Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/X6bDse8LmUftPmqQf4kw_btsOvE.roa
File: X6bDse8LmUftPmqQf4kw_btsOvE.roa (raw, json)
Hash identifier: j651kWeKBdPGwLMPF+EPghkkL3051eJwiT7QuhCps4o=
Subject key identifier: 5F:A6:C3:B1:EF:0B:99:47:ED:3E:6A:90:7F:89:30:FD:BB:6C:3A:F1
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 01942444EF60B1B1C31694E66159955E2C6F
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/X6bDse8LmUftPmqQf4kw_btsOvE.roa
Signing time: Wed 01 Jan 2025 23:48:04 +0000
ROA not before: Wed 01 Jan 2025 23:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 62.233.36.0/24 maxlen: 24
91.246.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:ef:60:b1:b1:c3:16:94:e6:61:59:95:5e:2c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Jan 1 23:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fa6c3b1ef0b9947ed3e6a907f8930fdbb6c3af1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:81:07:50:d2:a1:84:e2:85:06:41:57:05:f0:
74:5f:53:d8:77:78:c8:8b:d8:1b:6f:0b:9c:e7:15:
eb:09:2f:d6:1e:eb:cf:53:83:d1:2c:e2:71:e4:23:
91:fc:3a:82:72:2f:ef:e0:2f:b8:39:b7:ed:75:21:
50:c7:af:e3:6e:80:ea:a2:7c:33:fa:56:3c:e1:e4:
51:2b:fc:b3:4c:d4:41:e4:cd:d6:93:d9:5a:69:af:
61:59:02:81:22:86:a8:32:62:a8:96:60:25:88:f9:
38:2f:a6:31:4f:a6:af:39:ac:2d:6d:f5:0e:43:8b:
0d:87:3b:80:b0:19:b2:0c:bd:79:8d:22:43:10:94:
26:fa:8e:75:7a:80:3d:76:10:cd:3e:66:5e:9b:90:
8b:0f:87:25:18:e6:8d:4d:72:00:1e:9d:31:cb:c7:
79:3b:0a:9b:66:99:25:6b:3d:43:c0:1f:3c:80:66:
c3:28:ae:3a:23:d1:a3:f3:b3:e2:fb:ad:e5:42:07:
39:8c:70:de:2e:99:c1:6a:ab:e6:b8:a8:d7:ba:3b:
ea:c5:53:2d:67:94:57:a4:23:85:e1:37:ec:fc:3d:
59:c2:eb:25:cc:aa:af:b0:bc:64:c2:cb:3d:ec:42:
3b:25:7a:90:79:24:8a:40:f4:e9:d3:13:df:88:fb:
8a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A6:C3:B1:EF:0B:99:47:ED:3E:6A:90:7F:89:30:FD:BB:6C:3A:F1
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/X6bDse8LmUftPmqQf4kw_btsOvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.36.0/24
91.246.59.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:26:78:f4:35:5c:b3:58:71:a4:f5:2c:89:5a:d9:e6:cc:48:
2c:63:7d:8e:86:15:55:fd:9a:c0:d6:11:92:eb:9c:db:82:58:
00:f5:fa:c6:3f:80:10:28:6c:ad:e1:61:78:79:54:6d:50:7d:
35:1d:2b:fb:4c:14:1e:a1:ce:b5:ff:e0:33:be:01:ea:97:28:
16:ae:d8:bc:80:e6:cd:8e:3b:3c:fe:38:47:80:c7:7b:dd:1c:
17:18:79:5e:b3:01:bb:c1:36:e1:1c:83:25:15:5c:7d:8b:fc:
37:d5:9d:10:3d:06:33:ca:35:e3:b9:64:15:b3:d0:12:3e:f4:
d0:20:4b:1a:ad:31:5c:5a:5d:8c:5a:fd:47:87:94:ed:7a:52:
21:39:60:50:58:d4:00:ff:5e:ca:f1:34:d5:51:6c:85:f2:5b:
f0:40:58:c6:63:ca:6c:16:3e:b6:86:65:cc:5d:43:e5:04:31:
b1:2a:0a:35:4b:5b:8c:21:ec:d7:a4:81:ae:27:ac:e0:c4:5c:
7d:20:51:5b:34:b7:ab:f2:be:73:3e:f9:b9:62:35:6d:e4:17:
8f:be:1e:29:68:aa:d7:51:19:cf:77:e6:87:ad:a1:d7:a4:c9:
44:a2:be:dc:45:21:ab:99:01:73:c0:f9:8c:b6:a8:d4:aa:00:
79:4d:4d:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRO9gsbHDFpTmYVmVXixvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjUwMTAxMjM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmE2YzNiMWVmMGI5OTQ3ZWQzZTZhOTA3Zjg5MzBmZGJiNmMzYWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YEHUNKhhOKFBkFXBfB0X1PYd3jI
i9gbbwuc5xXrCS/WHuvPU4PRLOJx5COR/DqCci/v4C+4ObftdSFQx6/jboDqonwz
+lY84eRRK/yzTNRB5M3Wk9laaa9hWQKBIoaoMmKolmAliPk4L6YxT6avOawtbfUO
Q4sNhzuAsBmyDL15jSJDEJQm+o51eoA9dhDNPmZem5CLD4clGOaNTXIAHp0xy8d5
OwqbZpklaz1DwB88gGbDKK46I9Gj87Pi+63lQgc5jHDeLpnBaqvmuKjXujvqxVMt
Z5RXpCOF4Tfs/D1ZwuslzKqvsLxkwss97EI7JXqQeSSKQPTp0xPfiPuKhQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF+mw7HvC5lH7T5qkH+JMP27bDrxMB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEvWDZiRHNlOExtVWZ0UG1xUWY0a3dfYnRzT3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPukkAwQA
W/Y7MA0GCSqGSIb3DQEBCwUAA4IBAQB/Jnj0NVyzWHGk9SyJWtnmzEgsY32OhhVV
/ZrA1hGS65zbglgA9frGP4AQKGyt4WF4eVRtUH01HSv7TBQeoc61/+AzvgHqlygW
rti8gObNjjs8/jhHgMd73RwXGHleswG7wTbhHIMlFVx9i/w31Z0QPQYzyjXjuWQV
s9ASPvTQIEsarTFcWl2MWv1Hh5TtelIhOWBQWNQA/17K8TTVUWyF8lvwQFjGY8ps
Fj62hmXMXUPlBDGxKgo1S1uMIezXpIGuJ6zgxFx9IFFbNLer8r5zPvm5YjVt5BeP
vh4paKrXURnPd+aHraHXpMlEor7cRSGrmQFzwPmMtqjUqgB5TU0s
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:04 2025 by rpki-client