Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/1-OleeNWiFkbAJB0cUTzM2QfiVag.roa
File: 1-OleeNWiFkbAJB0cUTzM2QfiVag.roa (raw, json)
Hash identifier: QoPQCr0a3Gb6g5JqGieVa4XFRIbDnqnFsde5DsSi8Is=
Subject key identifier: F8:E9:5E:78:D5:A2:16:46:C0:24:1D:1C:51:3C:CC:D9:07:E2:55:A8
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01956F5387E6C0D4709AA7E8DC2D9632F9E9
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/1-OleeNWiFkbAJB0cUTzM2QfiVag.roa
Signing time: Fri 07 Mar 2025 06:38:20 +0000
ROA not before: Fri 07 Mar 2025 06:38:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 62.60.148.0/22 maxlen: 24
62.60.152.0/23 maxlen: 24
62.60.154.0/23 maxlen: 24
62.60.156.0/22 maxlen: 24
62.60.186.0/24 maxlen: 24
62.60.216.0/23 maxlen: 24
62.60.228.0/22 maxlen: 24
62.60.235.0/24 maxlen: 24
62.60.236.0/22 maxlen: 24
62.60.240.0/22 maxlen: 24
62.60.244.0/22 maxlen: 24
62.60.248.0/22 maxlen: 24
62.60.252.0/22 maxlen: 24
213.176.64.0/22 maxlen: 24
213.176.74.0/23 maxlen: 24
213.176.92.0/22 maxlen: 24
213.176.112.0/22 maxlen: 24
213.176.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 01:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6f:53:87:e6:c0:d4:70:9a:a7:e8:dc:2d:96:32:f9:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Mar 7 06:38:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8e95e78d5a21646c0241d1c513cccd907e255a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:72:30:84:42:d6:06:89:e0:24:75:7f:e7:c7:
8a:de:93:db:17:5a:5a:ff:02:a4:9b:99:75:9e:1e:
d3:8e:6d:e1:6f:d3:7d:5f:87:1a:97:46:99:66:90:
1a:67:e5:55:ac:7e:30:99:ff:0d:32:81:13:de:d2:
3d:cf:c8:c8:0c:2e:1e:b1:6a:18:b4:cd:ae:d2:83:
72:71:33:cf:8c:32:e6:74:cf:1d:76:c3:21:c3:21:
bd:82:8b:6d:26:df:51:27:8d:30:c5:d9:82:85:61:
75:be:a1:7a:e5:f0:5a:75:ef:76:a6:3f:a6:f7:43:
3a:d2:eb:c9:b1:31:ed:9f:66:52:47:45:90:1c:e5:
bd:af:88:f5:aa:d3:6d:82:29:82:92:11:d7:da:05:
c1:f5:4a:eb:fa:ee:87:69:c7:6f:4a:c7:67:24:76:
1d:09:2c:19:f7:4a:b6:9d:58:ae:aa:d1:55:81:be:
4e:ff:de:1c:ac:82:c6:99:5c:88:4f:68:e7:ad:34:
bd:c0:d7:2e:55:f3:d2:e4:de:77:41:1a:9b:b6:00:
ae:57:c8:9f:9f:3c:ec:b9:2f:5e:32:73:34:5a:00:
6a:7c:3c:51:b7:12:2f:5d:0c:f8:64:35:f4:20:96:
fb:1b:97:3b:55:36:56:82:86:23:db:f3:ea:4c:17:
9d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:E9:5E:78:D5:A2:16:46:C0:24:1D:1C:51:3C:CC:D9:07:E2:55:A8
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/1-OleeNWiFkbAJB0cUTzM2QfiVag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.148.0-62.60.159.255
62.60.186.0/24
62.60.216.0/23
62.60.228.0/22
62.60.235.0-62.60.255.255
213.176.64.0/22
213.176.74.0/23
213.176.92.0/22
213.176.112.0/21
Signature Algorithm: sha256WithRSAEncryption
b6:35:6d:78:d5:65:2f:3b:35:ac:9a:01:fa:2c:81:88:db:4f:
92:7a:63:1c:b3:9c:d5:6c:61:52:83:6e:67:c4:04:81:18:73:
d5:d9:63:12:71:ed:f5:1c:fe:a0:15:39:b2:54:ab:ba:c3:e6:
83:30:10:1a:66:ca:cc:bf:f8:43:ed:9f:7f:51:ee:62:ee:84:
9b:71:a9:fa:0d:ff:03:c3:9b:0e:ed:3c:d6:e7:88:6c:21:9b:
64:6f:da:71:c5:f5:f7:b4:4e:cd:d2:38:29:b8:a0:4a:e4:92:
5c:a6:8d:22:94:47:83:db:cb:7f:be:6f:c4:77:85:d5:a2:ec:
df:63:04:37:68:c6:66:55:4c:83:99:97:f4:e2:d6:e9:07:27:
ff:c5:40:8e:9e:69:31:77:99:0b:86:3f:58:39:61:23:6f:16:
e8:13:13:25:e7:77:d0:5e:c0:36:1f:62:f2:0b:b3:ab:8f:d2:
6a:b8:f9:77:1d:51:05:73:80:0d:30:fc:55:ac:34:2c:de:90:
fd:37:fc:58:f4:12:74:74:1e:ae:87:d7:9d:9e:c0:36:7e:c7:
ac:0e:19:ff:38:4c:71:f2:8f:22:62:71:60:6b:ca:f8:2f:76:
88:62:48:08:2e:77:82:73:c8:62:a2:2b:c6:d4:b6:11:6d:85:
e3:a4:74:fc
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZVvU4fmwNRwmqfo3C2WMvnpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjUwMzA3MDYzODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGU5NWU3OGQ1YTIxNjQ2YzAyNDFkMWM1MTNjY2NkOTA3ZTI1NWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHIwhELWBongJHV/58eK3pPbF1pa
/wKkm5l1nh7Tjm3hb9N9X4cal0aZZpAaZ+VVrH4wmf8NMoET3tI9z8jIDC4esWoY
tM2u0oNycTPPjDLmdM8ddsMhwyG9gottJt9RJ40wxdmChWF1vqF65fBade92pj+m
90M60uvJsTHtn2ZSR0WQHOW9r4j1qtNtgimCkhHX2gXB9Urr+u6HacdvSsdnJHYd
CSwZ90q2nViuqtFVgb5O/94crILGmVyIT2jnrTS9wNcuVfPS5N53QRqbtgCuV8if
nzzsuS9eMnM0WgBqfDxRtxIvXQz4ZDX0IJb7G5c7VTZWgoYj2/PqTBedOQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFPjpXnjVohZGwCQdHFE8zNkH4lWoMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvMS1PbGVlTldpRmtiQUpCMGNVVHpNMlFmaVZhZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTcvMTMzOWRmLThlMDYtNDFkZS05NGYzLTBjYmEzM2VmYzVi
Yi8xL3c4R0ZKLU9pQnE4b1FnS05sYTdFRXpqbzJ2Zy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBeBggrBgEFBQcBBwEB/wRPME0wSwQCAAEwRTAMAwQCPjyU
AwQFPjyAAwQAPjy6AwQBPjzYAwQCPjzkMAsDBAA+POsDAwA+PAMEAtWwQAMEAdWw
SgMEAtWwXAMEA9WwcDANBgkqhkiG9w0BAQsFAAOCAQEAtjVteNVlLzs1rJoB+iyB
iNtPknpjHLOc1WxhUoNuZ8QEgRhz1dljEnHt9Rz+oBU5slSrusPmgzAQGmbKzL/4
Q+2ff1HuYu6Em3Gp+g3/A8ObDu081ueIbCGbZG/accX197ROzdI4KbigSuSSXKaN
IpRHg9vLf75vxHeF1aLs32MEN2jGZlVMg5mX9OLW6Qcn/8VAjp5pMXeZC4Y/WDlh
I28W6BMTJed30F7ANh9i8guzq4/Sarj5dx1RBXOADTD8Vaw0LN6Q/Tf8WPQSdHQe
rofXnZ7ANn7HrA4Z/zhMcfKPImJxYGvK+C92iGJICC53gnPIYqIrxtS2EW2F46R0
/A==
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:48:28 2025 by rpki-client