Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/82AaFMBhg37Hc4Xk81JKohC1ONo.roa
File: 82AaFMBhg37Hc4Xk81JKohC1ONo.roa (raw, json)
Hash identifier: 71kWXVQuX7SI2uHnRJkSo4Yd47McmR5VwcwqR7m4lrw=
Subject key identifier: F3:60:1A:14:C0:61:83:7E:C7:73:85:E4:F3:52:4A:A2:10:B5:38:DA
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 018CC49387BDA7BF3FF4F4180B978D2F2A7F
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/82AaFMBhg37Hc4Xk81JKohC1ONo.roa
Signing time: Mon 01 Jan 2024 10:30:51 +0000
ROA not before: Mon 01 Jan 2024 10:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199967
IP address blocks: 62.216.85.0/24 maxlen: 24
62.216.84.0/24 maxlen: 24
62.216.86.0/24 maxlen: 24
62.216.90.0/24 maxlen: 24
62.216.89.0/24 maxlen: 24
62.216.88.0/24 maxlen: 24
62.216.87.0/24 maxlen: 24
62.216.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:87:bd:a7:bf:3f:f4:f4:18:0b:97:8d:2f:2a:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 1 10:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3601a14c061837ec77385e4f3524aa210b538da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b9:17:ae:8f:9e:fa:93:d8:ab:b5:c1:b9:91:
d1:c0:9e:f0:d6:0e:f4:70:66:9b:8f:f2:ff:de:a3:
91:5c:52:6e:e2:1f:2f:80:1e:fe:f6:dc:db:bd:be:
47:51:62:80:e1:70:44:59:e4:c0:dc:9e:7b:a5:de:
0b:e6:39:25:c8:67:5f:23:26:45:9f:bc:ed:10:bf:
bf:56:e0:ee:0a:1e:48:e8:18:48:5e:85:68:bd:02:
46:c6:82:f5:2f:98:a1:72:8f:5c:14:5d:29:ac:87:
78:3f:b0:a6:40:9e:1d:9b:07:07:57:b2:67:f8:98:
bf:e2:f6:d0:25:ca:67:9f:5b:45:9f:a5:03:a7:30:
d8:ea:ea:a9:b0:f4:a9:e9:d1:ab:94:73:1e:3e:22:
c2:c8:89:b0:b9:96:a2:32:7b:7d:40:2e:e8:71:2c:
2e:ba:e2:f6:00:08:18:24:60:ae:a7:a4:09:e5:f4:
3c:58:86:e5:cb:a5:fe:27:06:9b:cd:ca:f0:63:b7:
44:1d:80:d8:de:04:df:cf:01:11:c3:45:e7:54:3d:
d6:da:c6:0a:34:74:07:f7:8b:70:48:b6:33:2a:83:
57:1c:24:3d:95:55:e0:9e:d7:6c:2f:2f:ae:91:eb:
a5:9d:f1:f5:98:42:7e:4f:6d:5a:aa:50:b2:66:f7:
8a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:60:1A:14:C0:61:83:7E:C7:73:85:E4:F3:52:4A:A2:10:B5:38:DA
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/82AaFMBhg37Hc4Xk81JKohC1ONo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.216.84.0-62.216.91.255
Signature Algorithm: sha256WithRSAEncryption
99:70:d5:c2:02:93:9d:bd:e8:92:df:ce:12:d3:ea:88:a2:3c:
2f:82:d0:f1:67:69:a1:5e:ea:53:7c:8a:ce:c1:0b:21:b0:1d:
af:c5:df:54:34:65:06:f9:e7:9e:ad:4e:09:85:0d:44:5f:5e:
8f:55:0d:1f:b9:f0:68:4b:73:9a:d6:bb:74:fb:ae:3b:38:e3:
a0:36:81:8d:26:91:26:cd:7f:07:2e:a4:d3:ef:97:9d:28:cd:
ce:0a:26:c2:f5:2f:cc:02:e9:0c:1d:ce:48:5c:39:e1:3d:df:
e4:31:bd:6b:70:a4:97:e8:0e:64:e0:73:7d:d0:57:06:04:4b:
cb:12:fe:98:c4:18:e2:35:73:ec:67:e1:96:ef:38:5b:51:24:
ab:ba:71:26:50:68:18:37:89:6e:95:d8:30:c1:0b:05:87:86:
28:9e:ce:8b:08:cf:e9:d6:99:9e:7c:f6:fd:9e:84:bb:26:09:
f9:ff:5b:74:da:98:6c:51:05:49:08:5a:43:fe:30:1b:aa:76:
58:21:f7:88:10:48:bd:58:be:0c:1b:2d:74:77:f0:e9:98:65:
c6:aa:fa:e8:7c:28:47:da:76:e5:60:ad:e4:3f:1c:28:3b:e9:
2c:c9:ed:d0:b8:dc:b7:c3:99:f0:41:4b:ec:4a:1e:69:0e:72:
74:22:48:f7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzEk4e9p78/9PQYC5eNLyp/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjQwMTAxMTAzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzYwMWExNGMwNjE4MzdlYzc3Mzg1ZTRmMzUyNGFhMjEwYjUzOGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbkXro+e+pPYq7XBuZHRwJ7w1g70
cGabj/L/3qORXFJu4h8vgB7+9tzbvb5HUWKA4XBEWeTA3J57pd4L5jklyGdfIyZF
n7ztEL+/VuDuCh5I6BhIXoVovQJGxoL1L5ihco9cFF0prId4P7CmQJ4dmwcHV7Jn
+Ji/4vbQJcpnn1tFn6UDpzDY6uqpsPSp6dGrlHMePiLCyImwuZaiMnt9QC7ocSwu
uuL2AAgYJGCup6QJ5fQ8WIbly6X+JwabzcrwY7dEHYDY3gTfzwERw0XnVD3W2sYK
NHQH94twSLYzKoNXHCQ9lVXgntdsLy+ukeulnfH1mEJ+T21aqlCyZveKCQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPNgGhTAYYN+x3OF5PNSSqIQtTjaMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvODJBYUZNQmhnMzdIYzRYazgxSktvaEMxT05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAI+2FQD
BAI+2FgwDQYJKoZIhvcNAQELBQADggEBAJlw1cICk5296JLfzhLT6oiiPC+C0PFn
aaFe6lN8is7BCyGwHa/F31Q0ZQb5556tTgmFDURfXo9VDR+58GhLc5rWu3T7rjs4
46A2gY0mkSbNfwcupNPvl50ozc4KJsL1L8wC6QwdzkhcOeE93+QxvWtwpJfoDmTg
c33QVwYES8sS/pjEGOI1c+xn4ZbvOFtRJKu6cSZQaBg3iW6V2DDBCwWHhiiezosI
z+nWmZ589v2ehLsmCfn/W3TamGxRBUkIWkP+MBuqdlgh94gQSL1YvgwbLXR38OmY
Zcaq+uh8KEfaduVgreQ/HCg76SzJ7dC43LfDmfBBS+xKHmkOcnQiSPc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:57:46 2024 by rpki-client on console-fra.rpki-client.org