Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/XTO8dGabG27tG5axaN_S4rj1eLA.roa
File: XTO8dGabG27tG5axaN_S4rj1eLA.roa (raw, json)
Hash identifier: /qbrsnb3J+1StdfC/k2oElq8wnZ7GuIexeNyLuqjOVk=
Subject key identifier: 5D:33:BC:74:66:9B:1B:6E:ED:1B:96:B1:68:DF:D2:E2:B8:F5:78:B0
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 019174F3D58A28D346541DC34182BE2E3516
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/XTO8dGabG27tG5axaN_S4rj1eLA.roa
Signing time: Wed 21 Aug 2024 12:40:22 +0000
ROA not before: Wed 21 Aug 2024 12:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 62.233.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:74:f3:d5:8a:28:d3:46:54:1d:c3:41:82:be:2e:35:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Aug 21 12:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d33bc74669b1b6eed1b96b168dfd2e2b8f578b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d1:b7:69:01:96:ef:0a:9e:04:0e:c8:6d:b2:
ee:27:39:27:02:7f:a0:67:b3:e9:47:47:85:2f:3b:
c6:8e:7b:66:39:d2:c6:83:61:4c:ca:6e:d6:74:c3:
f9:ff:db:08:e4:4e:3c:82:80:27:e3:ec:5b:9e:56:
9b:09:09:8a:15:81:2f:6a:33:91:c4:c0:3f:12:e5:
68:52:06:23:41:c1:b9:9f:ad:be:87:a1:d8:19:c3:
08:89:a1:89:4a:57:14:c3:14:cb:4c:e5:07:fb:9f:
92:fd:71:1a:78:2a:3c:a6:04:6d:55:39:6d:d6:ef:
eb:76:fa:f8:5c:ed:16:7e:1f:f7:fb:df:78:ad:ba:
17:b1:e9:3b:8a:a6:96:a3:cd:6c:bb:50:04:d7:81:
96:dc:df:1c:1e:d6:05:2e:5f:d0:0a:76:60:77:c4:
10:e6:da:26:43:36:b8:f8:02:08:19:29:e1:45:21:
ed:3a:7a:23:bd:db:14:68:bf:a0:3f:6e:db:d0:4e:
b3:b4:1d:f2:78:95:09:cd:da:d3:2e:28:02:37:41:
40:09:a7:31:d7:b8:42:ad:95:83:53:b1:bc:f1:c0:
01:29:fb:82:0e:c5:ee:90:1c:77:9d:8e:41:c2:05:
15:86:df:95:be:a4:1b:38:16:ef:da:85:a0:b8:bc:
41:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:33:BC:74:66:9B:1B:6E:ED:1B:96:B1:68:DF:D2:E2:B8:F5:78:B0
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/XTO8dGabG27tG5axaN_S4rj1eLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.36.0/24
Signature Algorithm: sha256WithRSAEncryption
47:70:94:ff:46:b4:fe:77:4f:ea:af:06:1a:bd:0c:e8:e9:c9:
d1:5b:14:fa:36:04:37:0c:e3:47:45:a4:d0:64:ff:6e:5f:f1:
8d:ae:ac:7c:54:74:07:0f:00:9b:be:12:71:c3:e9:c8:4e:4b:
af:4f:9d:08:4a:c9:6e:56:05:ce:c1:ad:31:c4:7d:01:a2:03:
dc:47:b2:a5:be:de:bb:44:2b:1d:3d:44:33:27:f4:e2:ff:e1:
63:ef:b1:19:29:a9:18:8f:c0:69:f3:f9:ba:8b:12:66:58:ce:
d1:37:da:0c:65:e2:8e:17:5a:f7:05:ae:a3:59:b1:2f:42:a1:
b0:f7:5f:00:a5:8c:09:b4:bf:be:f6:c8:11:24:d5:83:14:1c:
80:e2:8a:fe:5b:46:8f:89:d4:5d:ba:c6:38:76:6e:a7:99:97:
82:14:39:cb:de:db:38:23:27:61:e9:7c:91:03:4a:29:3c:f4:
e6:bf:59:93:a2:10:c4:19:f3:3c:1c:72:14:e1:c5:f7:4e:bc:
9d:49:98:40:99:78:6e:6d:ce:5c:1a:39:77:aa:19:bc:cb:ff:
be:ac:db:99:41:a9:38:44:49:d2:d7:c8:e8:f4:36:3f:48:20:
64:9a:0d:82:c3:c8:58:69:51:86:32:09:51:0f:54:e7:00:0a:
64:31:b5:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZF089WKKNNGVB3DQYK+LjUWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjQwODIxMTI0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDMzYmM3NDY2OWIxYjZlZWQxYjk2YjE2OGRmZDJlMmI4ZjU3OGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtG3aQGW7wqeBA7IbbLuJzknAn+g
Z7PpR0eFLzvGjntmOdLGg2FMym7WdMP5/9sI5E48goAn4+xbnlabCQmKFYEvajOR
xMA/EuVoUgYjQcG5n62+h6HYGcMIiaGJSlcUwxTLTOUH+5+S/XEaeCo8pgRtVTlt
1u/rdvr4XO0Wfh/3+994rboXsek7iqaWo81su1AE14GW3N8cHtYFLl/QCnZgd8QQ
5tomQza4+AIIGSnhRSHtOnojvdsUaL+gP27b0E6ztB3yeJUJzdrTLigCN0FACacx
17hCrZWDU7G88cABKfuCDsXukBx3nY5BwgUVht+VvqQbOBbv2oWguLxB3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF0zvHRmmxtu7RuWsWjf0uK49XiwMB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEvWFRPOGRHYWJHMjd0RzVheGFOX1M0cmoxZUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPukkMA0G
CSqGSIb3DQEBCwUAA4IBAQBHcJT/RrT+d0/qrwYavQzo6cnRWxT6NgQ3DONHRaTQ
ZP9uX/GNrqx8VHQHDwCbvhJxw+nITkuvT50ISsluVgXOwa0xxH0BogPcR7Klvt67
RCsdPUQzJ/Ti/+Fj77EZKakYj8Bp8/m6ixJmWM7RN9oMZeKOF1r3Ba6jWbEvQqGw
918ApYwJtL++9sgRJNWDFByA4or+W0aPidRdusY4dm6nmZeCFDnL3ts4Iydh6XyR
A0opPPTmv1mTohDEGfM8HHIU4cX3TrydSZhAmXhubc5cGjl3qhm8y/++rNuZQak4
REnS18jo9DY/SCBkmg2Cw8hYaVGGMglRD1TnAApkMbV1
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:38 2024 by rpki-client on console-fra.rpki-client.org