Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/KZgEecQxE_N1dF_qgByTv9EkVAU.roa
File: KZgEecQxE_N1dF_qgByTv9EkVAU.roa (raw, json)
Hash identifier: jseKOCPr/wdUS6C6gQocciho2H9ngvqSW9iw6yGoVSI=
Subject key identifier: 29:98:04:79:C4:31:13:F3:75:74:5F:EA:80:1C:93:BF:D1:24:54:05
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 018CC6B7A24D03728D7974D1387B6A8E82BC
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/KZgEecQxE_N1dF_qgByTv9EkVAU.roa
Signing time: Mon 01 Jan 2024 20:29:32 +0000
ROA not before: Mon 01 Jan 2024 20:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63023
IP address blocks: 62.72.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:a2:4d:03:72:8d:79:74:d1:38:7b:6a:8e:82:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Jan 1 20:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29980479c43113f375745fea801c93bfd1245405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5c:50:3e:6f:a4:72:3a:6e:77:c3:40:c7:28:
91:fc:a1:8a:75:0a:dd:92:56:1e:ec:f0:56:37:7d:
d3:03:55:c2:c5:a1:3f:d8:11:cf:76:72:59:af:ca:
88:21:4a:7f:8b:99:09:4b:35:f5:6c:62:c6:6a:9a:
71:bd:b2:b9:ff:4e:c9:d6:8a:68:af:32:bb:75:55:
a1:ff:63:d1:ad:51:16:cd:34:7d:3d:9e:83:2b:8f:
f7:b6:cc:0a:86:a2:9a:85:5e:05:8d:96:3e:5a:dc:
ab:7f:a9:ac:22:cb:4b:35:90:b2:37:e9:70:a1:f5:
b7:fa:12:2c:11:a2:11:66:0f:c7:d6:57:1a:4e:83:
ff:0b:a0:f2:4d:49:b4:54:e9:ec:d2:35:f6:e1:64:
8e:94:33:3a:12:d4:b4:8d:d3:ec:77:7b:f9:57:6e:
82:66:2b:58:fa:68:ea:78:31:77:8e:48:e0:d5:6c:
75:c7:41:4a:77:6a:92:c9:24:9c:c9:ef:8a:85:d8:
5f:4f:06:a2:12:18:97:ee:2e:6b:2c:52:cf:cb:34:
e2:04:84:5c:f7:a3:57:db:35:29:d1:cb:5d:e0:72:
45:20:55:4c:b6:71:fe:4e:48:f7:81:f5:fd:b0:fe:
7e:7f:0f:d0:ee:4b:f7:40:5d:7b:c3:b3:b1:49:1c:
61:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:98:04:79:C4:31:13:F3:75:74:5F:EA:80:1C:93:BF:D1:24:54:05
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/KZgEecQxE_N1dF_qgByTv9EkVAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.171.0/24
Signature Algorithm: sha256WithRSAEncryption
30:50:c3:b3:3f:52:ce:7d:b4:b1:51:fa:3a:53:33:2a:2b:0a:
f1:5e:bb:0c:37:c9:14:a3:4c:39:80:86:a3:a7:63:87:82:3f:
6e:6b:db:f6:5f:31:8b:eb:96:ba:53:0e:db:a5:0f:73:09:89:
ce:f9:23:ad:c0:ce:ce:a6:c9:12:ca:c7:4d:61:c9:e7:7a:07:
67:9d:c2:86:e5:60:ed:dc:b4:e2:f6:89:ea:08:31:55:f3:38:
e3:fc:46:ef:70:f6:e3:5e:ad:83:0c:1e:9d:f6:35:5e:90:a0:
e4:2f:dc:2b:7a:69:15:f6:0a:38:bf:d0:6d:77:6c:4d:c8:54:
7f:72:da:9a:f4:8d:2a:0c:b3:3a:2d:77:61:59:95:de:25:b4:
6e:0e:9e:4c:a4:a4:2b:3e:22:3e:a6:5a:63:d8:4f:bb:4b:10:
6e:da:b7:fa:2c:92:34:51:ad:a5:97:d3:ca:3d:bf:71:48:ed:
5d:82:ae:b6:ca:ad:94:04:bb:f6:bf:66:4a:78:66:53:1a:5d:
a9:fa:66:0b:61:b5:c2:f8:15:92:cf:86:42:07:1b:ed:82:42:
af:26:2b:0f:57:c9:4e:d7:f2:37:e0:c2:3d:c7:0e:db:fc:b7:
63:8e:05:93:1c:2a:37:46:61:10:35:78:9a:7c:f6:b6:e8:50:
5c:de:d0:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt6JNA3KNeXTROHtqjoK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwMTAxMjAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTk4MDQ3OWM0MzExM2YzNzU3NDVmZWE4MDFjOTNiZmQxMjQ1NDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFxQPm+kcjpud8NAxyiR/KGKdQrd
klYe7PBWN33TA1XCxaE/2BHPdnJZr8qIIUp/i5kJSzX1bGLGappxvbK5/07J1opo
rzK7dVWh/2PRrVEWzTR9PZ6DK4/3tswKhqKahV4FjZY+Wtyrf6msIstLNZCyN+lw
ofW3+hIsEaIRZg/H1lcaToP/C6DyTUm0VOns0jX24WSOlDM6EtS0jdPsd3v5V26C
ZitY+mjqeDF3jkjg1Wx1x0FKd2qSySScye+KhdhfTwaiEhiX7i5rLFLPyzTiBIRc
96NX2zUp0ctd4HJFIFVMtnH+Tkj3gfX9sP5+fw/Q7kv3QF17w7OxSRxhKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCmYBHnEMRPzdXRf6oAck7/RJFQFMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvS1pnRWVjUXhFX04xZEZfcWdCeVR2OUVrVkFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkirMA0G
CSqGSIb3DQEBCwUAA4IBAQAwUMOzP1LOfbSxUfo6UzMqKwrxXrsMN8kUo0w5gIaj
p2OHgj9ua9v2XzGL65a6Uw7bpQ9zCYnO+SOtwM7OpskSysdNYcnnegdnncKG5WDt
3LTi9onqCDFV8zjj/EbvcPbjXq2DDB6d9jVekKDkL9wremkV9go4v9Btd2xNyFR/
ctqa9I0qDLM6LXdhWZXeJbRuDp5MpKQrPiI+plpj2E+7SxBu2rf6LJI0Ua2ll9PK
Pb9xSO1dgq62yq2UBLv2v2ZKeGZTGl2p+mYLYbXC+BWSz4ZCBxvtgkKvJisPV8lO
1/I34MI9xw7b/LdjjgWTHCo3RmEQNXiafPa26FBc3tB5
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:14:09 2024 by rpki-client on console-ams.rpki-client.org