Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/T_oPM3O_wskayB6q2Pnlbz_pAQ4.roa
File: T_oPM3O_wskayB6q2Pnlbz_pAQ4.roa (raw, json)
Hash identifier: 1NhpDbuMWvmPs2Kx2p+K4Dv3LBsYX8FYLIZG/a7MSkg=
Subject key identifier: 4F:FA:0F:33:73:BF:C2:C9:1A:C8:1E:AA:D8:F9:E5:6F:3F:E9:01:0E
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01922AE11C92FAAEC53C463990BDBBEBCAC6
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/T_oPM3O_wskayB6q2Pnlbz_pAQ4.roa
Signing time: Wed 25 Sep 2024 20:30:48 +0000
ROA not before: Wed 25 Sep 2024 20:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15611
IP address blocks: 62.60.132.0/22 maxlen: 24
62.60.136.0/24 maxlen: 24
62.60.137.0/24 maxlen: 24
62.60.139.0/24 maxlen: 24
62.60.140.0/24 maxlen: 24
62.60.142.0/24 maxlen: 24
62.60.145.0/24 maxlen: 24
62.60.168.0/21 maxlen: 24
213.176.4.0/24 maxlen: 24
213.176.5.0/24 maxlen: 24
213.176.96.0/24 maxlen: 24
213.176.122.0/24 maxlen: 24
213.176.123.0/24 maxlen: 24
213.176.124.0/24 maxlen: 24
213.176.125.0/24 maxlen: 24
2001:790::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2a:e1:1c:92:fa:ae:c5:3c:46:39:90:bd:bb:eb:ca:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Sep 25 20:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ffa0f3373bfc2c91ac81eaad8f9e56f3fe9010e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:8a:da:ed:31:d6:81:51:06:fb:cd:85:95:c1:
9c:c9:c8:15:9c:5f:42:6c:ee:c7:c2:00:5b:8c:26:
64:f1:53:84:e1:73:98:c2:4b:b7:1e:cd:35:6f:ea:
d1:84:c9:49:0f:92:2f:f9:a4:61:52:bf:bc:6c:71:
52:bd:92:f5:09:c9:5b:c3:2d:51:1d:2c:d0:aa:51:
5d:9a:8d:69:01:7a:d5:32:c1:67:b1:f6:70:6f:c8:
49:f7:fb:6e:7e:57:38:ff:49:cb:cc:92:ae:7b:45:
90:61:65:40:e8:66:48:b9:bc:63:a1:41:1a:ee:5e:
b5:98:cc:99:32:33:c2:5f:3c:2d:df:ab:5c:f6:a9:
c9:ef:da:d3:66:45:e9:94:fc:ed:74:c0:b3:3c:e4:
e3:38:4e:3f:93:ef:e6:6a:da:cc:7b:10:d3:24:61:
92:a8:1a:a4:44:31:de:48:38:0f:70:7f:56:02:8f:
25:a3:d2:a5:4c:a0:3f:4f:7b:4e:07:84:ff:a9:e7:
24:bc:7b:c0:ce:86:74:d6:ff:f7:3e:c3:91:82:d7:
d7:fe:b5:fb:28:62:b1:3e:31:e6:a9:5a:29:34:fe:
8d:53:21:f7:7a:71:0f:1e:db:62:b2:25:33:60:2d:
85:b6:6a:92:0a:ae:ca:ea:c6:d1:d5:77:45:ff:35:
ce:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:FA:0F:33:73:BF:C2:C9:1A:C8:1E:AA:D8:F9:E5:6F:3F:E9:01:0E
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/T_oPM3O_wskayB6q2Pnlbz_pAQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.132.0-62.60.137.255
62.60.139.0-62.60.140.255
62.60.142.0/24
62.60.145.0/24
62.60.168.0/21
213.176.4.0/23
213.176.96.0/24
213.176.122.0-213.176.125.255
IPv6:
2001:790::/32
Signature Algorithm: sha256WithRSAEncryption
5c:b5:1a:a1:57:fc:49:48:26:b0:9e:18:8a:49:8c:37:bb:1d:
29:75:d8:0c:f5:5b:ce:98:e8:ca:be:70:59:e4:97:81:a0:49:
b1:c1:09:ec:99:00:28:9d:9e:d1:91:9e:c8:bf:7e:4c:de:40:
36:4e:7b:74:41:af:a8:98:1d:bf:cb:01:b9:87:0e:38:85:ed:
b3:6e:6b:3d:9b:1b:8f:85:26:97:79:03:89:8f:c9:77:f1:0e:
3d:a6:b5:c2:2a:65:d6:82:3a:3e:b5:c2:ea:57:ad:ee:b1:4d:
49:4c:95:35:c9:11:2a:48:9e:35:d9:db:59:e9:9a:41:3d:f3:
a9:db:ff:e5:2b:e1:a2:6b:66:35:b6:57:1f:c5:9a:9d:08:97:
0a:88:91:38:50:70:f2:6d:77:7d:b9:4b:d7:c9:a2:45:bc:eb:
a4:6b:94:79:6d:8c:b1:84:47:63:d0:e1:58:09:1c:c7:1d:bf:
b9:89:48:62:f1:3d:dc:a8:42:71:d4:82:f3:ef:9b:46:eb:72:
a5:f2:dd:32:3a:0f:cc:51:f5:1f:d9:5b:b7:bf:e9:06:a8:06:
5f:f3:41:36:5b:7b:3a:b9:02:4b:14:0c:8b:24:ac:ea:f3:aa:
1d:af:93:24:b4:eb:3f:04:75:86:21:bd:41:b2:19:b5:30:e1:
c7:3a:4e:71
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZIq4RyS+q7FPEY5kL2768rGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwOTI1MjAzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmZhMGYzMzczYmZjMmM5MWFjODFlYWFkOGY5ZTU2ZjNmZTkwMTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ora7THWgVEG+82FlcGcycgVnF9C
bO7HwgBbjCZk8VOE4XOYwku3Hs01b+rRhMlJD5Iv+aRhUr+8bHFSvZL1Cclbwy1R
HSzQqlFdmo1pAXrVMsFnsfZwb8hJ9/tuflc4/0nLzJKue0WQYWVA6GZIubxjoUEa
7l61mMyZMjPCXzwt36tc9qnJ79rTZkXplPztdMCzPOTjOE4/k+/matrMexDTJGGS
qBqkRDHeSDgPcH9WAo8lo9KlTKA/T3tOB4T/qeckvHvAzoZ01v/3PsORgtfX/rX7
KGKxPjHmqVopNP6NUyH3enEPHttisiUzYC2FtmqSCq7K6sbR1XdF/zXO6QIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFE/6DzNzv8LJGsgeqtj55W8/6QEOMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvVF9vUE0zT193c2theUI2cTJQbmxiel9wQVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIMAwDBAI+PIQD
BAE+PIgwDAMEAD48iwMEAD48jAMEAD48jgMEAD48kQMEAz48qAMEAdWwBAMEANWw
YDAMAwQB1bB6AwQB1bB8MA0EAgACMAcDBQAgAQeQMA0GCSqGSIb3DQEBCwUAA4IB
AQBctRqhV/xJSCawnhiKSYw3ux0pddgM9VvOmOjKvnBZ5JeBoEmxwQnsmQAonZ7R
kZ7Iv35M3kA2Tnt0Qa+omB2/ywG5hw44he2zbms9mxuPhSaXeQOJj8l38Q49prXC
KmXWgjo+tcLqV63usU1JTJU1yREqSJ412dtZ6ZpBPfOp2//lK+Gia2Y1tlcfxZqd
CJcKiJE4UHDybXd9uUvXyaJFvOuka5R5bYyxhEdj0OFYCRzHHb+5iUhi8T3cqEJx
1ILz75tG63Kl8t0yOg/MUfUf2Vu3v+kGqAZf80E2W3s6uQJLFAyLJKzq86odr5Mk
tOs/BHWGIb1Bshm1MOHHOk5x
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:19:26 2024 by rpki-client on console-fra.rpki-client.org