Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/ogx1PP2VHFPfe2VHtcfttpStq5k.roa
File: ogx1PP2VHFPfe2VHtcfttpStq5k.roa (raw, json)
Hash identifier: IgGAJOvw8N7DwX08+jzWgJSKBCRhthg/0gblq7QyMk0=
Subject key identifier: A2:0C:75:3C:FD:95:1C:53:DF:7B:65:47:B5:C7:ED:B6:94:AD:AB:99
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 019222F9CBB3361187E5A4C707917A0216AE
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/ogx1PP2VHFPfe2VHtcfttpStq5k.roa
Signing time: Tue 24 Sep 2024 07:40:48 +0000
ROA not before: Tue 24 Sep 2024 07:40:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214922
IP address blocks: 62.60.185.0/24 maxlen: 24
62.60.192.0/24 maxlen: 24
62.60.220.0/24 maxlen: 24
62.60.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:22:f9:cb:b3:36:11:87:e5:a4:c7:07:91:7a:02:16:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Sep 24 07:40:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a20c753cfd951c53df7b6547b5c7edb694adab99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ad:2d:3b:3c:39:b7:cf:24:5f:72:69:59:83:
4f:cf:a7:60:81:22:d4:d5:08:50:2a:81:d2:3f:ba:
8c:08:ae:21:e6:60:41:3c:6f:9b:7c:64:d0:32:04:
f6:b7:15:17:6e:18:74:2d:87:8e:ae:1b:1e:ca:7a:
fd:c4:6c:16:fd:c8:00:d2:b2:ce:5c:4d:97:56:fd:
eb:c7:52:4f:8b:47:5e:75:f5:a4:35:05:40:c1:a1:
47:49:56:df:cd:a0:53:88:fd:32:ae:c6:0b:5c:d8:
b3:33:1f:fc:ce:c9:3f:38:04:48:49:90:ff:13:b8:
e8:f4:b6:a1:c8:11:e5:8a:a2:0c:e2:72:7b:00:c3:
25:72:9f:2c:f0:3b:65:4c:d1:1a:88:9a:78:64:24:
ef:d7:c2:8c:e0:60:f8:28:37:f9:7c:bc:01:21:0e:
f9:5c:36:c0:d3:18:a5:62:b0:43:b2:33:db:a5:07:
24:5c:1b:a5:da:cc:6c:79:d9:f1:ea:1a:de:36:2d:
1b:6f:b2:cb:1c:5a:7f:17:68:df:8c:1c:09:da:00:
74:9f:91:60:e1:db:cf:91:7b:e3:ba:a2:80:a4:e1:
f2:7f:cb:cc:76:58:85:cc:d2:a8:67:2b:39:04:7f:
e6:ed:70:1f:36:b6:38:15:8c:5a:7b:a0:2f:f7:b1:
91:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:0C:75:3C:FD:95:1C:53:DF:7B:65:47:B5:C7:ED:B6:94:AD:AB:99
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/ogx1PP2VHFPfe2VHtcfttpStq5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.185.0/24
62.60.192.0/24
62.60.220.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:74:36:5c:02:06:bc:19:93:4b:12:f6:75:07:80:b0:52:0f:
29:fe:52:cc:63:d2:8c:1e:35:48:1f:a8:b0:dd:92:14:8e:77:
d6:13:33:9e:0b:6a:79:44:3e:8b:d6:c2:6d:28:3f:2e:62:31:
0f:cd:cc:79:58:e7:a2:a8:85:c8:31:c7:bc:53:93:83:db:be:
f8:4e:53:36:38:94:79:7d:8a:96:92:16:e2:58:e8:57:e9:6f:
12:c5:3f:a9:4f:b3:e8:2d:30:54:11:bb:be:36:b4:67:e0:ff:
d7:4d:8f:bd:c4:20:00:a9:ce:6a:85:cf:c1:1a:39:b8:c5:81:
d1:3b:b5:f8:d1:b8:1a:04:71:c5:94:a9:05:32:8f:4e:6f:d4:
85:3a:88:dd:3b:39:8c:18:b3:ff:ce:da:5e:fe:e7:46:7d:e0:
ff:34:d5:53:eb:ff:bc:8b:67:af:00:68:6c:96:e9:86:da:0c:
eb:ce:ad:25:78:de:b4:d5:ea:94:3e:f2:87:41:6e:d4:d2:46:
9e:b5:21:77:31:64:e9:e6:be:36:98:ed:c3:5a:15:81:4c:33:
b1:c2:2e:b8:e3:78:f8:98:4a:9f:37:9f:d2:87:2e:2d:02:e0:
0e:34:f9:bc:02:ad:4e:2c:e7:f1:ec:27:a0:66:05:a4:f6:b8:
34:4e:5a:7a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZIi+cuzNhGH5aTHB5F6AhauMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwOTI0MDc0MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjBjNzUzY2ZkOTUxYzUzZGY3YjY1NDdiNWM3ZWRiNjk0YWRhYjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyq0tOzw5t88kX3JpWYNPz6dggSLU
1QhQKoHSP7qMCK4h5mBBPG+bfGTQMgT2txUXbhh0LYeOrhseynr9xGwW/cgA0rLO
XE2XVv3rx1JPi0dedfWkNQVAwaFHSVbfzaBTiP0yrsYLXNizMx/8zsk/OARISZD/
E7jo9LahyBHliqIM4nJ7AMMlcp8s8DtlTNEaiJp4ZCTv18KM4GD4KDf5fLwBIQ75
XDbA0xilYrBDsjPbpQckXBul2sxsednx6hreNi0bb7LLHFp/F2jfjBwJ2gB0n5Fg
4dvPkXvjuqKApOHyf8vMdliFzNKoZys5BH/m7XAfNrY4FYxae6Av97GRiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKIMdTz9lRxT33tlR7XH7baUrauZMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvb2d4MVBQMlZIRlBmZTJWSHRjZnR0cFN0cTVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPjy5AwQA
PjzAAwQBPjzcMA0GCSqGSIb3DQEBCwUAA4IBAQCzdDZcAga8GZNLEvZ1B4CwUg8p
/lLMY9KMHjVIH6iw3ZIUjnfWEzOeC2p5RD6L1sJtKD8uYjEPzcx5WOeiqIXIMce8
U5OD2774TlM2OJR5fYqWkhbiWOhX6W8SxT+pT7PoLTBUEbu+NrRn4P/XTY+9xCAA
qc5qhc/BGjm4xYHRO7X40bgaBHHFlKkFMo9Ob9SFOojdOzmMGLP/ztpe/udGfeD/
NNVT6/+8i2evAGhslumG2gzrzq0leN601eqUPvKHQW7U0kaetSF3MWTp5r42mO3D
WhWBTDOxwi6443j4mEqfN5/Shy4tAuAONPm8Aq1OLOfx7CegZgWk9rg0Tlp6
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:53:30 2024 by rpki-client on console-ams.rpki-client.org