Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/jSlm79fFu0VgJBsIaC81oVf4nGI.roa
File: jSlm79fFu0VgJBsIaC81oVf4nGI.roa (raw, json)
Hash identifier: 8IYkRLo3mCrHlEs7aBNerIrNbkB27E7Mc7prSDZuZVc=
Subject key identifier: 8D:29:66:EF:D7:C5:BB:45:60:24:1B:08:68:2F:35:A1:57:F8:9C:62
Certificate issuer: /CN=40bfdedfaa9399ad3d5531fa471a12b3bfe37e12
Certificate serial: 019421B1EC0C311B2FC34F03FC3053B941B1
Authority key identifier: 40:BF:DE:DF:AA:93:99:AD:3D:55:31:FA:47:1A:12:B3:BF:E3:7E:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QL_e36qTma09VTH6RxoSs7_jfhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/jSlm79fFu0VgJBsIaC81oVf4nGI.roa
Signing time: Wed 01 Jan 2025 11:48:15 +0000
ROA not before: Wed 01 Jan 2025 11:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206175
IP address blocks: 62.148.96.0/24 maxlen: 24
62.148.97.0/24 maxlen: 24
62.148.98.0/24 maxlen: 24
62.148.99.0/24 maxlen: 24
62.148.100.0/24 maxlen: 24
62.148.101.0/24 maxlen: 24
62.148.102.0/24 maxlen: 24
62.148.103.0/24 maxlen: 24
62.148.104.0/24 maxlen: 24
62.148.105.0/24 maxlen: 24
62.148.106.0/24 maxlen: 24
62.148.107.0/24 maxlen: 24
62.148.108.0/24 maxlen: 24
62.148.109.0/24 maxlen: 24
62.148.110.0/24 maxlen: 24
62.148.111.0/24 maxlen: 24
62.148.112.0/24 maxlen: 24
62.148.113.0/24 maxlen: 24
62.148.114.0/24 maxlen: 24
62.148.115.0/24 maxlen: 24
62.148.116.0/24 maxlen: 24
62.148.117.0/24 maxlen: 24
62.148.118.0/24 maxlen: 24
62.148.119.0/24 maxlen: 24
62.148.120.0/24 maxlen: 24
62.148.121.0/24 maxlen: 24
62.148.122.0/24 maxlen: 24
62.148.123.0/24 maxlen: 24
62.148.124.0/24 maxlen: 24
62.148.125.0/24 maxlen: 24
62.148.126.0/24 maxlen: 24
62.148.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QL_e36qTma09VTH6RxoSs7_jfhI.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QL_e36qTma09VTH6RxoSs7_jfhI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QL_e36qTma09VTH6RxoSs7_jfhI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:ec:0c:31:1b:2f:c3:4f:03:fc:30:53:b9:41:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40bfdedfaa9399ad3d5531fa471a12b3bfe37e12
Validity
Not Before: Jan 1 11:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d2966efd7c5bb4560241b08682f35a157f89c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:d0:ec:ca:52:be:17:c6:31:3c:48:55:5a:b9:
5b:6c:4e:22:84:fa:b8:c4:bb:dd:80:dd:03:8b:c7:
0c:47:cc:8f:ea:41:67:10:b6:eb:fe:d8:b2:fd:59:
f2:75:e9:25:d5:3f:e0:94:8b:e5:b5:ee:c0:ff:e5:
2b:4c:f9:53:42:8e:fc:1e:41:a3:b6:23:ce:8a:50:
e8:a2:5d:2a:1a:69:05:17:3d:f5:99:77:bc:c3:2f:
8d:c6:ef:46:d6:59:d5:26:fa:ff:62:f2:3e:6b:db:
42:aa:94:3c:87:86:23:ff:4c:20:78:2c:96:f1:92:
14:0c:07:1f:6e:14:0b:7a:04:bb:61:86:f8:5a:6d:
85:61:1e:88:01:9c:f6:ef:1f:01:f5:07:88:ad:d2:
ab:2a:52:14:11:07:0c:d5:80:99:ca:a1:cf:95:2a:
29:22:f3:09:bb:15:aa:1f:30:c0:f2:fc:16:c9:c2:
25:8c:67:6a:6f:e2:82:25:87:56:01:83:ba:e2:be:
16:70:b3:19:01:13:60:97:c1:dd:06:76:89:73:4a:
72:e7:90:c7:91:80:52:54:4d:9a:4a:bd:bf:b2:c7:
74:4a:57:b5:ba:e1:b1:0c:b8:d0:d5:d0:5f:80:84:
e0:db:b7:56:6c:4c:5d:d5:f5:a0:22:cf:cc:2c:7a:
09:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:29:66:EF:D7:C5:BB:45:60:24:1B:08:68:2F:35:A1:57:F8:9C:62
X509v3 Authority Key Identifier:
keyid:40:BF:DE:DF:AA:93:99:AD:3D:55:31:FA:47:1A:12:B3:BF:E3:7E:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QL_e36qTma09VTH6RxoSs7_jfhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/jSlm79fFu0VgJBsIaC81oVf4nGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/db55ec-3577-421f-8916-8e9851b7f811/1/QL_e36qTma09VTH6RxoSs7_jfhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.148.96.0/19
Signature Algorithm: sha256WithRSAEncryption
09:ca:36:b4:40:7e:75:ab:b3:13:2d:d4:65:98:b6:a9:d2:00:
f2:82:b3:be:b0:e5:e2:b3:e3:7f:5d:4b:62:ab:73:c7:c3:79:
e3:b2:8b:be:c8:65:89:94:14:08:a8:29:d5:7f:e4:b5:bc:c6:
33:01:4f:6e:04:a6:b6:e7:4e:e4:9c:72:4e:45:29:9a:43:e7:
6d:27:74:8f:a9:2b:3f:59:96:56:8c:f5:cc:6a:4d:8c:8f:f7:
9a:22:1f:1f:dc:73:3f:a2:87:da:de:1e:0d:13:b6:e8:5d:0c:
42:ec:dc:f2:3a:c1:27:b9:ca:48:18:87:3b:af:76:5d:ff:2d:
16:4a:c1:57:1c:86:ba:2d:d7:47:7c:b5:cf:3b:e6:2d:63:35:
15:25:36:cb:35:6d:b9:2a:06:8b:c9:ce:5b:c9:fd:0c:85:cd:
d4:68:5a:94:c1:fe:b2:6c:2a:62:cc:47:3d:4d:af:e2:1b:69:
f1:b3:a7:9f:02:02:33:74:1f:af:9c:0f:0d:63:a2:cb:aa:be:
9a:c0:bf:7f:a8:d6:90:e0:f5:fe:37:42:de:8f:cd:c7:09:34:
71:59:0e:e5:c2:d6:e0:8b:71:0e:0d:6c:8a:ec:c8:ac:d5:8b:
26:f9:d1:77:6c:3d:f8:fd:e1:62:44:e0:55:1e:4e:25:c9:8d:
47:64:11:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsewMMRsvw08D/DBTuUGxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYmZkZWRmYWE5Mzk5YWQzZDU1MzFmYTQ3MWExMmIzYmZl
MzdlMTIwHhcNMjUwMTAxMTE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDI5NjZlZmQ3YzViYjQ1NjAyNDFiMDg2ODJmMzVhMTU3Zjg5YzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9NDsylK+F8YxPEhVWrlbbE4ihPq4
xLvdgN0Di8cMR8yP6kFnELbr/tiy/Vnydekl1T/glIvlte7A/+UrTPlTQo78HkGj
tiPOilDool0qGmkFFz31mXe8wy+Nxu9G1lnVJvr/YvI+a9tCqpQ8h4Yj/0wgeCyW
8ZIUDAcfbhQLegS7YYb4Wm2FYR6IAZz27x8B9QeIrdKrKlIUEQcM1YCZyqHPlSop
IvMJuxWqHzDA8vwWycIljGdqb+KCJYdWAYO64r4WcLMZARNgl8HdBnaJc0py55DH
kYBSVE2aSr2/ssd0Sle1uuGxDLjQ1dBfgITg27dWbExd1fWgIs/MLHoJFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI0pZu/XxbtFYCQbCGgvNaFX+JxiMB8GA1UdIwQY
MBaAFEC/3t+qk5mtPVUx+kcaErO/434SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxfZTM2cVRtYTA5VlRINlJ4b1NzN19qZmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9kYjU1ZWMtMzU3Ny00MjFmLTg5MTYt
OGU5ODUxYjdmODExLzEvalNsbTc5ZkZ1MFZnSkJzSWFDODFvVmY0bkdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9kYjU1ZWMtMzU3Ny00MjFmLTg5MTYtOGU5ODUxYjdmODEx
LzEvUUxfZTM2cVRtYTA5VlRINlJ4b1NzN19qZmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFPpRgMA0G
CSqGSIb3DQEBCwUAA4IBAQAJyja0QH51q7MTLdRlmLap0gDygrO+sOXis+N/XUti
q3PHw3njsou+yGWJlBQIqCnVf+S1vMYzAU9uBKa2507knHJORSmaQ+dtJ3SPqSs/
WZZWjPXMak2Mj/eaIh8f3HM/oofa3h4NE7boXQxC7NzyOsEnucpIGIc7r3Zd/y0W
SsFXHIa6LddHfLXPO+YtYzUVJTbLNW25KgaLyc5byf0Mhc3UaFqUwf6ybCpizEc9
Ta/iG2nxs6efAgIzdB+vnA8NY6LLqr6awL9/qNaQ4PX+N0Lej83HCTRxWQ7lwtbg
i3EODWyK7Mis1Ysm+dF3bD34/eFiROBVHk4lyY1HZBGE
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:56:11 2025 by rpki-client