Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/62t6z4Ki_rhTujEUFkr2D_LKV2c.roa
File: 62t6z4Ki_rhTujEUFkr2D_LKV2c.roa (raw, json)
Hash identifier: zg4sSV3FxJdYKLCUXQ1Drc4RO3cnSsnNyO4H+qjpmsw=
Subject key identifier: EB:6B:7A:CF:82:A2:FE:B8:53:BA:31:14:16:4A:F6:0F:F2:CA:57:67
Certificate issuer: /CN=68417da8aa4fe0b8cff188412eedda63cbdcf996
Certificate serial: 018CCA2B2291AD501A664A9B212370A7B428
Authority key identifier: 68:41:7D:A8:AA:4F:E0:B8:CF:F1:88:41:2E:ED:DA:63:CB:DC:F9:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/62t6z4Ki_rhTujEUFkr2D_LKV2c.roa
Signing time: Tue 02 Jan 2024 12:34:33 +0000
ROA not before: Tue 02 Jan 2024 12:34:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49101
IP address blocks: 193.56.11.0/24 maxlen: 24
2a0b:4740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:22:91:ad:50:1a:66:4a:9b:21:23:70:a7:b4:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68417da8aa4fe0b8cff188412eedda63cbdcf996
Validity
Not Before: Jan 2 12:34:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb6b7acf82a2feb853ba3114164af60ff2ca5767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e8:8a:bf:b4:6f:13:b6:23:d8:4a:ed:52:57:
f3:f3:80:03:9f:30:18:a4:7d:d3:8c:c1:a5:11:d5:
86:ad:53:75:52:4f:88:a4:c4:25:e2:10:5b:24:94:
54:2d:ff:69:1a:5f:56:e9:99:c8:dc:36:15:ef:83:
34:4d:31:01:01:99:a1:98:82:7d:88:29:b2:03:0e:
80:be:df:52:7a:40:e9:59:03:c1:0d:88:63:b2:39:
18:c0:ab:96:84:e0:0c:38:c8:d4:c6:11:0c:53:00:
f6:fc:53:76:9f:67:98:89:0a:f0:a3:d9:9c:97:b6:
3e:8f:26:1c:c0:38:72:e3:fb:27:b8:85:34:12:cd:
ca:5d:e2:62:b3:92:e8:77:2c:cc:04:97:25:d9:9c:
98:11:0e:07:20:98:89:5f:fc:58:86:6c:2d:a5:90:
07:d5:50:ec:43:a4:f3:ec:77:09:18:f3:3c:d8:61:
4b:ba:18:cb:01:e9:57:2c:03:06:34:0d:77:73:23:
0a:72:d2:57:11:0d:95:91:a1:84:62:9f:cc:7f:06:
5d:fc:24:00:de:3e:da:c1:db:25:99:e4:f9:ea:16:
f2:41:c5:25:b7:52:a0:a6:12:b1:00:0b:20:1d:08:
97:79:43:40:7a:5f:85:c9:11:49:d0:78:90:2c:4c:
40:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:6B:7A:CF:82:A2:FE:B8:53:BA:31:14:16:4A:F6:0F:F2:CA:57:67
X509v3 Authority Key Identifier:
keyid:68:41:7D:A8:AA:4F:E0:B8:CF:F1:88:41:2E:ED:DA:63:CB:DC:F9:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/62t6z4Ki_rhTujEUFkr2D_LKV2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.11.0/24
IPv6:
2a0b:4740::/29
Signature Algorithm: sha256WithRSAEncryption
6b:81:c0:b0:6c:b1:96:51:ba:fd:5f:38:ac:74:78:92:fa:30:
35:e7:5e:06:6b:92:24:84:62:64:30:c6:92:d4:01:a6:12:59:
b8:99:56:32:d4:65:bd:e9:23:fd:1a:71:da:39:69:c7:2b:65:
18:b4:6b:53:0f:1d:4b:5f:0f:7e:8a:b9:2b:09:5c:aa:de:a5:
2a:27:b4:4a:ec:ad:b5:3d:6a:b0:1a:02:90:eb:b8:5e:70:ea:
ea:c8:56:91:69:f8:b4:b2:9f:05:3b:f2:07:68:34:ee:50:c0:
89:f3:21:93:50:3d:ef:cf:29:ae:d5:59:c4:dd:32:3c:c2:23:
51:88:75:7a:e5:83:aa:9c:11:a5:1f:41:ad:21:5f:ed:2b:05:
32:4a:7c:e6:d6:56:1a:94:4e:3e:2c:e7:88:d1:df:98:3e:04:
be:1c:1f:d8:50:ca:98:9b:35:eb:73:5f:96:c5:77:3e:65:01:
33:31:d1:85:4e:79:1f:69:54:24:85:37:ee:e4:bc:8e:79:bd:
56:55:59:47:92:c8:5e:ef:93:d7:4e:ef:29:f5:68:35:a1:0a:
e8:22:b0:42:14:5e:40:96:0d:31:c2:50:98:e6:e5:56:96:97:
de:e4:61:2f:4a:e3:d0:7f:5e:20:c6:0e:66:e2:e0:7b:d9:61:
84:b2:d2:7f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKyKRrVAaZkqbISNwp7QoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDE3ZGE4YWE0ZmUwYjhjZmYxODg0MTJlZWRkYTYzY2Jk
Y2Y5OTYwHhcNMjQwMTAyMTIzNDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjZiN2FjZjgyYTJmZWI4NTNiYTMxMTQxNjRhZjYwZmYyY2E1NzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+iKv7RvE7Yj2ErtUlfz84ADnzAY
pH3TjMGlEdWGrVN1Uk+IpMQl4hBbJJRULf9pGl9W6ZnI3DYV74M0TTEBAZmhmIJ9
iCmyAw6Avt9SekDpWQPBDYhjsjkYwKuWhOAMOMjUxhEMUwD2/FN2n2eYiQrwo9mc
l7Y+jyYcwDhy4/snuIU0Es3KXeJis5LodyzMBJcl2ZyYEQ4HIJiJX/xYhmwtpZAH
1VDsQ6Tz7HcJGPM82GFLuhjLAelXLAMGNA13cyMKctJXEQ2VkaGEYp/MfwZd/CQA
3j7awdslmeT56hbyQcUlt1KgphKxAAsgHQiXeUNAel+FyRFJ0HiQLExA6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOtres+Cov64U7oxFBZK9g/yyldnMB8GA1UdIwQY
MBaAFGhBfaiqT+C4z/GIQS7t2mPL3PmWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVGOXFLcFA0TGpQOFloQkx1M2FZOHZjLVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yMzA5Y2MtZmE3OS00NGQxLTg5ODYt
NGQ1MzdjZjAxODA5LzEvNjJ0Nno0S2lfcmhUdWpFVUZrcjJEX0xLVjJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yMzA5Y2MtZmE3OS00NGQxLTg5ODYtNGQ1MzdjZjAxODA5
LzEvYUVGOXFLcFA0TGpQOFloQkx1M2FZOHZjLVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwTgLMA0E
AgACMAcDBQMqC0dAMA0GCSqGSIb3DQEBCwUAA4IBAQBrgcCwbLGWUbr9XzisdHiS
+jA1514Ga5IkhGJkMMaS1AGmElm4mVYy1GW96SP9GnHaOWnHK2UYtGtTDx1LXw9+
irkrCVyq3qUqJ7RK7K21PWqwGgKQ67hecOrqyFaRafi0sp8FO/IHaDTuUMCJ8yGT
UD3vzymu1VnE3TI8wiNRiHV65YOqnBGlH0GtIV/tKwUySnzm1lYalE4+LOeI0d+Y
PgS+HB/YUMqYmzXrc1+WxXc+ZQEzMdGFTnkfaVQkhTfu5LyOeb1WVVlHkshe75PX
Tu8p9Wg1oQroIrBCFF5Alg0xwlCY5uVWlpfe5GEvSuPQf14gxg5m4uB72WGEstJ/
-----END CERTIFICATE-----
Generated at Tue Dec 3 15:01:09 2024 by rpki-client on console-fra.rpki-client.org