Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/rkhsUNkaZdR5ssM7jfnzVuus9N0.roa
File: rkhsUNkaZdR5ssM7jfnzVuus9N0.roa (raw, json)
Hash identifier: qUG1X0bNCKNLKpXgDWc40eymULtbqil2vWjF9iXq5dY=
Subject key identifier: AE:48:6C:50:D9:1A:65:D4:79:B2:C3:3B:8D:F9:F3:56:EB:AC:F4:DD
Certificate issuer: /CN=6b104f1e4abaec1eff80f262c62f96c25438c8e1
Certificate serial: 018CC4934582A78BDBA8C4B7D44A018549DB
Authority key identifier: 6B:10:4F:1E:4A:BA:EC:1E:FF:80:F2:62:C6:2F:96:C2:54:38:C8:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/axBPHkq67B7_gPJixi-WwlQ4yOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/rkhsUNkaZdR5ssM7jfnzVuus9N0.roa
Signing time: Mon 01 Jan 2024 10:30:35 +0000
ROA not before: Mon 01 Jan 2024 10:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 62.68.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/axBPHkq67B7_gPJixi-WwlQ4yOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/axBPHkq67B7_gPJixi-WwlQ4yOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/axBPHkq67B7_gPJixi-WwlQ4yOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 04:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:45:82:a7:8b:db:a8:c4:b7:d4:4a:01:85:49:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b104f1e4abaec1eff80f262c62f96c25438c8e1
Validity
Not Before: Jan 1 10:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae486c50d91a65d479b2c33b8df9f356ebacf4dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4f:38:00:22:cf:72:a4:a9:29:b8:2a:b2:07:
a6:c5:57:fa:bf:47:6c:cd:2f:2c:29:ae:b4:f5:29:
df:6f:7f:8d:ab:ff:eb:4b:95:2b:04:9a:6a:15:3e:
b4:3a:e3:a5:c5:16:e5:82:4b:18:ac:3e:f0:0c:f6:
db:cd:55:11:f2:2e:64:3d:f4:f2:de:bb:7d:79:55:
fe:c3:dc:9d:b5:f9:64:3c:35:03:12:e6:e7:a7:eb:
51:e8:ca:8d:c2:69:40:99:92:96:88:bc:57:30:69:
0e:d6:21:b1:b6:73:30:de:b1:4f:47:5b:71:26:66:
26:56:80:46:59:75:88:46:3c:13:10:46:d9:74:5e:
e5:52:4b:df:2e:06:b4:46:ea:f2:92:7a:df:18:dc:
b2:3a:5d:af:0f:68:a6:2b:99:7d:20:45:99:e0:bd:
cc:f4:97:fe:71:02:d6:05:38:a9:dd:81:8e:f5:4f:
dc:3c:6b:7e:54:06:be:1e:e7:82:8a:ba:6a:af:e6:
0a:4c:06:0a:d0:11:ad:31:81:0d:40:6a:ce:34:bf:
29:4a:57:d4:18:05:b3:fc:91:a7:e8:38:7e:d1:ae:
dc:96:49:62:fd:16:4d:08:78:c2:0d:9c:96:df:c1:
5a:0a:86:44:e7:ea:94:46:f0:98:ea:ef:7b:dd:ef:
63:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:48:6C:50:D9:1A:65:D4:79:B2:C3:3B:8D:F9:F3:56:EB:AC:F4:DD
X509v3 Authority Key Identifier:
keyid:6B:10:4F:1E:4A:BA:EC:1E:FF:80:F2:62:C6:2F:96:C2:54:38:C8:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/axBPHkq67B7_gPJixi-WwlQ4yOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/rkhsUNkaZdR5ssM7jfnzVuus9N0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/axBPHkq67B7_gPJixi-WwlQ4yOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.73.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:36:a4:77:be:7c:eb:43:a4:8e:3a:3e:bf:bf:61:54:7e:dc:
03:39:df:d6:7e:6e:14:7d:1d:f1:29:9b:2a:09:91:9a:de:bc:
35:ac:d0:97:6c:c4:26:88:74:e5:91:0d:94:20:45:3e:19:9f:
5a:1e:ed:5d:53:7e:de:3f:54:3d:b6:d9:b4:80:d8:b8:c2:d6:
74:11:6a:ce:cd:64:46:bd:f7:c4:39:8d:77:c5:3a:3f:df:31:
91:86:bc:8d:9e:5c:09:fd:2d:64:b4:bf:96:65:d2:bf:c2:f0:
26:a8:34:95:cc:a4:71:8c:6c:eb:aa:c5:9e:65:bd:17:d9:ba:
5f:44:f4:d3:8b:f0:f7:e3:c1:d2:da:66:64:39:05:d5:86:38:
99:a1:0c:91:d5:b2:60:64:7f:9c:08:02:ad:dd:4c:b4:f3:96:
3c:cd:c1:70:48:ca:7f:44:4e:6c:2c:4c:79:61:23:d2:00:f6:
5a:cb:e2:90:9e:07:93:3b:7a:b3:42:6f:01:1c:ab:cf:36:50:
4f:3b:ee:96:0a:bf:54:f3:8d:f6:19:29:9f:aa:4b:78:98:59:
83:5f:90:aa:5d:b3:ed:33:d9:95:3a:01:e9:32:99:1f:c7:64:
5e:3f:9d:97:19:a2:74:54:89:2c:d2:a7:27:4b:10:27:f0:00:
d1:5a:c6:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk0WCp4vbqMS31EoBhUnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMTA0ZjFlNGFiYWVjMWVmZjgwZjI2MmM2MmY5NmMyNTQz
OGM4ZTEwHhcNMjQwMTAxMTAzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTQ4NmM1MGQ5MWE2NWQ0NzliMmMzM2I4ZGY5ZjM1NmViYWNmNGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjE84ACLPcqSpKbgqsgemxVf6v0ds
zS8sKa609Snfb3+Nq//rS5UrBJpqFT60OuOlxRblgksYrD7wDPbbzVUR8i5kPfTy
3rt9eVX+w9ydtflkPDUDEubnp+tR6MqNwmlAmZKWiLxXMGkO1iGxtnMw3rFPR1tx
JmYmVoBGWXWIRjwTEEbZdF7lUkvfLga0RuryknrfGNyyOl2vD2imK5l9IEWZ4L3M
9Jf+cQLWBTip3YGO9U/cPGt+VAa+HueCirpqr+YKTAYK0BGtMYENQGrONL8pSlfU
GAWz/JGn6Dh+0a7clkli/RZNCHjCDZyW38FaCoZE5+qURvCY6u973e9jRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK5IbFDZGmXUebLDO43581brrPTdMB8GA1UdIwQY
MBaAFGsQTx5Kuuwe/4DyYsYvlsJUOMjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXhCUEhrcTY3QjdfZ1BKaXhpLVd3bFE0eU9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS82NTNjMjQtNjhlNS00YWQ4LWI3NjMt
MzBjOWRlMjA1YWZjLzEvcmtoc1VOa2FaZFI1c3NNN2pmbnpWdXVzOU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS82NTNjMjQtNjhlNS00YWQ4LWI3NjMtMzBjOWRlMjA1YWZj
LzEvYXhCUEhrcTY3QjdfZ1BKaXhpLVd3bFE0eU9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkRJMA0G
CSqGSIb3DQEBCwUAA4IBAQCPNqR3vnzrQ6SOOj6/v2FUftwDOd/Wfm4UfR3xKZsq
CZGa3rw1rNCXbMQmiHTlkQ2UIEU+GZ9aHu1dU37eP1Q9ttm0gNi4wtZ0EWrOzWRG
vffEOY13xTo/3zGRhryNnlwJ/S1ktL+WZdK/wvAmqDSVzKRxjGzrqsWeZb0X2bpf
RPTTi/D348HS2mZkOQXVhjiZoQyR1bJgZH+cCAKt3Uy085Y8zcFwSMp/RE5sLEx5
YSPSAPZay+KQngeTO3qzQm8BHKvPNlBPO+6WCr9U8432GSmfqkt4mFmDX5CqXbPt
M9mVOgHpMpkfx2ReP52XGaJ0VIks0qcnSxAn8ADRWsbP
-----END CERTIFICATE-----
Generated at Mon May 13 13:06:17 2024 by rpki-client on console-fra.rpki-client.org