Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/ZMg10GXfxSXg5NXgyYa77O2_lgk.roa
File: ZMg10GXfxSXg5NXgyYa77O2_lgk.roa (raw, json)
Hash identifier: 9w6ARyW9uWqBFH+xxDwJRwjZlBUsZF1f3K9rs9jsrIA=
Subject key identifier: 64:C8:35:D0:65:DF:C5:25:E0:E4:D5:E0:C9:86:BB:EC:ED:BF:96:09
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 018CC8016DD7E6E366036EAA4B2D9FD74F52
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/ZMg10GXfxSXg5NXgyYa77O2_lgk.roa
Signing time: Tue 02 Jan 2024 02:29:46 +0000
ROA not before: Tue 02 Jan 2024 02:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59599
IP address blocks: 62.132.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.mft
rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:6d:d7:e6:e3:66:03:6e:aa:4b:2d:9f:d7:4f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 02:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64c835d065dfc525e0e4d5e0c986bbecedbf9609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4d:a1:81:5e:e6:4c:cb:cb:2e:4a:b9:24:73:
f2:56:61:60:25:d1:a0:00:26:85:68:72:5c:5a:77:
70:f8:97:67:1f:c9:91:20:f8:58:c6:80:0c:82:24:
2f:0e:a2:34:89:3a:0f:32:63:8b:7b:76:d2:c3:84:
89:a9:1d:70:4a:0c:d1:a0:84:57:ef:90:58:3d:8a:
a5:82:a9:42:ef:32:fe:66:63:3c:cf:26:b4:b0:93:
73:62:03:84:02:22:5a:6c:3c:ce:6d:cb:0a:8f:c7:
5d:56:ef:c4:da:d5:62:7b:d4:49:c1:53:7f:dc:6f:
d6:2d:2a:e6:5b:08:05:53:1e:f7:02:28:a3:ca:62:
bf:78:b1:b4:40:23:8b:99:dc:34:de:46:3c:83:e0:
44:0d:23:a7:25:a3:3f:33:6d:f0:18:6d:8a:d2:df:
8e:16:53:d6:90:e7:7c:1f:a6:fd:e7:96:22:c2:8e:
ed:22:b0:9b:df:d0:24:0e:6f:aa:53:b0:5b:f6:5b:
83:fe:e2:f5:f4:9a:7a:44:bb:66:85:dc:06:b3:bd:
66:87:03:87:45:08:8f:7e:03:3c:6b:07:18:0d:81:
0f:56:92:b9:31:8d:e5:de:3b:1e:dd:fd:11:52:ea:
63:da:91:27:bb:67:3e:67:a2:81:8a:f7:32:e6:0b:
ae:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C8:35:D0:65:DF:C5:25:E0:E4:D5:E0:C9:86:BB:EC:ED:BF:96:09
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/ZMg10GXfxSXg5NXgyYa77O2_lgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.132.201.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:54:39:de:48:7d:a2:74:fc:0a:35:8a:bb:d3:a5:05:18:29:
d8:73:7e:ab:37:c5:07:db:52:08:2e:30:6b:2f:dd:cd:e8:fc:
6d:fd:a9:f6:f0:ab:fe:a7:c3:68:b1:a6:41:0c:c2:4c:99:46:
b7:0b:8d:ac:88:3d:20:62:35:a8:67:be:d6:ed:b0:65:b6:29:
97:9e:14:72:f3:48:ed:51:d1:f0:83:d5:ea:fb:d5:37:2f:52:
1e:29:f3:84:05:01:09:5e:c1:2d:63:b3:e3:a5:aa:0d:04:7c:
05:99:81:44:2d:dd:1f:ad:f9:a0:d7:5b:a7:a2:b9:13:82:1a:
a9:02:f8:e1:cc:38:05:72:9f:86:71:1f:e7:f1:29:10:52:9d:
56:7b:ea:0e:ec:a7:68:16:09:55:1f:09:2d:c0:84:fb:e2:2b:
a2:29:9c:45:8b:c2:aa:34:e8:c0:42:65:a4:62:21:4e:4e:74:
44:2c:71:e2:02:f8:61:31:c0:75:d3:b7:c8:34:8d:b4:27:06:
a2:5e:10:28:55:04:89:6f:57:b6:a5:b8:e6:8b:65:de:84:13:
02:da:c0:2e:1f:72:b3:16:26:09:f3:41:9c:a6:e2:4b:3d:ed:
5a:d7:06:e8:93:e5:3f:4b:e0:4b:72:23:93:b8:1a:47:4e:c8:
15:eb:4a:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAW3X5uNmA26qSy2f109SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjQwMTAyMDIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGM4MzVkMDY1ZGZjNTI1ZTBlNGQ1ZTBjOTg2YmJlY2VkYmY5NjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm02hgV7mTMvLLkq5JHPyVmFgJdGg
ACaFaHJcWndw+JdnH8mRIPhYxoAMgiQvDqI0iToPMmOLe3bSw4SJqR1wSgzRoIRX
75BYPYqlgqlC7zL+ZmM8zya0sJNzYgOEAiJabDzObcsKj8ddVu/E2tVie9RJwVN/
3G/WLSrmWwgFUx73AiijymK/eLG0QCOLmdw03kY8g+BEDSOnJaM/M23wGG2K0t+O
FlPWkOd8H6b955Yiwo7tIrCb39AkDm+qU7Bb9luD/uL19Jp6RLtmhdwGs71mhwOH
RQiPfgM8awcYDYEPVpK5MY3l3jse3f0RUupj2pEnu2c+Z6KBivcy5guuawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGTINdBl38Ul4OTV4MmGu+ztv5YJMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvWk1nMTBHWGZ4U1hnNU5YZ3lZYTc3TzJfbGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPoTJMA0G
CSqGSIb3DQEBCwUAA4IBAQBbVDneSH2idPwKNYq706UFGCnYc36rN8UH21IILjBr
L93N6Pxt/an28Kv+p8NosaZBDMJMmUa3C42siD0gYjWoZ77W7bBltimXnhRy80jt
UdHwg9Xq+9U3L1IeKfOEBQEJXsEtY7PjpaoNBHwFmYFELd0frfmg11unorkTghqp
AvjhzDgFcp+GcR/n8SkQUp1We+oO7KdoFglVHwktwIT74iuiKZxFi8KqNOjAQmWk
YiFOTnRELHHiAvhhMcB107fINI20JwaiXhAoVQSJb1e2pbjmi2XehBMC2sAuH3Kz
FiYJ80GcpuJLPe1a1wbok+U/S+BLciOTuBpHTsgV60px
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:01:27 2024 by rpki-client on console-ams.rpki-client.org