Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/wRiDHiDNQ0yhxdflLsJrih8UC7Y.roa
File: wRiDHiDNQ0yhxdflLsJrih8UC7Y.roa (raw, json)
Hash identifier: jxqdyrm/ACaS3cdbVRl+qj1oX5dEFF6jugcZUowqa8c=
Subject key identifier: C1:18:83:1E:20:CD:43:4C:A1:C5:D7:E5:2E:C2:6B:8A:1F:14:0B:B6
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 018CC6B7AAF35F609F0D4986ECB9B4BE9913
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/wRiDHiDNQ0yhxdflLsJrih8UC7Y.roa
Signing time: Mon 01 Jan 2024 20:29:34 +0000
ROA not before: Mon 01 Jan 2024 20:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211373
IP address blocks: 62.72.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:aa:f3:5f:60:9f:0d:49:86:ec:b9:b4:be:99:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Jan 1 20:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c118831e20cd434ca1c5d7e52ec26b8a1f140bb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:98:42:19:1e:79:51:53:84:cc:93:31:6b:ac:
50:8c:51:44:2e:75:80:96:2b:17:ee:de:6a:c7:da:
6a:7d:83:c6:22:ab:2a:8d:01:ee:3c:ee:20:da:a6:
3d:f3:41:1d:82:07:84:d6:83:83:28:04:0f:53:a9:
4c:89:96:91:32:08:4d:a9:fb:79:a7:27:33:37:7f:
d0:0a:14:24:00:77:b3:86:92:ce:3b:99:da:75:02:
64:cc:cd:6c:6f:8d:01:dd:80:78:c1:95:a9:84:d7:
8b:60:1d:f5:58:99:ec:96:b0:8d:ca:56:bf:e7:94:
1a:e0:e7:5e:45:85:b1:71:31:95:4a:91:b8:17:64:
43:d1:66:d3:28:90:86:bb:9d:3c:c4:1e:c7:55:33:
38:8b:75:08:da:77:11:fe:2d:d1:10:56:5e:6d:76:
31:ca:61:3c:5f:09:7a:cd:6b:fa:30:ec:75:a9:43:
40:8a:d1:49:93:82:5b:f0:8e:56:2c:9e:6a:aa:32:
0d:ef:69:1a:4e:3a:37:e4:2d:62:83:0d:b5:72:f6:
33:c5:f6:f8:11:2c:4e:c5:fb:53:44:97:25:76:e9:
81:20:9a:72:7d:b7:0d:37:18:e6:59:a7:57:68:d0:
ea:74:bc:e7:93:c0:cc:d4:f4:b8:ad:c4:22:d4:8c:
26:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:18:83:1E:20:CD:43:4C:A1:C5:D7:E5:2E:C2:6B:8A:1F:14:0B:B6
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/wRiDHiDNQ0yhxdflLsJrih8UC7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.178.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:4c:1e:37:ba:34:03:b9:d6:63:9d:9a:dc:95:1e:a2:12:35:
89:8d:2a:21:c4:45:c7:35:40:90:b4:6b:99:14:0f:df:86:97:
f3:35:0b:01:ac:32:e8:2a:96:5f:6b:18:8b:2d:d5:0b:ea:a2:
7b:c5:1c:c9:39:8d:0a:06:93:f9:1a:df:00:97:8b:c4:14:fe:
bd:19:92:09:d5:57:d6:4e:ef:0c:71:6c:d1:46:e9:b8:63:0d:
6a:b4:a8:4a:b6:a0:77:b3:c4:57:15:8b:cd:fb:5d:95:41:be:
42:a3:34:7f:73:03:a4:68:13:ed:cb:c0:d6:56:81:5e:9a:3d:
19:c5:2e:39:ff:6c:63:0b:fc:d1:37:27:71:ab:b8:7f:bb:10:
1e:e8:83:13:b2:8c:b6:63:ce:fc:10:2c:97:25:0a:20:c7:b9:
e7:12:21:e2:37:84:23:b7:c0:c5:0a:88:46:7b:73:4f:5f:94:
5c:fa:c3:46:af:4b:e2:42:60:01:ea:55:a7:98:5e:7c:68:fe:
9a:b9:4f:66:2a:ae:73:85:bc:16:35:3a:3c:98:10:67:45:2d:
4f:60:34:f5:6b:0a:47:aa:2a:9a:51:be:b7:20:68:7d:be:a2:
b6:cd:6b:bd:d4:85:a7:64:87:2c:28:f9:de:1d:5a:88:a3:e0:
6d:7d:a2:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt6rzX2CfDUmG7Lm0vpkTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwMTAxMjAyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTE4ODMxZTIwY2Q0MzRjYTFjNWQ3ZTUyZWMyNmI4YTFmMTQwYmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5hCGR55UVOEzJMxa6xQjFFELnWA
lisX7t5qx9pqfYPGIqsqjQHuPO4g2qY980EdggeE1oODKAQPU6lMiZaRMghNqft5
pyczN3/QChQkAHezhpLOO5nadQJkzM1sb40B3YB4wZWphNeLYB31WJnslrCNyla/
55Qa4OdeRYWxcTGVSpG4F2RD0WbTKJCGu508xB7HVTM4i3UI2ncR/i3REFZebXYx
ymE8Xwl6zWv6MOx1qUNAitFJk4Jb8I5WLJ5qqjIN72kaTjo35C1igw21cvYzxfb4
ESxOxftTRJcldumBIJpyfbcNNxjmWadXaNDqdLznk8DM1PS4rcQi1IwmmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMEYgx4gzUNMocXX5S7Ca4ofFAu2MB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvd1JpREhpRE5RMHloeGRmbExzSnJpaDhVQzdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkiyMA0G
CSqGSIb3DQEBCwUAA4IBAQAMTB43ujQDudZjnZrclR6iEjWJjSohxEXHNUCQtGuZ
FA/fhpfzNQsBrDLoKpZfaxiLLdUL6qJ7xRzJOY0KBpP5Gt8Al4vEFP69GZIJ1VfW
Tu8McWzRRum4Yw1qtKhKtqB3s8RXFYvN+12VQb5CozR/cwOkaBPty8DWVoFemj0Z
xS45/2xjC/zRNydxq7h/uxAe6IMTsoy2Y878ECyXJQogx7nnEiHiN4Qjt8DFCohG
e3NPX5Rc+sNGr0viQmAB6lWnmF58aP6auU9mKq5zhbwWNTo8mBBnRS1PYDT1awpH
qiqaUb63IGh9vqK2zWu91IWnZIcsKPneHVqIo+BtfaJ5
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:26:57 2024 by rpki-client on console-ams.rpki-client.org