Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/McRWj9oS6R5bKEC8Wm7DVWb_AQY.roa
File: McRWj9oS6R5bKEC8Wm7DVWb_AQY.roa (raw, json)
Hash identifier: YM3NpTsaPJ1tIQ10F08Kl8Pl4JSp3433bnHruiP4Uqo=
Subject key identifier: 31:C4:56:8F:DA:12:E9:1E:5B:28:40:BC:5A:6E:C3:55:66:FF:01:06
Certificate issuer: /CN=929352a8d2dd70c91ffcec8e323fe69f1e9a4139
Certificate serial: 018CC9BC7815ADB82EB382B574FC80FDD0FE
Authority key identifier: 92:93:52:A8:D2:DD:70:C9:1F:FC:EC:8E:32:3F:E6:9F:1E:9A:41:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/McRWj9oS6R5bKEC8Wm7DVWb_AQY.roa
Signing time: Tue 02 Jan 2024 10:33:41 +0000
ROA not before: Tue 02 Jan 2024 10:33:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202756
IP address blocks: 62.4.112.0/24 maxlen: 24
62.4.109.0/24 maxlen: 24
62.4.110.0/24 maxlen: 24
62.4.111.0/24 maxlen: 24
62.4.113.0/24 maxlen: 24
62.4.114.0/24 maxlen: 24
62.4.115.0/24 maxlen: 24
62.4.117.0/24 maxlen: 24
62.4.118.0/24 maxlen: 24
62.4.119.0/24 maxlen: 24
62.4.120.0/24 maxlen: 24
62.4.121.0/24 maxlen: 24
62.4.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/kpNSqNLdcMkf_OyOMj_mnx6aQTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/kpNSqNLdcMkf_OyOMj_mnx6aQTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:78:15:ad:b8:2e:b3:82:b5:74:fc:80:fd:d0:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=929352a8d2dd70c91ffcec8e323fe69f1e9a4139
Validity
Not Before: Jan 2 10:33:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31c4568fda12e91e5b2840bc5a6ec35566ff0106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2c:3d:96:45:ad:43:25:7c:c7:63:53:1e:49:
ef:51:a2:84:d5:b9:b5:20:ff:0e:b7:f2:7e:2f:d5:
21:7e:31:ed:ae:82:42:cf:07:40:c2:e9:1c:a4:28:
2f:9f:57:f7:d6:f4:0a:10:8e:9a:77:52:54:d1:a4:
2f:36:34:04:9e:81:6e:49:4d:e5:88:ba:87:b0:81:
f6:4c:00:8b:28:a5:b9:67:d3:a5:7d:ce:47:53:e6:
2e:9b:52:16:c9:ba:e5:50:33:dc:4d:4f:46:3f:07:
4c:b4:61:88:f2:21:c5:e5:55:de:11:9a:19:34:bb:
bc:61:4f:a3:7a:78:46:54:bb:2b:98:2c:2f:db:8b:
51:16:84:18:59:5b:5c:63:82:c3:42:cb:8e:35:fe:
1f:3b:ec:10:4b:3a:1f:4c:a7:f7:84:e3:5d:66:d5:
eb:ec:b6:04:a2:d3:69:f5:13:3e:93:d4:aa:90:37:
91:77:76:0b:99:c1:59:d3:0f:8a:6d:4b:af:1a:14:
9c:3d:c7:4e:17:df:95:9d:43:0b:64:9c:fb:b7:bf:
14:24:da:35:3e:06:fe:57:5f:77:89:c9:68:23:9c:
f5:a4:47:2c:89:d7:b9:3b:c4:67:8b:54:6c:29:c2:
e6:ac:53:1a:90:9c:d3:83:78:88:97:09:1b:e0:47:
c1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C4:56:8F:DA:12:E9:1E:5B:28:40:BC:5A:6E:C3:55:66:FF:01:06
X509v3 Authority Key Identifier:
keyid:92:93:52:A8:D2:DD:70:C9:1F:FC:EC:8E:32:3F:E6:9F:1E:9A:41:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/McRWj9oS6R5bKEC8Wm7DVWb_AQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/kpNSqNLdcMkf_OyOMj_mnx6aQTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.4.109.0-62.4.115.255
62.4.117.0-62.4.122.255
Signature Algorithm: sha256WithRSAEncryption
7e:15:6e:6a:d8:e6:fd:c7:e6:06:14:78:29:08:6a:ce:d9:50:
ad:68:8b:e6:fa:d6:63:53:61:6b:5a:dd:af:0e:a3:91:ed:d4:
3e:24:4d:b2:14:a2:0f:46:27:12:9d:35:3d:73:5e:3f:71:76:
56:93:10:0f:e8:3d:91:5c:b6:5e:a3:74:34:17:97:8a:6b:a0:
45:61:77:43:a0:54:23:d1:28:ed:ea:fd:84:de:bc:3c:27:b9:
c2:92:03:d0:97:44:f2:4e:fd:ea:c0:fb:0e:ba:f4:3f:7a:2e:
f2:34:d3:4e:a4:6a:9a:96:87:5c:5a:43:da:79:30:64:b5:09:
34:0b:ea:25:9f:82:3d:f2:0e:c7:ac:bb:87:8e:96:b9:4c:cf:
02:cf:06:ef:25:89:44:b1:49:26:bf:80:d7:b3:32:6f:76:73:
bc:ee:7d:1d:d4:17:cd:2f:93:f7:62:10:a0:b7:11:09:c1:f8:
af:8a:75:70:23:21:38:55:7a:56:bf:4f:12:68:01:16:3b:80:
7e:20:6d:c7:60:66:a8:82:bd:0c:57:c2:a0:b8:dd:b8:9e:46:
86:33:f3:07:55:55:23:4f:8c:02:b2:bb:61:82:aa:0f:2b:61:
f7:ba:00:1d:a1:f8:db:e0:1b:a1:f0:41:c8:6d:07:a9:28:5f:
8c:39:9d:61
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzJvHgVrbgus4K1dPyA/dD+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTM1MmE4ZDJkZDcwYzkxZmZjZWM4ZTMyM2ZlNjlmMWU5
YTQxMzkwHhcNMjQwMTAyMTAzMzQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWM0NTY4ZmRhMTJlOTFlNWIyODQwYmM1YTZlYzM1NTY2ZmYwMTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyw9lkWtQyV8x2NTHknvUaKE1bm1
IP8Ot/J+L9UhfjHtroJCzwdAwukcpCgvn1f31vQKEI6ad1JU0aQvNjQEnoFuSU3l
iLqHsIH2TACLKKW5Z9Olfc5HU+Yum1IWybrlUDPcTU9GPwdMtGGI8iHF5VXeEZoZ
NLu8YU+jenhGVLsrmCwv24tRFoQYWVtcY4LDQsuONf4fO+wQSzofTKf3hONdZtXr
7LYEotNp9RM+k9SqkDeRd3YLmcFZ0w+KbUuvGhScPcdOF9+VnUMLZJz7t78UJNo1
Pgb+V193icloI5z1pEcside5O8Rni1RsKcLmrFMakJzTg3iIlwkb4EfBUQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDHEVo/aEukeWyhAvFpuw1Vm/wEGMB8GA1UdIwQY
MBaAFJKTUqjS3XDJH/zsjjI/5p8emkE5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BOU3FOTGRjTWtmX095T01qX21ueDZhUVRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi83YjZlZGMtYWQyMy00ZDczLWFiNTYt
MGExYTM1ODk3ZjEwLzEvTWNSV2o5b1M2UjViS0VDOFdtN0RWV2JfQVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi83YjZlZGMtYWQyMy00ZDczLWFiNTYtMGExYTM1ODk3ZjEw
LzEva3BOU3FOTGRjTWtmX095T01qX21ueDZhUVRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAA+BG0D
BAI+BHAwDAMEAD4EdQMEAD4EejANBgkqhkiG9w0BAQsFAAOCAQEAfhVuatjm/cfm
BhR4KQhqztlQrWiL5vrWY1Nha1rdrw6jke3UPiRNshSiD0YnEp01PXNeP3F2VpMQ
D+g9kVy2XqN0NBeXimugRWF3Q6BUI9Eo7er9hN68PCe5wpID0JdE8k796sD7Drr0
P3ou8jTTTqRqmpaHXFpD2nkwZLUJNAvqJZ+CPfIOx6y7h46WuUzPAs8G7yWJRLFJ
Jr+A17Myb3ZzvO59HdQXzS+T92IQoLcRCcH4r4p1cCMhOFV6Vr9PEmgBFjuAfiBt
x2BmqIK9DFfCoLjduJ5GhjPzB1VVI0+MArK7YYKqDyth97oAHaH42+AbofBByG0H
qShfjDmdYQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:17:37 2024 by rpki-client on console-fra.rpki-client.org