Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/9xGmlnKe5FEYgC5wgJvBgSw24ng.roa
File: 9xGmlnKe5FEYgC5wgJvBgSw24ng.roa (raw, json)
Hash identifier: mxmiZL2ldmNK4HRRQzQZGCgy3cigbZ9VKu8sz97PuAs=
Subject key identifier: F7:11:A6:96:72:9E:E4:51:18:80:2E:70:80:9B:C1:81:2C:36:E2:78
Certificate issuer: /CN=4285821bb7a8445efbf433d4c19890a7fa949fa8
Certificate serial: 018CC8017298132ABB5AD4EBE0998F00F6E6
Authority key identifier: 42:85:82:1B:B7:A8:44:5E:FB:F4:33:D4:C1:98:90:A7:FA:94:9F:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QoWCG7eoRF779DPUwZiQp_qUn6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/9xGmlnKe5FEYgC5wgJvBgSw24ng.roa
Signing time: Tue 02 Jan 2024 02:29:47 +0000
ROA not before: Tue 02 Jan 2024 02:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 139.28.192.0/22 maxlen: 22
139.28.192.0/23 maxlen: 23
139.28.194.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/QoWCG7eoRF779DPUwZiQp_qUn6g.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/QoWCG7eoRF779DPUwZiQp_qUn6g.mft
rsync://rpki.ripe.net/repository/DEFAULT/QoWCG7eoRF779DPUwZiQp_qUn6g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:72:98:13:2a:bb:5a:d4:eb:e0:99:8f:00:f6:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4285821bb7a8445efbf433d4c19890a7fa949fa8
Validity
Not Before: Jan 2 02:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f711a696729ee45118802e70809bc1812c36e278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5f:a2:95:9b:a1:56:54:ed:d8:36:71:ef:b0:
f9:db:b1:c6:44:06:43:42:25:53:ba:d7:17:46:16:
23:e3:03:e8:22:d1:b6:2b:85:05:32:a1:78:20:ac:
43:6d:aa:6a:6b:b9:60:c6:34:9d:72:a4:d4:a2:86:
f8:b7:12:28:0e:e9:ed:8e:62:5f:f8:6c:a4:59:af:
ab:ab:fc:8d:b1:86:f6:b1:55:43:3b:b2:65:fe:b0:
cb:91:11:b9:11:67:4c:e0:cd:3f:32:fb:a0:de:22:
39:14:98:28:1b:2b:3b:af:c8:17:e1:84:df:7f:94:
06:b3:0a:17:41:89:9c:c0:e8:aa:dc:ce:3a:76:60:
0b:20:04:56:26:55:33:73:9d:4f:66:d0:78:33:e3:
d8:e3:df:da:09:0c:f0:34:c0:9c:ee:7c:b3:2b:43:
e6:63:76:c5:07:b5:c1:3a:d7:e6:c9:bd:da:8b:d2:
c6:83:1b:aa:3e:b0:ab:df:9c:e5:ce:b6:51:97:74:
8f:83:bb:79:05:fb:51:c1:49:86:a7:9e:b0:29:02:
aa:4b:bb:11:41:a7:20:31:30:dd:f5:47:9a:e6:f9:
7e:0e:2c:fe:14:e7:6c:89:ea:41:15:71:54:39:c7:
e2:2d:b6:08:e2:80:9b:49:ac:e1:a4:17:e2:62:77:
e8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:11:A6:96:72:9E:E4:51:18:80:2E:70:80:9B:C1:81:2C:36:E2:78
X509v3 Authority Key Identifier:
keyid:42:85:82:1B:B7:A8:44:5E:FB:F4:33:D4:C1:98:90:A7:FA:94:9F:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QoWCG7eoRF779DPUwZiQp_qUn6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/9xGmlnKe5FEYgC5wgJvBgSw24ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/QoWCG7eoRF779DPUwZiQp_qUn6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.192.0/22
Signature Algorithm: sha256WithRSAEncryption
35:69:6e:de:dd:d7:3f:ab:3b:7a:83:0d:26:c4:d6:ad:bc:6f:
d3:6f:14:c2:b5:c6:cc:7e:ec:1c:17:3f:18:51:d3:86:d9:03:
cf:fb:11:37:4a:5f:01:7f:36:0c:04:25:10:a1:bc:0c:80:0e:
a6:fc:07:e8:69:28:ab:c1:cf:31:14:74:0e:aa:53:07:23:5b:
f5:2d:a6:85:13:a1:51:7c:d1:d9:f1:5a:16:4c:03:d4:0e:66:
4b:63:02:f3:45:7b:f8:52:ea:d7:71:99:e0:d8:c3:eb:1a:99:
a7:57:1b:50:76:4c:bf:80:61:fe:c5:8a:20:db:88:8a:f1:60:
25:fd:44:26:2d:d9:fa:ee:21:25:37:69:f4:b3:a1:6d:8a:23:
21:ad:cc:60:a2:a8:bc:b0:f4:8a:72:49:0f:e9:13:d0:fc:50:
84:87:74:4b:79:a1:7a:d6:05:00:2e:9c:6b:2f:cf:cf:2d:e0:
b2:96:c8:cc:b9:14:53:74:b3:37:d7:af:ea:5b:b3:22:32:81:
76:84:c7:11:3a:e3:68:b3:27:ae:07:67:22:4f:00:c1:17:1c:
39:dd:b0:87:5b:d6:9c:57:56:17:5f:48:1a:b4:7f:03:58:17:
fd:f3:70:57:23:36:b8:78:a0:fe:d8:c6:a0:d0:7a:11:f5:47:
9c:ba:b5:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAXKYEyq7WtTr4JmPAPbmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyODU4MjFiYjdhODQ0NWVmYmY0MzNkNGMxOTg5MGE3ZmE5
NDlmYTgwHhcNMjQwMTAyMDIyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzExYTY5NjcyOWVlNDUxMTg4MDJlNzA4MDliYzE4MTJjMzZlMjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAil+ilZuhVlTt2DZx77D527HGRAZD
QiVTutcXRhYj4wPoItG2K4UFMqF4IKxDbapqa7lgxjSdcqTUoob4txIoDuntjmJf
+GykWa+rq/yNsYb2sVVDO7Jl/rDLkRG5EWdM4M0/Mvug3iI5FJgoGys7r8gX4YTf
f5QGswoXQYmcwOiq3M46dmALIARWJlUzc51PZtB4M+PY49/aCQzwNMCc7nyzK0Pm
Y3bFB7XBOtfmyb3ai9LGgxuqPrCr35zlzrZRl3SPg7t5BftRwUmGp56wKQKqS7sR
QacgMTDd9Uea5vl+Diz+FOdsiepBFXFUOcfiLbYI4oCbSazhpBfiYnfovwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPcRppZynuRRGIAucICbwYEsNuJ4MB8GA1UdIwQY
MBaAFEKFghu3qERe+/Qz1MGYkKf6lJ+oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW9XQ0c3ZW9SRjc3OURQVXdaaVFwX3FVbjZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9mOTM0MmMtNTdhOS00OGYzLTllNjct
OGEzZDhkYzM1OGViLzEvOXhHbWxuS2U1RkVZZ0M1d2dKdkJnU3cyNG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9mOTM0MmMtNTdhOS00OGYzLTllNjctOGEzZDhkYzM1OGVi
LzEvUW9XQ0c3ZW9SRjc3OURQVXdaaVFwX3FVbjZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixzAMA0G
CSqGSIb3DQEBCwUAA4IBAQA1aW7e3dc/qzt6gw0mxNatvG/TbxTCtcbMfuwcFz8Y
UdOG2QPP+xE3Sl8BfzYMBCUQobwMgA6m/AfoaSirwc8xFHQOqlMHI1v1LaaFE6FR
fNHZ8VoWTAPUDmZLYwLzRXv4UurXcZng2MPrGpmnVxtQdky/gGH+xYog24iK8WAl
/UQmLdn67iElN2n0s6FtiiMhrcxgoqi8sPSKckkP6RPQ/FCEh3RLeaF61gUALpxr
L8/PLeCylsjMuRRTdLM316/qW7MiMoF2hMcROuNosyeuB2ciTwDBFxw53bCHW9ac
V1YXX0gatH8DWBf983BXIza4eKD+2Mag0HoR9UecurVQ
-----END CERTIFICATE-----
Generated at Thu May 2 21:22:46 2024 by rpki-client on console-ams.rpki-client.org