Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/PkABJaVRWiQjy_4RILYCs_CK_SI.roa
File: PkABJaVRWiQjy_4RILYCs_CK_SI.roa (raw, json)
Hash identifier: b7en6Be+nPTR+mK2a2sCXHHGEoPgh9z3dIUmSF1Db2c=
Subject key identifier: 3E:40:01:25:A5:51:5A:24:23:CB:FE:11:20:B6:02:B3:F0:8A:FD:22
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0194228D9C8E9495DB67C8EF03E6B5E31250
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/PkABJaVRWiQjy_4RILYCs_CK_SI.roa
Signing time: Wed 01 Jan 2025 15:48:13 +0000
ROA not before: Wed 01 Jan 2025 15:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61429
IP address blocks: 62.41.2.0/24 maxlen: 24
62.41.10.0/24 maxlen: 24
62.41.20.0/24 maxlen: 24
62.41.21.0/24 maxlen: 24
62.41.59.0/24 maxlen: 24
62.41.60.0/24 maxlen: 24
62.41.77.248/29 maxlen: 29
62.41.160.128/28 maxlen: 28
62.41.160.144/30 maxlen: 30
62.41.160.148/30 maxlen: 30
62.41.160.192/26 maxlen: 26
92.71.10.0/24 maxlen: 24
92.71.11.0/24 maxlen: 24
92.71.15.0/24 maxlen: 24
92.71.16.0/24 maxlen: 24
92.71.19.0/24 maxlen: 24
92.71.20.0/24 maxlen: 24
92.71.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:9c:8e:94:95:db:67:c8:ef:03:e6:b5:e3:12:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jan 1 15:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e400125a5515a2423cbfe1120b602b3f08afd22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ea:6e:eb:7e:23:6c:49:8e:44:07:a3:1b:1e:
75:24:71:e2:cb:08:b4:27:18:77:18:cb:8d:27:69:
fa:ef:f1:d6:b7:71:77:16:1c:09:ca:a4:ae:70:60:
39:db:63:48:43:70:41:67:98:09:ec:a6:e8:cb:5c:
a0:4f:39:3a:fe:5c:c4:06:f1:08:fe:ac:11:ec:50:
8f:14:33:4c:58:80:4d:d4:b4:7e:e5:23:92:c6:6f:
dc:26:6e:6b:3c:12:eb:19:a6:09:95:61:d7:36:83:
49:66:71:4f:10:3f:0c:fb:6e:83:3f:48:d9:74:0e:
96:3d:45:5a:5d:43:c2:1b:f0:a6:da:aa:37:ff:de:
6a:ed:cd:8c:0f:68:e4:21:d3:f6:e1:4e:a8:65:da:
04:03:07:e6:e4:4d:7c:07:69:3d:45:6b:95:24:33:
4b:a2:55:0f:94:0e:a0:8c:fb:66:69:3d:f1:db:dd:
a7:49:39:c2:fb:d8:cc:0a:0e:5e:2f:f8:f9:5d:d5:
51:d7:50:aa:ff:2f:26:28:89:db:aa:10:de:59:69:
2d:d4:8f:ba:79:71:9b:7f:04:a2:4b:8a:0d:2c:6b:
c1:34:7e:00:8d:95:72:ad:e6:b7:f1:27:d4:03:6a:
a9:a3:79:eb:b0:0f:42:e4:e9:11:37:b9:7a:03:25:
fc:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:40:01:25:A5:51:5A:24:23:CB:FE:11:20:B6:02:B3:F0:8A:FD:22
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/PkABJaVRWiQjy_4RILYCs_CK_SI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.41.2.0/24
62.41.10.0/24
62.41.20.0/23
62.41.59.0-62.41.60.255
62.41.77.248/29
62.41.160.128-62.41.160.151
62.41.160.192/26
92.71.10.0/23
92.71.15.0-92.71.16.255
92.71.19.0-92.71.20.255
92.71.22.0/24
Signature Algorithm: sha256WithRSAEncryption
42:a7:8e:e9:ae:94:c9:77:61:72:31:5d:c7:b6:c2:66:4b:47:
59:8a:a6:3e:f1:ca:35:55:b9:7b:86:db:ab:ac:76:28:94:c1:
f4:f4:c0:55:68:8c:0b:74:76:ca:f9:31:36:96:ae:d8:3e:79:
ae:25:63:d1:f7:51:c2:7e:86:fd:df:93:49:71:12:a5:21:86:
72:c2:fe:d7:a6:48:18:a5:14:83:09:50:59:c7:24:1b:97:8f:
e6:2e:d2:06:99:3f:4f:15:9b:35:cb:3c:be:1a:bb:4c:c0:47:
da:d5:cd:24:76:89:93:ac:91:e9:6c:f0:91:06:1a:f7:7a:9d:
ed:cf:7f:cc:9b:8f:77:29:77:0e:98:82:36:d1:dd:fb:78:82:
7d:41:8a:8c:79:07:e1:c3:9f:63:13:5d:e4:90:6c:f9:59:96:
29:5d:6e:42:d5:2c:cf:ae:f6:93:db:74:fa:38:71:ee:82:f5:
f9:da:80:23:39:09:39:45:90:1f:db:3f:be:52:cb:26:9e:0d:
26:de:20:0f:24:91:b2:79:0b:99:8a:04:6a:cb:28:4d:15:10:
9a:e4:29:dd:34:f0:59:7c:e5:99:a3:4a:ae:57:d7:79:6d:cd:
dc:bf:c8:86:61:99:74:66:e0:f5:23:8a:c7:e8:dc:96:83:6b:
12:3f:56:6b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZQijZyOlJXbZ8jvA+a14xJQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwMTAxMTU0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTQwMDEyNWE1NTE1YTI0MjNjYmZlMTEyMGI2MDJiM2YwOGFmZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOpu634jbEmORAejGx51JHHiywi0
Jxh3GMuNJ2n67/HWt3F3FhwJyqSucGA522NIQ3BBZ5gJ7Kboy1ygTzk6/lzEBvEI
/qwR7FCPFDNMWIBN1LR+5SOSxm/cJm5rPBLrGaYJlWHXNoNJZnFPED8M+26DP0jZ
dA6WPUVaXUPCG/Cm2qo3/95q7c2MD2jkIdP24U6oZdoEAwfm5E18B2k9RWuVJDNL
olUPlA6gjPtmaT3x292nSTnC+9jMCg5eL/j5XdVR11Cq/y8mKInbqhDeWWkt1I+6
eXGbfwSiS4oNLGvBNH4AjZVyrea38SfUA2qpo3nrsA9C5OkRN7l6AyX8kQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFD5AASWlUVokI8v+ESC2ArPwiv0iMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvUGtBQkphVlJXaVFqeV80UklMWUNzX0NLX1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAPikCAwQA
PikKAwQBPikUMAwDBAA+KTsDBAA+KTwDBQM+KU34MA4DBQc+KaCAAwUDPimgkAMF
Bj4poMADBAFcRwowDAMEAFxHDwMEAFxHEDAMAwQAXEcTAwQAXEcUAwQAXEcWMA0G
CSqGSIb3DQEBCwUAA4IBAQBCp47prpTJd2FyMV3HtsJmS0dZiqY+8co1Vbl7htur
rHYolMH09MBVaIwLdHbK+TE2lq7YPnmuJWPR91HCfob935NJcRKlIYZywv7XpkgY
pRSDCVBZxyQbl4/mLtIGmT9PFZs1yzy+GrtMwEfa1c0kdomTrJHpbPCRBhr3ep3t
z3/Mm493KXcOmII20d37eIJ9QYqMeQfhw59jE13kkGz5WZYpXW5C1SzPrvaT23T6
OHHugvX52oAjOQk5RZAf2z++Ussmng0m3iAPJJGyeQuZigRqyyhNFRCa5CndNPBZ
fOWZo0quV9d5bc3cv8iGYZl0ZuD1I4rH6NyWg2sSP1Zr
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:54 2025 by rpki-client