Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/77d607-7d7c-4589-aff7-2fda97079c01/1/bMNPQ0JvZwzx-pZYER1G_knAfSg.roa
File: bMNPQ0JvZwzx-pZYER1G_knAfSg.roa (raw, json)
Hash identifier: W+fVC2UnLIyGTc4qX8q7TadCkeRxz6sUHiIjTmi3R8k=
Subject key identifier: 6C:C3:4F:43:42:6F:67:0C:F1:FA:96:58:11:1D:46:FE:49:C0:7D:28
Certificate issuer: /CN=c4d8c1985c50c7ead4cfd8d3a93d63e5611f6fb6
Certificate serial: 019422FC03A02C2EC9E492F2855B2774869B
Authority key identifier: C4:D8:C1:98:5C:50:C7:EA:D4:CF:D8:D3:A9:3D:63:E5:61:1F:6F:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xNjBmFxQx-rUz9jTqT1j5WEfb7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/77d607-7d7c-4589-aff7-2fda97079c01/1/bMNPQ0JvZwzx-pZYER1G_knAfSg.roa
Signing time: Wed 01 Jan 2025 17:48:48 +0000
ROA not before: Wed 01 Jan 2025 17:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203650
IP address blocks: 62.176.216.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/77d607-7d7c-4589-aff7-2fda97079c01/1/xNjBmFxQx-rUz9jTqT1j5WEfb7Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/77d607-7d7c-4589-aff7-2fda97079c01/1/xNjBmFxQx-rUz9jTqT1j5WEfb7Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/xNjBmFxQx-rUz9jTqT1j5WEfb7Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 17:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:03:a0:2c:2e:c9:e4:92:f2:85:5b:27:74:86:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4d8c1985c50c7ead4cfd8d3a93d63e5611f6fb6
Validity
Not Before: Jan 1 17:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6cc34f43426f670cf1fa9658111d46fe49c07d28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:7e:cd:e0:66:6e:95:54:7e:c2:00:c0:1f:0d:
e6:8b:0d:f0:40:4f:ed:a7:10:91:18:9e:cd:74:b8:
0e:a9:f1:23:0a:08:fa:42:b1:bb:fe:5a:b5:01:fd:
95:e7:9b:4b:ae:84:87:5a:6c:6e:36:09:95:82:21:
79:1e:1f:4d:cb:68:cd:b4:97:1c:bc:ba:54:af:7b:
3a:eb:19:1a:c2:f5:c9:8d:d6:e0:23:a4:c0:c9:73:
47:21:10:71:38:0a:70:09:1a:08:17:cd:81:1c:3a:
a7:4e:a5:53:1b:4b:cd:a7:a7:1f:3f:9a:77:9a:1f:
79:27:3e:27:b1:dc:4e:c5:43:79:95:24:f2:c5:e7:
6c:d3:a2:63:10:69:75:03:29:3d:76:d1:dc:7d:c6:
c0:7b:9e:4f:f5:b3:b6:61:d3:f6:9c:8e:e3:29:da:
88:d3:d4:fc:25:17:7f:5e:61:9e:24:d6:38:d0:64:
09:45:da:fc:4a:dd:48:ce:4a:1f:6b:eb:fe:c9:a8:
44:32:2f:35:35:76:6e:b9:b2:46:42:d5:ea:8d:92:
6e:15:48:b8:31:8b:2f:14:45:47:d1:02:a5:8f:3d:
33:e9:d1:ca:65:7a:e5:cd:b3:be:0c:81:25:8e:84:
0e:4b:22:3f:c1:87:4d:94:06:c1:b6:13:9f:8b:f5:
1c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C3:4F:43:42:6F:67:0C:F1:FA:96:58:11:1D:46:FE:49:C0:7D:28
X509v3 Authority Key Identifier:
keyid:C4:D8:C1:98:5C:50:C7:EA:D4:CF:D8:D3:A9:3D:63:E5:61:1F:6F:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xNjBmFxQx-rUz9jTqT1j5WEfb7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/77d607-7d7c-4589-aff7-2fda97079c01/1/bMNPQ0JvZwzx-pZYER1G_knAfSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/77d607-7d7c-4589-aff7-2fda97079c01/1/xNjBmFxQx-rUz9jTqT1j5WEfb7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.176.216.0/21
Signature Algorithm: sha256WithRSAEncryption
10:85:0e:20:09:5d:f5:4b:05:3d:c2:0a:c8:82:86:78:d5:d1:
94:50:4a:b3:e1:bd:a1:d4:1d:05:12:ea:39:fe:3e:6d:88:e8:
3e:f9:2b:f4:2d:de:fc:70:5f:9d:61:42:f5:7e:61:39:3a:ee:
db:90:59:c8:17:c8:4a:f7:a3:12:75:ef:2c:f9:b7:79:19:d2:
82:ea:42:70:a2:9b:cf:87:4b:65:9e:0d:3e:91:b0:5e:f7:ce:
af:71:0a:dc:3e:2e:dc:96:6b:cb:d3:3b:15:ac:1c:22:2b:dc:
02:68:66:86:1e:75:e1:1a:cf:3d:36:91:2d:44:0a:1d:be:34:
e5:ff:72:6e:75:54:7a:42:c0:cf:b4:47:4c:75:0f:e5:65:6c:
5c:44:d4:eb:4f:c7:d7:33:21:5a:3c:6a:4f:8d:84:0e:51:e7:
10:53:d1:5c:a7:26:f9:ea:f4:21:d4:24:4d:3a:13:34:77:90:
25:6a:03:df:9a:8c:b9:e0:fc:ce:d7:83:a0:5d:4b:68:8b:2b:
88:5e:3d:39:6f:e8:a4:8f:32:e1:43:f6:9b:59:47:81:72:94:
60:69:f0:b5:a4:2a:fb:48:22:95:2e:b4:0d:84:ca:5d:8f:56:
6a:90:f7:6f:35:15:40:33:65:e3:40:bc:17:3e:21:a4:52:bc:
b7:d3:a9:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/AOgLC7J5JLyhVsndIabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZDhjMTk4NWM1MGM3ZWFkNGNmZDhkM2E5M2Q2M2U1NjEx
ZjZmYjYwHhcNMjUwMTAxMTc0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2MzNGY0MzQyNmY2NzBjZjFmYTk2NTgxMTFkNDZmZTQ5YzA3ZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6X7N4GZulVR+wgDAHw3miw3wQE/t
pxCRGJ7NdLgOqfEjCgj6QrG7/lq1Af2V55tLroSHWmxuNgmVgiF5Hh9Ny2jNtJcc
vLpUr3s66xkawvXJjdbgI6TAyXNHIRBxOApwCRoIF82BHDqnTqVTG0vNp6cfP5p3
mh95Jz4nsdxOxUN5lSTyxeds06JjEGl1Ayk9dtHcfcbAe55P9bO2YdP2nI7jKdqI
09T8JRd/XmGeJNY40GQJRdr8St1Izkofa+v+yahEMi81NXZuubJGQtXqjZJuFUi4
MYsvFEVH0QKljz0z6dHKZXrlzbO+DIEljoQOSyI/wYdNlAbBthOfi/UcvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGzDT0NCb2cM8fqWWBEdRv5JwH0oMB8GA1UdIwQY
MBaAFMTYwZhcUMfq1M/Y06k9Y+VhH2+2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE5qQm1GeFF4LXJVejlqVHFUMWo1V0VmYjdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS83N2Q2MDctN2Q3Yy00NTg5LWFmZjct
MmZkYTk3MDc5YzAxLzEvYk1OUFEwSnZad3p4LXBaWUVSMUdfa25BZlNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS83N2Q2MDctN2Q3Yy00NTg5LWFmZjctMmZkYTk3MDc5YzAx
LzEveE5qQm1GeFF4LXJVejlqVHFUMWo1V0VmYjdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPrDYMA0G
CSqGSIb3DQEBCwUAA4IBAQAQhQ4gCV31SwU9wgrIgoZ41dGUUEqz4b2h1B0FEuo5
/j5tiOg++Sv0Ld78cF+dYUL1fmE5Ou7bkFnIF8hK96MSde8s+bd5GdKC6kJwopvP
h0tlng0+kbBe986vcQrcPi7clmvL0zsVrBwiK9wCaGaGHnXhGs89NpEtRAodvjTl
/3JudVR6QsDPtEdMdQ/lZWxcRNTrT8fXMyFaPGpPjYQOUecQU9Fcpyb56vQh1CRN
OhM0d5AlagPfmoy54PzO14OgXUtoiyuIXj05b+ikjzLhQ/abWUeBcpRgafC1pCr7
SCKVLrQNhMpdj1ZqkPdvNRVAM2XjQLwXPiGkUry306km
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:39:45 2025 by rpki-client