Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/NEKa7lIFJGBn7kzjbcLHtkGN_qU.roa
File: NEKa7lIFJGBn7kzjbcLHtkGN_qU.roa (raw, json)
Hash identifier: /6yr9Qt6I/L2Oem151kiKzBTz7EzsBL4NdV31TWWhzQ=
Subject key identifier: 34:42:9A:EE:52:05:24:60:67:EE:4C:E3:6D:C2:C7:B6:41:8D:FE:A5
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 018CC5DC484BE2E9F56FFAFF185A1BC9ACA2
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/NEKa7lIFJGBn7kzjbcLHtkGN_qU.roa
Signing time: Mon 01 Jan 2024 16:29:57 +0000
ROA not before: Mon 01 Jan 2024 16:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51054
IP address blocks: 62.76.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:48:4b:e2:e9:f5:6f:fa:ff:18:5a:1b:c9:ac:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 1 16:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34429aee5205246067ee4ce36dc2c7b6418dfea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a2:90:bb:3e:c1:74:16:7e:76:48:7d:59:d6:
a6:ff:a5:e9:e2:22:16:fb:83:06:fa:5f:5d:12:45:
27:73:7f:b3:24:67:a8:63:f3:fc:6b:c0:55:bd:38:
a9:04:7c:ba:ab:9c:65:6d:41:2c:e1:52:6f:7b:a5:
6f:00:37:dc:69:50:0f:33:9f:a3:db:7d:e9:d4:3a:
dd:2c:9d:e9:93:10:80:7f:43:60:14:f1:9a:d1:6f:
09:56:62:1b:f6:e4:6a:9f:c6:18:57:7f:07:7d:d6:
bf:30:8b:52:fe:d1:6f:88:cb:31:e6:0d:fa:4e:2f:
79:2c:02:56:4b:73:4c:92:1c:df:20:ec:41:36:d9:
7d:06:01:41:aa:7b:c7:e4:b3:45:84:4a:99:45:9c:
71:b9:2c:b6:50:d4:ec:17:2a:2e:4b:4c:76:5c:e5:
4d:27:9f:86:28:aa:85:cc:5d:c4:45:ab:da:22:df:
1c:1b:e3:eb:60:e5:67:a3:b1:ef:56:6b:9d:58:a0:
11:c7:05:4a:d7:b6:fd:fa:1d:5d:90:80:27:a4:8c:
fb:27:60:25:b8:9e:79:a4:2c:2c:bc:6c:1c:45:0a:
40:04:3f:09:c7:e1:d2:fd:da:6d:ab:d8:c8:e1:fb:
8c:5e:3c:6f:9c:f9:f1:55:11:6d:2e:eb:39:25:e7:
79:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:42:9A:EE:52:05:24:60:67:EE:4C:E3:6D:C2:C7:B6:41:8D:FE:A5
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/NEKa7lIFJGBn7kzjbcLHtkGN_qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.70.0/24
Signature Algorithm: sha256WithRSAEncryption
09:1f:7e:75:92:a1:ff:35:24:d7:aa:6e:17:19:45:94:3c:8a:
c5:53:2a:3c:a8:4b:12:7b:d7:9e:c8:90:8f:42:83:92:9b:19:
71:ce:06:74:6a:ef:a3:b0:31:ba:68:6c:f4:73:92:f8:03:2f:
38:17:eb:f6:5b:ae:d7:9b:b5:b1:a1:75:be:8d:9f:3f:ca:62:
f7:4a:80:b9:21:27:eb:05:35:64:64:c4:9f:3b:da:ee:d2:f1:
a6:5f:74:32:3c:63:f2:eb:f6:8c:6b:eb:3b:24:ae:af:13:08:
a2:3e:dc:d1:4b:c0:31:76:c4:a2:ec:24:74:35:ac:43:f7:03:
92:af:c8:f1:d5:02:00:53:37:5e:6f:3a:8c:3a:ae:00:52:09:
76:66:09:a7:2e:a5:14:c9:b1:43:e5:9b:92:59:43:43:e8:e3:
66:0a:c1:44:ea:8d:54:45:6e:a8:9e:29:a0:0b:4b:a9:cb:7f:
46:36:6d:9a:46:28:a2:dd:a6:0d:0e:3c:61:39:73:ec:37:5c:
52:c7:ea:5a:fb:07:49:95:b6:3f:85:a3:3b:9f:16:39:6f:41:
6b:79:eb:b5:2b:e2:1f:2b:aa:ab:eb:2f:21:cf:5e:96:6f:9b:
bb:5b:9d:7f:22:57:ef:6f:5e:f6:08:39:56:88:77:1f:cc:83:
55:d5:d4:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3EhL4un1b/r/GFobyayiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjQwMTAxMTYyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDQyOWFlZTUyMDUyNDYwNjdlZTRjZTM2ZGMyYzdiNjQxOGRmZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaKQuz7BdBZ+dkh9Wdam/6Xp4iIW
+4MG+l9dEkUnc3+zJGeoY/P8a8BVvTipBHy6q5xlbUEs4VJve6VvADfcaVAPM5+j
233p1DrdLJ3pkxCAf0NgFPGa0W8JVmIb9uRqn8YYV38Hfda/MItS/tFviMsx5g36
Ti95LAJWS3NMkhzfIOxBNtl9BgFBqnvH5LNFhEqZRZxxuSy2UNTsFyouS0x2XOVN
J5+GKKqFzF3ERavaIt8cG+PrYOVno7HvVmudWKARxwVK17b9+h1dkIAnpIz7J2Al
uJ55pCwsvGwcRQpABD8Jx+HS/dptq9jI4fuMXjxvnPnxVRFtLus5Jed5fwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRCmu5SBSRgZ+5M423Cx7ZBjf6lMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvTkVLYTdsSUZKR0JuN2t6amJjTEh0a0dOX3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkxGMA0G
CSqGSIb3DQEBCwUAA4IBAQAJH351kqH/NSTXqm4XGUWUPIrFUyo8qEsSe9eeyJCP
QoOSmxlxzgZ0au+jsDG6aGz0c5L4Ay84F+v2W67Xm7WxoXW+jZ8/ymL3SoC5ISfr
BTVkZMSfO9ru0vGmX3QyPGPy6/aMa+s7JK6vEwiiPtzRS8AxdsSi7CR0NaxD9wOS
r8jx1QIAUzdebzqMOq4AUgl2ZgmnLqUUybFD5ZuSWUND6ONmCsFE6o1URW6onimg
C0upy39GNm2aRiii3aYNDjxhOXPsN1xSx+pa+wdJlbY/haM7nxY5b0Freeu1K+If
K6qr6y8hz16Wb5u7W51/Ilfvb172CDlWiHcfzINV1dRb
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:59:30 2024 by rpki-client on console-fra.rpki-client.org