Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/Zg2hubfI_hbtk4U67K_Xu0CAkZY.roa
File: Zg2hubfI_hbtk4U67K_Xu0CAkZY.roa (raw, json)
Hash identifier: /fgn0h35LnZ7rYrwbaJndZLnkc715Vbm9iElA9kzdMo=
Subject key identifier: 66:0D:A1:B9:B7:C8:FE:16:ED:93:85:3A:EC:AF:D7:BB:40:80:91:96
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 0190E396200ABF59C87A6933A59F5D40AD6B
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/Zg2hubfI_hbtk4U67K_Xu0CAkZY.roa
Signing time: Wed 24 Jul 2024 07:13:04 +0000
ROA not before: Wed 24 Jul 2024 07:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60849
IP address blocks: 62.72.165.0/24 maxlen: 24
62.72.167.0/24 maxlen: 24
62.72.169.0/24 maxlen: 24
62.72.179.0/24 maxlen: 24
62.72.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Sep 2024 11:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e3:96:20:0a:bf:59:c8:7a:69:33:a5:9f:5d:40:ad:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Jul 24 07:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=660da1b9b7c8fe16ed93853aecafd7bb40809196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:25:10:75:4c:3f:f4:ef:39:ff:0c:6e:a3:73:
be:17:c6:39:02:8f:89:37:d8:30:90:58:18:8b:4a:
9f:20:b9:47:79:d9:dc:59:1f:8b:29:0f:fe:76:56:
dc:90:e7:34:33:93:cb:72:18:87:82:07:ec:f6:2c:
15:1c:6c:98:72:2f:be:3d:d6:e8:9f:2e:9d:fc:69:
c8:55:c9:8d:c6:e9:b6:f4:0f:a3:d3:0f:fb:0e:56:
e3:ef:0c:5b:bc:ca:c2:90:e6:d0:dd:c7:9e:17:41:
6d:59:05:3c:2a:da:35:81:54:0f:7e:81:7e:32:34:
45:a8:9f:e1:f8:10:c9:49:c1:1b:a0:61:9b:32:30:
4c:b0:9f:8a:46:87:f9:86:05:98:1c:32:c7:67:c1:
68:54:67:26:e5:37:65:ce:28:ca:70:e2:33:f5:91:
bb:a3:85:02:39:f9:68:04:32:dd:12:ff:f2:b5:67:
de:a0:57:aa:eb:23:42:46:3b:59:f3:7e:d4:53:ba:
f1:54:8d:06:6e:82:2c:24:1f:45:45:69:61:f9:01:
7a:0d:b0:bd:11:7f:0c:cf:03:5b:19:e7:3a:4f:6f:
9e:c9:fe:ab:bc:e8:0a:3b:09:fd:cf:19:70:b3:65:
b9:5a:2e:79:f5:e3:36:62:4e:c4:49:fb:68:6d:40:
ac:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:0D:A1:B9:B7:C8:FE:16:ED:93:85:3A:EC:AF:D7:BB:40:80:91:96
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/Zg2hubfI_hbtk4U67K_Xu0CAkZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.165.0/24
62.72.167.0/24
62.72.169.0/24
62.72.179.0/24
62.72.186.0/24
Signature Algorithm: sha256WithRSAEncryption
75:20:e4:06:73:c5:44:ca:c6:d4:53:93:3c:2d:3b:85:99:68:
71:b6:db:ef:5f:c2:f3:f9:54:ea:67:71:d1:d2:ff:db:a9:8a:
50:11:a9:3c:f5:eb:ce:7c:49:b4:83:49:46:fd:1b:1b:ae:68:
80:9a:88:97:a0:05:25:7b:08:2f:73:86:01:17:b1:bb:13:d0:
24:1b:b3:5b:1e:98:c4:80:9f:e6:e3:34:0f:6c:f3:99:8c:b4:
4b:7b:bb:25:f0:ef:4f:bd:61:ee:11:64:d9:d8:f7:9a:13:3d:
4d:d9:0d:60:66:11:dd:45:dd:77:7f:28:6a:b2:d0:d6:06:13:
9b:87:06:ce:0e:e0:90:82:69:88:09:7f:a6:b6:16:13:70:81:
71:42:5b:ee:c3:8f:fd:15:bb:c4:4d:1b:94:d9:4d:a7:50:44:
27:0b:55:78:ac:80:15:37:64:97:92:9d:ae:e8:bc:24:55:85:
97:09:3b:30:ce:b1:2d:9e:81:35:f7:f5:94:86:23:fc:e2:d8:
55:62:ae:53:be:a2:3b:81:12:f5:06:6e:73:cf:81:d9:11:9e:
54:6f:68:1d:f9:1c:d3:ca:ef:2f:8d:69:94:96:9a:54:87:1b:
b7:64:6d:34:03:ca:fd:fc:d3:d6:ef:50:37:6e:4b:30:97:9d:
51:dd:33:d5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZDjliAKv1nIemkzpZ9dQK1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwNzI0MDcxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjBkYTFiOWI3YzhmZTE2ZWQ5Mzg1M2FlY2FmZDdiYjQwODA5MTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiUQdUw/9O85/wxuo3O+F8Y5Ao+J
N9gwkFgYi0qfILlHedncWR+LKQ/+dlbckOc0M5PLchiHggfs9iwVHGyYci++Pdbo
ny6d/GnIVcmNxum29A+j0w/7Dlbj7wxbvMrCkObQ3ceeF0FtWQU8Kto1gVQPfoF+
MjRFqJ/h+BDJScEboGGbMjBMsJ+KRof5hgWYHDLHZ8FoVGcm5TdlzijKcOIz9ZG7
o4UCOfloBDLdEv/ytWfeoFeq6yNCRjtZ837UU7rxVI0GboIsJB9FRWlh+QF6DbC9
EX8MzwNbGec6T2+eyf6rvOgKOwn9zxlws2W5Wi559eM2Yk7ESftobUCs8wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGYNobm3yP4W7ZOFOuyv17tAgJGWMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvWmcyaHViZklfaGJ0azRVNjdLX1h1MENBa1pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAPkilAwQA
PkinAwQAPkipAwQAPkizAwQAPki6MA0GCSqGSIb3DQEBCwUAA4IBAQB1IOQGc8VE
ysbUU5M8LTuFmWhxttvvX8Lz+VTqZ3HR0v/bqYpQEak89evOfEm0g0lG/RsbrmiA
moiXoAUlewgvc4YBF7G7E9AkG7NbHpjEgJ/m4zQPbPOZjLRLe7sl8O9PvWHuEWTZ
2PeaEz1N2Q1gZhHdRd13fyhqstDWBhObhwbODuCQgmmICX+mthYTcIFxQlvuw4/9
FbvETRuU2U2nUEQnC1V4rIAVN2SXkp2u6LwkVYWXCTswzrEtnoE19/WUhiP84thV
Yq5TvqI7gRL1Bm5zz4HZEZ5Ub2gd+RzTyu8vjWmUlppUhxu3ZG00A8r9/NPW71A3
bkswl51R3TPV
-----END CERTIFICATE-----
Generated at Mon Sep 16 16:17:42 2024 by rpki-client on console-fra.rpki-client.org