Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/UeJXWIATgnFXFlNNUwXHPxq8kAU.roa
File: UeJXWIATgnFXFlNNUwXHPxq8kAU.roa (raw, json)
Hash identifier: q/rqUsbH91q3aaYS0eW01VXIUFBDIIHuO1tZkUbzUrw=
Subject key identifier: 51:E2:57:58:80:13:82:71:57:16:53:4D:53:05:C7:3F:1A:BC:90:05
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 018DC5AB15AFE50B9A573CF9B54D6A78CDA7
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/UeJXWIATgnFXFlNNUwXHPxq8kAU.roa
Signing time: Tue 20 Feb 2024 08:39:00 +0000
ROA not before: Tue 20 Feb 2024 08:39:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60849
IP address blocks: 62.72.165.0/24 maxlen: 24
62.72.167.0/24 maxlen: 24
62.72.169.0/24 maxlen: 24
62.72.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 14:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c5:ab:15:af:e5:0b:9a:57:3c:f9:b5:4d:6a:78:cd:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Feb 20 08:39:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51e25758801382715716534d5305c73f1abc9005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:03:de:36:fa:e7:ca:13:90:94:c5:0d:4d:13:
b2:4d:00:cc:90:53:fd:f3:f3:4c:37:5e:59:0c:4f:
a8:6f:ab:86:bf:aa:5b:a4:a6:da:4c:e4:35:2a:e6:
1f:e1:13:a3:10:b4:e9:46:56:8a:ff:44:46:47:ff:
76:0e:a4:16:87:65:b3:a5:d6:af:5a:59:4c:72:53:
b7:6f:c2:dc:2c:ba:8c:a6:0d:5a:9e:d7:5a:7f:65:
d3:ce:88:40:4b:84:98:b8:11:de:f3:44:8d:7e:1c:
c1:d0:92:0d:b9:8e:fd:2a:77:fe:35:55:b6:c6:32:
d0:e3:1e:d8:c4:97:c9:b8:d3:52:2b:ad:07:19:c8:
cf:4d:16:40:eb:50:3e:7f:d7:1b:2a:de:06:90:c8:
15:86:db:a3:5a:a5:ed:be:01:04:65:3b:5a:50:b7:
fc:60:ee:22:d7:46:66:7a:36:ab:e0:81:7f:38:81:
55:8a:7c:6b:3e:fa:df:36:b2:45:84:75:f2:a4:da:
fc:06:40:93:e4:1e:71:ef:69:73:1f:67:dc:1d:33:
60:72:93:94:b0:7c:cb:c3:38:24:2f:17:6a:4d:30:
94:89:6c:e8:c2:41:ea:5c:d8:f9:61:e9:7b:0a:30:
af:54:b3:e7:37:92:d6:2f:30:95:0e:d0:61:7d:a6:
1e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:E2:57:58:80:13:82:71:57:16:53:4D:53:05:C7:3F:1A:BC:90:05
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/UeJXWIATgnFXFlNNUwXHPxq8kAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.165.0/24
62.72.167.0/24
62.72.169.0/24
62.72.179.0/24
Signature Algorithm: sha256WithRSAEncryption
01:4e:ee:cc:8e:f0:71:8f:6f:60:80:bb:9a:bb:61:48:d2:25:
29:59:b1:fe:c3:5b:a6:6d:7c:d9:02:be:59:60:5f:58:37:dd:
b3:c6:99:5b:18:61:2a:aa:89:8e:5c:0f:bc:ba:a9:fe:4d:fb:
48:74:5d:9b:60:0a:53:15:19:c6:dd:7a:c0:5c:3a:19:ed:10:
8e:d6:0d:5e:f8:38:93:bb:73:e5:87:01:f9:b2:91:08:cd:97:
24:6c:09:57:1b:02:3f:b0:31:5b:b6:f0:cf:53:ae:8d:1b:10:
a6:e0:5b:f5:06:70:6b:a9:05:5b:b2:a6:85:b5:7a:5f:ea:b1:
97:db:06:ac:7c:d7:67:7e:a4:ea:36:9a:88:62:16:c6:d4:4f:
52:c1:b2:41:98:e8:d7:a2:83:f2:8d:48:45:84:f8:19:64:6f:
0f:03:e4:33:22:ee:99:b6:59:a4:fb:3f:2d:00:15:fa:fa:f8:
f5:2f:c7:23:ad:c1:18:29:bc:26:db:f5:8c:85:5b:46:70:bd:
38:95:de:29:c5:d8:c4:96:c9:8e:ab:d1:a7:c0:59:24:bb:75:
71:40:f3:2a:23:5f:dd:5e:c0:32:e8:a8:5a:c5:df:3d:c4:3e:
d1:e2:a5:1c:86:b7:dd:5d:72:1f:45:7a:67:cb:60:e4:6a:31:
cf:49:aa:2f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY3FqxWv5QuaVzz5tU1qeM2nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwMjIwMDgzOTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWUyNTc1ODgwMTM4MjcxNTcxNjUzNGQ1MzA1YzczZjFhYmM5MDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQPeNvrnyhOQlMUNTROyTQDMkFP9
8/NMN15ZDE+ob6uGv6pbpKbaTOQ1KuYf4ROjELTpRlaK/0RGR/92DqQWh2Wzpdav
WllMclO3b8LcLLqMpg1antdaf2XTzohAS4SYuBHe80SNfhzB0JINuY79Knf+NVW2
xjLQ4x7YxJfJuNNSK60HGcjPTRZA61A+f9cbKt4GkMgVhtujWqXtvgEEZTtaULf8
YO4i10Zmejar4IF/OIFVinxrPvrfNrJFhHXypNr8BkCT5B5x72lzH2fcHTNgcpOU
sHzLwzgkLxdqTTCUiWzowkHqXNj5Yel7CjCvVLPnN5LWLzCVDtBhfaYevwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFHiV1iAE4JxVxZTTVMFxz8avJAFMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvVWVKWFdJQVRnbkZYRmxOTlV3WEhQeHE4a0FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPkilAwQA
PkinAwQAPkipAwQAPkizMA0GCSqGSIb3DQEBCwUAA4IBAQABTu7MjvBxj29ggLua
u2FI0iUpWbH+w1umbXzZAr5ZYF9YN92zxplbGGEqqomOXA+8uqn+TftIdF2bYApT
FRnG3XrAXDoZ7RCO1g1e+DiTu3PlhwH5spEIzZckbAlXGwI/sDFbtvDPU66NGxCm
4Fv1BnBrqQVbsqaFtXpf6rGX2wasfNdnfqTqNpqIYhbG1E9SwbJBmOjXooPyjUhF
hPgZZG8PA+QzIu6Ztlmk+z8tABX6+vj1L8cjrcEYKbwm2/WMhVtGcL04ld4pxdjE
lsmOq9GnwFkku3VxQPMqI1/dXsAy6Khaxd89xD7R4qUchrfdXXIfRXpny2DkajHP
Saov
-----END CERTIFICATE-----
Generated at Sun May 5 19:05:24 2024 by rpki-client on console-fra.rpki-client.org