Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/972d71-5e7f-4cc9-af87-66ad1dc87363/1/bFHXBYbvbNSOTRMC7gzVpM2dFos.roa
File: bFHXBYbvbNSOTRMC7gzVpM2dFos.roa (raw, json)
Hash identifier: NahV0YZn7xgt2wHpJR1/t9AB8+eJSiYRSd4wbas4KvI=
Subject key identifier: 6C:51:D7:05:86:EF:6C:D4:8E:4D:13:02:EE:0C:D5:A4:CD:9D:16:8B
Certificate issuer: /CN=30532e3dc3718f2e1b556a69470b1e739dd39022
Certificate serial: 018CC6B9262B85495CAFD9C3F5C7AE345338
Authority key identifier: 30:53:2E:3D:C3:71:8F:2E:1B:55:6A:69:47:0B:1E:73:9D:D3:90:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MFMuPcNxjy4bVWppRwsec53TkCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/972d71-5e7f-4cc9-af87-66ad1dc87363/1/bFHXBYbvbNSOTRMC7gzVpM2dFos.roa
Signing time: Mon 01 Jan 2024 20:31:11 +0000
ROA not before: Mon 01 Jan 2024 20:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39376
IP address blocks: 62.148.2.0/24 maxlen: 24
62.148.0.0/19 maxlen: 19
62.148.1.0/24 maxlen: 24
62.148.0.0/24 maxlen: 24
62.148.4.0/24 maxlen: 24
62.148.3.0/24 maxlen: 24
62.148.11.0/24 maxlen: 24
62.148.10.0/24 maxlen: 24
62.148.9.0/24 maxlen: 24
62.148.8.0/24 maxlen: 24
62.148.7.0/24 maxlen: 24
62.148.6.0/24 maxlen: 24
62.148.5.0/24 maxlen: 24
62.148.16.0/24 maxlen: 24
62.148.15.0/24 maxlen: 24
62.148.14.0/24 maxlen: 24
62.148.13.0/24 maxlen: 24
62.148.12.0/24 maxlen: 24
62.148.17.0/24 maxlen: 24
62.148.24.0/24 maxlen: 24
62.148.23.0/24 maxlen: 24
62.148.22.0/24 maxlen: 24
62.148.21.0/24 maxlen: 24
62.148.20.0/24 maxlen: 24
62.148.19.0/24 maxlen: 24
62.148.18.0/24 maxlen: 24
62.148.30.0/24 maxlen: 24
62.148.29.0/24 maxlen: 24
62.148.28.0/24 maxlen: 24
62.148.27.0/24 maxlen: 24
62.148.26.0/24 maxlen: 24
62.148.25.0/24 maxlen: 24
62.148.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/972d71-5e7f-4cc9-af87-66ad1dc87363/1/MFMuPcNxjy4bVWppRwsec53TkCI.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/972d71-5e7f-4cc9-af87-66ad1dc87363/1/MFMuPcNxjy4bVWppRwsec53TkCI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MFMuPcNxjy4bVWppRwsec53TkCI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:26:2b:85:49:5c:af:d9:c3:f5:c7:ae:34:53:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30532e3dc3718f2e1b556a69470b1e739dd39022
Validity
Not Before: Jan 1 20:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c51d70586ef6cd48e4d1302ee0cd5a4cd9d168b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a6:bc:e5:4a:1b:c6:da:45:a9:3c:f3:ad:35:
ee:e3:bb:99:3d:a7:94:db:cc:96:9b:cc:14:03:ab:
c4:55:fe:8e:55:33:cd:a5:77:6e:2b:3b:61:94:4b:
c4:05:5f:3b:f4:0a:98:d0:4e:06:06:cb:c7:b7:08:
f3:0c:f7:a8:92:e0:de:4c:ad:41:a7:b1:4e:0a:17:
90:74:42:c7:0b:98:d4:4f:a3:2b:23:ff:67:93:5c:
1c:82:8e:14:53:ab:0a:c9:63:b7:e9:d5:83:9f:61:
7b:4f:60:91:0f:45:b0:0a:71:b7:7c:74:56:dd:84:
22:d6:07:3d:bd:a6:e4:6a:fc:32:68:ae:c0:21:94:
6b:17:5f:7a:ab:0e:17:c9:a8:78:d8:a2:7c:81:d4:
30:b6:67:6a:0e:0f:61:c2:bd:7f:45:f9:7d:fc:fa:
2b:c2:a8:e4:80:88:a6:e8:cc:de:c3:f9:bb:60:d3:
46:5b:12:f9:f8:a4:0c:47:b0:af:01:26:3d:3f:fb:
ca:a6:75:41:b3:14:0f:31:b0:cf:1c:28:34:5c:23:
e1:9c:4c:ae:51:98:ef:38:05:16:cd:11:1f:11:e5:
c6:3d:17:1f:c0:ef:d0:fc:98:cf:8e:17:f9:80:e9:
7b:cc:1a:fc:64:9f:62:65:f2:ac:70:5f:61:88:59:
25:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:51:D7:05:86:EF:6C:D4:8E:4D:13:02:EE:0C:D5:A4:CD:9D:16:8B
X509v3 Authority Key Identifier:
keyid:30:53:2E:3D:C3:71:8F:2E:1B:55:6A:69:47:0B:1E:73:9D:D3:90:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MFMuPcNxjy4bVWppRwsec53TkCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/972d71-5e7f-4cc9-af87-66ad1dc87363/1/bFHXBYbvbNSOTRMC7gzVpM2dFos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/972d71-5e7f-4cc9-af87-66ad1dc87363/1/MFMuPcNxjy4bVWppRwsec53TkCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.148.0.0/19
Signature Algorithm: sha256WithRSAEncryption
14:08:e9:6c:ed:37:e0:fb:b5:7a:09:a1:30:ee:bc:62:0a:e7:
c0:81:6a:68:a2:d9:dd:c5:de:e3:68:88:31:29:f4:a2:00:d6:
30:33:60:46:9b:f6:45:82:94:f7:41:6f:43:8e:88:d4:f9:82:
96:1c:8a:65:a7:48:ac:1a:02:82:b6:d6:2d:42:a4:b4:ee:a0:
f9:fe:af:52:8e:fb:13:80:b7:1c:c2:fe:c8:8b:af:87:98:5d:
aa:b2:4c:c9:ec:4f:a2:62:82:18:76:c6:54:7b:49:d4:69:ae:
d0:c9:c3:dc:d5:9c:76:45:e8:6f:10:be:c6:f5:fa:ee:c8:f3:
bd:1f:ab:03:b9:36:84:27:a2:72:3b:1e:25:0c:b7:84:c2:29:
fe:62:8c:bb:20:bb:a1:b9:60:3d:cc:bd:a7:50:8c:53:6e:05:
1d:6a:f6:1e:53:7f:27:ee:a9:8f:53:fe:0a:f9:0d:81:0d:b5:
d1:bb:7d:58:f2:b3:6c:19:34:68:30:21:b8:2d:f7:c8:31:53:
b6:7c:56:af:42:66:1b:64:cb:a5:9d:73:73:27:7d:2c:35:f2:
f7:76:76:9f:28:f9:20:08:f4:4c:89:5d:6e:63:54:db:e5:ab:
9f:cd:a6:4f:d3:6d:4f:25:fa:17:c8:d6:c7:f3:ed:9c:df:09:
23:9b:61:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuSYrhUlcr9nD9ceuNFM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNTMyZTNkYzM3MThmMmUxYjU1NmE2OTQ3MGIxZTczOWRk
MzkwMjIwHhcNMjQwMTAxMjAzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzUxZDcwNTg2ZWY2Y2Q0OGU0ZDEzMDJlZTBjZDVhNGNkOWQxNjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKa85UobxtpFqTzzrTXu47uZPaeU
28yWm8wUA6vEVf6OVTPNpXduKzthlEvEBV879AqY0E4GBsvHtwjzDPeokuDeTK1B
p7FOCheQdELHC5jUT6MrI/9nk1wcgo4UU6sKyWO36dWDn2F7T2CRD0WwCnG3fHRW
3YQi1gc9vabkavwyaK7AIZRrF196qw4Xyah42KJ8gdQwtmdqDg9hwr1/Rfl9/Por
wqjkgIim6Mzew/m7YNNGWxL5+KQMR7CvASY9P/vKpnVBsxQPMbDPHCg0XCPhnEyu
UZjvOAUWzREfEeXGPRcfwO/Q/JjPjhf5gOl7zBr8ZJ9iZfKscF9hiFklkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGxR1wWG72zUjk0TAu4M1aTNnRaLMB8GA1UdIwQY
MBaAFDBTLj3DcY8uG1VqaUcLHnOd05AiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUZNdVBjTnhqeTRiVldwcFJ3c2VjNTNUa0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny85NzJkNzEtNWU3Zi00Y2M5LWFmODct
NjZhZDFkYzg3MzYzLzEvYkZIWEJZYnZiTlNPVFJNQzdnelZwTTJkRm9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny85NzJkNzEtNWU3Zi00Y2M5LWFmODctNjZhZDFkYzg3MzYz
LzEvTUZNdVBjTnhqeTRiVldwcFJ3c2VjNTNUa0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFPpQAMA0G
CSqGSIb3DQEBCwUAA4IBAQAUCOls7Tfg+7V6CaEw7rxiCufAgWpootndxd7jaIgx
KfSiANYwM2BGm/ZFgpT3QW9DjojU+YKWHIplp0isGgKCttYtQqS07qD5/q9SjvsT
gLccwv7Ii6+HmF2qskzJ7E+iYoIYdsZUe0nUaa7QycPc1Zx2RehvEL7G9fruyPO9
H6sDuTaEJ6JyOx4lDLeEwin+Yoy7ILuhuWA9zL2nUIxTbgUdavYeU38n7qmPU/4K
+Q2BDbXRu31Y8rNsGTRoMCG4LffIMVO2fFavQmYbZMulnXNzJ30sNfL3dnafKPkg
CPRMiV1uY1Tb5aufzaZP021PJfoXyNbH8+2c3wkjm2GF
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:36:35 2024 by rpki-client on console-ams.rpki-client.org