Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/uHVNGCr9HRrlKS8i8NALpcxKvmo.roa
File: uHVNGCr9HRrlKS8i8NALpcxKvmo.roa (raw, json)
Hash identifier: 4NtFxcSgTfntkE07RQzQVjDfpNnswSg1LEum9CQryAU=
Subject key identifier: B8:75:4D:18:2A:FD:1D:1A:E5:29:2F:22:F0:D0:0B:A5:CC:4A:BE:6A
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018E50C8DE0473935A9B39A419637FC5510D
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/uHVNGCr9HRrlKS8i8NALpcxKvmo.roa
Signing time: Mon 18 Mar 2024 08:58:45 +0000
ROA not before: Mon 18 Mar 2024 08:58:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 62.133.60.0/24 maxlen: 24
62.133.61.0/24 maxlen: 24
62.133.62.0/24 maxlen: 24
62.133.63.0/24 maxlen: 24
141.98.171.0/24 maxlen: 24
194.156.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 06:46:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:50:c8:de:04:73:93:5a:9b:39:a4:19:63:7f:c5:51:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Mar 18 08:58:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8754d182afd1d1ae5292f22f0d00ba5cc4abe6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:fe:82:a2:ee:8d:72:bf:49:0d:4d:82:df:aa:
d2:0b:01:31:14:4c:d7:e7:9e:e3:17:9c:f5:68:e3:
2a:5f:cd:cc:1b:0b:fb:6a:6e:fc:72:86:7c:a5:fa:
25:27:8c:11:cf:7c:6c:6d:60:b0:cf:0a:9a:71:37:
e2:f7:1e:4c:68:e3:36:30:c8:98:b4:c0:1c:8d:b2:
38:18:a1:24:ab:69:f0:4e:e5:fa:e9:fb:ca:4f:96:
9d:07:f0:af:c0:c4:1e:17:c8:67:b0:6a:16:f2:19:
20:02:39:23:5a:5c:d2:19:20:e2:cf:53:03:c6:83:
c7:67:cf:95:e1:58:5e:ed:0d:20:05:3a:e2:cd:91:
b1:5b:f2:9c:d7:0c:e8:40:0f:78:7b:b7:16:1a:20:
91:8a:e7:c5:06:d6:52:7e:20:ba:f0:66:6a:8c:fa:
12:cf:ef:1f:85:92:ea:77:50:e2:b4:a9:c1:e7:ab:
9e:cd:8d:d8:cc:63:0d:73:03:e4:d8:fc:f8:73:81:
bd:9b:f6:77:a7:57:78:7c:77:e1:ae:19:62:27:eb:
c3:9a:43:2f:eb:27:64:27:31:62:1c:e4:41:4c:54:
3c:62:54:e0:17:88:f5:89:96:c6:de:da:12:8c:7f:
c8:95:0b:78:eb:28:6d:b3:8f:7a:38:ca:4a:67:61:
c0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:75:4D:18:2A:FD:1D:1A:E5:29:2F:22:F0:D0:0B:A5:CC:4A:BE:6A
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/uHVNGCr9HRrlKS8i8NALpcxKvmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.133.60.0/22
141.98.171.0/24
194.156.102.0/24
Signature Algorithm: sha256WithRSAEncryption
97:8d:0d:4c:dd:19:46:b4:34:a9:0a:ed:b7:32:57:e1:1a:6d:
32:40:93:c1:86:49:03:e0:17:b1:a3:53:5c:a7:6c:b3:a1:bf:
a9:07:10:80:42:f2:6c:9a:c1:00:a6:61:ca:cd:7c:b8:a8:30:
b0:56:86:c0:a0:20:5b:aa:d2:68:5c:a2:49:b9:c6:dd:87:c4:
54:52:46:ba:63:c8:e8:96:a7:31:65:37:f2:3e:ef:dc:e5:b1:
ed:87:15:1f:66:1b:52:fd:75:39:41:1d:3f:77:34:4e:55:1f:
67:3f:a7:51:1b:56:99:e6:ac:ed:da:b5:d7:a2:36:d6:ac:20:
41:37:92:f3:94:47:59:ee:cb:fd:b9:d3:c2:73:45:9e:e3:50:
51:8c:90:1d:f0:9c:b1:0e:93:00:77:8b:84:cc:ae:6e:57:27:
4d:32:ec:fa:d2:6b:3d:80:89:16:94:ee:57:f1:64:a4:f4:fd:
dd:07:e3:09:ff:5f:62:99:6c:56:f4:ed:c8:42:07:5b:12:fb:
54:b0:63:55:97:58:31:ae:2e:c6:09:46:b8:a2:50:d6:c8:9e:
32:0d:2f:6a:70:65:dd:1c:50:0b:38:c1:fb:b0:fc:7d:06:e1:
df:33:5a:ed:fe:fb:0a:0d:f8:84:d5:49:4b:fa:2c:8e:ac:86:
f5:85:83:71
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5QyN4Ec5NamzmkGWN/xVENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQwMzE4MDg1ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODc1NGQxODJhZmQxZDFhZTUyOTJmMjJmMGQwMGJhNWNjNGFiZTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/6Cou6Ncr9JDU2C36rSCwExFEzX
557jF5z1aOMqX83MGwv7am78coZ8pfolJ4wRz3xsbWCwzwqacTfi9x5MaOM2MMiY
tMAcjbI4GKEkq2nwTuX66fvKT5adB/CvwMQeF8hnsGoW8hkgAjkjWlzSGSDiz1MD
xoPHZ8+V4Vhe7Q0gBTrizZGxW/Kc1wzoQA94e7cWGiCRiufFBtZSfiC68GZqjPoS
z+8fhZLqd1DitKnB56uezY3YzGMNcwPk2Pz4c4G9m/Z3p1d4fHfhrhliJ+vDmkMv
6ydkJzFiHORBTFQ8YlTgF4j1iZbG3toSjH/IlQt46yhts496OMpKZ2HAvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLh1TRgq/R0a5SkvIvDQC6XMSr5qMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvdUhWTkdDcjlIUnJsS1M4aThOQUxwY3hLdm1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCPoU8AwQA
jWKrAwQAwpxmMA0GCSqGSIb3DQEBCwUAA4IBAQCXjQ1M3RlGtDSpCu23MlfhGm0y
QJPBhkkD4Bexo1Ncp2yzob+pBxCAQvJsmsEApmHKzXy4qDCwVobAoCBbqtJoXKJJ
ucbdh8RUUka6Y8jolqcxZTfyPu/c5bHthxUfZhtS/XU5QR0/dzROVR9nP6dRG1aZ
5qzt2rXXojbWrCBBN5LzlEdZ7sv9udPCc0We41BRjJAd8JyxDpMAd4uEzK5uVydN
Muz60ms9gIkWlO5X8WSk9P3dB+MJ/19imWxW9O3IQgdbEvtUsGNVl1gxri7GCUa4
olDWyJ4yDS9qcGXdHFALOMH7sPx9BuHfM1rt/vsKDfiE1UlL+iyOrIb1hYNx
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:34:21 2024 by rpki-client on console-ams.rpki-client.org