Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Na-zyjrGOfCdyfCSg0t2kTpoPuQ.roa
File: Na-zyjrGOfCdyfCSg0t2kTpoPuQ.roa (raw, json)
Hash identifier: JTau/6UcWGlpgo7JwrEvMr3vo38v9d1fFO8dCBE0y8A=
Subject key identifier: 35:AF:B3:CA:3A:C6:39:F0:9D:C9:F0:92:83:4B:76:91:3A:68:3E:E4
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 0191F93D96F129C5043B96B3FDF7C284F58A
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Na-zyjrGOfCdyfCSg0t2kTpoPuQ.roa
Signing time: Mon 16 Sep 2024 05:10:48 +0000
ROA not before: Mon 16 Sep 2024 05:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48147
IP address blocks: 62.60.162.0/24 maxlen: 24
62.60.196.0/22 maxlen: 24
62.60.222.0/23 maxlen: 24
213.176.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f9:3d:96:f1:29:c5:04:3b:96:b3:fd:f7:c2:84:f5:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Sep 16 05:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35afb3ca3ac639f09dc9f092834b76913a683ee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:69:82:48:de:f9:cb:b4:4f:c9:76:92:ed:80:
f2:6e:55:2d:67:17:bf:5e:99:c6:dd:fc:31:c5:40:
df:12:eb:74:a3:f3:b8:1e:3f:d9:b1:3b:02:b6:87:
10:60:1d:22:7d:52:e1:cf:10:51:16:97:16:fe:e0:
4e:fc:cb:81:12:c2:2a:07:2c:f4:62:56:7d:58:c8:
e4:a2:d8:5a:30:87:47:4a:a2:53:c2:e1:56:9f:1a:
a0:6c:a0:b5:b7:53:c3:b0:bb:af:d2:26:aa:43:83:
07:45:7e:28:74:c5:9e:bf:e2:a7:21:32:11:9c:78:
47:a8:26:70:95:45:be:bf:98:06:95:b2:2f:8f:b4:
94:2d:ec:2f:cb:59:b8:dc:8c:b8:79:4e:2b:d8:4c:
b7:41:36:3b:66:f8:0e:8c:4a:01:4d:a3:0c:62:29:
c6:4d:36:b5:74:73:0c:93:5b:b6:f1:46:0f:4d:7f:
cb:ab:74:fc:b4:95:83:c3:8c:64:fe:34:dd:82:00:
f5:9e:5b:7d:fb:bc:be:39:02:37:2d:bc:9b:2e:60:
d9:b2:59:0c:30:19:ff:e2:d3:a5:e1:45:0c:c1:34:
0d:b5:ed:47:58:63:ab:08:eb:2d:fe:2a:f4:73:67:
71:ee:bb:b0:ca:0c:20:a0:e9:0e:de:8e:bc:ad:a2:
b1:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:AF:B3:CA:3A:C6:39:F0:9D:C9:F0:92:83:4B:76:91:3A:68:3E:E4
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Na-zyjrGOfCdyfCSg0t2kTpoPuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.162.0/24
62.60.196.0/22
62.60.222.0/23
213.176.1.0/24
Signature Algorithm: sha256WithRSAEncryption
38:44:10:02:83:5d:e1:48:db:e6:96:a5:95:82:2a:5c:ef:e8:
25:e7:ef:5c:0b:7a:b7:03:f4:07:69:67:00:98:ed:9b:e0:84:
35:85:31:22:21:d2:17:9b:66:e7:43:55:50:0e:78:21:7b:49:
1d:c8:63:ad:22:e5:41:fe:58:cd:15:5f:22:78:75:dc:0c:0c:
38:6d:a3:05:21:22:95:2b:19:0a:1b:16:82:3a:e5:51:93:89:
ec:0b:06:41:51:43:38:0c:7a:5e:92:11:cb:00:21:74:a5:b7:
de:2c:9e:05:c7:2d:c8:4b:b6:31:d7:b5:b4:f7:17:2a:c0:9f:
23:ab:69:f1:a3:2f:24:15:8f:06:78:7c:f5:47:dd:8d:2b:1e:
4f:b2:34:5e:ec:6b:fd:3c:f0:83:42:8c:26:0a:99:9f:b7:ae:
a7:b0:87:f6:0a:1f:3b:9e:3f:58:0e:20:65:7f:d2:c9:68:cf:
b7:70:16:45:44:4d:a9:5f:dd:55:4e:33:11:5a:65:96:c6:b8:
e0:12:6c:70:6a:69:d2:b9:9e:4c:df:7a:3f:15:2a:c3:fb:3e:
23:9f:54:9a:33:c4:dc:89:00:0f:68:be:8c:db:ae:e2:27:fc:
80:cf:72:46:b9:5e:b1:ee:d4:ee:fc:19:fb:aa:02:be:98:81:
ca:80:fc:5e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZH5PZbxKcUEO5az/ffChPWKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwOTE2MDUxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWFmYjNjYTNhYzYzOWYwOWRjOWYwOTI4MzRiNzY5MTNhNjgzZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmmCSN75y7RPyXaS7YDyblUtZxe/
XpnG3fwxxUDfEut0o/O4Hj/ZsTsCtocQYB0ifVLhzxBRFpcW/uBO/MuBEsIqByz0
YlZ9WMjkothaMIdHSqJTwuFWnxqgbKC1t1PDsLuv0iaqQ4MHRX4odMWev+KnITIR
nHhHqCZwlUW+v5gGlbIvj7SULewvy1m43Iy4eU4r2Ey3QTY7ZvgOjEoBTaMMYinG
TTa1dHMMk1u28UYPTX/Lq3T8tJWDw4xk/jTdggD1nlt9+7y+OQI3LbybLmDZslkM
MBn/4tOl4UUMwTQNte1HWGOrCOst/ir0c2dx7ruwygwgoOkO3o68raKxqwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDWvs8o6xjnwncnwkoNLdpE6aD7kMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvTmEtenlqckdPZkNkeWZDU2cwdDJrVHBvUHVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPjyiAwQC
PjzEAwQBPjzeAwQA1bABMA0GCSqGSIb3DQEBCwUAA4IBAQA4RBACg13hSNvmlqWV
gipc7+gl5+9cC3q3A/QHaWcAmO2b4IQ1hTEiIdIXm2bnQ1VQDnghe0kdyGOtIuVB
/ljNFV8ieHXcDAw4baMFISKVKxkKGxaCOuVRk4nsCwZBUUM4DHpekhHLACF0pbfe
LJ4Fxy3IS7Yx17W09xcqwJ8jq2nxoy8kFY8GeHz1R92NKx5PsjRe7Gv9PPCDQowm
Cpmft66nsIf2Ch87nj9YDiBlf9LJaM+3cBZFRE2pX91VTjMRWmWWxrjgEmxwamnS
uZ5M33o/FSrD+z4jn1SaM8TciQAPaL6M267iJ/yAz3JGuV6x7tTu/Bn7qgK+mIHK
gPxe
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:19:26 2024 by rpki-client on console-fra.rpki-client.org