Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/0df56c-68a9-4feb-bf53-d7f11d684737/1/r-wIV-g8CaKaP-CX4T5GVE_rfOk.roa
File: r-wIV-g8CaKaP-CX4T5GVE_rfOk.roa (raw, json)
Hash identifier: vg9X8VzgOwq4LzZdiJx8RLaF2z+9zMoIxiokVUA3NSc=
Subject key identifier: AF:EC:08:57:E8:3C:09:A2:9A:3F:E0:97:E1:3E:46:54:4F:EB:7C:E9
Certificate issuer: /CN=6fd60d9b943b08c447cf7e54989f52b0dec5f7e7
Certificate serial: 0194236A0765ABD25B2C74F2732B7014263C
Authority key identifier: 6F:D6:0D:9B:94:3B:08:C4:47:CF:7E:54:98:9F:52:B0:DE:C5:F7:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b9YNm5Q7CMRHz35UmJ9SsN7F9-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/0df56c-68a9-4feb-bf53-d7f11d684737/1/r-wIV-g8CaKaP-CX4T5GVE_rfOk.roa
Signing time: Wed 01 Jan 2025 19:48:58 +0000
ROA not before: Wed 01 Jan 2025 19:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13267
IP address blocks: 62.240.192.0/22 maxlen: 22
62.240.192.0/23 maxlen: 23
62.240.194.0/23 maxlen: 23
62.240.196.0/22 maxlen: 22
62.240.196.0/23 maxlen: 23
62.240.200.0/21 maxlen: 21
62.240.208.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/0df56c-68a9-4feb-bf53-d7f11d684737/1/b9YNm5Q7CMRHz35UmJ9SsN7F9-c.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/0df56c-68a9-4feb-bf53-d7f11d684737/1/b9YNm5Q7CMRHz35UmJ9SsN7F9-c.mft
rsync://rpki.ripe.net/repository/DEFAULT/b9YNm5Q7CMRHz35UmJ9SsN7F9-c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:07:65:ab:d2:5b:2c:74:f2:73:2b:70:14:26:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fd60d9b943b08c447cf7e54989f52b0dec5f7e7
Validity
Not Before: Jan 1 19:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afec0857e83c09a29a3fe097e13e46544feb7ce9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0c:35:cb:c7:1b:78:26:50:3a:62:8d:6a:bd:
e7:9a:41:fe:d3:32:e3:11:4b:23:69:5e:0a:d0:0b:
1a:5e:fd:5b:23:cf:44:38:70:c3:e9:c4:84:b1:f2:
85:3e:b7:25:aa:b8:a7:e1:f9:18:ef:6b:a8:e7:36:
4f:5a:c9:ec:75:85:ff:bf:fe:a4:b7:a8:9a:07:3c:
1d:c3:a8:21:87:e0:76:4e:42:a3:d7:75:ba:22:c1:
46:0d:9c:79:de:36:2e:53:ed:20:ad:4f:bf:82:d9:
48:a4:83:4e:9a:75:43:30:27:c9:28:01:c0:ad:19:
2d:c3:ed:1d:bc:50:40:e9:e2:f3:99:29:e2:ea:9a:
ac:69:d8:82:d2:8e:63:70:9c:04:85:be:c3:42:e3:
40:ad:92:93:1e:22:3f:10:5d:8b:6d:ec:37:a7:c9:
ec:24:9e:c8:5f:1d:73:53:e0:6d:5e:ec:c3:f9:70:
d2:b2:c4:75:78:25:18:bf:31:1f:2b:73:b3:c8:58:
3d:f2:5c:f7:f5:57:59:fe:53:66:86:0b:b9:37:a2:
2c:6f:7f:ee:34:dc:00:ab:62:6b:59:8d:19:92:4b:
86:34:4a:65:c4:64:2c:b9:d0:7a:3f:a5:96:7f:59:
2f:47:23:a6:4a:60:d4:bb:f4:cb:4f:5d:42:c9:49:
d9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:EC:08:57:E8:3C:09:A2:9A:3F:E0:97:E1:3E:46:54:4F:EB:7C:E9
X509v3 Authority Key Identifier:
keyid:6F:D6:0D:9B:94:3B:08:C4:47:CF:7E:54:98:9F:52:B0:DE:C5:F7:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9YNm5Q7CMRHz35UmJ9SsN7F9-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/0df56c-68a9-4feb-bf53-d7f11d684737/1/r-wIV-g8CaKaP-CX4T5GVE_rfOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/0df56c-68a9-4feb-bf53-d7f11d684737/1/b9YNm5Q7CMRHz35UmJ9SsN7F9-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.240.192.0/19
Signature Algorithm: sha256WithRSAEncryption
07:47:c4:3e:ea:64:6d:a3:6a:6c:4f:2a:67:cd:c2:23:49:d1:
2c:4c:17:c4:4f:40:b7:1b:0d:54:38:c4:67:b3:f6:64:17:a8:
76:a3:f3:2c:0d:01:b4:03:36:6b:9b:25:da:ed:21:3d:6d:19:
d3:a5:28:9d:0f:c5:ec:d2:1a:0c:2d:51:c0:97:d6:72:98:ee:
56:2b:af:97:05:53:f1:69:eb:96:f8:38:21:d5:2e:8b:f9:34:
8d:98:68:f2:73:da:8c:ef:63:e9:5e:80:09:fa:7f:67:66:ba:
f3:c9:bb:61:f6:86:b7:fe:80:a4:1b:3c:6a:45:15:88:1e:f0:
c7:5e:b4:b8:41:a3:bf:6e:ce:3f:f7:77:d1:a2:16:0f:58:48:
b3:30:b7:c9:6d:a2:bd:dd:46:91:e6:6e:ab:28:ee:f6:a6:fb:
68:ed:bd:70:c6:8d:85:fb:cb:99:bc:04:69:af:9e:0f:47:9f:
51:92:7a:e3:76:06:c1:df:c8:d2:b0:20:96:c4:7f:81:e5:38:
2c:93:da:04:34:3f:ff:37:cc:1d:cf:13:85:42:ea:bb:ca:11:
c2:57:f7:45:68:90:87:f1:c7:ce:0d:48:94:64:a8:ce:df:bd:
61:4e:3d:48:12:89:8c:00:4e:ea:0d:cd:70:c7:b7:f4:42:c7:
2a:9c:e7:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjagdlq9JbLHTycytwFCY8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZDYwZDliOTQzYjA4YzQ0N2NmN2U1NDk4OWY1MmIwZGVj
NWY3ZTcwHhcNMjUwMTAxMTk0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmVjMDg1N2U4M2MwOWEyOWEzZmUwOTdlMTNlNDY1NDRmZWI3Y2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAw1y8cbeCZQOmKNar3nmkH+0zLj
EUsjaV4K0AsaXv1bI89EOHDD6cSEsfKFPrclqrin4fkY72uo5zZPWsnsdYX/v/6k
t6iaBzwdw6ghh+B2TkKj13W6IsFGDZx53jYuU+0grU+/gtlIpINOmnVDMCfJKAHA
rRktw+0dvFBA6eLzmSni6pqsadiC0o5jcJwEhb7DQuNArZKTHiI/EF2Lbew3p8ns
JJ7IXx1zU+BtXuzD+XDSssR1eCUYvzEfK3OzyFg98lz39VdZ/lNmhgu5N6Isb3/u
NNwAq2JrWY0ZkkuGNEplxGQsudB6P6WWf1kvRyOmSmDUu/TLT11CyUnZmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK/sCFfoPAmimj/gl+E+RlRP63zpMB8GA1UdIwQY
MBaAFG/WDZuUOwjER89+VJifUrDexffnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjlZTm01UTdDTVJIejM1VW1KOVNzTjdGOS1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8wZGY1NmMtNjhhOS00ZmViLWJmNTMt
ZDdmMTFkNjg0NzM3LzEvci13SVYtZzhDYUthUC1DWDRUNUdWRV9yZk9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8wZGY1NmMtNjhhOS00ZmViLWJmNTMtZDdmMTFkNjg0NzM3
LzEvYjlZTm01UTdDTVJIejM1VW1KOVNzTjdGOS1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFPvDAMA0G
CSqGSIb3DQEBCwUAA4IBAQAHR8Q+6mRto2psTypnzcIjSdEsTBfET0C3Gw1UOMRn
s/ZkF6h2o/MsDQG0AzZrmyXa7SE9bRnTpSidD8Xs0hoMLVHAl9ZymO5WK6+XBVPx
aeuW+Dgh1S6L+TSNmGjyc9qM72PpXoAJ+n9nZrrzybth9oa3/oCkGzxqRRWIHvDH
XrS4QaO/bs4/93fRohYPWEizMLfJbaK93UaR5m6rKO72pvto7b1wxo2F+8uZvARp
r54PR59RknrjdgbB38jSsCCWxH+B5Tgsk9oEND//N8wdzxOFQuq7yhHCV/dFaJCH
8cfODUiUZKjO371hTj1IEomMAE7qDc1wx7f0QscqnOc2
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:50:36 2025 by rpki-client