Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/usHM42JgN_E_QiIarESVFojKJA4.roa
File: usHM42JgN_E_QiIarESVFojKJA4.roa (raw, json)
Hash identifier: 3K8RW7yLEKQRrNyb2/xaRmT2BlRf7Nw8H+wLE2TxF+Q=
Subject key identifier: BA:C1:CC:E3:62:60:37:F1:3F:42:22:1A:AC:44:95:16:88:CA:24:0E
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01931EBF3E8FF243CAC25BA996EBC1840645
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/usHM42JgN_E_QiIarESVFojKJA4.roa
Signing time: Tue 12 Nov 2024 05:01:09 +0000
ROA not before: Tue 12 Nov 2024 05:01:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 62.60.152.0/23 maxlen: 24
62.60.154.0/23 maxlen: 24
62.60.156.0/22 maxlen: 24
62.60.216.0/23 maxlen: 24
62.60.236.0/22 maxlen: 24
62.60.244.0/22 maxlen: 24
62.60.248.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1e:bf:3e:8f:f2:43:ca:c2:5b:a9:96:eb:c1:84:06:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Nov 12 05:01:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bac1cce3626037f13f42221aac44951688ca240e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f7:c5:cc:05:ae:6f:7b:b7:92:7a:55:ce:1e:
44:7b:a8:c6:56:af:f3:ed:0f:fe:63:bd:b1:fb:4f:
4e:d2:63:fc:a2:15:d1:89:31:58:e9:88:e3:fd:57:
6b:5f:39:19:e1:47:e0:c8:d0:2a:0d:f0:80:03:54:
e7:b3:4e:45:5e:79:08:fa:fa:c2:14:d2:71:b5:07:
f1:30:3a:9d:c5:8e:76:7c:88:23:4a:53:a1:10:11:
28:21:28:77:6e:75:08:e4:26:a1:92:38:de:90:0b:
a3:d7:57:99:9a:87:cb:59:17:26:c8:04:44:9a:c1:
a3:45:9e:4c:3a:eb:36:fd:db:58:02:f7:de:6e:48:
6a:ad:9f:a2:76:e9:14:44:d8:22:19:83:2d:0c:3d:
6d:93:8a:40:b9:10:b5:05:85:1b:2d:2f:fd:48:ea:
2b:d1:57:1a:9b:5d:55:76:af:3d:d2:54:21:d7:3b:
e5:b8:c7:53:55:a1:d7:65:de:2c:ba:aa:8b:4a:57:
1f:1b:92:2e:83:a4:fd:b3:ac:ad:52:d7:1e:10:6d:
5a:36:71:63:78:66:d7:2f:d6:80:89:81:68:dc:2f:
7e:e3:f6:77:75:11:6c:9c:32:a3:82:86:5b:3a:60:
5e:27:c5:87:6c:c8:5e:d6:67:ae:55:67:54:71:6c:
74:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C1:CC:E3:62:60:37:F1:3F:42:22:1A:AC:44:95:16:88:CA:24:0E
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/usHM42JgN_E_QiIarESVFojKJA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.152.0/21
62.60.216.0/23
62.60.236.0/22
62.60.244.0-62.60.251.255
Signature Algorithm: sha256WithRSAEncryption
b9:f0:8c:ce:78:a4:3f:f3:17:d9:2b:59:03:dd:15:8c:70:21:
cd:14:57:1f:66:90:de:59:3f:3f:41:d1:5c:d7:d1:6d:b3:02:
92:22:7b:67:d2:a9:7f:1f:35:ca:e0:71:db:a1:f0:bc:6f:36:
b6:c7:b6:2e:a9:61:8b:1e:82:ca:57:99:4b:85:6f:82:f8:4b:
19:14:b8:a1:8e:9e:24:39:d1:2e:f4:36:6e:0c:e6:e8:3f:fa:
49:59:98:d2:11:e0:7f:3f:63:5c:63:6f:dd:04:da:be:f8:e8:
e0:48:80:31:94:26:5d:4c:f0:ea:70:6e:dc:3e:53:21:81:0f:
e6:a7:8b:11:1a:ab:aa:c3:61:9d:2a:e6:eb:1e:24:6e:79:ba:
15:46:05:45:1c:65:e7:a3:9a:51:47:10:34:8a:4c:bc:dc:ee:
62:0e:a0:37:d6:07:ac:78:df:dc:c0:dc:62:93:88:53:15:5a:
e5:29:43:3a:c7:33:51:19:c4:22:15:0f:6c:d4:68:9d:cb:b0:
54:7c:78:4f:b5:13:2d:83:b7:77:85:87:ef:7b:de:4f:80:a8:
ce:da:f9:6f:f3:2f:b8:ba:b7:cf:78:9e:e5:35:10:0a:87:ac:
70:d5:a0:77:e1:ff:11:9b:2f:bc:9a:dc:5c:af:c1:cb:25:7a:
b1:04:86:e4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZMevz6P8kPKwlupluvBhAZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQxMTEyMDUwMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWMxY2NlMzYyNjAzN2YxM2Y0MjIyMWFhYzQ0OTUxNjg4Y2EyNDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPfFzAWub3u3knpVzh5Ee6jGVq/z
7Q/+Y72x+09O0mP8ohXRiTFY6Yjj/VdrXzkZ4UfgyNAqDfCAA1Tns05FXnkI+vrC
FNJxtQfxMDqdxY52fIgjSlOhEBEoISh3bnUI5CahkjjekAuj11eZmofLWRcmyARE
msGjRZ5MOus2/dtYAvfebkhqrZ+idukURNgiGYMtDD1tk4pAuRC1BYUbLS/9SOor
0Vcam11Vdq890lQh1zvluMdTVaHXZd4suqqLSlcfG5Iug6T9s6ytUtceEG1aNnFj
eGbXL9aAiYFo3C9+4/Z3dRFsnDKjgoZbOmBeJ8WHbMhe1meuVWdUcWx0DwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLrBzONiYDfxP0IiGqxElRaIyiQOMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvdXNITTQySmdOX0VfUWlJYXJFU1ZGb2pLSkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDPjyYAwQB
PjzYAwQCPjzsMAwDBAI+PPQDBAI+PPgwDQYJKoZIhvcNAQELBQADggEBALnwjM54
pD/zF9krWQPdFYxwIc0UVx9mkN5ZPz9B0VzX0W2zApIie2fSqX8fNcrgcduh8Lxv
NrbHti6pYYsegspXmUuFb4L4SxkUuKGOniQ50S70Nm4M5ug/+klZmNIR4H8/Y1xj
b90E2r746OBIgDGUJl1M8Opwbtw+UyGBD+anixEaq6rDYZ0q5useJG55uhVGBUUc
ZeejmlFHEDSKTLzc7mIOoDfWB6x439zA3GKTiFMVWuUpQzrHM1EZxCIVD2zUaJ3L
sFR8eE+1Ey2Dt3eFh+973k+AqM7a+W/zL7i6t894nuU1EAqHrHDVoHfh/xGbL7ya
3FyvwcslerEEhuQ=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:53:30 2024 by rpki-client on console-ams.rpki-client.org