Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1-kTTfbWG9NkSfWX1RuNDsy5bfTc.roa
File: 1-kTTfbWG9NkSfWX1RuNDsy5bfTc.roa (raw, json)
Hash identifier: OcgM/nX5HSeqjui3z/APE8L3iZkLGWMFmjGjyHA/tgM=
Subject key identifier: FA:44:D3:7D:B5:86:F4:D9:12:7D:65:F5:46:E3:43:B3:2E:5B:7D:37
Certificate issuer: /CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
Certificate serial: 018CC5014E9E998B3943B5CD493B367773FF
Authority key identifier: D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1-kTTfbWG9NkSfWX1RuNDsy5bfTc.roa
Signing time: Mon 01 Jan 2024 12:30:46 +0000
ROA not before: Mon 01 Jan 2024 12:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203206
IP address blocks: 62.228.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:4e:9e:99:8b:39:43:b5:cd:49:3b:36:77:73:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
Validity
Not Before: Jan 1 12:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa44d37db586f4d9127d65f546e343b32e5b7d37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a2:d9:f9:6f:98:70:58:b2:94:48:f4:b5:b5:
1c:cd:f6:29:29:82:0a:27:d9:e7:f7:cd:11:b0:db:
71:7c:16:15:fc:21:cb:8c:fc:07:22:88:59:49:4f:
64:dc:34:61:6b:fc:fc:28:5d:7f:7f:fe:a5:9c:4f:
5c:f5:0b:45:b7:7c:e4:0c:a4:26:1e:58:d3:4c:34:
3e:92:30:b6:05:d1:74:e5:93:75:e2:b3:de:62:eb:
0a:c0:a8:99:1a:46:36:91:e4:3f:5a:6f:59:a3:d8:
c7:96:39:b4:92:8d:aa:81:3b:73:9a:1d:f8:c3:e1:
13:21:f3:1f:ce:36:b2:c3:e9:be:62:bb:d6:b1:38:
39:74:3d:98:ec:87:55:39:4c:73:99:71:1b:1b:19:
f5:38:1b:23:33:87:8d:da:fc:30:4b:93:9c:98:2f:
04:3d:b4:26:b5:b1:09:2e:26:70:7c:11:46:e9:6b:
fd:02:e8:92:f1:5e:c5:2b:2e:18:6c:e5:96:db:86:
af:3e:63:90:fd:e8:75:40:27:4c:43:89:8b:be:ef:
40:29:1c:da:3f:7a:b9:22:bd:e9:90:f0:a0:e7:57:
68:fe:ce:c6:2f:f0:ed:da:4b:b6:0b:ee:1d:36:3f:
8a:07:27:1b:49:8c:ef:a7:40:6d:7b:ee:5e:33:00:
88:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:44:D3:7D:B5:86:F4:D9:12:7D:65:F5:46:E3:43:B3:2E:5B:7D:37
X509v3 Authority Key Identifier:
keyid:D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1-kTTfbWG9NkSfWX1RuNDsy5bfTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.228.231.0/24
Signature Algorithm: sha256WithRSAEncryption
78:84:ce:58:eb:5b:f8:bb:3f:a7:9b:29:53:ee:97:75:f5:c8:
6a:3e:c3:11:74:4e:d0:01:4e:a1:4d:ed:6a:1d:70:74:8f:a8:
71:c4:11:86:fc:a3:43:94:3a:5c:3d:9f:4b:70:57:c1:8c:85:
1b:c7:d0:11:18:58:e2:28:1f:02:2f:46:dc:cf:b0:ed:1a:05:
d3:84:0a:b7:df:51:87:9a:25:ca:e2:8d:cc:7d:96:dc:5d:f8:
3f:21:f7:bc:e4:7d:c5:5f:f4:f8:41:40:aa:f6:e7:81:1b:dc:
4f:27:d5:1f:4d:6a:10:ad:09:20:2a:f7:38:56:55:b0:9a:fb:
d0:08:80:8b:98:23:aa:d7:a6:9e:d5:83:ed:df:9b:e2:bd:fe:
30:07:47:b4:c2:76:89:fe:f5:0d:8d:08:7c:a5:ff:3a:f3:36:
62:d8:3a:4f:0f:8d:90:57:0d:96:c7:17:a6:95:d9:2d:6e:55:
b3:8d:47:c8:b7:4b:a2:9d:46:06:40:e4:c8:fd:2a:03:4b:84:
a9:e9:48:5e:c1:7a:9a:76:79:ff:a7:dc:4a:92:3f:ac:d2:80:
86:29:39:4c:38:7c:a5:fa:cc:48:83:26:cf:74:74:b6:e0:1f:
5f:28:50:1a:a5:71:96:67:98:5b:cc:ea:b4:92:a5:94:89:de:
ea:38:1b:01
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFAU6emYs5Q7XNSTs2d3P/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTFhYmM0YzA0NjhhYjI4OTFlYWFjYWRiYTBkYzAzNzc5
MzZmZDUwHhcNMjQwMTAxMTIzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTQ0ZDM3ZGI1ODZmNGQ5MTI3ZDY1ZjU0NmUzNDNiMzJlNWI3ZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqLZ+W+YcFiylEj0tbUczfYpKYIK
J9nn980RsNtxfBYV/CHLjPwHIohZSU9k3DRha/z8KF1/f/6lnE9c9QtFt3zkDKQm
HljTTDQ+kjC2BdF05ZN14rPeYusKwKiZGkY2keQ/Wm9Zo9jHljm0ko2qgTtzmh34
w+ETIfMfzjayw+m+YrvWsTg5dD2Y7IdVOUxzmXEbGxn1OBsjM4eN2vwwS5OcmC8E
PbQmtbEJLiZwfBFG6Wv9AuiS8V7FKy4YbOWW24avPmOQ/eh1QCdMQ4mLvu9AKRza
P3q5Ir3pkPCg51do/s7GL/Dt2ku2C+4dNj+KBycbSYzvp0Bte+5eMwCIswIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpE0321hvTZEn1l9UbjQ7MuW303MB8GA1UdIwQY
MBaAFNQRq8TARoqyiR6qytug3AN3k2/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJHcnhNQkdpcktKSHFySzI2RGNBM2VUYjlVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My82MThlNTMtYWZjNC00MGRmLTg2MTIt
YjBmNGI5YzM3ZTQ5LzEvMS1rVFRmYldHOU5rU2ZXWDFSdU5Ec3k1YmZUYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTMvNjE4ZTUzLWFmYzQtNDBkZi04NjEyLWIwZjRiOWMzN2U0
OS8xLzFCR3J4TUJHaXJLSkhxcksyNkRjQTNlVGI5VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD7k5zAN
BgkqhkiG9w0BAQsFAAOCAQEAeITOWOtb+Ls/p5spU+6XdfXIaj7DEXRO0AFOoU3t
ah1wdI+occQRhvyjQ5Q6XD2fS3BXwYyFG8fQERhY4igfAi9G3M+w7RoF04QKt99R
h5olyuKNzH2W3F34PyH3vOR9xV/0+EFAqvbngRvcTyfVH01qEK0JICr3OFZVsJr7
0AiAi5gjqtemntWD7d+b4r3+MAdHtMJ2if71DY0IfKX/OvM2Ytg6Tw+NkFcNlscX
ppXZLW5Vs41HyLdLop1GBkDkyP0qA0uEqelIXsF6mnZ5/6fcSpI/rNKAhik5TDh8
pfrMSIMmz3R0tuAfXyhQGqVxlmeYW8zqtJKllIne6jgbAQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:14:07 2024 by rpki-client on console-ams.rpki-client.org