Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/05e814-cac4-41a8-875e-410c671e7577/1/2CYNXB5qZHN7in7RGaGVmXvb7Xs.roa
File: 2CYNXB5qZHN7in7RGaGVmXvb7Xs.roa (raw, json)
Hash identifier: n74UAylTv760Shvrd+PI6ipCj4rV+2WaR3QnP3+8e6Y=
Subject key identifier: D8:26:0D:5C:1E:6A:64:73:7B:8A:7E:D1:19:A1:95:99:7B:DB:ED:7B
Certificate issuer: /CN=7d92b67475270755136a8a3ca802ca12c8ac7e77
Certificate serial: 019421B1ED1EDA5A1FAB130DED829E5546C6
Authority key identifier: 7D:92:B6:74:75:27:07:55:13:6A:8A:3C:A8:02:CA:12:C8:AC:7E:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fZK2dHUnB1UTaoo8qALKEsisfnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/05e814-cac4-41a8-875e-410c671e7577/1/2CYNXB5qZHN7in7RGaGVmXvb7Xs.roa
Signing time: Wed 01 Jan 2025 11:48:16 +0000
ROA not before: Wed 01 Jan 2025 11:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39719
IP address blocks: 62.177.16.0/21 maxlen: 24
62.177.24.0/21 maxlen: 21
62.177.24.0/24 maxlen: 24
62.177.25.0/24 maxlen: 24
62.177.26.0/24 maxlen: 24
62.177.27.0/24 maxlen: 24
62.177.28.0/24 maxlen: 24
62.177.29.0/24 maxlen: 24
62.177.30.0/24 maxlen: 24
62.177.31.0/24 maxlen: 24
81.23.80.0/20 maxlen: 22
81.23.84.0/22 maxlen: 22
81.23.84.0/23 maxlen: 23
81.23.84.0/24 maxlen: 24
81.23.88.0/22 maxlen: 22
81.23.92.0/22 maxlen: 22
2a12:1d40::/29 maxlen: 29
2a12:1d40:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/05e814-cac4-41a8-875e-410c671e7577/1/fZK2dHUnB1UTaoo8qALKEsisfnc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/05e814-cac4-41a8-875e-410c671e7577/1/fZK2dHUnB1UTaoo8qALKEsisfnc.mft
rsync://rpki.ripe.net/repository/DEFAULT/fZK2dHUnB1UTaoo8qALKEsisfnc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:ed:1e:da:5a:1f:ab:13:0d:ed:82:9e:55:46:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d92b67475270755136a8a3ca802ca12c8ac7e77
Validity
Not Before: Jan 1 11:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8260d5c1e6a64737b8a7ed119a195997bdbed7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6c:2a:15:d6:13:0c:54:47:45:4b:13:75:3b:
27:06:3d:e9:fb:a1:dc:20:bc:b9:82:2d:27:aa:54:
28:17:e9:49:9c:08:83:8d:c1:fd:2e:da:d2:bc:3f:
aa:d7:91:3e:22:6b:53:c9:af:64:1d:e4:66:59:8c:
a6:9f:ac:3d:80:ae:9e:90:0b:0b:43:ce:f7:fd:8c:
5a:2e:08:4f:3b:8d:b6:08:fa:77:c2:9d:6f:0a:7e:
3d:5f:53:56:13:7c:c0:e5:9a:92:05:88:26:45:d4:
de:c1:e0:a0:d9:25:f0:ce:ff:cf:d0:7d:2d:46:85:
ef:3b:76:1a:c6:96:3e:36:ba:63:c3:f5:34:0d:7b:
29:7a:d4:d6:75:7a:3b:6b:ff:db:fa:d0:ca:6b:eb:
5e:c6:19:dd:93:e1:c9:92:ee:3d:0a:e5:60:8e:fa:
61:10:93:28:0b:55:eb:f0:4c:42:1e:15:65:44:8d:
7b:95:ee:c1:8d:92:54:0e:46:43:90:b4:5e:45:66:
64:d6:3d:49:3d:72:af:1f:95:95:1a:91:db:47:76:
57:48:b3:23:29:2e:a2:91:86:5c:bc:c3:93:37:1c:
86:25:bc:39:58:d5:fa:b8:82:f0:b3:bc:98:13:29:
77:2b:77:73:b1:59:85:52:8b:43:d3:0f:bf:6f:68:
be:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:26:0D:5C:1E:6A:64:73:7B:8A:7E:D1:19:A1:95:99:7B:DB:ED:7B
X509v3 Authority Key Identifier:
keyid:7D:92:B6:74:75:27:07:55:13:6A:8A:3C:A8:02:CA:12:C8:AC:7E:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fZK2dHUnB1UTaoo8qALKEsisfnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/05e814-cac4-41a8-875e-410c671e7577/1/2CYNXB5qZHN7in7RGaGVmXvb7Xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/05e814-cac4-41a8-875e-410c671e7577/1/fZK2dHUnB1UTaoo8qALKEsisfnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.177.16.0/20
81.23.80.0/20
IPv6:
2a12:1d40::/29
Signature Algorithm: sha256WithRSAEncryption
a2:aa:3d:df:f8:46:52:67:5b:51:c0:20:ad:37:53:55:2c:e1:
3a:3b:a2:ab:88:67:5a:ef:fc:94:16:df:c0:e7:8a:97:5b:6d:
81:2d:a2:02:d2:e9:0e:54:70:b0:41:3e:b6:cc:32:35:04:a4:
61:80:35:0e:3c:e1:35:1d:fa:08:6e:14:c8:7c:1e:ac:33:e3:
82:d4:ed:96:be:57:bf:dd:86:a8:26:28:66:da:d6:44:04:75:
64:15:76:94:2e:ea:19:39:79:30:82:7b:ae:2d:93:02:37:8c:
4a:78:76:80:53:11:2f:89:90:4f:7d:38:d5:31:e5:c8:ce:b1:
ad:7f:08:1d:d1:73:fa:66:76:6f:fc:81:9f:39:7d:04:2f:78:
1a:00:ee:cd:c1:cc:a5:bf:03:28:c1:b0:aa:73:f3:c7:9c:5c:
d7:1a:9c:e2:25:d7:9d:73:50:37:33:dc:35:02:5f:43:89:34:
2a:ec:f6:d5:d0:8e:7f:ed:b4:a5:22:b0:9d:f8:cc:09:30:cf:
45:0b:9e:13:a9:db:35:b8:83:0c:c5:b3:48:e8:27:57:20:25:
19:e3:7b:78:0f:81:61:a5:e3:a1:6a:bd:45:a4:05:2b:1d:e5:
95:bd:00:ca:7b:3c:ba:34:cd:92:36:39:31:8b:6d:81:4c:68:
dd:7c:87:f7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhse0e2lofqxMN7YKeVUbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkOTJiNjc0NzUyNzA3NTUxMzZhOGEzY2E4MDJjYTEyYzhh
YzdlNzcwHhcNMjUwMTAxMTE0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODI2MGQ1YzFlNmE2NDczN2I4YTdlZDExOWExOTU5OTdiZGJlZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGwqFdYTDFRHRUsTdTsnBj3p+6Hc
ILy5gi0nqlQoF+lJnAiDjcH9LtrSvD+q15E+ImtTya9kHeRmWYymn6w9gK6ekAsL
Q873/YxaLghPO422CPp3wp1vCn49X1NWE3zA5ZqSBYgmRdTeweCg2SXwzv/P0H0t
RoXvO3YaxpY+Nrpjw/U0DXspetTWdXo7a//b+tDKa+texhndk+HJku49CuVgjvph
EJMoC1Xr8ExCHhVlRI17le7BjZJUDkZDkLReRWZk1j1JPXKvH5WVGpHbR3ZXSLMj
KS6ikYZcvMOTNxyGJbw5WNX6uILws7yYEyl3K3dzsVmFUotD0w+/b2i+GQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNgmDVweamRze4p+0RmhlZl72+17MB8GA1UdIwQY
MBaAFH2StnR1JwdVE2qKPKgCyhLIrH53MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlpLMmRIVW5CMVVUYW9vOHFBTEtFc2lzZm5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8wNWU4MTQtY2FjNC00MWE4LTg3NWUt
NDEwYzY3MWU3NTc3LzEvMkNZTlhCNXFaSE43aW43UkdhR1ZtWHZiN1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8wNWU4MTQtY2FjNC00MWE4LTg3NWUtNDEwYzY3MWU3NTc3
LzEvZlpLMmRIVW5CMVVUYW9vOHFBTEtFc2lzZm5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEPrEQAwQE
URdQMA0EAgACMAcDBQMqEh1AMA0GCSqGSIb3DQEBCwUAA4IBAQCiqj3f+EZSZ1tR
wCCtN1NVLOE6O6KriGda7/yUFt/A54qXW22BLaIC0ukOVHCwQT62zDI1BKRhgDUO
POE1HfoIbhTIfB6sM+OC1O2Wvle/3YaoJihm2tZEBHVkFXaULuoZOXkwgnuuLZMC
N4xKeHaAUxEviZBPfTjVMeXIzrGtfwgd0XP6ZnZv/IGfOX0EL3gaAO7NwcylvwMo
wbCqc/PHnFzXGpziJdedc1A3M9w1Al9DiTQq7PbV0I5/7bSlIrCd+MwJMM9FC54T
qds1uIMMxbNI6CdXICUZ43t4D4FhpeOhar1FpAUrHeWVvQDKezy6NM2SNjkxi22B
TGjdfIf3
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:34 2025 by rpki-client