Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/3uSFA8wdel-DwcgtWTYAIoeNxy0.roa
File: 3uSFA8wdel-DwcgtWTYAIoeNxy0.roa (raw, json)
Hash identifier: KVXffjo6MvdDtooAd41cajPlpNUxOYvS2rvBHOL5+WU=
Subject key identifier: DE:E4:85:03:CC:1D:7A:5F:83:C1:C8:2D:59:36:00:22:87:8D:C7:2D
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018E5CA4C16944743FD2124AE80755D1E313
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/3uSFA8wdel-DwcgtWTYAIoeNxy0.roa
Signing time: Wed 20 Mar 2024 16:14:45 +0000
ROA not before: Wed 20 Mar 2024 16:14:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7922
IP address blocks: 62.164.240.0/20 maxlen: 20
212.32.112.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5c:a4:c1:69:44:74:3f:d2:12:4a:e8:07:55:d1:e3:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Mar 20 16:14:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dee48503cc1d7a5f83c1c82d59360022878dc72d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c2:4b:9a:8e:6d:4f:d8:84:31:72:74:49:6b:
22:cc:34:bc:c6:71:37:18:5b:13:05:d7:f0:ed:50:
b7:2d:ca:b2:91:00:3b:ea:cb:c1:12:97:aa:9a:2d:
fd:8a:d6:8d:cb:b2:0d:18:17:e3:7c:08:df:28:c3:
3f:b0:ea:6c:13:8b:1d:24:78:0a:1d:5d:c8:e0:97:
c6:36:6e:66:23:17:2f:fa:96:a5:9b:4c:24:c3:e4:
df:01:c8:34:43:c8:f2:8d:c2:c2:6a:41:ce:3b:98:
a8:42:5a:35:df:ef:a6:02:b9:79:75:9a:8d:d9:8c:
81:b2:ce:d5:4c:99:98:79:3c:e1:a4:ed:cf:b0:5c:
dc:20:98:0a:3f:37:23:aa:5a:4a:74:64:31:0c:40:
90:d8:5a:9b:7d:6b:77:dd:1a:e9:78:f4:80:e1:1c:
fe:06:10:70:3a:eb:76:14:16:c7:52:1b:43:a6:15:
68:f2:8d:57:11:a1:7f:08:eb:53:95:67:a1:14:80:
bf:ad:b3:21:bb:5a:44:df:e7:96:bd:4f:0a:9e:e7:
2c:c9:78:f6:c5:22:01:87:ea:c9:07:2f:93:05:be:
13:02:35:a9:28:6e:d0:2d:07:94:19:f7:83:19:b3:
5d:e0:8c:03:b6:19:0c:df:f3:e5:31:eb:a4:74:13:
68:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E4:85:03:CC:1D:7A:5F:83:C1:C8:2D:59:36:00:22:87:8D:C7:2D
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/3uSFA8wdel-DwcgtWTYAIoeNxy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.240.0/20
212.32.112.0/20
Signature Algorithm: sha256WithRSAEncryption
5f:44:cf:8a:0c:c8:61:46:3e:30:7b:f6:2a:8b:ad:06:70:e1:
e1:75:2f:53:71:a5:a2:ec:91:d7:f6:86:1e:3a:62:6c:09:fc:
fd:88:65:8d:cb:0b:07:e5:f9:e4:28:09:f1:12:cb:c1:75:8a:
a0:54:3f:24:33:cf:99:96:72:0a:ec:27:7e:60:eb:2e:b3:74:
1a:b5:38:f5:c7:dd:35:3f:c9:2c:10:52:32:67:5c:8f:1f:0b:
4d:9a:c8:ee:29:6b:c9:e7:ee:be:4b:17:df:47:28:42:7a:b8:
47:17:2c:45:29:fe:5c:8a:e2:0f:22:39:d4:85:01:62:07:92:
88:55:6f:0a:c2:17:08:90:d0:a7:11:f8:18:00:dc:ea:a5:a8:
b4:db:47:1a:60:44:00:70:98:8b:32:4e:02:1c:2b:d3:22:61:
f1:6d:68:b0:0d:7e:ec:a2:f1:0e:3a:ba:11:1c:3f:f0:23:bc:
52:e5:62:44:b7:ad:eb:d6:a7:21:f5:c4:e8:7c:89:4b:90:28:
29:93:ab:d9:32:69:c9:ad:c5:03:e0:3f:e4:b2:45:2d:4d:5d:
55:99:53:34:6e:63:2b:55:16:29:09:d1:6e:ba:00:1b:61:f0:
8d:91:e8:11:29:7a:40:2e:40:0b:1d:0d:f0:ba:9c:5c:65:92:
58:b9:ea:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5cpMFpRHQ/0hJK6AdV0eMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwMzIwMTYxNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWU0ODUwM2NjMWQ3YTVmODNjMWM4MmQ1OTM2MDAyMjg3OGRjNzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcJLmo5tT9iEMXJ0SWsizDS8xnE3
GFsTBdfw7VC3LcqykQA76svBEpeqmi39itaNy7INGBfjfAjfKMM/sOpsE4sdJHgK
HV3I4JfGNm5mIxcv+palm0wkw+TfAcg0Q8jyjcLCakHOO5ioQlo13++mArl5dZqN
2YyBss7VTJmYeTzhpO3PsFzcIJgKPzcjqlpKdGQxDECQ2FqbfWt33RrpePSA4Rz+
BhBwOut2FBbHUhtDphVo8o1XEaF/COtTlWehFIC/rbMhu1pE3+eWvU8KnucsyXj2
xSIBh+rJBy+TBb4TAjWpKG7QLQeUGfeDGbNd4IwDthkM3/PlMeukdBNoTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN7khQPMHXpfg8HILVk2ACKHjcctMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvM3VTRkE4d2RlbC1Ed2NndFdUWUFJb2VOeHkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEPqTwAwQE
1CBwMA0GCSqGSIb3DQEBCwUAA4IBAQBfRM+KDMhhRj4we/Yqi60GcOHhdS9TcaWi
7JHX9oYeOmJsCfz9iGWNywsH5fnkKAnxEsvBdYqgVD8kM8+ZlnIK7Cd+YOsus3Qa
tTj1x901P8ksEFIyZ1yPHwtNmsjuKWvJ5+6+SxffRyhCerhHFyxFKf5ciuIPIjnU
hQFiB5KIVW8KwhcIkNCnEfgYANzqpai020caYEQAcJiLMk4CHCvTImHxbWiwDX7s
ovEOOroRHD/wI7xS5WJEt63r1qch9cTofIlLkCgpk6vZMmnJrcUD4D/kskUtTV1V
mVM0bmMrVRYpCdFuugAbYfCNkegRKXpALkALHQ3wupxcZZJYuerX
-----END CERTIFICATE-----
Generated at Fri May 3 19:15:48 2024 by rpki-client on console-fra.rpki-client.org