Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/37109d-1337-4b2d-bc1b-48dc88b56020/1/piygp2rZKPxPbwPRNRBQOCILnZQ.roa
File: piygp2rZKPxPbwPRNRBQOCILnZQ.roa (raw, json)
Hash identifier: HkwIkTpZi5HIxLILef7bVGIXlloJpieFQysj7v/0Lxw=
Subject key identifier: A6:2C:A0:A7:6A:D9:28:FC:4F:6F:03:D1:35:10:50:38:22:0B:9D:94
Certificate issuer: /CN=08d79d20d76a9ddb075b94f9f00052ab218276b7
Certificate serial: 018CC56E162BC552A2CDF29EBB9B88BC39D8
Authority key identifier: 08:D7:9D:20:D7:6A:9D:DB:07:5B:94:F9:F0:00:52:AB:21:82:76:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CNedINdqndsHW5T58ABSqyGCdrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/37109d-1337-4b2d-bc1b-48dc88b56020/1/piygp2rZKPxPbwPRNRBQOCILnZQ.roa
Signing time: Mon 01 Jan 2024 14:29:35 +0000
ROA not before: Mon 01 Jan 2024 14:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8831
IP address blocks: 62.108.64.0/22 maxlen: 24
62.108.64.0/21 maxlen: 21
62.108.68.0/22 maxlen: 24
62.108.72.0/22 maxlen: 24
62.108.88.0/21 maxlen: 21
62.108.88.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/37109d-1337-4b2d-bc1b-48dc88b56020/1/CNedINdqndsHW5T58ABSqyGCdrc.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/37109d-1337-4b2d-bc1b-48dc88b56020/1/CNedINdqndsHW5T58ABSqyGCdrc.mft
rsync://rpki.ripe.net/repository/DEFAULT/CNedINdqndsHW5T58ABSqyGCdrc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:16:2b:c5:52:a2:cd:f2:9e:bb:9b:88:bc:39:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08d79d20d76a9ddb075b94f9f00052ab218276b7
Validity
Not Before: Jan 1 14:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a62ca0a76ad928fc4f6f03d135105038220b9d94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e7:f7:dc:e0:1c:1d:33:cd:98:04:b7:11:0b:
6b:09:c2:1d:86:82:4d:ca:c7:e2:79:df:01:9f:bb:
42:88:3c:01:17:29:6f:92:ee:4e:bf:5c:61:9d:df:
6a:49:36:17:7f:3a:0e:6e:e3:57:98:45:f4:10:62:
8d:06:f8:8e:d0:2d:a7:9e:19:38:ac:dc:8d:41:aa:
1c:0f:00:43:2e:ee:2e:df:10:a1:df:70:89:c8:b4:
fd:00:dd:15:15:cb:fa:50:c6:f6:16:9a:0d:cb:46:
ae:ce:24:57:3a:48:00:46:59:13:30:e5:2e:d6:65:
78:03:5f:f9:9d:0f:b4:ca:86:ce:b6:df:4b:d3:3d:
55:45:75:90:db:72:81:4c:95:f1:98:f1:4d:93:52:
03:f7:fb:3a:bc:eb:ce:83:be:04:f9:b4:93:70:e4:
3c:21:fb:75:f4:e5:43:14:59:cb:14:43:23:ca:db:
50:bf:f6:b9:36:6e:74:45:ad:51:1e:a7:01:78:a2:
a1:40:65:14:49:7d:8e:27:61:2b:9c:05:d4:81:0f:
24:bb:d1:11:18:9b:6b:78:bf:7f:af:2b:f0:50:38:
d4:16:ae:de:e8:da:6d:b5:57:d6:85:01:6c:f0:4e:
35:ca:8b:d9:f7:55:f7:0a:0a:82:56:11:f1:ea:dd:
a7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:2C:A0:A7:6A:D9:28:FC:4F:6F:03:D1:35:10:50:38:22:0B:9D:94
X509v3 Authority Key Identifier:
keyid:08:D7:9D:20:D7:6A:9D:DB:07:5B:94:F9:F0:00:52:AB:21:82:76:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNedINdqndsHW5T58ABSqyGCdrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/37109d-1337-4b2d-bc1b-48dc88b56020/1/piygp2rZKPxPbwPRNRBQOCILnZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/37109d-1337-4b2d-bc1b-48dc88b56020/1/CNedINdqndsHW5T58ABSqyGCdrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.64.0-62.108.75.255
62.108.88.0/21
Signature Algorithm: sha256WithRSAEncryption
9a:d5:25:95:93:f6:dd:93:3c:56:a2:c3:ef:47:90:25:de:24:
3c:c4:89:d1:ea:74:0b:60:06:f9:68:c8:f6:13:f6:00:69:20:
bb:cf:92:82:f2:02:23:d9:17:af:bb:23:fc:dd:fc:85:23:f6:
89:2d:d6:57:bf:a2:fa:10:42:46:bf:03:bb:bd:44:b8:b4:e5:
3c:92:1a:b2:5b:d4:1e:30:f0:bf:96:7b:b7:ed:a2:15:27:91:
46:b9:77:85:33:ad:d0:80:a5:3f:ea:a2:95:34:27:3b:96:2d:
64:4a:cc:b2:56:f5:12:8f:c9:87:cc:f3:93:12:c5:d2:ad:1f:
36:6b:46:89:99:48:b3:93:4a:26:42:20:07:33:ad:19:b8:57:
dc:a5:63:b9:a8:f9:40:f2:18:a6:38:27:9a:bd:9e:58:c4:b9:
6b:a0:38:31:32:c3:46:88:0a:3f:7a:48:50:22:d1:d3:b4:b4:
6d:c9:f3:dc:dd:f7:91:6e:d1:d4:e3:a0:ac:79:ac:54:b3:b3:
78:ea:94:ef:e1:76:b4:89:61:12:46:61:5d:52:ed:03:43:23:
c0:72:70:d2:4e:f6:69:06:f5:00:20:84:3b:29:4d:5f:6f:81:
8e:a4:d0:17:b4:e8:a2:41:31:ad:5d:97:59:ca:d0:83:df:c3:
a1:ce:1e:b2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzFbhYrxVKizfKeu5uIvDnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDc5ZDIwZDc2YTlkZGIwNzViOTRmOWYwMDA1MmFiMjE4
Mjc2YjcwHhcNMjQwMTAxMTQyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjJjYTBhNzZhZDkyOGZjNGY2ZjAzZDEzNTEwNTAzODIyMGI5ZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAief33OAcHTPNmAS3EQtrCcIdhoJN
ysfied8Bn7tCiDwBFylvku5Ov1xhnd9qSTYXfzoObuNXmEX0EGKNBviO0C2nnhk4
rNyNQaocDwBDLu4u3xCh33CJyLT9AN0VFcv6UMb2FpoNy0auziRXOkgARlkTMOUu
1mV4A1/5nQ+0yobOtt9L0z1VRXWQ23KBTJXxmPFNk1ID9/s6vOvOg74E+bSTcOQ8
Ift19OVDFFnLFEMjyttQv/a5Nm50Ra1RHqcBeKKhQGUUSX2OJ2ErnAXUgQ8ku9ER
GJtreL9/ryvwUDjUFq7e6NpttVfWhQFs8E41yovZ91X3CgqCVhHx6t2nOQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKYsoKdq2Sj8T28D0TUQUDgiC52UMB8GA1UdIwQY
MBaAFAjXnSDXap3bB1uU+fAAUqshgna3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05lZElOZHFuZHNIVzVUNThBQlNxeUdDZHJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8zNzEwOWQtMTMzNy00YjJkLWJjMWIt
NDhkYzg4YjU2MDIwLzEvcGl5Z3AyclpLUHhQYndQUk5SQlFPQ0lMblpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8zNzEwOWQtMTMzNy00YjJkLWJjMWItNDhkYzg4YjU2MDIw
LzEvQ05lZElOZHFuZHNIVzVUNThBQlNxeUdDZHJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAY+bEAD
BAI+bEgDBAM+bFgwDQYJKoZIhvcNAQELBQADggEBAJrVJZWT9t2TPFaiw+9HkCXe
JDzEidHqdAtgBvloyPYT9gBpILvPkoLyAiPZF6+7I/zd/IUj9okt1le/ovoQQka/
A7u9RLi05TySGrJb1B4w8L+We7ftohUnkUa5d4UzrdCApT/qopU0JzuWLWRKzLJW
9RKPyYfM85MSxdKtHzZrRomZSLOTSiZCIAczrRm4V9ylY7mo+UDyGKY4J5q9nljE
uWugODEyw0aICj96SFAi0dO0tG3J89zd95Fu0dTjoKx5rFSzs3jqlO/hdrSJYRJG
YV1S7QNDI8BycNJO9mkG9QAghDspTV9vgY6k0Be06KJBMa1dl1nK0IPfw6HOHrI=
-----END CERTIFICATE-----
Generated at Sun May 19 00:43:47 2024 by rpki-client on console-ams.rpki-client.org