Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/18ae02-e72d-4430-85d8-473c5ba55362/1/5qS1Yj09Li5AHNZZ3iqrTgsvOlY.roa
File: 5qS1Yj09Li5AHNZZ3iqrTgsvOlY.roa (raw, json)
Hash identifier: VSfbff50nHRsV+cCJuo1MXLnBVK3Djft+xeRYGfSBmg=
Subject key identifier: E6:A4:B5:62:3D:3D:2E:2E:40:1C:D6:59:DE:2A:AB:4E:0B:2F:3A:56
Certificate issuer: /CN=64ee0489158fe95e1991fd5ce725ea067e11a1fb
Certificate serial: 018CC794669BDC21656E08C60BC6FC4F9E77
Authority key identifier: 64:EE:04:89:15:8F:E9:5E:19:91:FD:5C:E7:25:EA:06:7E:11:A1:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZO4EiRWP6V4Zkf1c5yXqBn4Rofs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/18ae02-e72d-4430-85d8-473c5ba55362/1/5qS1Yj09Li5AHNZZ3iqrTgsvOlY.roa
Signing time: Tue 02 Jan 2024 00:30:40 +0000
ROA not before: Tue 02 Jan 2024 00:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 62.3.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/18ae02-e72d-4430-85d8-473c5ba55362/1/ZO4EiRWP6V4Zkf1c5yXqBn4Rofs.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/18ae02-e72d-4430-85d8-473c5ba55362/1/ZO4EiRWP6V4Zkf1c5yXqBn4Rofs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZO4EiRWP6V4Zkf1c5yXqBn4Rofs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:66:9b:dc:21:65:6e:08:c6:0b:c6:fc:4f:9e:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64ee0489158fe95e1991fd5ce725ea067e11a1fb
Validity
Not Before: Jan 2 00:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6a4b5623d3d2e2e401cd659de2aab4e0b2f3a56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6a:d8:8c:07:70:fc:7b:bc:8d:20:0b:eb:ea:
01:6e:13:49:32:13:ef:ea:c9:0b:86:13:b3:a2:63:
9c:39:df:c3:4e:3f:66:e9:b0:1e:2e:fe:3a:73:00:
cd:9f:f8:c8:8e:a9:bc:cf:63:2f:2a:5b:eb:7f:bb:
1e:bf:70:7c:56:4a:50:9b:a5:ff:7a:c3:f1:ab:dc:
7e:74:7c:98:d1:1d:9d:4f:fa:6e:69:3c:0b:f9:73:
bc:68:1c:c9:ac:29:e3:6a:49:ef:be:56:97:e8:56:
9b:97:94:ed:97:f6:07:5f:23:ed:0b:1b:53:98:6f:
d1:69:86:bc:71:bf:a0:9b:3f:61:81:6f:15:d9:a0:
9e:f5:b8:3b:d6:c2:fd:67:55:72:2d:bc:6e:12:ce:
00:c4:1f:4d:b8:60:fb:4a:df:10:e7:58:3b:40:c6:
20:9c:d3:ac:f6:8f:0e:e0:2b:12:91:9c:d8:2e:31:
11:ab:a0:0d:f3:7f:c3:b6:77:85:25:bd:94:5c:64:
af:8c:4a:d7:c9:2a:7c:4a:38:bb:ba:8d:33:86:54:
3f:6d:cf:ec:ca:99:48:b7:d1:cc:95:b4:98:07:2c:
6a:df:3b:c3:2d:2d:7e:05:b6:70:bb:28:af:c4:43:
df:6a:ca:8a:71:ca:5d:41:c9:10:13:35:92:48:ce:
59:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:A4:B5:62:3D:3D:2E:2E:40:1C:D6:59:DE:2A:AB:4E:0B:2F:3A:56
X509v3 Authority Key Identifier:
keyid:64:EE:04:89:15:8F:E9:5E:19:91:FD:5C:E7:25:EA:06:7E:11:A1:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZO4EiRWP6V4Zkf1c5yXqBn4Rofs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/18ae02-e72d-4430-85d8-473c5ba55362/1/5qS1Yj09Li5AHNZZ3iqrTgsvOlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/18ae02-e72d-4430-85d8-473c5ba55362/1/ZO4EiRWP6V4Zkf1c5yXqBn4Rofs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.61.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:83:b3:19:80:69:e6:74:2d:3a:f7:85:e7:3e:02:c5:25:68:
07:de:25:be:64:f4:4d:2f:c0:09:fe:ee:0a:82:86:70:e0:63:
3e:f7:e2:79:fa:69:ee:a7:bf:71:83:4b:ce:00:0f:ea:79:60:
24:53:dd:1c:41:7c:9d:48:bd:22:bb:ac:7b:41:64:b7:9d:65:
ea:ad:07:53:f9:99:b4:31:61:af:bf:26:54:e1:40:35:3b:1a:
5e:5e:92:90:e4:a7:7a:71:88:2d:e9:79:fe:47:cf:4a:8a:87:
e3:2c:ef:c0:45:9d:95:47:42:52:76:a5:57:a5:87:46:bd:c2:
5e:82:a9:d5:a1:2a:31:3b:82:db:0a:55:87:cb:5c:87:dc:2b:
47:c8:0e:7a:7e:df:11:72:38:02:93:67:89:8b:83:99:5b:c3:
e1:71:5c:28:84:02:1e:07:f8:b9:89:5e:ba:63:d6:30:22:e1:
cc:b1:d0:8f:d4:5d:33:34:98:2e:ec:2c:d5:3c:d0:55:ac:38:
df:a1:e1:51:63:18:6e:9d:8a:a5:15:82:78:74:22:76:5c:58:
74:bd:09:f3:4d:3d:45:02:43:a2:04:a6:85:5b:4c:81:ac:75:
a3:ba:07:73:e7:6b:58:29:89:05:c8:50:12:4f:0c:de:35:36:
db:77:39:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlGab3CFlbgjGC8b8T553MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZWUwNDg5MTU4ZmU5NWUxOTkxZmQ1Y2U3MjVlYTA2N2Ux
MWExZmIwHhcNMjQwMTAyMDAzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmE0YjU2MjNkM2QyZTJlNDAxY2Q2NTlkZTJhYWI0ZTBiMmYzYTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2rYjAdw/Hu8jSAL6+oBbhNJMhPv
6skLhhOzomOcOd/DTj9m6bAeLv46cwDNn/jIjqm8z2MvKlvrf7sev3B8VkpQm6X/
esPxq9x+dHyY0R2dT/puaTwL+XO8aBzJrCnjaknvvlaX6Fabl5Ttl/YHXyPtCxtT
mG/RaYa8cb+gmz9hgW8V2aCe9bg71sL9Z1VyLbxuEs4AxB9NuGD7St8Q51g7QMYg
nNOs9o8O4CsSkZzYLjERq6AN83/DtneFJb2UXGSvjErXySp8Sji7uo0zhlQ/bc/s
yplIt9HMlbSYByxq3zvDLS1+BbZwuyivxEPfasqKccpdQckQEzWSSM5ZZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOaktWI9PS4uQBzWWd4qq04LLzpWMB8GA1UdIwQY
MBaAFGTuBIkVj+leGZH9XOcl6gZ+EaH7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk80RWlSV1A2VjRaa2YxYzV5WHFCbjRSb2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8xOGFlMDItZTcyZC00NDMwLTg1ZDgt
NDczYzViYTU1MzYyLzEvNXFTMVlqMDlMaTVBSE5aWjNpcXJUZ3N2T2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8xOGFlMDItZTcyZC00NDMwLTg1ZDgtNDczYzViYTU1MzYy
LzEvWk80RWlSV1A2VjRaa2YxYzV5WHFCbjRSb2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPgM9MA0G
CSqGSIb3DQEBCwUAA4IBAQBvg7MZgGnmdC0694XnPgLFJWgH3iW+ZPRNL8AJ/u4K
goZw4GM+9+J5+mnup79xg0vOAA/qeWAkU90cQXydSL0iu6x7QWS3nWXqrQdT+Zm0
MWGvvyZU4UA1OxpeXpKQ5Kd6cYgt6Xn+R89KiofjLO/ARZ2VR0JSdqVXpYdGvcJe
gqnVoSoxO4LbClWHy1yH3CtHyA56ft8RcjgCk2eJi4OZW8PhcVwohAIeB/i5iV66
Y9YwIuHMsdCP1F0zNJgu7CzVPNBVrDjfoeFRYxhunYqlFYJ4dCJ2XFh0vQnzTT1F
AkOiBKaFW0yBrHWjugdz52tYKYkFyFASTwzeNTbbdzkU
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:34:24 2024 by rpki-client on console-ams.rpki-client.org