Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/1-iyBsl5rE9lpSKrl-SUfwo5NPhY.roa
File: 1-iyBsl5rE9lpSKrl-SUfwo5NPhY.roa (raw, json)
Hash identifier: IXdsm4JyaQFJ2cJkNYafRmC3NYOOT1+6IGlaC79dMRk=
Subject key identifier: FA:2C:81:B2:5E:6B:13:D9:69:48:AA:E5:F9:25:1F:C2:8E:4D:3E:16
Certificate issuer: /CN=4285821bb7a8445efbf433d4c19890a7fa949fa8
Certificate serial: 018CC801732842670A956B254C448AAD6B09
Authority key identifier: 42:85:82:1B:B7:A8:44:5E:FB:F4:33:D4:C1:98:90:A7:FA:94:9F:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QoWCG7eoRF779DPUwZiQp_qUn6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/1-iyBsl5rE9lpSKrl-SUfwo5NPhY.roa
Signing time: Tue 02 Jan 2024 02:29:47 +0000
ROA not before: Tue 02 Jan 2024 02:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209383
IP address blocks: 139.28.192.0/23 maxlen: 23
139.28.192.0/22 maxlen: 22
139.28.194.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/QoWCG7eoRF779DPUwZiQp_qUn6g.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/QoWCG7eoRF779DPUwZiQp_qUn6g.mft
rsync://rpki.ripe.net/repository/DEFAULT/QoWCG7eoRF779DPUwZiQp_qUn6g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:73:28:42:67:0a:95:6b:25:4c:44:8a:ad:6b:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4285821bb7a8445efbf433d4c19890a7fa949fa8
Validity
Not Before: Jan 2 02:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa2c81b25e6b13d96948aae5f9251fc28e4d3e16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8a:a4:f2:ba:b7:79:0c:6e:c3:f2:ee:f3:7d:
fe:5b:64:d5:6b:95:37:8f:14:4b:b4:32:5a:22:9e:
0a:e5:66:84:c0:e4:33:21:53:4a:8f:16:81:56:3b:
36:25:df:da:b8:77:83:28:b6:11:98:c8:89:23:46:
90:57:75:69:d5:78:23:d4:fb:38:52:50:e5:af:04:
02:50:c9:3e:5c:9f:aa:de:99:9f:16:9c:bb:46:96:
66:02:51:f3:00:c5:92:67:69:3c:4c:3c:21:70:57:
14:f6:07:e2:ba:4b:72:48:37:94:6c:61:d2:b7:5b:
94:a7:92:ea:20:17:58:0e:6c:04:a6:ca:ce:69:b3:
29:7c:19:d9:8f:87:bc:90:a2:ea:b5:48:a6:30:03:
ef:34:22:db:2c:ca:82:6a:c8:2d:51:ed:43:77:ba:
92:ab:03:7d:ef:83:80:dd:b2:4c:45:a4:6c:0b:b9:
f3:ec:8b:16:a9:5e:9b:28:71:52:39:95:96:ba:58:
67:9e:e6:a5:49:23:51:77:08:2c:67:30:80:5b:11:
c6:67:ac:88:f4:54:d3:3b:f3:0e:6d:6a:e2:e4:a9:
b0:0f:e7:5a:d8:9c:78:85:fc:ed:66:c4:ad:91:cb:
47:ad:37:df:54:be:6c:15:a4:ba:2b:3c:e0:b0:c0:
33:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:2C:81:B2:5E:6B:13:D9:69:48:AA:E5:F9:25:1F:C2:8E:4D:3E:16
X509v3 Authority Key Identifier:
keyid:42:85:82:1B:B7:A8:44:5E:FB:F4:33:D4:C1:98:90:A7:FA:94:9F:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QoWCG7eoRF779DPUwZiQp_qUn6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/1-iyBsl5rE9lpSKrl-SUfwo5NPhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/QoWCG7eoRF779DPUwZiQp_qUn6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.192.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:49:4d:b8:ba:8a:b1:02:4f:e2:bd:48:11:e1:7b:95:a1:42:
cc:db:0a:52:f8:bc:13:63:11:71:e1:86:be:c7:05:78:6d:f2:
0a:3c:a4:d4:ef:cd:71:79:70:b8:83:9e:8e:86:65:14:1b:48:
1f:0b:3c:76:25:fc:4a:45:99:23:18:f7:e1:f8:b9:78:c8:ab:
cb:55:13:2c:5e:59:66:31:e0:7d:a9:7b:34:33:5a:27:84:9c:
48:b2:cd:2d:11:95:48:76:1e:ef:3c:5f:66:5c:fb:f7:08:d3:
5e:21:f6:a6:1f:9c:61:78:50:a0:5f:41:68:02:71:e9:30:aa:
15:e3:24:84:a2:87:fb:92:7b:eb:35:36:72:aa:3e:eb:f3:90:
ab:44:94:58:08:3d:22:c3:42:57:d8:25:e2:d0:f6:99:21:dd:
c3:3c:ce:62:42:43:ca:8a:67:55:8e:3a:82:cb:6b:b0:20:39:
e6:89:9a:f2:1a:3f:5d:c1:4b:c8:2a:9d:96:ae:be:5b:e8:40:
0d:2a:8c:fa:43:5b:af:be:f1:fa:6e:ec:97:1e:89:9b:66:0c:
62:1a:54:39:b5:a5:80:15:b3:13:e3:5b:51:dc:79:2d:3b:a3:
9b:40:d5:10:04:e3:fc:81:5b:98:0f:ff:3f:36:62:0a:9a:38:
0f:f2:ba:6b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzIAXMoQmcKlWslTESKrWsJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyODU4MjFiYjdhODQ0NWVmYmY0MzNkNGMxOTg5MGE3ZmE5
NDlmYTgwHhcNMjQwMTAyMDIyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTJjODFiMjVlNmIxM2Q5Njk0OGFhZTVmOTI1MWZjMjhlNGQzZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Iqk8rq3eQxuw/Lu833+W2TVa5U3
jxRLtDJaIp4K5WaEwOQzIVNKjxaBVjs2Jd/auHeDKLYRmMiJI0aQV3Vp1Xgj1Ps4
UlDlrwQCUMk+XJ+q3pmfFpy7RpZmAlHzAMWSZ2k8TDwhcFcU9gfiuktySDeUbGHS
t1uUp5LqIBdYDmwEpsrOabMpfBnZj4e8kKLqtUimMAPvNCLbLMqCasgtUe1Dd7qS
qwN974OA3bJMRaRsC7nz7IsWqV6bKHFSOZWWulhnnualSSNRdwgsZzCAWxHGZ6yI
9FTTO/MObWri5KmwD+da2Jx4hfztZsStkctHrTffVL5sFaS6KzzgsMAzywIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPosgbJeaxPZaUiq5fklH8KOTT4WMB8GA1UdIwQY
MBaAFEKFghu3qERe+/Qz1MGYkKf6lJ+oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW9XQ0c3ZW9SRjc3OURQVXdaaVFwX3FVbjZnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9mOTM0MmMtNTdhOS00OGYzLTllNjct
OGEzZDhkYzM1OGViLzEvMS1peUJzbDVyRTlscFNLcmwtU1Vmd281TlBoWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDgvZjkzNDJjLTU3YTktNDhmMy05ZTY3LThhM2Q4ZGMzNThl
Yi8xL1FvV0NHN2VvUkY3NzlEUFV3WmlRcF9xVW42Zy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAoscwDAN
BgkqhkiG9w0BAQsFAAOCAQEAfklNuLqKsQJP4r1IEeF7laFCzNsKUvi8E2MRceGG
vscFeG3yCjyk1O/NcXlwuIOejoZlFBtIHws8diX8SkWZIxj34fi5eMiry1UTLF5Z
ZjHgfal7NDNaJ4ScSLLNLRGVSHYe7zxfZlz79wjTXiH2ph+cYXhQoF9BaAJx6TCq
FeMkhKKH+5J76zU2cqo+6/OQq0SUWAg9IsNCV9gl4tD2mSHdwzzOYkJDyopnVY46
gstrsCA55oma8ho/XcFLyCqdlq6+W+hADSqM+kNbr77x+m7slx6Jm2YMYhpUObWl
gBWzE+NbUdx5LTujm0DVEATj/IFbmA//PzZiCpo4D/K6aw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:04:14 2024 by rpki-client on console-fra.rpki-client.org