Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/mJ3w70Wb6JRXwJdh4KmN_JllgD4.roa
File: mJ3w70Wb6JRXwJdh4KmN_JllgD4.roa (raw, json)
Hash identifier: 3SacxOjABQ3Di6bPxUxv2gX2wjibvUVaMu89+WAnXCk=
Subject key identifier: 98:9D:F0:EF:45:9B:E8:94:57:C0:97:61:E0:A9:8D:FC:99:65:80:3E
Certificate issuer: /CN=493a2d48376330a582faf3e3032ef7b0bcca33e8
Certificate serial: 019294D491D07114655337817D33988D8955
Authority key identifier: 49:3A:2D:48:37:63:30:A5:82:FA:F3:E3:03:2E:F7:B0:BC:CA:33:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STotSDdjMKWC-vPjAy73sLzKM-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/mJ3w70Wb6JRXwJdh4KmN_JllgD4.roa
Signing time: Wed 16 Oct 2024 10:16:51 +0000
ROA not before: Wed 16 Oct 2024 10:16:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8565
IP address blocks: 62.244.76.0/23 maxlen: 23
62.244.82.0/23 maxlen: 23
62.244.100.0/22 maxlen: 24
62.244.104.0/22 maxlen: 22
62.244.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/STotSDdjMKWC-vPjAy73sLzKM-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/STotSDdjMKWC-vPjAy73sLzKM-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/STotSDdjMKWC-vPjAy73sLzKM-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:94:d4:91:d0:71:14:65:53:37:81:7d:33:98:8d:89:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=493a2d48376330a582faf3e3032ef7b0bcca33e8
Validity
Not Before: Oct 16 10:16:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=989df0ef459be89457c09761e0a98dfc9965803e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:63:90:f9:56:36:33:f9:0b:b8:22:bd:d7:3c:
83:6d:e2:1f:20:1c:06:1f:85:c6:53:a6:11:f1:75:
31:ef:4c:de:06:74:0a:2d:a3:17:d0:f7:f5:ce:ff:
d8:86:c1:2d:7a:d0:4f:dc:84:74:4a:e0:f6:aa:f1:
31:e7:d4:39:18:88:c4:53:05:13:69:c7:43:48:ae:
21:58:2c:49:54:ee:a8:bc:9f:07:2d:70:02:5e:7e:
dd:17:c7:ab:44:1b:dc:3d:30:fb:44:43:13:86:0a:
9e:57:1e:3b:21:2d:75:84:c8:54:9f:74:14:ff:7a:
7b:52:15:62:ec:8a:61:60:88:66:36:52:f1:80:d8:
b5:e3:18:b9:e1:eb:c1:05:eb:28:31:ca:f1:e2:f7:
9d:12:ff:16:f6:35:77:c2:f3:9c:88:2e:6f:1f:13:
ee:cd:83:56:0c:4c:12:b8:4c:d8:51:fd:8a:93:3a:
e6:4d:45:5e:18:c9:a6:68:b7:c4:a9:48:0b:e7:81:
06:21:63:1e:78:49:c2:a0:ee:8b:32:dd:02:35:6d:
29:df:6e:05:d1:bb:e6:fc:da:be:8b:15:f2:a0:df:
b2:98:23:7f:0a:c6:d8:b0:a0:80:7f:2a:87:b3:32:
50:c3:4e:83:db:ca:57:ac:07:07:44:bd:69:28:79:
66:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:9D:F0:EF:45:9B:E8:94:57:C0:97:61:E0:A9:8D:FC:99:65:80:3E
X509v3 Authority Key Identifier:
keyid:49:3A:2D:48:37:63:30:A5:82:FA:F3:E3:03:2E:F7:B0:BC:CA:33:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STotSDdjMKWC-vPjAy73sLzKM-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/mJ3w70Wb6JRXwJdh4KmN_JllgD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/STotSDdjMKWC-vPjAy73sLzKM-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.244.76.0/23
62.244.82.0/23
62.244.100.0-62.244.107.255
62.244.120.0/22
Signature Algorithm: sha256WithRSAEncryption
20:ed:9a:e5:62:80:d5:8d:d6:07:b5:a7:9e:87:ee:2f:d9:b7:
de:a2:cb:95:43:a5:9d:41:bc:6b:b0:c2:23:67:bc:cb:8c:35:
3f:23:89:0e:70:b9:de:f7:b6:1a:e0:f5:30:93:1c:de:4c:ff:
34:47:7b:59:bb:6c:51:04:e1:b4:76:50:2d:41:49:dc:e8:41:
17:07:af:b3:0d:5b:93:1e:79:80:4b:87:e0:a3:20:66:5a:44:
b2:c1:fc:15:d6:6e:25:d5:8d:6b:f1:70:2d:a0:c2:7c:60:e5:
e9:6a:5b:48:d7:75:a3:9e:b0:f8:cf:a3:ab:38:3d:3d:a7:5b:
b1:b3:0b:9f:c5:4a:0c:99:b8:65:e0:bc:27:be:c5:22:2f:dd:
43:b0:07:ed:5d:ba:c3:c3:c1:f1:4d:b1:91:0f:4b:b3:6a:b0:
7f:74:b9:5a:c6:2f:bb:65:12:6c:4d:c1:67:85:73:ee:f7:29:
3a:ac:44:20:0a:11:7b:c7:07:b5:a7:8e:6a:15:49:c9:b1:44:
4d:e4:73:be:43:3d:11:61:03:ab:e8:e9:89:3d:e8:46:5a:9d:
c5:85:5a:72:13:ba:b4:a9:2d:61:65:3d:20:39:64:ef:e1:02:
a5:8e:20:d9:c2:b1:7a:bb:e0:70:43:bd:bc:fb:f4:12:d0:31:
03:a4:e0:39
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZKU1JHQcRRlUzeBfTOYjYlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5M2EyZDQ4Mzc2MzMwYTU4MmZhZjNlMzAzMmVmN2IwYmNj
YTMzZTgwHhcNMjQxMDE2MTAxNjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODlkZjBlZjQ1OWJlODk0NTdjMDk3NjFlMGE5OGRmYzk5NjU4MDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6GOQ+VY2M/kLuCK91zyDbeIfIBwG
H4XGU6YR8XUx70zeBnQKLaMX0Pf1zv/YhsEtetBP3IR0SuD2qvEx59Q5GIjEUwUT
acdDSK4hWCxJVO6ovJ8HLXACXn7dF8erRBvcPTD7REMThgqeVx47IS11hMhUn3QU
/3p7UhVi7IphYIhmNlLxgNi14xi54evBBesoMcrx4vedEv8W9jV3wvOciC5vHxPu
zYNWDEwSuEzYUf2KkzrmTUVeGMmmaLfEqUgL54EGIWMeeEnCoO6LMt0CNW0p324F
0bvm/Nq+ixXyoN+ymCN/CsbYsKCAfyqHszJQw06D28pXrAcHRL1pKHlmVQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJid8O9Fm+iUV8CXYeCpjfyZZYA+MB8GA1UdIwQY
MBaAFEk6LUg3YzClgvrz4wMu97C8yjPoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RvdFNEZGpNS1dDLXZQakF5NzNzTHpLTS1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9kNzY1YTQtNTRlYi00MTBkLThmM2Qt
Njg5YmE0ZDMzYzRiLzEvbUozdzcwV2I2SlJYd0pkaDRLbU5fSmxsZ0Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9kNzY1YTQtNTRlYi00MTBkLThmM2QtNjg5YmE0ZDMzYzRi
LzEvU1RvdFNEZGpNS1dDLXZQakF5NzNzTHpLTS1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBPvRMAwQB
PvRSMAwDBAI+9GQDBAI+9GgDBAI+9HgwDQYJKoZIhvcNAQELBQADggEBACDtmuVi
gNWN1ge1p56H7i/Zt96iy5VDpZ1BvGuwwiNnvMuMNT8jiQ5wud73thrg9TCTHN5M
/zRHe1m7bFEE4bR2UC1BSdzoQRcHr7MNW5MeeYBLh+CjIGZaRLLB/BXWbiXVjWvx
cC2gwnxg5elqW0jXdaOesPjPo6s4PT2nW7GzC5/FSgyZuGXgvCe+xSIv3UOwB+1d
usPDwfFNsZEPS7NqsH90uVrGL7tlEmxNwWeFc+73KTqsRCAKEXvHB7WnjmoVScmx
RE3kc75DPRFhA6vo6Yk96EZancWFWnITurSpLWFlPSA5ZO/hAqWOINnCsXq74HBD
vbz79BLQMQOk4Dk=
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:48:10 2024 by rpki-client on console-fra.rpki-client.org