Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/KM4EsQt38wiNlA7zw5hCf7tlKEc.roa
File: KM4EsQt38wiNlA7zw5hCf7tlKEc.roa (raw, json)
Hash identifier: HADWXR3bREAVKKqMNgi3nNZkI1L5hRUlHk1L+L00bmo=
Subject key identifier: 28:CE:04:B1:0B:77:F3:08:8D:94:0E:F3:C3:98:42:7F:BB:65:28:47
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 019329C7A5013B48C2822D5FD09533D1BCD0
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/KM4EsQt38wiNlA7zw5hCf7tlKEc.roa
Signing time: Thu 14 Nov 2024 08:26:09 +0000
ROA not before: Thu 14 Nov 2024 08:26:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 62.171.228.0/24 maxlen: 24
62.171.229.0/24 maxlen: 24
62.171.230.0/24 maxlen: 24
62.171.231.0/24 maxlen: 24
62.171.248.0/24 maxlen: 24
62.171.251.0/24 maxlen: 24
217.177.32.0/24 maxlen: 24
217.177.35.0/24 maxlen: 24
217.180.12.0/24 maxlen: 24
217.180.13.0/24 maxlen: 24
217.180.14.0/24 maxlen: 24
217.180.16.0/24 maxlen: 24
217.180.17.0/24 maxlen: 24
217.180.18.0/24 maxlen: 24
217.180.19.0/24 maxlen: 24
217.180.20.0/24 maxlen: 24
217.180.38.0/24 maxlen: 24
217.180.45.0/24 maxlen: 24
217.180.58.0/24 maxlen: 24
217.180.59.0/24 maxlen: 24
217.180.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:29:c7:a5:01:3b:48:c2:82:2d:5f:d0:95:33:d1:bc:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Nov 14 08:26:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28ce04b10b77f3088d940ef3c398427fbb652847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:35:7e:88:1e:88:f0:c4:40:3b:09:5a:04:c4:
af:b4:89:64:03:50:02:08:78:43:a0:90:8e:f1:ba:
98:be:24:83:db:69:ac:71:e7:44:48:c5:f7:1d:8a:
68:9d:7d:7b:86:11:30:3b:f7:e9:db:05:71:7d:19:
7a:43:f0:79:2c:aa:95:8e:5d:1d:c8:61:3c:15:06:
2f:1d:cd:97:e7:5f:c9:6a:4c:c8:b9:f2:fa:08:1a:
fd:cd:4b:1b:30:0c:5a:44:52:37:46:1a:5b:01:03:
ad:9e:08:ff:7a:25:d4:6a:fe:e9:aa:92:0e:05:fc:
23:8b:ee:b5:e1:8b:db:e4:6b:9b:a5:b3:20:bb:9e:
91:34:67:19:2d:1a:a3:5d:23:d2:f3:e3:b0:ea:12:
96:50:e6:87:70:eb:55:0e:2a:56:eb:7f:40:6b:c1:
73:47:33:ea:df:5d:f8:18:f6:7a:16:42:d6:58:fb:
28:a4:88:fd:26:bc:fc:cc:f7:1e:9b:53:cc:d2:8d:
30:9a:aa:6f:98:62:85:79:9e:ef:52:5e:5d:61:58:
e9:6a:70:39:0f:61:d2:91:35:5c:15:da:c6:57:a8:
3e:94:0f:7a:d9:19:7b:df:5d:39:10:2e:2f:24:5f:
43:0e:bb:53:94:a1:e9:f7:e5:b5:af:ac:e6:f3:13:
f1:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CE:04:B1:0B:77:F3:08:8D:94:0E:F3:C3:98:42:7F:BB:65:28:47
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/KM4EsQt38wiNlA7zw5hCf7tlKEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.228.0/22
62.171.248.0/24
62.171.251.0/24
217.177.32.0/24
217.177.35.0/24
217.180.12.0-217.180.14.255
217.180.16.0-217.180.20.255
217.180.38.0/24
217.180.45.0/24
217.180.58.0/23
217.180.61.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:29:9a:6b:36:00:51:fc:c3:cb:22:ba:46:67:18:40:c9:c2:
b0:91:d1:cd:4d:f1:5b:0e:67:aa:5a:5d:d0:64:20:f0:7d:c4:
84:d3:ba:e6:1d:b9:fe:c3:60:b0:1e:5b:e1:e5:ae:f3:4e:cc:
b4:2d:74:58:6a:25:e4:f2:9d:3a:1f:d7:36:89:e8:a8:ec:9e:
4d:b0:f2:ee:26:8a:60:8f:8f:92:3a:61:5c:e1:03:dd:7d:f5:
ff:76:71:92:7c:70:97:cb:54:81:dc:f9:f2:12:5d:5d:65:06:
42:0b:8e:84:94:53:ce:66:0d:b3:37:51:5f:ca:e2:20:26:f1:
93:88:8e:d3:7b:44:93:f9:3d:d5:07:d5:86:f3:c8:83:eb:0a:
ac:22:51:38:d9:34:a2:32:21:85:0d:1b:3d:e9:f6:1e:b5:98:
ba:91:7b:d6:ee:55:63:5b:8f:77:97:85:d7:a0:73:a8:26:90:
a8:74:7b:dd:76:42:9f:9c:5d:6b:1e:87:40:9c:ff:81:40:ec:
37:bf:67:7a:d1:20:31:36:e9:72:67:72:29:04:e1:7e:70:b3:
d7:c4:5e:94:86:82:0b:8d:1f:7a:6c:be:3d:de:ca:65:7f:bc:
57:83:84:04:47:4a:21:14:e8:d4:b3:c1:47:8f:43:e0:18:e3:
e3:5f:71:cf
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZMpx6UBO0jCgi1f0JUz0bzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQxMTE0MDgyNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGNlMDRiMTBiNzdmMzA4OGQ5NDBlZjNjMzk4NDI3ZmJiNjUyODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzV+iB6I8MRAOwlaBMSvtIlkA1AC
CHhDoJCO8bqYviSD22mscedESMX3HYponX17hhEwO/fp2wVxfRl6Q/B5LKqVjl0d
yGE8FQYvHc2X51/JakzIufL6CBr9zUsbMAxaRFI3RhpbAQOtngj/eiXUav7pqpIO
Bfwji+614Yvb5GubpbMgu56RNGcZLRqjXSPS8+Ow6hKWUOaHcOtVDipW639Aa8Fz
RzPq3134GPZ6FkLWWPsopIj9Jrz8zPcem1PM0o0wmqpvmGKFeZ7vUl5dYVjpanA5
D2HSkTVcFdrGV6g+lA962Rl73105EC4vJF9DDrtTlKHp9+W1r6zm8xPxOwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFCjOBLELd/MIjZQO88OYQn+7ZShHMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvS000RXNRdDM4d2lObEE3enc1aENmN3RsS0VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQCPqvkAwQA
Pqv4AwQAPqv7AwQA2bEgAwQA2bEjMAwDBALZtAwDBADZtA4wDAMEBNm0EAMEANm0
FAMEANm0JgMEANm0LQMEAdm0OgMEANm0PTANBgkqhkiG9w0BAQsFAAOCAQEALSma
azYAUfzDyyK6RmcYQMnCsJHRzU3xWw5nqlpd0GQg8H3EhNO65h25/sNgsB5b4eWu
807MtC10WGol5PKdOh/XNonoqOyeTbDy7iaKYI+PkjphXOED3X31/3Zxknxwl8tU
gdz58hJdXWUGQguOhJRTzmYNszdRX8riICbxk4iO03tEk/k91QfVhvPIg+sKrCJR
ONk0ojIhhQ0bPen2HrWYupF71u5VY1uPd5eF16BzqCaQqHR73XZCn5xdax6HQJz/
gUDsN79netEgMTbpcmdyKQThfnCz18RelIaCC40femy+Pd7KZX+8V4OEBEdKIRTo
1LPBR49D4Bjj419xzw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:52:53 2024 by rpki-client on console-ams.rpki-client.org