Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/DBrfF17W7-aPSTtfPqmVgk05ZA8.roa
File: DBrfF17W7-aPSTtfPqmVgk05ZA8.roa (raw, json)
Hash identifier: 7WG0aZRDbR4nDUsbp6wpS6TU3v69ZjFGlEW5b5Iom3s=
Subject key identifier: 0C:1A:DF:17:5E:D6:EF:E6:8F:49:3B:5F:3E:A9:95:82:4D:39:64:0F
Certificate issuer: /CN=93b91eefa6d8046d918e364045604952640bc15d
Certificate serial: 018CC94BFE683D2B3AFEF1C70D299A7D8919
Authority key identifier: 93:B9:1E:EF:A6:D8:04:6D:91:8E:36:40:45:60:49:52:64:0B:C1:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7ke76bYBG2RjjZARWBJUmQLwV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/DBrfF17W7-aPSTtfPqmVgk05ZA8.roa
Signing time: Tue 02 Jan 2024 08:30:49 +0000
ROA not before: Tue 02 Jan 2024 08:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208017
IP address blocks: 139.28.158.0/23 maxlen: 23
139.28.156.0/24 maxlen: 24
139.28.156.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/k7ke76bYBG2RjjZARWBJUmQLwV0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/k7ke76bYBG2RjjZARWBJUmQLwV0.mft
rsync://rpki.ripe.net/repository/DEFAULT/k7ke76bYBG2RjjZARWBJUmQLwV0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4b:fe:68:3d:2b:3a:fe:f1:c7:0d:29:9a:7d:89:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93b91eefa6d8046d918e364045604952640bc15d
Validity
Not Before: Jan 2 08:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c1adf175ed6efe68f493b5f3ea995824d39640f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ad:55:9d:12:8f:db:03:c5:dc:bd:1c:1c:42:
b8:62:c2:88:5b:fc:be:17:30:49:87:be:f4:e8:2b:
a7:d6:f1:ed:27:2f:2c:df:7d:27:f3:99:13:89:0a:
0a:6f:ff:f6:d7:59:90:f4:19:aa:61:7c:9a:5f:de:
4e:ad:bb:fa:14:79:a5:93:c5:2a:a5:2b:b4:86:7a:
86:77:fa:39:0a:c0:8f:b1:fd:51:c0:60:5c:f5:e6:
d1:fe:57:6f:43:7a:3b:61:df:b5:f6:94:fb:4d:7c:
da:1b:25:bc:73:a3:1b:90:24:ba:b9:37:9e:8d:39:
61:f0:09:d2:ee:6e:2e:61:65:1b:fe:91:fb:38:eb:
c0:cd:e7:44:38:d4:42:60:8c:25:52:84:30:f6:28:
5f:6b:ed:0a:aa:b5:4d:ec:c0:e9:64:b8:af:4e:b7:
57:0b:21:e2:43:70:80:99:a9:b4:a5:32:79:28:d6:
de:8f:06:ec:9b:06:94:18:ea:7d:fc:e5:9e:31:16:
8a:0c:aa:57:e0:eb:b3:e3:e3:50:de:31:bb:5b:bd:
3e:f3:34:e4:51:6c:ea:6e:27:0d:83:3e:72:49:60:
eb:da:d9:5b:61:ca:13:8b:39:68:7d:94:86:53:49:
31:93:8a:d7:ef:33:5c:5d:17:52:38:e7:c7:6e:a6:
3b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:1A:DF:17:5E:D6:EF:E6:8F:49:3B:5F:3E:A9:95:82:4D:39:64:0F
X509v3 Authority Key Identifier:
keyid:93:B9:1E:EF:A6:D8:04:6D:91:8E:36:40:45:60:49:52:64:0B:C1:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7ke76bYBG2RjjZARWBJUmQLwV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/DBrfF17W7-aPSTtfPqmVgk05ZA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/k7ke76bYBG2RjjZARWBJUmQLwV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.156.0/22
Signature Algorithm: sha256WithRSAEncryption
84:1a:b2:c7:e9:52:90:7a:b3:43:82:c8:d1:f0:2b:21:40:48:
9a:6f:65:53:66:61:b8:52:ee:76:b7:cc:55:fb:23:de:c1:b6:
2d:29:f7:2f:6d:1a:20:70:5b:19:c3:82:b6:df:bd:0e:b9:1c:
ba:8c:28:4b:c4:b0:a3:aa:6c:62:ec:99:1b:07:1a:71:78:a8:
ae:40:a8:ce:73:a0:14:56:5e:dd:30:6a:ea:61:75:9b:bf:4f:
59:c2:6c:71:21:31:99:fa:3e:8c:ac:c4:22:4f:a8:69:39:d8:
02:b1:48:ae:ef:8b:bd:12:d6:78:6c:77:9f:2d:11:f0:65:bf:
d1:8b:f0:af:7d:49:9b:62:4d:76:58:ce:d8:6a:b2:e9:38:11:
02:1e:72:eb:2e:c7:29:06:53:7c:8d:9a:82:39:28:1b:d3:1a:
8f:8c:e9:57:c9:90:52:e5:04:59:02:b7:20:3e:d7:62:b4:03:
3d:de:da:0a:8c:9a:73:1e:69:7c:4d:b3:17:80:64:0d:01:99:
7d:ac:6d:85:79:66:c3:36:2c:f2:af:a6:68:e9:a8:2e:d3:27:
a9:8f:31:22:75:ad:fa:85:44:c0:02:0f:87:7b:36:15:21:dc:
44:3c:26:17:76:cd:11:26:bc:48:20:fa:d6:ed:07:2e:79:73:
82:b0:fa:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJS/5oPSs6/vHHDSmafYkZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYjkxZWVmYTZkODA0NmQ5MThlMzY0MDQ1NjA0OTUyNjQw
YmMxNWQwHhcNMjQwMTAyMDgzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzFhZGYxNzVlZDZlZmU2OGY0OTNiNWYzZWE5OTU4MjRkMzk2NDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkK1VnRKP2wPF3L0cHEK4YsKIW/y+
FzBJh7706Cun1vHtJy8s330n85kTiQoKb//211mQ9BmqYXyaX95Orbv6FHmlk8Uq
pSu0hnqGd/o5CsCPsf1RwGBc9ebR/ldvQ3o7Yd+19pT7TXzaGyW8c6MbkCS6uTee
jTlh8AnS7m4uYWUb/pH7OOvAzedEONRCYIwlUoQw9ihfa+0KqrVN7MDpZLivTrdX
CyHiQ3CAmam0pTJ5KNbejwbsmwaUGOp9/OWeMRaKDKpX4Ouz4+NQ3jG7W70+8zTk
UWzqbicNgz5ySWDr2tlbYcoTizlofZSGU0kxk4rX7zNcXRdSOOfHbqY7+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAwa3xde1u/mj0k7Xz6plYJNOWQPMB8GA1UdIwQY
MBaAFJO5Hu+m2ARtkY42QEVgSVJkC8FdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazdrZTc2YllCRzJSampaQVJXQkpVbVFMd1YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYWJlZjktMDc5ZC00MGY0LWEyMTEt
MzU4NmFhZTEzZGE3LzEvREJyZkYxN1c3LWFQU1R0ZlBxbVZnazA1WkE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYWJlZjktMDc5ZC00MGY0LWEyMTEtMzU4NmFhZTEzZGE3
LzEvazdrZTc2YllCRzJSampaQVJXQkpVbVFMd1YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixycMA0G
CSqGSIb3DQEBCwUAA4IBAQCEGrLH6VKQerNDgsjR8CshQEiab2VTZmG4Uu52t8xV
+yPewbYtKfcvbRogcFsZw4K2370OuRy6jChLxLCjqmxi7JkbBxpxeKiuQKjOc6AU
Vl7dMGrqYXWbv09ZwmxxITGZ+j6MrMQiT6hpOdgCsUiu74u9EtZ4bHefLRHwZb/R
i/CvfUmbYk12WM7YarLpOBECHnLrLscpBlN8jZqCOSgb0xqPjOlXyZBS5QRZArcg
PtditAM93toKjJpzHml8TbMXgGQNAZl9rG2FeWbDNizyr6Zo6agu0yepjzEida36
hUTAAg+HezYVIdxEPCYXds0RJrxIIPrW7QcueXOCsPpv
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:54:38 2024 by rpki-client on console-ams.rpki-client.org