Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/cEVPwNbLIFpJQaQN99L79YbdZFs.roa
File: cEVPwNbLIFpJQaQN99L79YbdZFs.roa (raw, json)
Hash identifier: 7yqd4jXtQb5LIzfk6g4nBxk7f59NFM9ePlx7mxIWUTM=
Subject key identifier: 70:45:4F:C0:D6:CB:20:5A:49:41:A4:0D:F7:D2:FB:F5:86:DD:64:5B
Certificate issuer: /CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Certificate serial: 0195F68CFF204F11A08AED80E4BC0A5456C4
Authority key identifier: 00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/cEVPwNbLIFpJQaQN99L79YbdZFs.roa
Signing time: Wed 02 Apr 2025 12:49:50 +0000
ROA not before: Wed 02 Apr 2025 12:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30962
IP address blocks: 62.108.32.0/20 maxlen: 24
62.108.48.0/20 maxlen: 24
84.19.0.0/19 maxlen: 24
89.107.64.0/21 maxlen: 24
91.190.144.0/21 maxlen: 24
93.190.88.0/21 maxlen: 24
93.190.94.0/24 maxlen: 24
93.190.95.0/24 maxlen: 24
185.147.216.0/22 maxlen: 24
194.113.216.0/23 maxlen: 24
195.62.20.0/23 maxlen: 24
195.191.114.0/23 maxlen: 24
195.225.240.0/22 maxlen: 24
2a00:f70::/32 maxlen: 32
2a03:f200::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/ACZHyAH7WPz6rBNbtI9eYf6n5WY.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/ACZHyAH7WPz6rBNbtI9eYf6n5WY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:8c:ff:20:4f:11:a0:8a:ed:80:e4:bc:0a:54:56:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Validity
Not Before: Apr 2 12:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70454fc0d6cb205a4941a40df7d2fbf586dd645b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:23:63:bc:8f:a1:02:0c:01:f8:7c:6c:af:fb:
1e:ff:cf:6b:e8:6b:4b:99:71:6e:94:ae:f3:4d:2f:
a5:80:69:9d:1d:22:be:62:c3:c7:77:56:eb:68:3e:
a1:3f:a6:7a:a1:aa:ed:64:1b:42:52:13:1e:8c:82:
8d:f4:fa:a4:b3:c6:c1:45:76:6c:02:fd:be:95:c0:
55:e5:e3:41:58:bb:ad:01:43:31:94:86:62:1a:6f:
7a:0b:4d:a5:5b:3c:ab:ac:61:92:2a:a7:1b:c4:b4:
f5:f3:23:9d:a2:ea:f9:df:12:2b:6f:e2:5a:f0:60:
9b:b9:c9:bd:5f:2d:b6:89:bf:5f:42:97:c1:ff:eb:
a1:40:dc:36:06:1f:a9:4d:a9:f4:3a:eb:bb:bb:57:
67:69:22:1a:fe:03:32:fb:02:a4:8f:71:ac:21:be:
75:a7:e2:5c:fa:6c:59:6d:35:51:09:81:2f:7f:6c:
65:08:3a:ed:cf:ac:00:09:5c:e6:c4:42:63:28:09:
95:e4:c0:e1:ac:db:6d:0b:31:3d:61:ca:27:18:03:
0b:e4:79:c3:b5:ee:36:86:06:cb:50:db:1f:60:23:
ee:0d:3d:cf:f8:20:ae:af:9e:ad:04:67:5f:7b:1f:
d2:a3:ed:b7:d3:8c:53:35:49:29:0a:66:c2:48:22:
0c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:45:4F:C0:D6:CB:20:5A:49:41:A4:0D:F7:D2:FB:F5:86:DD:64:5B
X509v3 Authority Key Identifier:
keyid:00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/cEVPwNbLIFpJQaQN99L79YbdZFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/ACZHyAH7WPz6rBNbtI9eYf6n5WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.32.0/19
84.19.0.0/19
89.107.64.0/21
91.190.144.0/21
93.190.88.0/21
185.147.216.0/22
194.113.216.0/23
195.62.20.0/23
195.191.114.0/23
195.225.240.0/22
IPv6:
2a00:f70::/32
2a03:f200::/32
Signature Algorithm: sha256WithRSAEncryption
08:9a:81:e0:6e:4d:26:f0:31:e2:8a:b8:8c:d6:51:76:8d:39:
d3:79:22:de:07:bb:f7:1e:c0:d7:9c:87:99:8a:8a:9d:88:44:
3b:8c:cc:f0:10:4e:d5:cb:18:50:a6:31:e0:70:29:a3:65:4a:
78:bc:25:26:cc:8d:be:8a:2b:76:2d:73:d3:62:48:e9:ca:4b:
c8:19:91:a1:ff:f6:d6:35:8b:67:a5:4b:4e:41:b8:23:ec:18:
4f:1d:62:d6:4f:96:a0:2a:cf:cf:60:9c:27:c6:22:d5:be:fd:
43:f2:92:57:26:5a:36:30:b4:7d:8e:7d:89:48:3f:63:9a:03:
35:08:5e:2d:a3:87:6d:f2:bb:c4:6e:a8:d8:9a:68:cf:19:10:
dc:77:4e:e7:19:f1:42:e7:e3:b1:b7:67:fd:cc:82:9f:3c:1c:
f6:2e:3e:11:a3:94:27:5d:8c:6d:f9:e5:c7:05:d1:c1:6e:3b:
0f:b0:ec:a1:aa:a9:92:ba:3b:98:c7:a4:fa:4e:6c:f4:fc:55:
4b:2e:8d:c6:52:07:24:1e:b5:7c:e4:a3:ae:ab:a3:91:d9:7f:
7f:a6:7d:33:64:db:f3:25:59:69:ac:fd:b2:9d:91:b3:52:94:
72:35:75:c5:e6:94:75:1c:c4:91:76:ea:55:e9:79:ab:1a:89:
bb:4a:bc:2a
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZX2jP8gTxGgiu2A5LwKVFbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMjY0N2M4MDFmYjU4ZmNmYWFjMTM1YmI0OGY1ZTYxZmVh
N2U1NjYwHhcNMjUwNDAyMTI0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDQ1NGZjMGQ2Y2IyMDVhNDk0MWE0MGRmN2QyZmJmNTg2ZGQ2NDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyNjvI+hAgwB+Hxsr/se/89r6GtL
mXFulK7zTS+lgGmdHSK+YsPHd1braD6hP6Z6oartZBtCUhMejIKN9Pqks8bBRXZs
Av2+lcBV5eNBWLutAUMxlIZiGm96C02lWzyrrGGSKqcbxLT18yOdour53xIrb+Ja
8GCbucm9Xy22ib9fQpfB/+uhQNw2Bh+pTan0Ouu7u1dnaSIa/gMy+wKkj3GsIb51
p+Jc+mxZbTVRCYEvf2xlCDrtz6wACVzmxEJjKAmV5MDhrNttCzE9YconGAML5HnD
te42hgbLUNsfYCPuDT3P+CCur56tBGdfex/So+2304xTNUkpCmbCSCIM9wIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFHBFT8DWyyBaSUGkDffS+/WG3WRbMB8GA1UdIwQY
MBaAFAAmR8gB+1j8+qwTW7SPXmH+p+VmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODIt
OTRlZmJmNWNlY2Q0LzEvY0VWUHdOYkxJRnBKUWFRTjk5TDc5WWJkWkZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODItOTRlZmJmNWNlY2Q0
LzEvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQFPmwgAwQF
VBMAAwQDWWtAAwQDW76QAwQDXb5YAwQCuZPYAwQBwnHYAwQBwz4UAwQBw79yAwQC
w+HwMBQEAgACMA4DBQAqAA9wAwUAKgPyADANBgkqhkiG9w0BAQsFAAOCAQEACJqB
4G5NJvAx4oq4jNZRdo0503ki3ge79x7A15yHmYqKnYhEO4zM8BBO1csYUKYx4HAp
o2VKeLwlJsyNvoordi1z02JI6cpLyBmRof/21jWLZ6VLTkG4I+wYTx1i1k+WoCrP
z2CcJ8Yi1b79Q/KSVyZaNjC0fY59iUg/Y5oDNQheLaOHbfK7xG6o2JpozxkQ3HdO
5xnxQufjsbdn/cyCnzwc9i4+EaOUJ12MbfnlxwXRwW47D7Dsoaqpkro7mMek+k5s
9PxVSy6NxlIHJB61fOSjrqujkdl/f6Z9M2Tb8yVZaaz9sp2Rs1KUcjV1xeaUdRzE
kXbqVel5qxqJu0q8Kg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:32:04 2025 by rpki-client