Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/PbZXNhzTy44dz4opY7EcI010jng.roa
File: PbZXNhzTy44dz4opY7EcI010jng.roa (raw, json)
Hash identifier: nmExN6JYMg41fJJNAOXoOlJJ6hB41c5F4k8ZYwAMDF4=
Subject key identifier: 3D:B6:57:36:1C:D3:CB:8E:1D:CF:8A:29:63:B1:1C:23:4D:74:8E:78
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 019424B3ACBE168E9F92198423676C63C5ED
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/PbZXNhzTy44dz4opY7EcI010jng.roa
Signing time: Thu 02 Jan 2025 01:49:02 +0000
ROA not before: Thu 02 Jan 2025 01:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42372
IP address blocks: 62.205.133.0/24 maxlen: 24
193.33.64.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ac:be:16:8e:9f:92:19:84:23:67:6c:63:c5:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 2 01:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3db657361cd3cb8e1dcf8a2963b11c234d748e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b9:6c:1d:ba:0f:6c:61:9a:88:c3:bc:a8:2c:
bd:de:a8:53:bf:13:d5:95:97:05:af:30:0f:bb:f3:
c9:23:ce:f3:d1:dd:54:d4:af:e7:76:87:31:73:8f:
47:f8:50:f6:e9:f1:69:e8:42:97:20:0c:85:4c:ad:
e0:7e:13:9b:31:8f:3b:68:1e:0b:f6:25:82:f1:88:
20:f5:61:e1:ac:ab:f4:4a:b2:3d:97:43:54:87:cc:
5f:c6:5d:de:7f:dd:7d:96:1e:f8:4c:89:fa:30:21:
db:08:5e:06:a1:a1:6d:7f:66:9d:0b:46:7b:ae:9e:
b0:ee:2e:c3:45:80:d7:32:35:fb:2f:7f:cc:e9:8b:
c8:78:35:0b:71:f4:e5:4f:24:d0:5d:51:26:e6:83:
0f:32:8a:5f:a5:11:1a:ee:cb:08:fb:e6:d5:5d:e3:
cb:28:2e:c1:f2:01:39:4a:32:da:04:61:ef:8c:34:
8f:37:d2:76:f8:d7:58:63:9e:77:fb:76:b9:fd:d0:
a3:62:cc:e1:62:93:0c:e9:4d:1b:11:71:b6:3f:aa:
a5:f9:32:99:20:2f:40:bf:1e:4f:55:ba:13:b1:31:
0f:40:ce:b0:56:d5:eb:5d:32:5f:f9:d0:21:d5:c8:
cb:17:5d:d6:55:71:54:a3:dc:53:ac:6e:d7:a8:27:
bb:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B6:57:36:1C:D3:CB:8E:1D:CF:8A:29:63:B1:1C:23:4D:74:8E:78
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/PbZXNhzTy44dz4opY7EcI010jng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.133.0/24
193.33.64.0/23
Signature Algorithm: sha256WithRSAEncryption
84:2b:7c:22:6d:9e:bd:31:04:28:c6:0e:96:c3:86:f7:7a:a5:
72:83:55:c0:37:9c:7e:45:a4:be:44:89:cc:1b:91:f6:13:fc:
04:fb:b2:07:17:b7:e5:9f:79:4e:68:8c:e5:ea:6d:a8:b9:5b:
b7:0f:4a:9c:f2:9e:e8:23:a8:e9:c1:1e:6d:25:49:79:54:28:
c5:3e:d4:47:c6:16:45:da:ae:fb:72:43:d9:77:5b:7f:1e:b9:
a6:81:51:93:a4:bd:c3:25:0f:6e:85:f0:11:02:75:0b:57:8c:
50:21:e3:c3:1b:b9:87:44:3a:02:63:37:61:42:65:92:cd:c1:
99:76:7a:02:93:26:42:cc:82:b4:65:61:c9:a5:d5:bf:a5:44:
6c:4d:78:5f:ac:81:34:43:c0:3f:7a:1c:93:3e:bc:af:12:c3:
5f:d2:27:41:4b:f8:ce:71:ea:60:52:53:70:3b:3f:d1:bd:d5:
4a:a1:27:dd:29:b2:b5:fe:18:ae:91:12:e3:52:9f:12:02:92:
38:fe:78:4f:b8:f8:b4:74:f2:56:9c:29:f8:af:49:30:e7:4a:
db:13:86:cf:39:b4:37:94:d5:1d:e1:3c:4f:6a:6c:e0:a5:c6:
29:61:12:1f:95:1a:40:8a:f2:78:33:ee:6f:d9:34:7f:aa:80:
48:1f:7c:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQks6y+Fo6fkhmEI2dsY8XtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwMTAyMDE0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGI2NTczNjFjZDNjYjhlMWRjZjhhMjk2M2IxMWMyMzRkNzQ4ZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrlsHboPbGGaiMO8qCy93qhTvxPV
lZcFrzAPu/PJI87z0d1U1K/ndocxc49H+FD26fFp6EKXIAyFTK3gfhObMY87aB4L
9iWC8Ygg9WHhrKv0SrI9l0NUh8xfxl3ef919lh74TIn6MCHbCF4GoaFtf2adC0Z7
rp6w7i7DRYDXMjX7L3/M6YvIeDULcfTlTyTQXVEm5oMPMopfpREa7ssI++bVXePL
KC7B8gE5SjLaBGHvjDSPN9J2+NdYY553+3a5/dCjYszhYpMM6U0bEXG2P6ql+TKZ
IC9Avx5PVboTsTEPQM6wVtXrXTJf+dAh1cjLF13WVXFUo9xTrG7XqCe75wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD22VzYc08uOHc+KKWOxHCNNdI54MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvUGJaWE5oelR5NDRkejRvcFk3RWNJMDEwam5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPs2FAwQB
wSFAMA0GCSqGSIb3DQEBCwUAA4IBAQCEK3wibZ69MQQoxg6Ww4b3eqVyg1XAN5x+
RaS+RInMG5H2E/wE+7IHF7fln3lOaIzl6m2ouVu3D0qc8p7oI6jpwR5tJUl5VCjF
PtRHxhZF2q77ckPZd1t/HrmmgVGTpL3DJQ9uhfARAnULV4xQIePDG7mHRDoCYzdh
QmWSzcGZdnoCkyZCzIK0ZWHJpdW/pURsTXhfrIE0Q8A/ehyTPryvEsNf0idBS/jO
cepgUlNwOz/RvdVKoSfdKbK1/hiukRLjUp8SApI4/nhPuPi0dPJWnCn4r0kw50rb
E4bPObQ3lNUd4TxPamzgpcYpYRIflRpAivJ4M+5v2TR/qoBIH3xj
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:51:16 2025 by rpki-client