Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/0M8dHOR3N6Yqs8c7D9SXQVKoeuo.roa
File: 0M8dHOR3N6Yqs8c7D9SXQVKoeuo.roa (raw, json)
Hash identifier: 7PI6J6p+AI140d65/Vv8UoW9lS1OX2GTolBAhKPWS8I=
Subject key identifier: D0:CF:1D:1C:E4:77:37:A6:2A:B3:C7:3B:0F:D4:97:41:52:A8:7A:EA
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 018CC5DCB2D6EFD048392289A7BAACF77BEF
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/0M8dHOR3N6Yqs8c7D9SXQVKoeuo.roa
Signing time: Mon 01 Jan 2024 16:30:24 +0000
ROA not before: Mon 01 Jan 2024 16:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60675
IP address blocks: 62.174.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 01:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:b2:d6:ef:d0:48:39:22:89:a7:ba:ac:f7:7b:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 1 16:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0cf1d1ce47737a62ab3c73b0fd4974152a87aea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:96:4a:c9:cc:11:67:47:6b:6a:1c:77:5c:de:
12:39:e8:c7:bb:f0:c4:42:f0:c3:7f:33:dd:60:7a:
46:ab:0d:db:9b:8e:39:1a:76:6c:a4:5a:da:0c:ba:
f3:aa:5e:6f:77:5f:8a:14:f2:61:3d:96:e5:33:a4:
d6:93:92:03:ce:4d:ef:12:3a:4c:38:20:28:5d:af:
84:ea:aa:e7:3e:89:2b:83:42:9c:18:42:97:d3:5b:
e7:ba:d2:ac:4c:49:0a:4f:0c:63:6f:b2:49:ac:34:
fe:48:d1:2a:6b:65:b6:63:4d:1c:53:c8:71:71:da:
30:77:78:9f:12:4e:a4:f3:cd:4d:f9:39:8a:54:2b:
0f:83:76:31:98:e2:ce:0d:1b:d7:fe:af:7f:50:cf:
e1:5e:cb:1b:48:5a:c3:96:ea:90:ed:71:d3:6c:4c:
5e:6e:da:90:99:37:0c:6c:06:83:44:e3:de:b5:61:
3d:4f:79:d7:b2:38:a0:81:97:ad:ed:25:01:2f:20:
05:8c:92:c1:ea:b5:59:a1:f2:76:e2:a1:98:54:56:
37:20:9a:50:de:e3:33:b3:7e:74:fb:5b:76:21:ec:
9f:57:cb:e9:d6:3d:d5:f6:49:e1:3a:6a:dd:26:d4:
2b:e7:97:28:16:95:23:96:1e:08:5e:d0:f8:eb:ba:
05:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:CF:1D:1C:E4:77:37:A6:2A:B3:C7:3B:0F:D4:97:41:52:A8:7A:EA
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/0M8dHOR3N6Yqs8c7D9SXQVKoeuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.174.71.0/24
Signature Algorithm: sha256WithRSAEncryption
56:83:b6:a6:f2:4f:df:42:0e:06:f5:a2:cf:ae:9e:00:da:ed:
01:7c:cd:f8:a6:12:99:03:c8:d2:d2:45:11:cf:39:cf:55:6e:
fe:cf:ce:5a:2c:db:4f:4c:a6:a8:9a:d7:53:a0:78:d8:bc:cb:
1b:c1:fe:11:57:59:c9:45:1c:8a:3a:f5:c7:9f:82:50:a6:aa:
24:a2:fd:9d:bd:e7:8d:27:29:1e:f4:75:a2:b7:ee:84:47:59:
63:f3:bd:cf:bd:02:96:25:af:6b:70:61:cd:f9:1f:68:c2:ca:
83:27:3d:72:62:0d:63:db:56:74:c1:a2:14:8d:a6:67:35:71:
23:8c:fd:a3:45:44:a0:74:16:96:5c:0a:da:b1:d0:32:51:16:
77:76:22:2a:79:c7:60:e9:93:07:9e:a2:5c:6b:ab:b9:57:1c:
69:73:bf:26:c4:44:fd:fe:0e:f2:54:33:39:ca:37:3f:52:e6:
8e:bd:d2:93:04:1e:03:38:c6:cf:b9:8b:12:93:32:64:a8:88:
fa:a5:05:98:b9:9c:e2:f3:30:7a:ba:0f:8e:9a:30:d9:b6:3b:
e2:11:03:bf:55:10:42:00:7a:ba:d7:bd:a8:09:d3:23:e8:92:
99:07:7f:3f:d0:5d:60:72:6f:58:70:3f:63:22:50:7c:cb:c1:
25:50:73:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3LLW79BIOSKJp7qs93vvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjQwMTAxMTYzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGNmMWQxY2U0NzczN2E2MmFiM2M3M2IwZmQ0OTc0MTUyYTg3YWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5ZKycwRZ0drahx3XN4SOejHu/DE
QvDDfzPdYHpGqw3bm445GnZspFraDLrzql5vd1+KFPJhPZblM6TWk5IDzk3vEjpM
OCAoXa+E6qrnPokrg0KcGEKX01vnutKsTEkKTwxjb7JJrDT+SNEqa2W2Y00cU8hx
cdowd3ifEk6k881N+TmKVCsPg3YxmOLODRvX/q9/UM/hXssbSFrDluqQ7XHTbExe
btqQmTcMbAaDROPetWE9T3nXsjiggZet7SUBLyAFjJLB6rVZofJ24qGYVFY3IJpQ
3uMzs350+1t2IeyfV8vp1j3V9knhOmrdJtQr55coFpUjlh4IXtD467oF5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNDPHRzkdzemKrPHOw/Ul0FSqHrqMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvME04ZEhPUjNONllxczhjN0Q5U1hRVktvZXVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPq5HMA0G
CSqGSIb3DQEBCwUAA4IBAQBWg7am8k/fQg4G9aLPrp4A2u0BfM34phKZA8jS0kUR
zznPVW7+z85aLNtPTKaomtdToHjYvMsbwf4RV1nJRRyKOvXHn4JQpqokov2dveeN
Jyke9HWit+6ER1lj873PvQKWJa9rcGHN+R9owsqDJz1yYg1j21Z0waIUjaZnNXEj
jP2jRUSgdBaWXArasdAyURZ3diIqecdg6ZMHnqJca6u5Vxxpc78mxET9/g7yVDM5
yjc/UuaOvdKTBB4DOMbPuYsSkzJkqIj6pQWYuZzi8zB6ug+OmjDZtjviEQO/VRBC
AHq6172oCdMj6JKZB38/0F1gcm9YcD9jIlB8y8ElUHND
-----END CERTIFICATE-----
Generated at Sun May 19 07:21:23 2024 by rpki-client on console-ams.rpki-client.org