Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/xcEpK4OVJA5luMMsh_hF9fUgl-0.roa
File: xcEpK4OVJA5luMMsh_hF9fUgl-0.roa (raw, json)
Hash identifier: cqShahf00yuAjJopoGIhz437ZnCsQF04VH42q4TjNEI=
Subject key identifier: C5:C1:29:2B:83:95:24:0E:65:B8:C3:2C:87:F8:45:F5:F5:20:97:ED
Certificate issuer: /CN=1dc7522321c23d169ed332ff49879ccc245172db
Certificate serial: 0192DC62D397436838EE34C5508CAD286A97
Authority key identifier: 1D:C7:52:23:21:C2:3D:16:9E:D3:32:FF:49:87:9C:CC:24:51:72:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HcdSIyHCPRae0zL_SYeczCRRcts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/xcEpK4OVJA5luMMsh_hF9fUgl-0.roa
Signing time: Wed 30 Oct 2024 07:45:17 +0000
ROA not before: Wed 30 Oct 2024 07:45:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9166
IP address blocks: 62.233.0.0/20 maxlen: 24
212.113.64.0/19 maxlen: 24
2a02:2398::/29 maxlen: 48
2a02:239c:0:20::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/HcdSIyHCPRae0zL_SYeczCRRcts.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/HcdSIyHCPRae0zL_SYeczCRRcts.mft
rsync://rpki.ripe.net/repository/DEFAULT/HcdSIyHCPRae0zL_SYeczCRRcts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dc:62:d3:97:43:68:38:ee:34:c5:50:8c:ad:28:6a:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dc7522321c23d169ed332ff49879ccc245172db
Validity
Not Before: Oct 30 07:45:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5c1292b8395240e65b8c32c87f845f5f52097ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fd:89:21:7e:f6:57:75:d8:cf:04:40:08:70:
99:66:e0:1b:eb:97:bd:06:ba:b1:10:67:96:69:8c:
57:29:bf:4f:22:68:17:f8:8c:1a:72:a4:3d:f9:ad:
d4:99:5f:d3:56:ee:27:e9:f6:53:97:5b:af:8d:66:
fa:b3:75:4b:a4:e1:ae:84:45:01:12:33:c2:6f:f0:
f7:10:32:64:e5:b0:5a:43:b8:58:35:28:f0:6a:d0:
1d:7e:17:9d:ca:5b:8a:3e:6e:da:e2:4f:1f:0d:fc:
c0:44:fe:2e:75:25:77:f6:29:24:e8:06:4f:6d:f0:
37:38:38:b5:c1:22:7d:62:ee:03:40:2c:28:58:c4:
fb:18:5e:fd:62:e6:24:8d:35:7f:36:9e:b9:2f:d4:
c9:12:c4:c3:3c:c0:f5:27:a5:f6:84:b3:ff:0c:42:
f8:70:f0:0c:d7:91:6c:c0:fc:63:de:13:a3:4a:e1:
a7:3b:68:20:9b:c9:72:0b:f7:51:5e:36:f6:72:3c:
b6:54:c4:5f:78:c5:68:5a:6e:b5:c9:f0:5e:88:8d:
46:77:59:6b:cc:a7:95:6b:19:d4:9f:b7:fb:00:f3:
3c:11:b8:60:2e:73:9e:20:97:0d:15:a9:ab:bf:0c:
a3:70:9f:d9:6c:0b:5f:82:8b:c1:37:3e:ec:8f:c7:
ff:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:C1:29:2B:83:95:24:0E:65:B8:C3:2C:87:F8:45:F5:F5:20:97:ED
X509v3 Authority Key Identifier:
keyid:1D:C7:52:23:21:C2:3D:16:9E:D3:32:FF:49:87:9C:CC:24:51:72:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcdSIyHCPRae0zL_SYeczCRRcts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/xcEpK4OVJA5luMMsh_hF9fUgl-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/HcdSIyHCPRae0zL_SYeczCRRcts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.0.0/20
212.113.64.0/19
IPv6:
2a02:2398::/29
Signature Algorithm: sha256WithRSAEncryption
54:6c:bf:d5:95:c5:29:ec:da:72:72:90:ea:7e:93:89:08:92:
fb:84:e9:f8:6a:61:6b:87:2b:2f:ce:4f:97:ce:71:c5:ea:a4:
37:81:bf:f2:2c:f7:c3:c0:d2:4b:ef:fa:45:56:96:2e:cc:ff:
bb:75:4f:06:9c:9d:c3:b1:3a:57:8d:fb:c5:8c:16:c2:41:2b:
3d:b8:6c:86:9a:b6:83:23:6c:97:17:6c:ad:9a:e1:30:cb:f5:
fa:26:7f:32:a1:46:78:87:8f:8d:1c:73:34:4a:b0:4c:2c:9c:
b3:f1:bb:ef:bf:0c:ee:77:f4:38:0c:71:15:a2:6b:50:21:d6:
21:af:a4:42:31:81:43:18:1a:f6:24:02:97:39:7f:fa:66:6a:
35:a8:8f:d6:2a:3f:78:92:6b:36:51:7a:5b:91:31:39:9b:b6:
81:99:ea:85:a6:cd:38:6c:e0:cc:14:cc:c3:45:30:36:75:00:
b9:16:d3:be:5e:f4:0e:bf:d0:6e:8b:7c:38:42:95:3c:3a:43:
8a:e2:29:ef:34:ad:02:0e:71:3f:f4:d7:0c:fb:9a:a6:9b:61:
c1:5d:04:64:1a:ed:aa:f4:e4:53:af:d1:18:b4:16:66:b0:1c:
4f:a3:87:4f:16:32:26:d9:a8:50:90:ee:14:ff:61:37:61:a7:
43:d7:0e:48
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZLcYtOXQ2g47jTFUIytKGqXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzc1MjIzMjFjMjNkMTY5ZWQzMzJmZjQ5ODc5Y2NjMjQ1
MTcyZGIwHhcNMjQxMDMwMDc0NTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWMxMjkyYjgzOTUyNDBlNjViOGMzMmM4N2Y4NDVmNWY1MjA5N2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmP2JIX72V3XYzwRACHCZZuAb65e9
BrqxEGeWaYxXKb9PImgX+IwacqQ9+a3UmV/TVu4n6fZTl1uvjWb6s3VLpOGuhEUB
EjPCb/D3EDJk5bBaQ7hYNSjwatAdfhedyluKPm7a4k8fDfzARP4udSV39ikk6AZP
bfA3ODi1wSJ9Yu4DQCwoWMT7GF79YuYkjTV/Np65L9TJEsTDPMD1J6X2hLP/DEL4
cPAM15FswPxj3hOjSuGnO2ggm8lyC/dRXjb2cjy2VMRfeMVoWm61yfBeiI1Gd1lr
zKeVaxnUn7f7APM8EbhgLnOeIJcNFamrvwyjcJ/ZbAtfgovBNz7sj8f/nwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMXBKSuDlSQOZbjDLIf4RfX1IJftMB8GA1UdIwQY
MBaAFB3HUiMhwj0WntMy/0mHnMwkUXLbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNkU0l5SENQUmFlMHpMX1NZZWN6Q1JSY3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81MjBkMDQtZTkxMi00ZjQ2LWE5ZTYt
NzA1NTM5M2Y3NWZlLzEveGNFcEs0T1ZKQTVsdU1Nc2hfaEY5ZlVnbC0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81MjBkMDQtZTkxMi00ZjQ2LWE5ZTYtNzA1NTM5M2Y3NWZl
LzEvSGNkU0l5SENQUmFlMHpMX1NZZWN6Q1JSY3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEPukAAwQF
1HFAMA0EAgACMAcDBQMqAiOYMA0GCSqGSIb3DQEBCwUAA4IBAQBUbL/VlcUp7Npy
cpDqfpOJCJL7hOn4amFrhysvzk+XznHF6qQ3gb/yLPfDwNJL7/pFVpYuzP+7dU8G
nJ3DsTpXjfvFjBbCQSs9uGyGmraDI2yXF2ytmuEwy/X6Jn8yoUZ4h4+NHHM0SrBM
LJyz8bvvvwzud/Q4DHEVomtQIdYhr6RCMYFDGBr2JAKXOX/6Zmo1qI/WKj94kms2
UXpbkTE5m7aBmeqFps04bODMFMzDRTA2dQC5FtO+XvQOv9Bui3w4QpU8OkOK4inv
NK0CDnE/9NcM+5qmm2HBXQRkGu2q9ORTr9EYtBZmsBxPo4dPFjIm2ahQkO4U/2E3
YadD1w5I
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:50:21 2024 by rpki-client on console-fra.rpki-client.org