Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/529b28-3a39-49bf-8ef2-a47fb9a94ffd/1/cG78UDIdpCeydMsdYVz1mgNE3IA.roa
File: cG78UDIdpCeydMsdYVz1mgNE3IA.roa (raw, json)
Hash identifier: Q2t7km09E2u1jijGQs5OQkzXqaUABPZw4QrG33/Ddv8=
Subject key identifier: 70:6E:FC:50:32:1D:A4:27:B2:74:CB:1D:61:5C:F5:9A:03:44:DC:80
Certificate issuer: /CN=bf54dbf00d74590c8913dec8b1cf084d8fcf693c
Certificate serial: 019025DA30526F308E6E21823DF07EC4FCF7
Authority key identifier: BF:54:DB:F0:0D:74:59:0C:89:13:DE:C8:B1:CF:08:4D:8F:CF:69:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v1Tb8A10WQyJE97Isc8ITY_PaTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/529b28-3a39-49bf-8ef2-a47fb9a94ffd/1/cG78UDIdpCeydMsdYVz1mgNE3IA.roa
Signing time: Mon 17 Jun 2024 10:59:34 +0000
ROA not before: Mon 17 Jun 2024 10:59:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47485
IP address blocks: 139.28.252.0/22 maxlen: 22
2a09:dc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/529b28-3a39-49bf-8ef2-a47fb9a94ffd/1/v1Tb8A10WQyJE97Isc8ITY_PaTw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/529b28-3a39-49bf-8ef2-a47fb9a94ffd/1/v1Tb8A10WQyJE97Isc8ITY_PaTw.mft
rsync://rpki.ripe.net/repository/DEFAULT/v1Tb8A10WQyJE97Isc8ITY_PaTw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:25:da:30:52:6f:30:8e:6e:21:82:3d:f0:7e:c4:fc:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf54dbf00d74590c8913dec8b1cf084d8fcf693c
Validity
Not Before: Jun 17 10:59:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=706efc50321da427b274cb1d615cf59a0344dc80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c0:a5:32:a2:08:72:1f:f8:b6:89:e0:33:c7:
84:6f:e5:4f:74:c5:be:ff:7d:d1:6f:24:d8:52:b8:
e6:2a:90:7f:9e:21:83:58:6d:0b:fe:e4:3b:da:36:
41:5c:29:ed:20:27:4c:9b:f4:a9:ff:12:8e:76:13:
b7:c3:e6:6f:0c:bc:6f:23:d4:44:69:37:7c:42:41:
73:78:15:fc:d6:e3:b8:56:af:d5:43:b6:a8:9b:60:
9c:8c:78:8d:a8:ee:eb:9c:75:0d:1a:90:c5:16:35:
5c:82:e7:ce:8b:15:8e:8e:50:3b:67:2c:27:ed:96:
ff:e4:27:54:ef:df:8f:32:da:cd:fa:37:7f:b8:1c:
ce:b3:e6:bb:a3:e1:8a:ea:90:ed:c5:83:0c:03:37:
3f:b8:5c:62:97:22:54:21:8c:6f:0a:0c:45:f8:67:
d3:5a:fd:0f:a6:30:5b:61:f1:e9:9b:54:7d:65:f8:
b2:62:e7:d8:61:9a:ac:72:2d:78:a4:1f:b0:df:af:
de:1d:89:95:13:1a:21:14:37:74:c8:45:74:4b:dd:
0d:68:c0:70:7f:b7:a1:aa:64:5e:3d:77:c4:f7:ee:
91:92:d1:58:75:f8:a3:bc:79:53:8e:df:7c:da:56:
97:4b:65:b3:85:2e:75:2e:70:4e:30:3f:ff:28:13:
6d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:6E:FC:50:32:1D:A4:27:B2:74:CB:1D:61:5C:F5:9A:03:44:DC:80
X509v3 Authority Key Identifier:
keyid:BF:54:DB:F0:0D:74:59:0C:89:13:DE:C8:B1:CF:08:4D:8F:CF:69:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v1Tb8A10WQyJE97Isc8ITY_PaTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/529b28-3a39-49bf-8ef2-a47fb9a94ffd/1/cG78UDIdpCeydMsdYVz1mgNE3IA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/529b28-3a39-49bf-8ef2-a47fb9a94ffd/1/v1Tb8A10WQyJE97Isc8ITY_PaTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.252.0/22
IPv6:
2a09:dc0::/32
Signature Algorithm: sha256WithRSAEncryption
cc:ac:95:f6:4b:87:71:e5:62:71:88:d4:09:10:fa:bc:d8:ca:
c9:60:f7:7c:a4:9f:87:b5:12:4f:38:f1:9c:7c:da:58:a8:df:
e2:a2:e7:2c:72:d7:f2:49:ab:03:89:75:db:16:71:f9:92:d9:
72:26:1b:ef:1e:27:91:4f:f8:d6:ef:89:c8:f3:35:82:54:9d:
2b:82:8d:5c:34:2c:66:74:10:1e:cc:79:8b:13:75:05:48:74:
11:9d:74:ee:1b:6f:6d:47:81:01:3a:c3:ec:1e:f8:b6:3d:b2:
07:ac:b8:58:b2:ad:dc:da:03:61:4c:15:7b:91:50:da:60:3e:
92:77:49:82:e8:06:18:81:7f:2f:06:5a:f1:0f:66:db:46:9a:
cf:f0:bd:af:a4:05:62:9d:41:6d:28:29:13:b9:80:95:af:ac:
e4:5f:02:3c:94:0d:43:c2:c8:6f:1e:f3:81:b0:59:7c:2f:97:
5f:33:3f:aa:6a:53:c0:a9:13:32:b8:c2:f5:f9:1f:39:62:49:
b2:5e:7e:f2:3e:b6:44:87:df:dd:63:35:3e:39:5a:3a:2b:81:
7a:ec:0e:ca:da:a1:a8:5a:57:46:68:ec:7e:ef:54:68:a1:ae:
ed:a5:55:b6:f8:da:7a:4a:0c:40:b9:68:ff:2b:7c:09:5d:fb:
eb:81:46:3c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZAl2jBSbzCObiGCPfB+xPz3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNTRkYmYwMGQ3NDU5MGM4OTEzZGVjOGIxY2YwODRkOGZj
ZjY5M2MwHhcNMjQwNjE3MTA1OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDZlZmM1MDMyMWRhNDI3YjI3NGNiMWQ2MTVjZjU5YTAzNDRkYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8ClMqIIch/4tongM8eEb+VPdMW+
/33RbyTYUrjmKpB/niGDWG0L/uQ72jZBXCntICdMm/Sp/xKOdhO3w+ZvDLxvI9RE
aTd8QkFzeBX81uO4Vq/VQ7aom2CcjHiNqO7rnHUNGpDFFjVcgufOixWOjlA7Zywn
7Zb/5CdU79+PMtrN+jd/uBzOs+a7o+GK6pDtxYMMAzc/uFxilyJUIYxvCgxF+GfT
Wv0PpjBbYfHpm1R9ZfiyYufYYZqsci14pB+w36/eHYmVExohFDd0yEV0S90NaMBw
f7ehqmRePXfE9+6RktFYdfijvHlTjt982laXS2WzhS51LnBOMD//KBNtNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHBu/FAyHaQnsnTLHWFc9ZoDRNyAMB8GA1UdIwQY
MBaAFL9U2/ANdFkMiRPeyLHPCE2Pz2k8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjFUYjhBMTBXUXlKRTk3SXNjOElUWV9QYVR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81MjliMjgtM2EzOS00OWJmLThlZjIt
YTQ3ZmI5YTk0ZmZkLzEvY0c3OFVESWRwQ2V5ZE1zZFlWejFtZ05FM0lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81MjliMjgtM2EzOS00OWJmLThlZjItYTQ3ZmI5YTk0ZmZk
LzEvdjFUYjhBMTBXUXlKRTk3SXNjOElUWV9QYVR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCixz8MA0E
AgACMAcDBQAqCQ3AMA0GCSqGSIb3DQEBCwUAA4IBAQDMrJX2S4dx5WJxiNQJEPq8
2MrJYPd8pJ+HtRJPOPGcfNpYqN/ioucsctfySasDiXXbFnH5ktlyJhvvHieRT/jW
74nI8zWCVJ0rgo1cNCxmdBAezHmLE3UFSHQRnXTuG29tR4EBOsPsHvi2PbIHrLhY
sq3c2gNhTBV7kVDaYD6Sd0mC6AYYgX8vBlrxD2bbRprP8L2vpAVinUFtKCkTuYCV
r6zkXwI8lA1DwshvHvOBsFl8L5dfMz+qalPAqRMyuML1+R85YkmyXn7yPrZEh9/d
YzU+OVo6K4F67A7K2qGoWldGaOx+71Rooa7tpVW2+Np6SgxAuWj/K3wJXfvrgUY8
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:54:28 2024 by rpki-client on console-ams.rpki-client.org