN=cb20606de730456edd7335cc882cbdf4396f3460
Certificate serial: 018CC9BCA442299AEC49A2E8EDC32B8BAB29
Authority key identifier: CB:20:60:6D:E7:30:45:6E:DD:73:35:CC:88:2C:BD:F4:39:6F:34:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yyBgbecwRW7dczXMiCy99DlvNGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/ijXl-r-i7f2qR9QwcJk0kyGmKKo.roa
Signing time: Tue 02 Jan 2024 10:33:52 +0000
ROA not before: Tue 02 Jan 2024 10:33:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44914
IP address blocks: 78.28.0.0/19 maxlen: 19
78.28.32.0/19 maxlen: 19
78.28.32.0/21 maxlen: 21
78.28.40.0/21 maxlen: 21
78.28.48.0/24 maxlen: 24
188.125.128.0/20 maxlen: 20
188.125.144.0/22 maxlen: 22
188.125.148.0/22 maxlen: 22
188.125.152.0/22 maxlen: 22
188.125.157.0/24 maxlen: 24
78.28.58.0/23 maxlen: 23
78.28.56.0/23 maxlen: 23
78.28.62.0/23 maxlen: 23
78.28.60.0/22 maxlen: 22
2a02:e88:8100::/48 maxlen: 48
2a02:e88:8000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/yyBgbecwRW7dczXMiCy99DlvNGA.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/yyBgbecwRW7dczXMiCy99DlvNGA.mft
rsync://rpki.ripe.net/repository/DEFAULT/yyBgbecwRW7dczXMiCy99DlvNGA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 07:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:a4:42:29:9a:ec:49:a2:e8:ed:c3:2b:8b:ab:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb20606de730456edd7335cc882cbdf4396f3460
Validity
Not Before: Jan 2 10:33:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a35e5fabfa2edfdaa47d4307099349321a628aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:92:b2:ef:44:b1:e5:cd:38:f4:fb:a8:17:c6:
85:19:0c:e9:05:5c:86:1a:5b:f6:24:4e:4d:33:b4:
24:31:96:d2:f5:85:92:ea:bb:f4:0c:ef:4d:f7:ed:
77:1c:a5:ff:02:e5:61:d6:b2:4d:1f:10:7e:44:9f:
84:a9:5c:d4:d1:27:ff:ff:21:b8:9d:c7:63:37:5a:
7a:4d:09:c7:d6:a1:9a:02:24:58:35:2f:9c:04:0e:
c1:0b:f2:e2:2a:45:0c:b1:79:a7:43:4c:d4:b0:f1:
5f:fe:7d:f9:79:45:f3:c9:77:df:a1:2b:c1:a4:d1:
d1:4c:3b:28:ad:9e:7c:3b:b7:63:11:be:7d:6e:1c:
b1:19:3f:ad:59:be:e8:cc:0b:99:00:02:57:44:60:
eb:65:d8:ef:8e:d4:7d:bd:11:27:fe:59:06:31:cf:
23:c6:5b:3f:58:97:24:88:62:e1:0d:e8:53:0d:94:
17:34:75:b6:c7:68:9f:e0:c8:29:83:78:7c:09:1a:
cd:5e:2a:c4:3c:5a:aa:3a:0a:c6:65:42:1f:9e:6f:
ba:2a:84:fe:d1:30:ff:2b:bd:56:59:2d:3f:ae:2c:
f8:88:dd:31:a4:24:e2:ac:96:22:c7:5f:35:d6:ad:
50:3e:a9:0c:1d:4a:6b:7b:48:74:26:84:a0:12:a2:
c7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:35:E5:FA:BF:A2:ED:FD:AA:47:D4:30:70:99:34:93:21:A6:28:AA
X509v3 Authority Key Identifier:
keyid:CB:20:60:6D:E7:30:45:6E:DD:73:35:CC:88:2C:BD:F4:39:6F:34:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyBgbecwRW7dczXMiCy99DlvNGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/ijXl-r-i7f2qR9QwcJk0kyGmKKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/yyBgbecwRW7dczXMiCy99DlvNGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.28.0.0/18
188.125.128.0-188.125.155.255
188.125.157.0/24
IPv6:
2a02:e88:8000::/48
2a02:e88:8100::/48
Signature Algorithm: sha256WithRSAEncryption
72:b6:c9:98:6c:2f:ec:30:3b:a8:f1:63:17:bf:2a:b7:34:3f:
05:8e:88:d0:a8:c4:af:f3:f7:95:23:a4:90:04:87:41:91:d3:
3c:7f:a6:57:3a:53:dc:c8:88:99:0d:89:e9:e5:2a:a5:d7:27:
a9:7b:d2:c3:c7:46:4d:0b:a1:b8:57:31:9a:f7:9c:52:e7:d1:
a9:6e:25:a1:fb:27:38:cd:84:4a:ed:50:8c:a9:31:8a:ca:44:
90:4f:61:b3:32:5c:1c:6c:d4:c4:61:fa:4e:4f:a1:aa:ae:c1:
e5:44:c9:1b:65:c9:69:44:9e:cb:96:66:9c:1b:4e:55:7d:c3:
52:f3:aa:1a:50:77:84:6a:49:2a:c0:b6:14:a6:40:fe:c6:f6:
b6:14:f0:e2:61:41:83:e6:19:eb:c1:63:ce:db:da:e4:07:bb:
1c:7c:39:55:28:cc:1e:c6:db:91:ee:2e:88:1b:e6:94:b2:78:
e0:35:e6:2f:5c:05:cf:cc:61:5a:f4:5d:e4:46:73:b6:98:e8:
b7:22:f8:a5:7e:a3:8d:95:8a:9d:70:d4:8c:aa:3a:8d:79:4d:
1d:a0:56:4e:7b:b9:d5:76:fc:f0:81:4e:5e:cb:d2:92:bb:74:
75:8f:be:ab:8c:88:54:d6:5c:ac:1f:9e:b9:e0:f8:5d:10:5f:
c4:83:48:4c
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzJvKRCKZrsSaLo7cMri6spMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMjA2MDZkZTczMDQ1NmVkZDczMzVjYzg4MmNiZGY0Mzk2
ZjM0NjAwHhcNMjQwMTAyMTAzMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTM1ZTVmYWJmYTJlZGZkYWE0N2Q0MzA3MDk5MzQ5MzIxYTYyOGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJKy70Sx5c049PuoF8aFGQzpBVyG
Glv2JE5NM7QkMZbS9YWS6rv0DO9N9+13HKX/AuVh1rJNHxB+RJ+EqVzU0Sf//yG4
ncdjN1p6TQnH1qGaAiRYNS+cBA7BC/LiKkUMsXmnQ0zUsPFf/n35eUXzyXffoSvB
pNHRTDsorZ58O7djEb59bhyxGT+tWb7ozAuZAAJXRGDrZdjvjtR9vREn/lkGMc8j
xls/WJckiGLhDehTDZQXNHW2x2if4Mgpg3h8CRrNXirEPFqqOgrGZUIfnm+6KoT+
0TD/K71WWS0/riz4iN0xpCTirJYix1811q1QPqkMHUpre0h0JoSgEqLHpQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFIo15fq/ou39qkfUMHCZNJMhpiiqMB8GA1UdIwQY
MBaAFMsgYG3nMEVu3XM1zIgsvfQ5bzRgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXlCZ2JlY3dSVzdkY3pYTWlDeTk5RGx2TkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iZjdhMjgtYmYxZS00ODM1LWJlZWQt
YjNkODZhYTQzYmM1LzEvaWpYbC1yLWk3ZjJxUjlRd2NKazBreUdtS0tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iZjdhMjgtYmYxZS00ODM1LWJlZWQtYjNkODZhYTQzYmM1
LzEveXlCZ2JlY3dSVzdkY3pYTWlDeTk5RGx2TkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAgBAIAATAaAwQGThwAMAwD
BAe8fYADBAK8fZgDBAC8fZ0wGAQCAAIwEgMHACoCDoiAAAMHACoCDoiBADANBgkq
hkiG9w0BAQsFAAOCAQEAcrbJmGwv7DA7qPFjF78qtzQ/BY6I0KjEr/P3lSOkkASH
QZHTPH+mVzpT3MiImQ2J6eUqpdcnqXvSw8dGTQuhuFcxmvecUufRqW4lofsnOM2E
Su1QjKkxispEkE9hszJcHGzUxGH6Tk+hqq7B5UTJG2XJaUSey5ZmnBtOVX3DUvOq
GlB3hGpJKsC2FKZA/sb2thTw4mFBg+YZ68Fjztva5Ae7HHw5VSjMHsbbke4uiBvm
lLJ44DXmL1wFz8xhWvRd5EZztpjotyL4pX6jjZWKnXDUjKo6jXlNHaBWTnu51Xb8
8IFOXsvSkrt0dY++q4yIVNZcrB+eueD4XRBfxINITA==
-----END CERTIFICATE-----
Generated at Tue Jun 18 12:20:44 2024 by rpki-client on console-fra.rpki-client.org