Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Xh_nIIhlIVq5rKHv1IjCncovJ4o.roa
File: Xh_nIIhlIVq5rKHv1IjCncovJ4o.roa (raw, json)
Hash identifier: mtjAhRm8JR66Itk63UwTKx7Mn6caonQ7wqNPv8b3naM=
Subject key identifier: 5E:1F:E7:20:88:65:21:5A:B9:AC:A1:EF:D4:88:C2:9D:CA:2F:27:8A
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01970601409241E12696D1E7C03A4E48FFFF
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Xh_nIIhlIVq5rKHv1IjCncovJ4o.roa
Signing time: Sun 25 May 2025 05:53:54 +0000
ROA not before: Sun 25 May 2025 05:53:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35372
IP address blocks: 62.60.138.0/24 maxlen: 24
62.60.144.0/24 maxlen: 24
62.60.147.0/24 maxlen: 24
62.60.218.0/23 maxlen: 24
213.176.0.0/24 maxlen: 24
213.176.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:06:01:40:92:41:e1:26:96:d1:e7:c0:3a:4e:48:ff:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: May 25 05:53:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e1fe7208865215ab9aca1efd488c29dca2f278a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ce:aa:7f:d6:fc:e2:d7:42:a5:a8:bf:4c:4a:
86:c6:3e:d1:c6:bc:29:22:80:89:b3:04:5f:18:1a:
1e:22:50:46:76:0a:8e:bf:76:fb:29:14:81:27:78:
da:80:3e:89:fc:25:e4:18:ac:82:e9:f7:24:d8:9e:
66:ea:c4:22:cd:5f:66:ab:62:be:24:a6:06:6c:c7:
c0:e9:79:79:5e:6c:13:fb:e5:c7:ae:15:e8:0b:e3:
4a:30:41:ba:8b:b8:0a:c0:0c:3a:0b:64:37:f0:bc:
c7:e1:8d:e2:7f:96:4c:af:c1:11:09:35:6d:5f:6a:
53:d1:84:76:41:c7:10:59:08:9e:80:0f:4f:e9:40:
38:9d:b9:79:07:6f:ca:ac:1a:fa:46:f8:85:ac:6c:
b7:a9:70:b4:45:5f:56:95:5e:b9:84:bd:ba:81:ea:
f1:11:6c:09:14:1d:47:e4:46:1f:f9:27:e9:56:c5:
f4:2e:6a:c0:47:f8:00:f9:2d:a0:44:a5:17:87:d3:
01:cf:15:4b:6d:75:7c:c8:58:4d:91:89:5f:50:1b:
2d:21:e3:6f:4a:8e:20:65:69:50:b7:2e:c3:44:84:
37:55:b4:aa:b8:ba:86:b2:52:ad:7f:97:05:76:c7:
13:fa:dd:f1:a8:4b:3d:99:34:b8:80:f4:68:58:02:
02:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:1F:E7:20:88:65:21:5A:B9:AC:A1:EF:D4:88:C2:9D:CA:2F:27:8A
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/Xh_nIIhlIVq5rKHv1IjCncovJ4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.138.0/24
62.60.144.0/24
62.60.147.0/24
62.60.218.0/23
213.176.0.0/24
213.176.126.0/24
Signature Algorithm: sha256WithRSAEncryption
24:cf:8c:7c:4a:8f:3b:78:2f:27:78:c5:f1:31:23:bb:52:3a:
32:d3:59:f4:e8:2d:68:db:ae:e7:b2:38:9f:fa:0a:21:3c:84:
18:8e:bc:fe:bd:5f:f0:bf:6d:35:ba:3e:7d:cb:01:b0:27:25:
07:77:20:e0:28:d5:4b:7d:d5:74:5d:9c:a6:f7:95:31:03:76:
e2:78:9f:ee:aa:86:00:45:cd:6d:ad:92:32:47:0f:6f:6e:59:
bb:94:ba:1f:96:6f:6f:71:3f:6f:07:fc:1c:59:74:f8:65:52:
4c:d5:60:82:d0:1f:6d:f9:17:40:f4:62:6c:f9:73:df:66:bc:
09:19:e7:b3:a7:7e:b5:f4:e0:f9:f5:6f:fc:4b:7f:de:c1:73:
92:4d:75:71:f6:71:7d:4e:95:61:ae:6f:20:1c:9c:db:40:0b:
96:03:2f:05:90:3c:fe:1c:c6:45:01:2b:3e:e2:de:98:d9:c2:
10:78:59:ae:70:2b:1c:cb:b5:ee:98:b4:f8:23:21:52:d4:4f:
9c:11:9c:75:9c:e6:ef:f5:40:ac:74:57:02:25:da:ce:51:ad:
82:79:52:54:55:df:c5:bb:9a:64:6a:46:86:cf:d1:96:23:a9:
bf:9d:10:36:5b:b7:6d:cb:82:0d:df:10:44:5e:f8:a5:c8:ce:
1e:e1:83:e3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZcGAUCSQeEmltHnwDpOSP//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjUwNTI1MDU1MzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTFmZTcyMDg4NjUyMTVhYjlhY2ExZWZkNDg4YzI5ZGNhMmYyNzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM6qf9b84tdCpai/TEqGxj7Rxrwp
IoCJswRfGBoeIlBGdgqOv3b7KRSBJ3jagD6J/CXkGKyC6fck2J5m6sQizV9mq2K+
JKYGbMfA6Xl5XmwT++XHrhXoC+NKMEG6i7gKwAw6C2Q38LzH4Y3if5ZMr8ERCTVt
X2pT0YR2QccQWQiegA9P6UA4nbl5B2/KrBr6RviFrGy3qXC0RV9WlV65hL26gerx
EWwJFB1H5EYf+SfpVsX0LmrAR/gA+S2gRKUXh9MBzxVLbXV8yFhNkYlfUBstIeNv
So4gZWlQty7DRIQ3VbSquLqGslKtf5cFdscT+t3xqEs9mTS4gPRoWAICnwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFF4f5yCIZSFauayh79SIwp3KLyeKMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvWGhfbklJaGxJVnE1cktIdjFJakNuY292SjRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAPjyKAwQA
PjyQAwQAPjyTAwQBPjzaAwQA1bAAAwQA1bB+MA0GCSqGSIb3DQEBCwUAA4IBAQAk
z4x8So87eC8neMXxMSO7Ujoy01n06C1o267nsjif+gohPIQYjrz+vV/wv201uj59
ywGwJyUHdyDgKNVLfdV0XZym95UxA3bieJ/uqoYARc1trZIyRw9vblm7lLoflm9v
cT9vB/wcWXT4ZVJM1WCC0B9t+RdA9GJs+XPfZrwJGeezp3619OD59W/8S3/ewXOS
TXVx9nF9TpVhrm8gHJzbQAuWAy8FkDz+HMZFASs+4t6Y2cIQeFmucCscy7XumLT4
IyFS1E+cEZx1nObv9UCsdFcCJdrOUa2CeVJUVd/Fu5pkakaGz9GWI6m/nRA2W7dt
y4IN3xBEXvilyM4e4YPj
-----END CERTIFICATE-----
Generated at Fri Jun 6 06:44:25 2025 by rpki-client