Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/XZDez72x6s9qDh-nDhsoedpfEG0.roa
File: XZDez72x6s9qDh-nDhsoedpfEG0.roa (raw, json)
Hash identifier: R7qEfKPnnyJDNifiCBRrSy+smcco9Ct5qQbtrn9tx1o=
Subject key identifier: 5D:90:DE:CF:BD:B1:EA:CF:6A:0E:1F:A7:0E:1B:28:79:DA:5F:10:6D
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018DDA2621142A597C9BFA64E0E36CBC2AD6
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/XZDez72x6s9qDh-nDhsoedpfEG0.roa
Signing time: Sat 24 Feb 2024 08:05:48 +0000
ROA not before: Sat 24 Feb 2024 08:05:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59441
IP address blocks: 62.60.128.0/21 maxlen: 24
62.60.164.0/22 maxlen: 24
62.60.200.0/22 maxlen: 24
62.60.204.0/22 maxlen: 24
62.60.208.0/22 maxlen: 24
62.60.212.0/22 maxlen: 24
213.176.28.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:da:26:21:14:2a:59:7c:9b:fa:64:e0:e3:6c:bc:2a:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Feb 24 08:05:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d90decfbdb1eacf6a0e1fa70e1b2879da5f106d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d1:4c:1e:62:24:d3:94:3a:00:b8:13:1b:50:
8c:26:c8:72:b2:38:4d:96:27:ac:4f:3b:fc:e2:ed:
73:fe:55:41:e0:49:39:d7:93:aa:ff:6b:58:ad:34:
e9:5c:75:44:1e:7f:91:6b:04:d0:30:d9:34:8e:4f:
b2:c4:19:c0:fe:13:80:d2:1e:40:2f:fa:43:60:c8:
e8:a0:7e:ca:89:7d:7e:fc:67:8f:0d:85:cb:cd:ac:
d9:10:95:3b:90:be:f8:d4:63:43:70:2b:66:a5:3b:
f7:5c:6d:2b:44:59:06:ab:7f:45:35:bb:99:49:f4:
bc:99:2d:3e:53:3a:33:6f:0f:8a:db:c4:78:de:73:
b7:f8:69:49:dd:70:f8:35:c9:7b:33:bd:a2:96:c6:
2d:2d:ab:23:ec:a5:2d:32:47:f1:c4:de:29:9d:84:
9c:0a:53:76:a4:f3:cf:0f:ea:1f:a0:b5:b5:b7:7d:
a5:9c:e8:47:b7:13:40:a4:6a:e8:52:14:b5:f7:06:
ed:3c:e3:ed:7d:ce:cf:af:d6:cb:6f:af:4e:4b:f6:
b1:6e:e7:ce:da:7c:85:dc:6b:01:42:4b:02:1c:70:
6c:26:36:96:73:c4:f4:1e:d3:f0:47:e4:ca:23:eb:
32:3d:d4:f5:20:bc:fa:32:74:48:f2:99:3f:74:48:
2f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:90:DE:CF:BD:B1:EA:CF:6A:0E:1F:A7:0E:1B:28:79:DA:5F:10:6D
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/XZDez72x6s9qDh-nDhsoedpfEG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.128.0/21
62.60.164.0/22
62.60.200.0-62.60.215.255
213.176.28.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:f1:88:cb:b6:aa:a6:d3:06:51:03:fa:47:c0:60:c7:18:a8:
ee:b3:9b:fc:35:2d:70:1a:6e:99:c0:d4:dd:f1:8b:7e:92:84:
51:6c:84:01:c3:a3:9e:73:ad:80:6b:ef:26:52:69:b4:a2:d0:
b5:7e:c7:3b:88:9e:34:b6:ea:30:fb:26:a9:a4:d9:ea:8c:a9:
b7:6b:df:de:c8:0b:51:cd:62:65:3f:2c:19:c6:1c:e5:aa:6d:
c5:b3:0a:aa:d4:14:00:c5:46:e6:44:74:6e:79:10:5f:35:e7:
e3:8b:bb:12:60:bd:57:58:3e:ab:37:73:d9:b1:84:94:61:ef:
a8:23:68:dd:4b:af:69:be:d9:3c:ce:54:c0:aa:d0:2d:b5:96:
77:af:7a:f0:54:24:57:0b:e7:c8:e5:72:06:e5:58:95:c2:d1:
ff:34:83:6b:32:79:9e:5c:1d:bd:16:60:74:11:ae:61:56:f5:
e1:15:0d:c9:2a:5b:03:f0:b1:8e:83:4f:12:4d:1a:91:b7:11:
fe:b6:b7:02:65:a4:38:1f:75:e1:7b:3c:b2:b5:cf:06:2b:7b:
92:25:19:73:b5:11:95:1e:be:b9:1c:a2:e6:95:6a:3b:1a:76:
5e:fc:ae:f3:f0:57:93:b6:5d:e1:51:32:2d:15:28:6c:a2:56:
a0:53:70:f9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY3aJiEUKll8m/pk4ONsvCrWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwMjI0MDgwNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDkwZGVjZmJkYjFlYWNmNmEwZTFmYTcwZTFiMjg3OWRhNWYxMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotFMHmIk05Q6ALgTG1CMJshysjhN
liesTzv84u1z/lVB4Ek515Oq/2tYrTTpXHVEHn+RawTQMNk0jk+yxBnA/hOA0h5A
L/pDYMjooH7KiX1+/GePDYXLzazZEJU7kL741GNDcCtmpTv3XG0rRFkGq39FNbuZ
SfS8mS0+Uzozbw+K28R43nO3+GlJ3XD4Ncl7M72ilsYtLasj7KUtMkfxxN4pnYSc
ClN2pPPPD+ofoLW1t32lnOhHtxNApGroUhS19wbtPOPtfc7Pr9bLb69OS/axbufO
2nyF3GsBQksCHHBsJjaWc8T0HtPwR+TKI+syPdT1ILz6MnRI8pk/dEgvGwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFF2Q3s+9serPag4fpw4bKHnaXxBtMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvWFpEZXo3Mng2czlxRGgtbkRoc29lZHBmRUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDPjyAAwQC
PjykMAwDBAM+PMgDBAM+PNADBALVsBwwDQYJKoZIhvcNAQELBQADggEBAK3xiMu2
qqbTBlED+kfAYMcYqO6zm/w1LXAabpnA1N3xi36ShFFshAHDo55zrYBr7yZSabSi
0LV+xzuInjS26jD7Jqmk2eqMqbdr397IC1HNYmU/LBnGHOWqbcWzCqrUFADFRuZE
dG55EF815+OLuxJgvVdYPqs3c9mxhJRh76gjaN1Lr2m+2TzOVMCq0C21lnevevBU
JFcL58jlcgblWJXC0f80g2syeZ5cHb0WYHQRrmFW9eEVDckqWwPwsY6DTxJNGpG3
Ef62twJlpDgfdeF7PLK1zwYre5IlGXO1EZUevrkcouaVajsadl78rvPwV5O2XeFR
Mi0VKGyiVqBTcPk=
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:43:11 2024 by rpki-client on console-fra.rpki-client.org