Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/dXwzXqzgyYN5FvypmsUYDYZl0Ss.roa
File: dXwzXqzgyYN5FvypmsUYDYZl0Ss.roa (raw, json)
Hash identifier: svHEo/LA4Zls+B7zkxTvb2GWjLy0vfrjdfX7ScKI/Gk=
Subject key identifier: 75:7C:33:5E:AC:E0:C9:83:79:16:FC:A9:9A:C5:18:0D:86:65:D1:2B
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2EA366A607A45B3E7A8DC7D5E6622
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/dXwzXqzgyYN5FvypmsUYDYZl0Ss.roa
Signing time: Thu 02 Jan 2025 01:48:12 +0000
ROA not before: Thu 02 Jan 2025 01:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28843
IP address blocks: 62.205.192.0/18 maxlen: 18
62.205.192.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:ea:36:6a:60:7a:45:b3:e7:a8:dc:7d:5e:66:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=757c335eace0c9837916fca99ac5180d8665d12b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9f:49:46:4c:74:e0:b5:6c:34:0e:d3:73:ed:
da:8a:af:d6:a7:94:9b:09:36:81:49:18:43:e1:b5:
2f:6e:cf:0b:c8:f4:a8:2a:46:4b:1a:0c:02:9c:51:
5d:bc:bd:af:29:a1:0c:9a:79:e0:b1:82:27:7e:7c:
9a:9d:86:7c:95:10:b0:b8:4b:9c:74:56:a1:2e:42:
95:c3:e0:ea:27:b5:21:6d:c8:ca:c9:f5:63:98:af:
4d:68:38:13:d4:98:d7:52:78:aa:22:9b:65:cd:ad:
fb:ad:38:d3:d8:11:7c:8c:9f:bd:6c:45:e3:c8:68:
e1:4a:77:52:9f:48:9a:e9:6b:6b:ff:1f:93:d8:6d:
6f:a1:c6:7f:40:f4:c8:d1:ed:67:f1:fd:7e:b8:c4:
30:08:e8:bd:97:a3:e5:1f:53:a4:b9:0d:1d:c2:8d:
6c:28:85:0a:e9:f8:bd:e3:94:87:a8:16:69:1e:9c:
38:76:55:2e:04:a6:e2:0a:89:4c:7c:b7:8b:6d:be:
9c:cc:55:20:ba:e6:c9:78:49:06:3b:e5:e0:4a:ce:
ca:e6:56:ea:9f:f8:d2:f1:d9:f2:2f:89:91:e4:69:
d3:aa:f3:ae:31:b6:f5:09:f3:eb:de:93:2b:32:f2:
51:9c:72:2e:a3:25:d0:de:9d:33:e5:8f:c1:0e:ea:
25:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:7C:33:5E:AC:E0:C9:83:79:16:FC:A9:9A:C5:18:0D:86:65:D1:2B
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/dXwzXqzgyYN5FvypmsUYDYZl0Ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.192.0/18
Signature Algorithm: sha256WithRSAEncryption
b3:76:ba:9c:62:0e:08:37:95:26:02:0a:40:c3:54:b3:53:a3:
e0:9d:15:c7:5f:c2:51:48:09:00:9a:02:97:9b:e6:df:52:f5:
91:f5:b3:ee:3b:c1:5e:a0:99:a3:2f:a8:47:20:33:95:bd:e5:
96:93:24:ae:d4:28:cd:41:d7:55:08:be:a8:22:ae:66:1d:1f:
5b:73:8e:77:7d:c1:e6:c4:e0:da:d0:9b:fc:f2:0d:16:18:13:
94:68:d1:d4:95:c9:b3:5e:b5:ee:69:98:51:ad:aa:e6:8a:65:
59:61:96:b7:c3:17:bf:1d:50:79:85:ae:92:31:48:ae:d8:8d:
22:bc:aa:7d:4d:fc:5f:46:43:1f:e0:50:21:80:4a:20:6a:c9:
4d:b2:68:3b:db:f3:78:7c:f5:5b:53:8c:6c:de:28:db:5c:c3:
f3:d0:21:c0:86:ee:ad:23:ff:63:03:ac:89:32:07:e2:8d:ce:
bd:7b:66:44:e7:7d:ab:fc:3c:e6:f3:5e:83:90:cb:99:c2:3a:
7d:02:1d:be:6b:2a:b0:c7:d8:44:0e:d6:20:43:26:16:85:47:
74:ff:21:19:d1:4e:6b:88:eb:bb:3f:1b:bb:45:21:2f:26:10:
5f:10:e9:74:3f:c3:2b:c7:3f:5b:1f:69:e0:73:90:ab:2f:be:
ab:88:9a:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksuo2amB6RbPnqNx9XmYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTdjMzM1ZWFjZTBjOTgzNzkxNmZjYTk5YWM1MTgwZDg2NjVkMTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ9JRkx04LVsNA7Tc+3aiq/Wp5Sb
CTaBSRhD4bUvbs8LyPSoKkZLGgwCnFFdvL2vKaEMmnngsYInfnyanYZ8lRCwuEuc
dFahLkKVw+DqJ7UhbcjKyfVjmK9NaDgT1JjXUniqIptlza37rTjT2BF8jJ+9bEXj
yGjhSndSn0ia6Wtr/x+T2G1vocZ/QPTI0e1n8f1+uMQwCOi9l6PlH1OkuQ0dwo1s
KIUK6fi945SHqBZpHpw4dlUuBKbiColMfLeLbb6czFUguubJeEkGO+XgSs7K5lbq
n/jS8dnyL4mR5GnTqvOuMbb1CfPr3pMrMvJRnHIuoyXQ3p0z5Y/BDuolrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHV8M16s4MmDeRb8qZrFGA2GZdErMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvZFh3elhxemd5WU41RnZ5cG1zVVlEWVpsMFNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGPs3AMA0G
CSqGSIb3DQEBCwUAA4IBAQCzdrqcYg4IN5UmAgpAw1SzU6PgnRXHX8JRSAkAmgKX
m+bfUvWR9bPuO8FeoJmjL6hHIDOVveWWkySu1CjNQddVCL6oIq5mHR9bc453fcHm
xODa0Jv88g0WGBOUaNHUlcmzXrXuaZhRrarmimVZYZa3wxe/HVB5ha6SMUiu2I0i
vKp9TfxfRkMf4FAhgEogaslNsmg72/N4fPVbU4xs3ijbXMPz0CHAhu6tI/9jA6yJ
Mgfijc69e2ZE532r/Dzm816DkMuZwjp9Ah2+ayqwx9hEDtYgQyYWhUd0/yEZ0U5r
iOu7Pxu7RSEvJhBfEOl0P8Mrxz9bH2ngc5CrL76riJoa
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:23 2025 by rpki-client