Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/giCBWON-J44v5k3VBMPJtsYzdwI.roa
File: giCBWON-J44v5k3VBMPJtsYzdwI.roa (raw, json)
Hash identifier: /j9hYu7445Fnqvp55EfL/BXfjNLPCw6i9ja7Z48p0D0=
Subject key identifier: 82:20:81:58:E3:7E:27:8E:2F:E6:4D:D5:04:C3:C9:B6:C6:33:77:02
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 018CC7935A5BBA5682FBB5B62C2915352A76
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/giCBWON-J44v5k3VBMPJtsYzdwI.roa
Signing time: Tue 02 Jan 2024 00:29:32 +0000
ROA not before: Tue 02 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47583
IP address blocks: 46.28.44.0/22 maxlen: 24
46.28.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.mft
rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:5a:5b:ba:56:82:fb:b5:b6:2c:29:15:35:2a:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: Jan 2 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82208158e37e278e2fe64dd504c3c9b6c6337702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4f:4b:6d:9f:bb:2f:22:cb:76:67:95:ed:c9:
62:31:0f:ba:49:ed:df:e6:c0:0e:c4:da:72:76:87:
ac:1b:c5:a3:0c:aa:a7:56:5c:15:d6:17:67:ee:9f:
1a:6a:28:7f:3a:bd:2b:d2:8f:96:13:b0:4a:88:2f:
af:74:11:4a:91:1b:4c:38:1a:cd:b0:37:f5:da:22:
c1:e2:31:e0:de:f6:9b:b9:78:6e:a2:1f:a8:91:3e:
05:80:e4:55:39:2b:24:b2:88:41:aa:8f:7a:6e:1c:
4b:df:50:e1:0f:e8:bd:f2:fb:2e:33:82:24:22:71:
6d:3b:54:81:87:fe:fe:93:94:9b:3d:56:19:37:93:
57:1b:fe:bb:6d:08:ce:6c:fd:30:ae:8e:49:7c:5a:
d7:2d:37:66:b8:25:3d:9e:d0:35:5c:16:be:a4:01:
dd:41:ba:f6:92:c5:09:48:4e:27:73:72:52:d3:4a:
e1:0a:a2:91:41:85:77:e5:06:da:26:da:d3:7f:71:
7c:2f:30:d1:b7:11:0e:54:6a:90:4b:8c:78:ae:b6:
e8:fc:9c:14:14:c9:9b:f1:2a:10:3b:b5:15:42:ee:
e7:76:12:9d:ea:e0:e2:49:19:bf:74:37:6e:da:27:
83:66:cd:b2:50:da:b1:c3:5b:82:16:b1:1b:1c:6c:
7b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:20:81:58:E3:7E:27:8E:2F:E6:4D:D5:04:C3:C9:B6:C6:33:77:02
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/giCBWON-J44v5k3VBMPJtsYzdwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.40.0/21
Signature Algorithm: sha256WithRSAEncryption
97:b0:39:5c:1c:d6:2a:89:46:13:90:40:15:c0:14:eb:30:71:
95:0b:79:da:20:ef:ab:4a:fc:6b:f0:7c:92:32:77:f1:3d:e3:
49:7e:70:15:27:29:17:8c:ad:77:a3:23:47:d3:db:bb:0d:e6:
3e:e3:97:64:dd:74:fb:27:2e:38:79:4b:0c:22:7a:e3:ef:d1:
90:cb:21:bc:7f:8e:6a:27:1d:b8:06:00:4a:29:f6:3d:5f:3b:
0e:9a:6f:cd:ea:f9:23:f9:d2:83:e0:4c:0b:a1:f1:54:fb:9b:
5c:95:53:d7:54:1f:6c:04:a1:c0:4d:10:81:57:13:9b:d0:2f:
fe:f3:e2:be:8e:a0:c5:27:4c:3b:a0:a4:78:cb:36:5e:b6:5b:
df:57:3d:96:8e:24:22:69:22:3f:2b:f1:ba:9a:9e:a8:bc:71:
f0:3a:90:26:56:b1:c8:d1:20:cc:8a:f5:4e:36:bb:0a:50:b7:
25:74:ce:a9:91:a8:5e:bb:86:5d:fe:c5:88:25:89:c0:0d:f1:
c2:02:2f:30:6a:75:3a:cd:c9:e6:7a:bc:87:04:83:8c:0e:eb:
64:88:8b:04:8f:65:14:e7:c8:a8:ba:9d:42:10:14:8a:b1:38:
8d:34:af:f7:56:ab:13:54:a9:d1:f3:01:58:47:66:c6:f3:64:
c0:d7:94:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHk1pbulaC+7W2LCkVNSp2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjQwMTAyMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjIwODE1OGUzN2UyNzhlMmZlNjRkZDUwNGMzYzliNmM2MzM3NzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoE9LbZ+7LyLLdmeV7cliMQ+6Se3f
5sAOxNpydoesG8WjDKqnVlwV1hdn7p8aaih/Or0r0o+WE7BKiC+vdBFKkRtMOBrN
sDf12iLB4jHg3vabuXhuoh+okT4FgORVOSsksohBqo96bhxL31DhD+i98vsuM4Ik
InFtO1SBh/7+k5SbPVYZN5NXG/67bQjObP0wro5JfFrXLTdmuCU9ntA1XBa+pAHd
Qbr2ksUJSE4nc3JS00rhCqKRQYV35QbaJtrTf3F8LzDRtxEOVGqQS4x4rrbo/JwU
FMmb8SoQO7UVQu7ndhKd6uDiSRm/dDdu2ieDZs2yUNqxw1uCFrEbHGx7aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIIggVjjfieOL+ZN1QTDybbGM3cCMB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvZ2lDQldPTi1KNDR2NWszVkJNUEp0c1l6ZHdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEtMmUxYzBhZjRmYWE0
LzEvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLhwoMA0G
CSqGSIb3DQEBCwUAA4IBAQCXsDlcHNYqiUYTkEAVwBTrMHGVC3naIO+rSvxr8HyS
MnfxPeNJfnAVJykXjK13oyNH09u7DeY+45dk3XT7Jy44eUsMInrj79GQyyG8f45q
Jx24BgBKKfY9XzsOmm/N6vkj+dKD4EwLofFU+5tclVPXVB9sBKHATRCBVxOb0C/+
8+K+jqDFJ0w7oKR4yzZetlvfVz2WjiQiaSI/K/G6mp6ovHHwOpAmVrHI0SDMivVO
NrsKULcldM6pkaheu4Zd/sWIJYnADfHCAi8wanU6zcnmeryHBIOMDutkiIsEj2UU
58ioup1CEBSKsTiNNK/3VqsTVKnR8wFYR2bG82TA15Si
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:40:54 2024 by rpki-client on console-ams.rpki-client.org