Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/sDyOmfRB7rzmTnsAAO0y7ebMGCw.roa
File: sDyOmfRB7rzmTnsAAO0y7ebMGCw.roa (raw, json)
Hash identifier: TNLkPOe4DHZDS/xjUXxizjnOlQKJWVaEW+Zajds6YZg=
Subject key identifier: B0:3C:8E:99:F4:41:EE:BC:E6:4E:7B:00:00:ED:32:ED:E6:CC:18:2C
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 01933F52C7C4A7DA49DBFC5418B7F909D118
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/sDyOmfRB7rzmTnsAAO0y7ebMGCw.roa
Signing time: Mon 18 Nov 2024 12:50:09 +0000
ROA not before: Mon 18 Nov 2024 12:50:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 62.72.191.0/24 maxlen: 24
81.21.5.0/24 maxlen: 24
81.21.6.0/24 maxlen: 24
81.21.7.0/24 maxlen: 24
176.57.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3f:52:c7:c4:a7:da:49:db:fc:54:18:b7:f9:09:d1:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Nov 18 12:50:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b03c8e99f441eebce64e7b0000ed32ede6cc182c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:6c:05:45:f5:fa:23:54:f1:e6:4c:24:e0:ea:
23:60:51:e9:a5:3b:8c:8b:90:53:2f:2f:70:79:26:
46:4a:06:85:be:5b:d1:5d:f7:d5:7e:c1:52:5a:a8:
ac:5b:47:4f:f4:3e:12:b0:d7:e7:14:03:f8:66:f0:
6e:c4:cb:ed:96:c6:eb:a5:a9:ed:c1:98:34:db:82:
07:6f:e2:b1:ad:6a:6b:ca:8d:21:19:a0:b2:6e:63:
2d:6c:56:98:91:c8:48:03:e3:7a:c7:21:37:01:75:
40:fc:31:22:8f:54:d7:e5:9e:b5:81:b6:4e:2f:33:
5d:50:bf:79:99:73:32:fd:56:5c:e6:f0:c2:ea:45:
bd:a0:54:c2:6c:fa:de:0a:82:4f:e9:a8:1f:73:14:
1e:39:00:09:4f:31:22:e1:1f:30:44:d9:63:11:cc:
d6:98:ec:a0:e7:72:2f:25:03:a0:ab:ee:c3:90:1d:
3d:c8:14:5b:ca:70:14:5c:53:c2:09:cc:a0:82:80:
72:bb:8a:79:73:ec:6c:45:83:b2:8f:59:d0:60:ad:
ce:ae:26:f0:b2:3c:b7:41:59:24:f9:60:79:da:29:
70:c6:dd:5e:b3:c8:c2:df:6c:e5:61:28:cd:df:da:
cb:eb:89:bd:c3:75:b6:4d:4d:45:e3:2a:d1:39:c3:
d3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:3C:8E:99:F4:41:EE:BC:E6:4E:7B:00:00:ED:32:ED:E6:CC:18:2C
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/sDyOmfRB7rzmTnsAAO0y7ebMGCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.191.0/24
81.21.5.0-81.21.7.255
176.57.51.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:08:81:80:4b:c1:1b:d1:72:b8:a5:62:aa:90:c8:83:b5:39:
8c:9a:fc:fc:f9:86:ea:f6:dc:14:9e:a1:a3:3e:d7:f4:85:25:
45:20:70:2c:76:40:17:80:5e:e2:9b:11:6b:53:e5:6a:0c:5c:
af:91:43:93:85:5e:77:b9:86:2e:58:a9:8f:5e:e4:69:dc:dc:
23:df:69:b7:85:a2:01:9c:9e:15:b9:9f:38:9c:96:25:4d:67:
58:b3:93:dd:d5:f0:40:6d:39:0f:93:c4:49:a9:e4:a8:b7:7c:
c8:ef:a3:14:51:ca:0d:33:b6:cb:bb:12:83:a1:7b:37:94:c5:
e6:71:99:de:8a:55:df:29:b0:5b:7c:9f:9d:4a:bc:32:c4:a6:
e9:16:ab:3c:61:34:c5:f5:f4:36:8d:31:8a:33:a2:5b:30:18:
93:a6:03:d0:f8:d9:53:40:67:69:b5:fa:a4:7b:ed:d4:ff:2b:
81:a1:87:98:14:75:6e:ae:fd:ec:36:7a:b3:e0:85:55:47:28:
2f:71:df:7f:58:29:56:37:91:e8:64:3d:f3:e1:37:29:fc:9c:
82:8f:3d:93:b6:70:dc:c6:e8:d0:3f:f4:e9:91:0d:98:c5:28:
47:ea:22:07:ac:66:6a:0a:0e:e1:58:cb:9a:38:2e:d9:10:a2:
27:2e:4b:e3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZM/UsfEp9pJ2/xUGLf5CdEYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQxMTE4MTI1MDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDNjOGU5OWY0NDFlZWJjZTY0ZTdiMDAwMGVkMzJlZGU2Y2MxODJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mwFRfX6I1Tx5kwk4OojYFHppTuM
i5BTLy9weSZGSgaFvlvRXffVfsFSWqisW0dP9D4SsNfnFAP4ZvBuxMvtlsbrpant
wZg024IHb+KxrWpryo0hGaCybmMtbFaYkchIA+N6xyE3AXVA/DEij1TX5Z61gbZO
LzNdUL95mXMy/VZc5vDC6kW9oFTCbPreCoJP6agfcxQeOQAJTzEi4R8wRNljEczW
mOyg53IvJQOgq+7DkB09yBRbynAUXFPCCcyggoByu4p5c+xsRYOyj1nQYK3Oribw
sjy3QVkk+WB52ilwxt1es8jC32zlYSjN39rL64m9w3W2TU1F4yrROcPTQwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLA8jpn0Qe685k57AADtMu3mzBgsMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvc0R5T21mUkI3cnptVG5zQUFPMHk3ZWJNR0N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAPki/MAwD
BABRFQUDBANRFQADBACwOTMwDQYJKoZIhvcNAQELBQADggEBAG4IgYBLwRvRcril
YqqQyIO1OYya/Pz5hur23BSeoaM+1/SFJUUgcCx2QBeAXuKbEWtT5WoMXK+RQ5OF
Xne5hi5YqY9e5Gnc3CPfabeFogGcnhW5nzicliVNZ1izk93V8EBtOQ+TxEmp5Ki3
fMjvoxRRyg0ztsu7EoOhezeUxeZxmd6KVd8psFt8n51KvDLEpukWqzxhNMX19DaN
MYozolswGJOmA9D42VNAZ2m1+qR77dT/K4Ghh5gUdW6u/ew2erPghVVHKC9x339Y
KVY3kehkPfPhNyn8nIKPPZO2cNzG6NA/9OmRDZjFKEfqIgesZmoKDuFYy5o4LtkQ
oicuS+M=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:41:50 2024 by rpki-client on console-fra.rpki-client.org