Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/4kfMtLYb8t9NTo-YJ69UVZNvndE.roa
File: 4kfMtLYb8t9NTo-YJ69UVZNvndE.roa (raw, json)
Hash identifier: mU2QRRVA7Ec6TMwp/iR1nKH5zbtHggkJvnoHoV9eFuY=
Subject key identifier: E2:47:CC:B4:B6:1B:F2:DF:4D:4E:8F:98:27:AF:54:55:93:6F:9D:D1
Certificate issuer: /CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Certificate serial: 019423D6A925BC0C283789A83F40FE025175
Authority key identifier: F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/4kfMtLYb8t9NTo-YJ69UVZNvndE.roa
Signing time: Wed 01 Jan 2025 21:47:38 +0000
ROA not before: Wed 01 Jan 2025 21:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28968
IP address blocks: 62.181.34.0/23 maxlen: 23
62.181.36.0/22 maxlen: 22
62.181.38.0/24 maxlen: 24
62.181.46.0/23 maxlen: 23
62.181.48.0/23 maxlen: 23
62.181.56.0/21 maxlen: 24
62.181.56.0/22 maxlen: 24
77.232.32.0/23 maxlen: 23
77.232.35.0/24 maxlen: 24
77.232.48.0/23 maxlen: 23
212.59.96.0/21 maxlen: 21
212.59.109.0/24 maxlen: 24
2a00:f460::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:a9:25:bc:0c:28:37:89:a8:3f:40:fe:02:51:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Validity
Not Before: Jan 1 21:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e247ccb4b61bf2df4d4e8f9827af5455936f9dd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:74:c3:de:b4:76:cc:c2:22:c5:0b:29:a5:3f:
fe:87:5a:2d:b8:ca:b0:0d:39:31:9a:49:ae:6a:d3:
5f:b0:5b:88:dd:fc:da:6d:14:47:08:8d:ab:8e:9d:
c7:5b:40:ad:11:e3:28:63:b6:8c:1a:3e:ad:f9:7e:
49:64:40:1c:e2:9b:d8:63:93:24:11:94:c3:03:4c:
ae:aa:14:d9:90:d5:ac:d7:eb:ee:23:50:f8:de:23:
7b:02:56:42:89:47:e6:ba:fa:21:58:42:46:37:d9:
2c:bc:1c:82:be:61:5b:c5:bc:3f:65:6e:dd:49:6a:
70:ee:b1:9b:05:49:98:3f:ae:6d:79:2d:30:85:2c:
e4:26:fb:18:6a:d1:05:47:41:75:0f:fa:47:21:54:
3d:58:82:73:5e:7f:97:98:b7:61:52:06:fe:f3:24:
2b:62:58:3f:b4:e9:07:16:04:82:91:87:46:53:1b:
92:e5:10:a0:52:a3:7c:4a:02:d2:97:99:88:f8:75:
dd:c2:40:75:47:e7:f3:7c:c3:f2:6f:15:5c:bd:aa:
df:ee:b7:de:6b:0e:48:f2:5b:64:49:64:30:08:ce:
f1:78:35:f8:4e:22:84:63:f8:94:18:61:cf:d0:22:
f8:17:b0:d4:5c:30:89:c2:8d:17:26:35:97:f8:94:
a4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:47:CC:B4:B6:1B:F2:DF:4D:4E:8F:98:27:AF:54:55:93:6F:9D:D1
X509v3 Authority Key Identifier:
keyid:F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/4kfMtLYb8t9NTo-YJ69UVZNvndE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.181.34.0-62.181.39.255
62.181.46.0-62.181.49.255
62.181.56.0/21
77.232.32.0/23
77.232.35.0/24
77.232.48.0/23
212.59.96.0/21
212.59.109.0/24
IPv6:
2a00:f460::/32
Signature Algorithm: sha256WithRSAEncryption
5b:30:91:4a:11:28:4a:7a:0b:92:52:0b:e9:ec:11:79:f8:2c:
9b:1b:d1:ac:92:38:d6:5a:db:fb:7d:6a:54:ca:2a:b8:e0:04:
7d:b4:10:5c:11:a0:a4:5d:bb:7f:c1:c1:0e:fd:92:ff:b2:dd:
aa:e2:ea:4c:f9:22:34:59:7c:35:7a:ad:34:2a:67:99:06:6e:
a2:23:73:4a:16:6e:94:88:f0:f9:9c:7c:d4:78:ae:1b:c8:d6:
4e:07:ba:c1:65:f6:f4:ae:57:6d:dd:e0:4e:7b:f0:92:ee:57:
81:30:7e:4a:95:9f:6b:14:21:f0:a5:f9:1c:49:3e:60:cb:1a:
89:0a:9c:ce:96:c2:dd:ad:42:dc:9f:0b:69:7b:a9:a2:d8:53:
40:c3:c5:4a:58:0b:7e:71:5d:94:34:79:d4:47:79:76:5c:63:
13:b8:83:f1:22:3e:ad:3b:64:ac:13:14:85:42:3c:51:9c:cc:
43:7f:f7:c1:ba:b8:5c:33:98:64:e7:7b:f0:4e:77:02:73:66:
58:ad:ce:0f:9c:9c:de:8d:b6:2d:28:f0:2b:eb:fc:b3:be:38:
dd:a9:aa:58:23:6b:b6:ba:a9:fa:e2:7e:6b:d1:fa:0b:0e:99:
0a:3a:60:7d:fe:97:b5:7c:64:37:f5:85:35:73:34:13:97:62:
de:e8:4d:24
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZQj1qklvAwoN4moP0D+AlF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjU2NDZiMzYwMzc5OTI0Y2I2ZDljM2Q5OTY2OWNlN2Yz
YjJjYTIwHhcNMjUwMTAxMjE0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjQ3Y2NiNGI2MWJmMmRmNGQ0ZThmOTgyN2FmNTQ1NTkzNmY5ZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13TD3rR2zMIixQsppT/+h1otuMqw
DTkxmkmuatNfsFuI3fzabRRHCI2rjp3HW0CtEeMoY7aMGj6t+X5JZEAc4pvYY5Mk
EZTDA0yuqhTZkNWs1+vuI1D43iN7AlZCiUfmuvohWEJGN9ksvByCvmFbxbw/ZW7d
SWpw7rGbBUmYP65teS0whSzkJvsYatEFR0F1D/pHIVQ9WIJzXn+XmLdhUgb+8yQr
Ylg/tOkHFgSCkYdGUxuS5RCgUqN8SgLSl5mI+HXdwkB1R+fzfMPybxVcvarf7rfe
aw5I8ltkSWQwCM7xeDX4TiKEY/iUGGHP0CL4F7DUXDCJwo0XJjWX+JSkUQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFOJHzLS2G/LfTU6PmCevVFWTb53RMB8GA1UdIwQY
MBaAFPO1ZGs2A3mSTLbZw9mWac5/OyyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTct
NTk3NTkxM2Y1MmM1LzEvNGtmTXRMWWI4dDlOVG8tWUo2OVVWWk52bmRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTctNTk3NTkxM2Y1MmM1
LzEvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAMAwDBAE+tSID
BAM+tSAwDAMEAT61LgMEAT61MAMEAz61OAMEAU3oIAMEAE3oIwMEAU3oMAMEA9Q7
YAMEANQ7bTANBAIAAjAHAwUAKgD0YDANBgkqhkiG9w0BAQsFAAOCAQEAWzCRShEo
SnoLklIL6ewRefgsmxvRrJI41lrb+31qVMoquOAEfbQQXBGgpF27f8HBDv2S/7Ld
quLqTPkiNFl8NXqtNCpnmQZuoiNzShZulIjw+Zx81HiuG8jWTge6wWX29K5Xbd3g
Tnvwku5XgTB+SpWfaxQh8KX5HEk+YMsaiQqczpbC3a1C3J8LaXupothTQMPFSlgL
fnFdlDR51Ed5dlxjE7iD8SI+rTtkrBMUhUI8UZzMQ3/3wbq4XDOYZOd78E53AnNm
WK3OD5yc3o22LSjwK+v8s7443amqWCNrtrqp+uJ+a9H6Cw6ZCjpgff6XtXxkN/WF
NXM0E5di3uhNJA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:44:29 2025 by rpki-client