Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/Uj5ugeSA0GNmfwnGD06IcRgqDCg.roa
File: Uj5ugeSA0GNmfwnGD06IcRgqDCg.roa (raw, json)
Hash identifier: 80MF1+UeAERgJ3Ms1MdcBgfMNEe5g0rKtRoNJ3cZAyk=
Subject key identifier: 52:3E:6E:81:E4:80:D0:63:66:7F:09:C6:0F:4E:88:71:18:2A:0C:28
Certificate issuer: /CN=ced755733e91203a17c3093ca5d9cb0392d94f61
Certificate serial: 018CC3B6F7AF2DB0C767E52FC7780B97877E
Authority key identifier: CE:D7:55:73:3E:91:20:3A:17:C3:09:3C:A5:D9:CB:03:92:D9:4F:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ztdVcz6RIDoXwwk8pdnLA5LZT2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/Uj5ugeSA0GNmfwnGD06IcRgqDCg.roa
Signing time: Mon 01 Jan 2024 06:29:57 +0000
ROA not before: Mon 01 Jan 2024 06:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202012
IP address blocks: 62.40.101.0/24 maxlen: 24
62.40.105.0/24 maxlen: 24
62.40.111.0/24 maxlen: 24
62.40.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/ztdVcz6RIDoXwwk8pdnLA5LZT2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/ztdVcz6RIDoXwwk8pdnLA5LZT2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/ztdVcz6RIDoXwwk8pdnLA5LZT2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f7:af:2d:b0:c7:67:e5:2f:c7:78:0b:97:87:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ced755733e91203a17c3093ca5d9cb0392d94f61
Validity
Not Before: Jan 1 06:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=523e6e81e480d063667f09c60f4e8871182a0c28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:09:6c:b0:bc:c0:17:0f:c2:a0:51:23:a9:bc:
b4:dd:1a:74:7f:3c:13:59:fb:97:7f:f6:4a:56:24:
dc:79:91:f5:05:64:ad:eb:10:d4:24:4d:f8:9f:76:
c3:2f:8f:da:80:06:1e:b1:aa:af:ae:65:77:b6:00:
a3:7d:74:2b:e5:ea:c5:f4:f9:19:8b:42:ff:36:36:
c3:b3:85:80:23:26:a7:6d:d4:be:ff:9d:89:e4:2a:
29:00:d9:a9:75:25:21:7e:63:54:24:ba:a0:09:5f:
e0:c9:de:75:65:cd:43:ca:3b:e3:1e:30:b0:16:20:
78:f2:4a:6e:1e:3a:b0:7a:b3:df:8f:39:d7:e1:ad:
df:b0:db:48:68:d5:0f:2a:a7:1c:b7:2e:c6:5e:4c:
7d:01:e6:65:3c:a6:d0:57:0a:65:c4:a7:71:e1:8b:
2e:8b:ee:eb:45:0c:2e:36:b6:41:fe:24:f2:cd:42:
ea:a1:79:dd:b1:a9:22:5d:f8:e0:41:76:24:e2:68:
03:50:0e:ab:ca:a2:82:39:e1:51:2f:19:b4:23:fd:
ef:ec:a8:61:67:b4:42:81:ae:a0:48:90:0c:e0:3e:
6a:5a:08:d8:2b:1f:c4:24:46:18:df:06:e8:18:9d:
3c:11:f2:0b:d2:eb:55:cd:a3:e1:57:9e:62:79:8f:
c6:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:3E:6E:81:E4:80:D0:63:66:7F:09:C6:0F:4E:88:71:18:2A:0C:28
X509v3 Authority Key Identifier:
keyid:CE:D7:55:73:3E:91:20:3A:17:C3:09:3C:A5:D9:CB:03:92:D9:4F:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztdVcz6RIDoXwwk8pdnLA5LZT2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/Uj5ugeSA0GNmfwnGD06IcRgqDCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/ztdVcz6RIDoXwwk8pdnLA5LZT2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.40.101.0/24
62.40.105.0/24
62.40.111.0-62.40.112.255
Signature Algorithm: sha256WithRSAEncryption
59:ce:21:c4:8c:8f:1a:43:b8:5e:08:29:68:39:c6:36:9d:3a:
87:7c:15:21:15:ad:a9:c8:18:4f:9f:39:f1:3f:fc:54:15:f7:
08:74:1a:55:b1:01:7d:44:a1:2e:3d:b6:e5:6b:07:01:ff:0b:
91:9c:9b:65:da:1e:08:c6:16:e7:66:1e:d5:a7:9a:e2:05:35:
f6:ec:c0:03:d0:da:62:73:c0:dd:ff:c8:93:51:1e:b3:36:6a:
e7:02:c1:5a:5a:e2:2f:2d:ab:95:5f:ca:66:7c:3c:88:91:c5:
b5:52:72:93:91:bd:8e:ee:fc:a3:78:46:7d:ad:63:93:9a:46:
e0:86:9d:2b:a8:bd:3c:69:81:cd:44:94:d4:cb:c4:9a:bc:cc:
ca:ae:bd:ff:d7:00:2b:eb:37:fd:1e:aa:07:a0:26:21:fb:fc:
3f:bf:05:08:98:4a:d4:95:76:fc:94:0b:b5:72:76:97:24:5c:
50:65:0d:72:3c:01:ed:d3:ce:03:b2:4d:8b:29:29:f4:fc:a5:
e0:20:bc:16:ff:d5:83:f1:a9:5d:1d:97:7f:2a:d6:6a:5a:7e:
c0:76:fb:af:a6:24:9d:52:4b:a9:6b:af:76:5a:98:48:00:8d:
c7:0b:6b:21:fb:bf:17:eb:db:4a:8c:b1:fb:5b:9a:bc:2c:67:
68:77:77:b5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzDtvevLbDHZ+Uvx3gLl4d+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZDc1NTczM2U5MTIwM2ExN2MzMDkzY2E1ZDljYjAzOTJk
OTRmNjEwHhcNMjQwMTAxMDYyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjNlNmU4MWU0ODBkMDYzNjY3ZjA5YzYwZjRlODg3MTE4MmEwYzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QlssLzAFw/CoFEjqby03Rp0fzwT
WfuXf/ZKViTceZH1BWSt6xDUJE34n3bDL4/agAYesaqvrmV3tgCjfXQr5erF9PkZ
i0L/NjbDs4WAIyanbdS+/52J5CopANmpdSUhfmNUJLqgCV/gyd51Zc1DyjvjHjCw
FiB48kpuHjqwerPfjznX4a3fsNtIaNUPKqccty7GXkx9AeZlPKbQVwplxKdx4Ysu
i+7rRQwuNrZB/iTyzULqoXndsakiXfjgQXYk4mgDUA6ryqKCOeFRLxm0I/3v7Khh
Z7RCga6gSJAM4D5qWgjYKx/EJEYY3wboGJ08EfIL0utVzaPhV55ieY/G/wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFI+boHkgNBjZn8Jxg9OiHEYKgwoMB8GA1UdIwQY
MBaAFM7XVXM+kSA6F8MJPKXZywOS2U9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenRkVmN6NlJJRG9Yd3drOHBkbkxBNUxaVDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jMmY2MWEtMTVmOS00YzZiLTkwZTUt
ZWY0YjY1OWVmZjhkLzEvVWo1dWdlU0EwR05tZnduR0QwNkljUmdxRENnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jMmY2MWEtMTVmOS00YzZiLTkwZTUtZWY0YjY1OWVmZjhk
LzEvenRkVmN6NlJJRG9Yd3drOHBkbkxBNUxaVDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAPihlAwQA
PihpMAwDBAA+KG8DBAA+KHAwDQYJKoZIhvcNAQELBQADggEBAFnOIcSMjxpDuF4I
KWg5xjadOod8FSEVranIGE+fOfE//FQV9wh0GlWxAX1EoS49tuVrBwH/C5Gcm2Xa
HgjGFudmHtWnmuIFNfbswAPQ2mJzwN3/yJNRHrM2aucCwVpa4i8tq5VfymZ8PIiR
xbVScpORvY7u/KN4Rn2tY5OaRuCGnSuovTxpgc1ElNTLxJq8zMquvf/XACvrN/0e
qgegJiH7/D+/BQiYStSVdvyUC7VydpckXFBlDXI8Ae3TzgOyTYspKfT8peAgvBb/
1YPxqV0dl38q1mpafsB2+6+mJJ1SS6lrr3ZamEgAjccLayH7vxfr20qMsftbmrws
Z2h3d7U=
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:36:50 2024 by rpki-client on console-ams.rpki-client.org