Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/r1SbFbB8EZVgwwF50O6B6Bo1-2Y.roa
File: r1SbFbB8EZVgwwF50O6B6Bo1-2Y.roa (raw, json)
Hash identifier: 8jVIVb6+hzs3g8LbDo9uK4ZsOD57ErA+DvNo82vP0Mo=
Subject key identifier: AF:54:9B:15:B0:7C:11:95:60:C3:01:79:D0:EE:81:E8:1A:35:FB:66
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 019424B2A2853D4B92D20D9A1AF5B29961D9
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/r1SbFbB8EZVgwwF50O6B6Bo1-2Y.roa
Signing time: Thu 02 Jan 2025 01:47:54 +0000
ROA not before: Thu 02 Jan 2025 01:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211192
IP address blocks: 62.171.249.0/24 maxlen: 24
62.171.250.0/24 maxlen: 24
217.180.39.0/24 maxlen: 24
217.180.56.0/24 maxlen: 24
217.180.62.0/24 maxlen: 24
217.180.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:a2:85:3d:4b:92:d2:0d:9a:1a:f5:b2:99:61:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Jan 2 01:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af549b15b07c119560c30179d0ee81e81a35fb66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:11:c0:bd:05:38:da:ab:fb:d2:d8:7c:6a:8e:
37:3d:6d:44:01:bb:52:46:ba:b9:6d:f1:18:52:70:
45:61:1b:36:79:55:74:41:d3:e5:8b:79:06:3b:66:
44:9e:73:c0:5c:e2:e0:c4:2e:64:a2:5f:c1:a7:14:
8b:f6:15:a0:e5:13:9a:a0:cf:dc:8d:72:95:71:77:
9a:d7:a7:49:0e:49:13:1d:e7:8e:7e:d8:3a:06:f2:
b3:28:af:71:93:00:6a:f1:f4:31:62:1b:18:2c:0f:
e0:9f:0d:77:8b:a7:b9:b1:b4:df:a3:cc:93:1a:75:
b3:1d:04:0f:de:24:a0:fd:3e:17:b2:90:8b:cf:ba:
a0:19:d0:07:e5:bd:48:f5:c6:03:f8:d6:c7:a1:f0:
7e:68:ea:7c:ef:0a:45:c0:d0:30:7a:77:3c:21:b5:
a5:02:32:74:d3:54:8a:b5:8b:41:21:4f:a6:b4:43:
0b:c7:94:53:48:35:fd:b4:16:bf:5e:72:ca:ef:85:
c1:52:ad:df:5f:cf:77:d1:d2:c1:68:29:84:08:c2:
f8:23:35:a1:ec:91:40:43:40:25:dd:01:3b:16:c7:
ee:b2:1c:11:82:9c:e7:96:cf:69:68:7e:4a:3a:84:
c2:d3:83:48:61:36:49:f9:11:80:da:68:79:ec:65:
0f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:54:9B:15:B0:7C:11:95:60:C3:01:79:D0:EE:81:E8:1A:35:FB:66
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/r1SbFbB8EZVgwwF50O6B6Bo1-2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.249.0-62.171.250.255
217.180.39.0/24
217.180.56.0/24
217.180.62.0/23
Signature Algorithm: sha256WithRSAEncryption
45:c6:9e:da:0c:f9:1b:18:aa:01:70:67:70:6d:ae:3e:b6:c2:
38:40:71:d5:ba:df:be:5c:a9:ab:63:7d:ee:d4:aa:7f:8c:c3:
8d:a5:14:78:86:d0:ca:a1:5e:53:ff:a6:95:03:80:3b:00:fd:
c2:00:89:4c:c5:8e:b4:46:91:f7:20:05:f1:e2:59:e4:6b:e3:
34:ac:35:d2:5b:71:72:be:c0:f8:66:4c:b7:11:be:51:20:e9:
22:4a:c1:4c:82:df:8e:a5:e9:db:4a:59:55:86:6f:26:61:52:
4b:5f:d0:12:38:fb:94:e1:90:e3:dc:21:c0:c2:df:7e:31:21:
6c:a7:88:57:d4:74:a4:6c:c8:81:ca:ad:16:62:b7:3c:62:04:
51:49:98:41:88:42:06:68:78:0a:01:ad:82:8f:08:54:ad:e9:
b3:da:b8:8e:41:cd:2f:7f:e0:d6:c3:a7:af:d4:46:8d:4c:2f:
00:76:ac:0c:2a:03:7a:ce:da:a2:c9:00:18:80:3f:27:9b:ef:
55:b8:48:27:70:d6:fa:3c:98:c3:b4:42:7c:92:93:ec:3f:da:
da:b7:12:0c:d7:80:81:2c:0e:f7:bd:c8:13:8e:47:77:ff:a8:
e0:1c:29:9b:af:eb:25:ca:bc:72:0d:b6:0f:3f:87:af:8f:c2:
ef:ec:9a:98
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQksqKFPUuS0g2aGvWymWHZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMTAyMDE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjU0OWIxNWIwN2MxMTk1NjBjMzAxNzlkMGVlODFlODFhMzVmYjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hHAvQU42qv70th8ao43PW1EAbtS
Rrq5bfEYUnBFYRs2eVV0QdPli3kGO2ZEnnPAXOLgxC5kol/BpxSL9hWg5ROaoM/c
jXKVcXea16dJDkkTHeeOftg6BvKzKK9xkwBq8fQxYhsYLA/gnw13i6e5sbTfo8yT
GnWzHQQP3iSg/T4XspCLz7qgGdAH5b1I9cYD+NbHofB+aOp87wpFwNAwenc8IbWl
AjJ001SKtYtBIU+mtEMLx5RTSDX9tBa/XnLK74XBUq3fX8930dLBaCmECML4IzWh
7JFAQ0Al3QE7FsfushwRgpznls9paH5KOoTC04NIYTZJ+RGA2mh57GUPawIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFK9UmxWwfBGVYMMBedDugegaNftmMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvcjFTYkZiQjhFWlZnd3dGNTBPNkI2Qm8xLTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAA+q/kD
BAA+q/oDBADZtCcDBADZtDgDBAHZtD4wDQYJKoZIhvcNAQELBQADggEBAEXGntoM
+RsYqgFwZ3Btrj62wjhAcdW6375cqatjfe7Uqn+Mw42lFHiG0MqhXlP/ppUDgDsA
/cIAiUzFjrRGkfcgBfHiWeRr4zSsNdJbcXK+wPhmTLcRvlEg6SJKwUyC346l6dtK
WVWGbyZhUktf0BI4+5ThkOPcIcDC334xIWyniFfUdKRsyIHKrRZitzxiBFFJmEGI
QgZoeAoBrYKPCFSt6bPauI5BzS9/4NbDp6/URo1MLwB2rAwqA3rO2qLJABiAPyeb
71W4SCdw1vo8mMO0QnySk+w/2tq3EgzXgIEsDve9yBOOR3f/qOAcKZuv6yXKvHIN
tg8/h6+Pwu/smpg=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:46:42 2025 by rpki-client