Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/emI0QjD6vMIO4JdhMtncM0bOVi0.roa
File: emI0QjD6vMIO4JdhMtncM0bOVi0.roa (raw, json)
Hash identifier: 9VopH81ANaLZ9vZKU6uOHsnQzNEQY47sF4FzEdHaQec=
Subject key identifier: 7A:62:34:42:30:FA:BC:C2:0E:E0:97:61:32:D9:DC:33:46:CE:56:2D
Certificate issuer: /CN=493a2d48376330a582faf3e3032ef7b0bcca33e8
Certificate serial: 01905E41A433FE180528E761BA19571E9DBA
Authority key identifier: 49:3A:2D:48:37:63:30:A5:82:FA:F3:E3:03:2E:F7:B0:BC:CA:33:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STotSDdjMKWC-vPjAy73sLzKM-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/emI0QjD6vMIO4JdhMtncM0bOVi0.roa
Signing time: Fri 28 Jun 2024 09:51:18 +0000
ROA not before: Fri 28 Jun 2024 09:51:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8565
IP address blocks: 62.244.76.0/23 maxlen: 24
62.244.100.0/22 maxlen: 24
62.244.104.0/22 maxlen: 22
62.244.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/STotSDdjMKWC-vPjAy73sLzKM-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/STotSDdjMKWC-vPjAy73sLzKM-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/STotSDdjMKWC-vPjAy73sLzKM-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 18:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5e:41:a4:33:fe:18:05:28:e7:61:ba:19:57:1e:9d:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=493a2d48376330a582faf3e3032ef7b0bcca33e8
Validity
Not Before: Jun 28 09:51:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a62344230fabcc20ee0976132d9dc3346ce562d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9f:6a:06:0a:50:ea:6e:9a:ca:fa:1c:52:47:
d0:8c:13:dc:e5:6b:77:61:58:8d:f7:5d:40:7c:3a:
86:fe:f5:2d:7c:12:70:85:6a:5a:d7:a1:1a:82:80:
b4:28:ea:e5:73:01:0c:6b:08:bc:34:87:fc:ab:a6:
13:7d:86:04:5f:aa:fd:33:90:77:2e:01:f7:9a:e9:
4e:77:f5:22:ad:26:f9:96:19:11:ef:39:57:1b:61:
f8:f3:ea:dc:b0:00:96:6b:34:98:ae:f7:90:a0:da:
cb:17:02:71:84:2a:be:58:83:de:3d:52:bc:3e:89:
5b:31:de:0d:d0:33:05:60:e1:d1:56:3c:68:a2:58:
f9:31:1d:21:9a:c9:15:28:8d:60:41:5b:c9:e5:76:
bd:b9:7c:e6:95:7a:3b:ba:41:eb:8b:6a:59:64:08:
d0:09:87:3f:d8:fc:60:8a:08:09:a3:8d:f3:ea:34:
8c:eb:11:81:06:c8:9f:e0:11:67:b6:98:97:7d:df:
88:4b:bd:09:b8:b4:83:c3:e4:46:ac:27:e6:f3:02:
eb:9f:54:38:24:c5:11:0c:90:f3:ae:a1:a3:05:4e:
b4:76:80:50:95:48:63:7e:1e:53:79:b4:34:8a:a4:
52:34:df:2e:f5:02:06:d7:5e:71:d7:98:5f:7b:41:
76:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:62:34:42:30:FA:BC:C2:0E:E0:97:61:32:D9:DC:33:46:CE:56:2D
X509v3 Authority Key Identifier:
keyid:49:3A:2D:48:37:63:30:A5:82:FA:F3:E3:03:2E:F7:B0:BC:CA:33:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STotSDdjMKWC-vPjAy73sLzKM-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/emI0QjD6vMIO4JdhMtncM0bOVi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/STotSDdjMKWC-vPjAy73sLzKM-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.244.76.0/23
62.244.100.0-62.244.107.255
62.244.120.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:9c:2f:f5:33:df:da:d2:3a:a0:9c:37:52:34:4a:37:ee:ae:
7f:c5:17:0e:82:a2:fc:89:5b:e8:b5:d7:92:55:48:9f:68:14:
5c:f7:8f:0d:9b:c1:28:3c:11:0f:68:2e:f3:dc:ef:4b:a8:6b:
6b:24:b6:a4:74:92:52:02:ab:10:12:4e:a4:ca:7d:0b:18:e5:
78:7f:29:11:70:b4:c9:17:69:0b:5b:f0:99:a4:ff:51:6c:db:
97:87:d3:56:7e:2e:b4:57:e1:ce:0e:84:92:71:0b:51:5e:22:
7d:7f:a2:70:09:82:16:30:4c:04:d3:5f:b4:53:2d:b7:8f:90:
89:92:9c:18:4d:09:c7:fa:83:69:e5:93:5c:a4:0e:fc:0e:3d:
6b:8a:2a:ac:02:0e:99:6b:45:e3:ba:c3:94:42:27:5a:63:d5:
bf:cc:1d:12:98:ed:e2:fa:47:48:b0:95:af:c6:2f:88:4e:30:
c9:5d:ee:05:c9:27:0c:ee:a8:ed:7c:2d:36:eb:ae:54:db:61:
75:0e:d9:3a:07:52:c9:22:02:e3:6c:31:d3:df:4f:f8:8b:5d:
aa:a3:87:e1:b3:b2:83:d7:75:98:1c:53:bd:02:b3:10:ad:db:
2b:f9:57:d6:d4:a7:a0:e3:5c:f7:5d:2f:87:b8:0f:dc:06:cf:
1a:63:bf:58
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZBeQaQz/hgFKOdhuhlXHp26MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5M2EyZDQ4Mzc2MzMwYTU4MmZhZjNlMzAzMmVmN2IwYmNj
YTMzZTgwHhcNMjQwNjI4MDk1MTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTYyMzQ0MjMwZmFiY2MyMGVlMDk3NjEzMmQ5ZGMzMzQ2Y2U1NjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzp9qBgpQ6m6ayvocUkfQjBPc5Wt3
YViN911AfDqG/vUtfBJwhWpa16EagoC0KOrlcwEMawi8NIf8q6YTfYYEX6r9M5B3
LgH3mulOd/UirSb5lhkR7zlXG2H48+rcsACWazSYrveQoNrLFwJxhCq+WIPePVK8
PolbMd4N0DMFYOHRVjxoolj5MR0hmskVKI1gQVvJ5Xa9uXzmlXo7ukHri2pZZAjQ
CYc/2PxgiggJo43z6jSM6xGBBsif4BFntpiXfd+IS70JuLSDw+RGrCfm8wLrn1Q4
JMURDJDzrqGjBU60doBQlUhjfh5TebQ0iqRSNN8u9QIG115x15hfe0F2YwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHpiNEIw+rzCDuCXYTLZ3DNGzlYtMB8GA1UdIwQY
MBaAFEk6LUg3YzClgvrz4wMu97C8yjPoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RvdFNEZGpNS1dDLXZQakF5NzNzTHpLTS1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9kNzY1YTQtNTRlYi00MTBkLThmM2Qt
Njg5YmE0ZDMzYzRiLzEvZW1JMFFqRDZ2TUlPNEpkaE10bmNNMGJPVmkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9kNzY1YTQtNTRlYi00MTBkLThmM2QtNjg5YmE0ZDMzYzRi
LzEvU1RvdFNEZGpNS1dDLXZQakF5NzNzTHpLTS1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBPvRMMAwD
BAI+9GQDBAI+9GgDBAI+9HgwDQYJKoZIhvcNAQELBQADggEBAG2cL/Uz39rSOqCc
N1I0Sjfurn/FFw6CovyJW+i115JVSJ9oFFz3jw2bwSg8EQ9oLvPc70uoa2sktqR0
klICqxASTqTKfQsY5Xh/KRFwtMkXaQtb8Jmk/1Fs25eH01Z+LrRX4c4OhJJxC1Fe
In1/onAJghYwTATTX7RTLbePkImSnBhNCcf6g2nlk1ykDvwOPWuKKqwCDplrReO6
w5RCJ1pj1b/MHRKY7eL6R0iwla/GL4hOMMld7gXJJwzuqO18LTbrrlTbYXUO2ToH
UskiAuNsMdPfT/iLXaqjh+GzsoPXdZgcU70CsxCt2yv5V9bUp6DjXPddL4e4D9wG
zxpjv1g=
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:20:09 2024 by rpki-client on console-ams.rpki-client.org