Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/rxQoYL9brEzdW5EQptNhpkUbRnQ.roa
File: rxQoYL9brEzdW5EQptNhpkUbRnQ.roa (raw, json)
Hash identifier: yu0YIjmOrot7mvDc1Dad03qGpwtMTFwRMS1HmDGdbRM=
Subject key identifier: AF:14:28:60:BF:5B:AC:4C:DD:5B:91:10:A6:D3:61:A6:45:1B:46:74
Certificate issuer: /CN=50182bee9aa010c1ffd2d804f6aa7b14bddb91f7
Certificate serial: 018D786B05D3135792F84B228957D1DFA638
Authority key identifier: 50:18:2B:EE:9A:A0:10:C1:FF:D2:D8:04:F6:AA:7B:14:BD:DB:91:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UBgr7pqgEMH_0tgE9qp7FL3bkfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/rxQoYL9brEzdW5EQptNhpkUbRnQ.roa
Signing time: Mon 05 Feb 2024 08:38:16 +0000
ROA not before: Mon 05 Feb 2024 08:38:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64444
IP address blocks: 62.56.137.0/24 maxlen: 24
81.199.62.0/24 maxlen: 24
81.199.83.0/24 maxlen: 24
81.199.89.0/24 maxlen: 24
81.199.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/UBgr7pqgEMH_0tgE9qp7FL3bkfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/UBgr7pqgEMH_0tgE9qp7FL3bkfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/UBgr7pqgEMH_0tgE9qp7FL3bkfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:6b:05:d3:13:57:92:f8:4b:22:89:57:d1:df:a6:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50182bee9aa010c1ffd2d804f6aa7b14bddb91f7
Validity
Not Before: Feb 5 08:38:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af142860bf5bac4cdd5b9110a6d361a6451b4674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:02:1b:a4:e5:98:aa:2b:c2:67:88:eb:89:9c:
88:02:c3:26:3e:ad:95:be:63:6c:95:27:74:36:c6:
91:38:67:5f:46:08:de:f6:3a:32:42:76:c3:d9:25:
8e:20:b9:b9:06:47:dc:55:cc:aa:51:ee:48:23:4e:
1e:5a:20:9a:40:03:8f:33:96:c6:1e:cc:9f:fc:7c:
1c:1e:d0:85:03:06:d0:6e:41:50:65:e7:3e:d9:3e:
3c:91:3a:c5:b9:6b:a5:70:ac:3a:22:c2:8c:ae:96:
ae:b5:33:1c:a5:05:5c:ec:ef:2e:9f:63:07:2b:99:
e6:b1:99:e9:6f:31:b9:3e:db:81:43:49:aa:61:45:
14:ba:d9:2b:16:b0:cc:23:97:a4:71:93:0e:db:ab:
d5:cb:79:61:d6:a6:20:de:ce:e0:f8:97:9c:8e:43:
d1:1f:26:e3:ba:ed:48:e1:85:06:51:d1:fc:b5:2d:
87:a8:99:19:c6:06:83:87:0b:f3:97:2d:f2:be:ac:
8f:b0:d5:cf:91:ab:f6:bd:86:6b:07:8f:0e:e4:c9:
69:6a:47:6b:57:df:aa:87:98:f6:a9:a1:f6:3a:a0:
d0:6c:51:e9:dd:5b:40:0b:40:21:3b:a7:a7:92:70:
3c:01:82:6c:91:51:2d:03:56:29:17:d5:21:e7:77:
b5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:14:28:60:BF:5B:AC:4C:DD:5B:91:10:A6:D3:61:A6:45:1B:46:74
X509v3 Authority Key Identifier:
keyid:50:18:2B:EE:9A:A0:10:C1:FF:D2:D8:04:F6:AA:7B:14:BD:DB:91:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UBgr7pqgEMH_0tgE9qp7FL3bkfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/rxQoYL9brEzdW5EQptNhpkUbRnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/UBgr7pqgEMH_0tgE9qp7FL3bkfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.56.137.0/24
81.199.62.0/24
81.199.83.0/24
81.199.89.0/24
81.199.94.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:cf:2e:a5:a7:12:f1:e2:e8:37:58:c3:3b:d0:d1:ac:6d:09:
2c:37:45:3c:03:ba:dc:bf:c2:af:84:b6:9b:10:a1:b5:1f:44:
b4:3e:1d:dc:71:b7:41:07:54:89:f2:c1:66:c1:f1:1c:fc:85:
2a:34:24:02:61:59:ea:20:1c:32:08:c5:73:c8:ad:89:8b:d7:
ef:df:f1:b9:9b:04:10:7e:4e:31:16:3e:b8:6b:a4:e7:09:93:
69:a0:8d:56:0c:ef:3f:c5:a5:b1:b9:7f:2e:96:32:aa:5e:75:
07:4d:c3:bb:cd:54:53:9c:e3:a1:c7:a7:b3:6c:c5:42:33:c0:
ff:02:09:fd:83:aa:ea:d9:ae:a8:5d:9f:45:65:40:20:3b:15:
d2:5e:97:ca:15:a5:0b:cc:40:a4:74:92:39:cb:28:aa:eb:15:
c7:17:4c:b7:a0:70:93:eb:93:57:f8:17:40:b4:b8:bb:08:be:
30:4b:f6:37:10:d7:96:94:fc:c6:82:76:92:7d:43:b0:cf:bc:
eb:a2:a6:5c:10:6d:a7:dd:a7:8f:e2:4b:f2:40:2e:93:3c:14:
09:8d:49:6d:98:40:d4:c1:8a:a3:74:4b:b1:36:81:b4:f1:30:
73:3a:43:b7:fb:3f:8d:0b:4b:bf:30:88:9f:34:2d:74:63:71:
dd:98:08:2c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY14awXTE1eS+EsiiVfR36Y4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMTgyYmVlOWFhMDEwYzFmZmQyZDgwNGY2YWE3YjE0YmRk
YjkxZjcwHhcNMjQwMjA1MDgzODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjE0Mjg2MGJmNWJhYzRjZGQ1YjkxMTBhNmQzNjFhNjQ1MWI0Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AIbpOWYqivCZ4jriZyIAsMmPq2V
vmNslSd0NsaROGdfRgje9joyQnbD2SWOILm5BkfcVcyqUe5II04eWiCaQAOPM5bG
Hsyf/HwcHtCFAwbQbkFQZec+2T48kTrFuWulcKw6IsKMrpautTMcpQVc7O8un2MH
K5nmsZnpbzG5PtuBQ0mqYUUUutkrFrDMI5ekcZMO26vVy3lh1qYg3s7g+JecjkPR
Hybjuu1I4YUGUdH8tS2HqJkZxgaDhwvzly3yvqyPsNXPkav2vYZrB48O5Mlpakdr
V9+qh5j2qaH2OqDQbFHp3VtAC0AhO6enknA8AYJskVEtA1YpF9Uh53e1fwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK8UKGC/W6xM3VuREKbTYaZFG0Z0MB8GA1UdIwQY
MBaAFFAYK+6aoBDB/9LYBPaqexS925H3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUJncjdwcWdFTUhfMHRnRTlxcDdGTDNia2ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9iZDQ1NjYtYWMyNy00NmY4LTk0Zjkt
MTlkMWJiNjFkOWE3LzEvcnhRb1lMOWJyRXpkVzVFUXB0Tmhwa1ViUm5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9iZDQ1NjYtYWMyNy00NmY4LTk0ZjktMTlkMWJiNjFkOWE3
LzEvVUJncjdwcWdFTUhfMHRnRTlxcDdGTDNia2ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAPjiJAwQA
Ucc+AwQAUcdTAwQAUcdZAwQAUcdeMA0GCSqGSIb3DQEBCwUAA4IBAQCOzy6lpxLx
4ug3WMM70NGsbQksN0U8A7rcv8KvhLabEKG1H0S0Ph3ccbdBB1SJ8sFmwfEc/IUq
NCQCYVnqIBwyCMVzyK2Ji9fv3/G5mwQQfk4xFj64a6TnCZNpoI1WDO8/xaWxuX8u
ljKqXnUHTcO7zVRTnOOhx6ezbMVCM8D/Agn9g6rq2a6oXZ9FZUAgOxXSXpfKFaUL
zECkdJI5yyiq6xXHF0y3oHCT65NX+BdAtLi7CL4wS/Y3ENeWlPzGgnaSfUOwz7zr
oqZcEG2n3aeP4kvyQC6TPBQJjUltmEDUwYqjdEuxNoG08TBzOkO3+z+NC0u/MIif
NC10Y3HdmAgs
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:28:52 2024 by rpki-client on console-ams.rpki-client.org