Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/nAbfDA1nalryeIQUU_8-WCjNPhg.roa
File: nAbfDA1nalryeIQUU_8-WCjNPhg.roa (raw, json)
Hash identifier: clejeCdX7nQRLp7JV7vtE0GGY9SPxI4QPu4fBk1ykCM=
Subject key identifier: 9C:06:DF:0C:0D:67:6A:5A:F2:78:84:14:53:FF:3E:58:28:CD:3E:18
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 0195690E9BE1E48E4B7375D07122E0ECCE1B
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/nAbfDA1nalryeIQUU_8-WCjNPhg.roa
Signing time: Thu 06 Mar 2025 01:25:19 +0000
ROA not before: Thu 06 Mar 2025 01:25:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48147
IP address blocks: 62.60.162.0/24 maxlen: 24
62.60.196.0/23 maxlen: 24
62.60.199.0/24 maxlen: 24
62.60.222.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 23:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:69:0e:9b:e1:e4:8e:4b:73:75:d0:71:22:e0:ec:ce:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Mar 6 01:25:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c06df0c0d676a5af278841453ff3e5828cd3e18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:37:7c:ed:51:39:fa:a5:b0:c8:a0:c3:80:3a:
0d:a9:15:c7:8e:e4:b6:68:9b:5c:8e:7d:38:da:bb:
f6:7e:1e:17:22:ef:4f:13:cb:34:b2:e8:99:04:8f:
f8:8e:60:01:07:25:11:3a:c7:bf:ea:f3:23:5a:d6:
5d:71:90:63:9d:97:49:c0:b9:b6:64:9f:56:eb:9c:
d6:3b:14:0a:1d:7c:1f:03:0d:20:73:5f:56:b5:6c:
2f:62:a1:25:5f:7f:42:0f:ea:fb:16:a6:53:d4:c7:
3b:5c:8c:32:c7:67:7b:78:1f:56:ce:1e:c9:5a:73:
09:e5:55:7b:45:1b:23:10:60:62:b6:04:74:cd:36:
1c:98:ab:28:25:d8:3d:96:6b:4c:a7:1c:a5:82:e6:
12:de:0d:20:bf:56:d0:db:cd:b3:03:bf:fa:10:29:
63:f3:8d:d7:a5:8d:49:00:1e:05:8c:9d:e6:e0:d3:
bc:72:05:39:e9:c7:3b:bf:bd:c2:3d:69:0f:a1:a9:
2d:c3:9a:70:73:dd:e1:2c:6f:f6:d9:76:4c:83:c1:
1f:d3:b2:11:8f:06:2b:4c:5f:fe:72:b5:e2:59:db:
37:02:7e:de:5b:64:21:25:fe:69:38:a3:8b:3a:1c:
01:59:0a:35:b0:ba:0c:55:47:1a:a5:68:77:3c:a2:
e1:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:06:DF:0C:0D:67:6A:5A:F2:78:84:14:53:FF:3E:58:28:CD:3E:18
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/nAbfDA1nalryeIQUU_8-WCjNPhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.162.0/24
62.60.196.0/23
62.60.199.0/24
62.60.222.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:b4:b8:57:51:90:92:5a:f5:fb:68:8a:ba:a6:ee:1f:30:34:
ae:5d:55:3d:7e:30:56:fa:b2:bf:90:4a:e7:9a:08:17:e2:2f:
00:c4:aa:51:59:a7:49:fe:99:fe:ba:8e:6a:26:c4:5c:1d:f8:
ac:8c:af:8a:4c:91:e8:22:f9:32:ec:1c:9b:1a:31:44:e9:e8:
2e:a6:a7:c6:66:7a:61:91:e5:40:5c:f9:90:07:2e:b7:00:65:
82:1e:a3:6a:1a:d5:5a:99:3c:b4:03:8f:53:5e:42:f9:08:d0:
e1:4b:40:6c:9a:87:b7:85:d3:56:98:e1:10:0c:07:e7:3e:58:
7b:f4:38:1f:8f:1f:57:bf:ee:ff:2a:05:9a:4d:d3:7e:99:00:
d1:a0:d4:95:79:14:3c:e2:bf:b8:76:5e:4c:dc:94:00:68:47:
f5:46:e7:83:ad:47:d4:21:c8:92:30:a3:76:f6:ac:ac:7f:4f:
7c:33:ed:69:6f:51:dc:f1:4f:24:ce:cc:10:df:d9:08:4f:86:
4e:0b:b6:b3:bf:f0:b9:bb:87:4c:1b:52:9b:83:9f:f4:e3:69:
1c:2b:1f:fc:89:c8:c2:41:de:1d:38:91:93:87:4f:b0:b1:92:
f7:96:f6:9a:1a:34:43:29:43:aa:4d:4e:8e:3d:f2:aa:37:ee:
05:fd:79:10
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZVpDpvh5I5Lc3XQcSLg7M4bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjUwMzA2MDEyNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzA2ZGYwYzBkNjc2YTVhZjI3ODg0MTQ1M2ZmM2U1ODI4Y2QzZTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzd87VE5+qWwyKDDgDoNqRXHjuS2
aJtcjn042rv2fh4XIu9PE8s0suiZBI/4jmABByUROse/6vMjWtZdcZBjnZdJwLm2
ZJ9W65zWOxQKHXwfAw0gc19WtWwvYqElX39CD+r7FqZT1Mc7XIwyx2d7eB9Wzh7J
WnMJ5VV7RRsjEGBitgR0zTYcmKsoJdg9lmtMpxylguYS3g0gv1bQ282zA7/6EClj
843XpY1JAB4FjJ3m4NO8cgU56cc7v73CPWkPoaktw5pwc93hLG/22XZMg8Ef07IR
jwYrTF/+crXiWds3An7eW2QhJf5pOKOLOhwBWQo1sLoMVUcapWh3PKLhXwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJwG3wwNZ2pa8niEFFP/PlgozT4YMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvbkFiZkRBMW5hbHJ5ZUlRVVVfOC1XQ2pOUGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPjyiAwQB
PjzEAwQAPjzHAwQBPjzeMA0GCSqGSIb3DQEBCwUAA4IBAQAOtLhXUZCSWvX7aIq6
pu4fMDSuXVU9fjBW+rK/kErnmggX4i8AxKpRWadJ/pn+uo5qJsRcHfisjK+KTJHo
Ivky7BybGjFE6egupqfGZnphkeVAXPmQBy63AGWCHqNqGtVamTy0A49TXkL5CNDh
S0Bsmoe3hdNWmOEQDAfnPlh79Dgfjx9Xv+7/KgWaTdN+mQDRoNSVeRQ84r+4dl5M
3JQAaEf1RueDrUfUIciSMKN29qysf098M+1pb1Hc8U8kzswQ39kIT4ZOC7azv/C5
u4dMG1Kbg5/042kcKx/8icjCQd4dOJGTh0+wsZL3lvaaGjRDKUOqTU6OPfKqN+4F
/XkQ
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:30:33 2025 by rpki-client