Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/1-e_2QwIcmA7Q_zf9ghc3o7TmRcs.roa
File: 1-e_2QwIcmA7Q_zf9ghc3o7TmRcs.roa (raw, json)
Hash identifier: bVYY71eU5m0lwevwkc7ycvwG53Ke2harvxIqoJDJ7jI=
Subject key identifier: F9:EF:F6:43:02:1C:98:0E:D0:FF:37:FD:82:17:37:A3:B4:E6:45:CB
Certificate issuer: /CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Certificate serial: 019423D6A9C0ABF038816AD7597A297EBEFF
Authority key identifier: F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/1-e_2QwIcmA7Q_zf9ghc3o7TmRcs.roa
Signing time: Wed 01 Jan 2025 21:47:38 +0000
ROA not before: Wed 01 Jan 2025 21:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61121
IP address blocks: 62.181.50.0/23 maxlen: 23
62.181.50.0/24 maxlen: 24
62.181.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:a9:c0:ab:f0:38:81:6a:d7:59:7a:29:7e:be:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Validity
Not Before: Jan 1 21:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9eff643021c980ed0ff37fd821737a3b4e645cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e8:eb:14:5d:97:96:25:fb:aa:68:15:c2:de:
35:13:8d:c9:a5:b4:3d:36:07:9e:91:d5:a9:99:22:
2d:27:dc:88:61:83:30:10:3a:09:33:46:34:85:a8:
ad:57:14:32:5b:13:8e:8e:59:71:5a:3c:2c:6f:56:
cd:3d:f1:bd:51:aa:92:0f:73:90:7a:04:82:09:3e:
69:02:77:0b:dc:6c:68:16:c1:c3:50:59:f9:96:cb:
bc:f6:41:c5:ec:9b:a5:3d:4c:cc:2f:38:78:c8:96:
a5:a5:1c:60:f2:33:03:a8:09:37:70:e0:c6:bd:88:
da:f0:87:c5:4f:0c:8c:bc:f7:03:c9:2d:b1:bd:40:
ef:18:93:a8:d9:8b:5c:79:66:5b:d9:4e:8b:17:9b:
df:d0:fc:8c:44:70:d5:67:af:f1:83:c8:c2:69:5b:
8b:ff:84:9a:d1:ba:0a:6d:02:04:ab:08:44:f3:e0:
d6:86:72:99:ea:d3:34:12:ca:6c:39:ac:52:3c:0f:
f0:3e:f3:58:c0:9b:98:9f:cd:94:3d:0b:6d:ff:b8:
83:30:6f:06:24:6b:d0:e0:65:24:75:01:45:91:f8:
86:30:61:a4:1d:2a:07:d4:0a:81:04:25:4b:08:d5:
7f:83:94:72:e7:92:d3:e7:64:a8:63:53:d0:33:d7:
17:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:EF:F6:43:02:1C:98:0E:D0:FF:37:FD:82:17:37:A3:B4:E6:45:CB
X509v3 Authority Key Identifier:
keyid:F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/1-e_2QwIcmA7Q_zf9ghc3o7TmRcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.181.50.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:91:01:ee:b5:0d:63:60:ff:ce:31:60:8d:32:4e:38:c4:5c:
81:3b:0d:40:69:8d:02:5f:3e:cf:9f:00:9f:9c:72:bf:06:d1:
61:65:77:02:79:7d:b7:75:30:89:0a:2f:1f:8a:99:01:2f:e9:
c8:e0:e4:68:02:37:e7:53:e2:37:05:fd:93:44:2f:96:cf:de:
cd:06:0a:58:28:25:13:66:ff:0e:f6:6f:a8:90:e2:4f:63:5c:
d3:ca:c2:9d:bb:50:2d:80:7d:25:7c:73:78:bc:34:68:99:4e:
78:71:5c:a0:8e:7c:20:6c:39:f6:62:64:de:27:38:de:a1:f8:
1a:b4:ca:52:54:a9:0a:9c:6c:59:59:dc:a8:e2:e9:dd:79:d6:
91:9d:07:12:77:c3:22:92:34:a2:c1:c7:d8:b8:55:c5:f6:72:
e5:f5:18:56:13:46:35:d1:5e:fa:a9:e6:db:fd:35:e8:d3:95:
b2:60:15:88:89:14:e1:a0:59:60:ae:2d:5e:a4:95:f5:75:b4:
8f:9b:27:d2:b3:ab:4c:96:be:09:67:ce:3a:32:be:a4:04:ed:
3f:2b:ae:53:24:d6:33:bf:69:07:a8:6c:f1:81:b9:01:68:c2:
9c:1d:c9:be:5f:cf:38:ae:9e:66:87:6d:5d:6a:f7:48:fb:df:
6f:e0:43:82
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQj1qnAq/A4gWrXWXopfr7/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjU2NDZiMzYwMzc5OTI0Y2I2ZDljM2Q5OTY2OWNlN2Yz
YjJjYTIwHhcNMjUwMTAxMjE0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWVmZjY0MzAyMWM5ODBlZDBmZjM3ZmQ4MjE3MzdhM2I0ZTY0NWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+jrFF2XliX7qmgVwt41E43JpbQ9
NgeekdWpmSItJ9yIYYMwEDoJM0Y0haitVxQyWxOOjllxWjwsb1bNPfG9UaqSD3OQ
egSCCT5pAncL3GxoFsHDUFn5lsu89kHF7JulPUzMLzh4yJalpRxg8jMDqAk3cODG
vYja8IfFTwyMvPcDyS2xvUDvGJOo2YtceWZb2U6LF5vf0PyMRHDVZ6/xg8jCaVuL
/4Sa0boKbQIEqwhE8+DWhnKZ6tM0EspsOaxSPA/wPvNYwJuYn82UPQtt/7iDMG8G
JGvQ4GUkdQFFkfiGMGGkHSoH1AqBBCVLCNV/g5Ry55LT52SoY1PQM9cX1wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPnv9kMCHJgO0P83/YIXN6O05kXLMB8GA1UdIwQY
MBaAFPO1ZGs2A3mSTLbZw9mWac5/OyyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTct
NTk3NTkxM2Y1MmM1LzEvMS1lXzJRd0ljbUE3UV96ZjlnaGMzbzdUbVJjcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWMvNTcyZWE2LTE0MzYtNGYyNi1hZjU3LTU5NzU5MTNmNTJj
NS8xLzg3VmthellEZVpKTXR0bkQyWlpwem44N0xLSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAT61MjAN
BgkqhkiG9w0BAQsFAAOCAQEAPJEB7rUNY2D/zjFgjTJOOMRcgTsNQGmNAl8+z58A
n5xyvwbRYWV3Anl9t3UwiQovH4qZAS/pyODkaAI351PiNwX9k0Qvls/ezQYKWCgl
E2b/DvZvqJDiT2Nc08rCnbtQLYB9JXxzeLw0aJlOeHFcoI58IGw59mJk3ic43qH4
GrTKUlSpCpxsWVncqOLp3XnWkZ0HEnfDIpI0osHH2LhVxfZy5fUYVhNGNdFe+qnm
2/016NOVsmAViIkU4aBZYK4tXqSV9XW0j5sn0rOrTJa+CWfOOjK+pATtPyuuUyTW
M79pB6hs8YG5AWjCnB3Jvl/POK6eZodtXWr3SPvfb+BDgg==
-----END CERTIFICATE-----
Generated at Sun Apr 13 15:09:54 2025 by rpki-client