Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/NEfw7uDro6RqhjU8Fywg8cuqvzk.roa
File: NEfw7uDro6RqhjU8Fywg8cuqvzk.roa (raw, json)
Hash identifier: vdW+pYdyNoqoBJe2vsedZizZQj8kJ9GbuQcTyC/bcow=
Subject key identifier: 34:47:F0:EE:E0:EB:A3:A4:6A:86:35:3C:17:2C:20:F1:CB:AA:BF:39
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01941FFA591180EFC7416B45E3196D4FC52B
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/NEfw7uDro6RqhjU8Fywg8cuqvzk.roa
Signing time: Wed 01 Jan 2025 03:48:08 +0000
ROA not before: Wed 01 Jan 2025 03:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204544
IP address blocks: 62.220.126.0/23 maxlen: 24
81.12.24.0/22 maxlen: 24
81.12.30.0/23 maxlen: 24
87.107.144.0/24 maxlen: 24
87.107.152.0/23 maxlen: 24
87.107.166.0/23 maxlen: 24
87.107.174.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:59:11:80:ef:c7:41:6b:45:e3:19:6d:4f:c5:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 1 03:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3447f0eee0eba3a46a86353c172c20f1cbaabf39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:83:ae:c1:e5:22:28:75:d8:66:83:5b:1a:63:
cd:c5:46:19:b5:17:4b:f7:e3:0a:bd:65:b1:00:29:
a3:00:b1:d3:2b:a5:74:fc:a6:b8:70:7d:25:ca:2b:
1b:b3:8e:21:99:24:c0:6d:0a:1b:c8:9f:15:d1:5f:
a9:ce:54:5a:c8:cb:03:e3:11:4c:6b:60:98:52:8b:
4d:f3:56:be:b5:e6:1a:5f:ea:66:44:16:57:31:ac:
6b:04:4c:1a:4d:75:a8:b5:e0:cb:25:50:ab:8f:cd:
4a:4a:ec:02:7a:13:39:ef:1b:a2:37:0b:ca:3a:83:
bf:3d:41:6b:57:8b:b3:9c:1a:54:56:db:1d:8e:b9:
67:56:c7:05:70:61:ee:87:e8:18:1e:52:2a:b9:1f:
ca:43:06:9e:b6:df:a1:87:f7:16:c7:c2:0f:f7:dc:
a5:3b:d8:56:7f:64:e3:5e:86:d2:89:8d:15:a4:89:
ea:35:b2:68:b5:2e:f8:46:78:4e:0f:f1:6f:5b:7c:
ce:c3:51:fc:90:a5:b3:38:b7:74:08:17:0c:44:a1:
f3:25:a9:27:31:43:78:e5:65:b2:42:86:39:e0:9b:
28:ff:2d:c5:5d:7f:b0:3b:a4:5d:e9:12:fe:ef:43:
67:4c:7a:73:03:b6:bb:13:f2:d9:45:6d:84:58:35:
84:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:47:F0:EE:E0:EB:A3:A4:6A:86:35:3C:17:2C:20:F1:CB:AA:BF:39
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/NEfw7uDro6RqhjU8Fywg8cuqvzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.126.0/23
81.12.24.0/22
81.12.30.0/23
87.107.144.0/24
87.107.152.0/23
87.107.166.0/23
87.107.174.0/23
Signature Algorithm: sha256WithRSAEncryption
71:86:f2:60:28:b4:d4:aa:25:bb:a2:7c:0c:2e:27:0e:40:11:
b1:00:e2:50:7a:21:bc:a3:44:0a:d6:fb:d9:e1:0d:9b:66:e4:
05:64:e1:47:35:2f:6a:ba:40:be:ee:43:79:65:fa:0d:81:63:
fb:11:ac:67:d4:36:91:85:35:ed:5b:12:ea:dd:bc:82:74:da:
ea:b5:1b:de:fe:41:1c:34:39:f7:db:d1:36:4c:19:5f:25:00:
1d:1b:2a:93:8e:47:9b:f0:61:b7:82:b6:e3:6c:cd:c4:1a:e4:
2a:49:d9:db:82:ad:e5:a1:49:98:b9:e1:dc:0d:6f:f1:00:7e:
09:74:85:ea:ea:19:5a:81:a3:95:90:a7:eb:bb:48:4b:5b:13:
61:84:fd:d2:9d:ed:1e:10:67:c3:29:0a:e5:0f:4a:ff:7c:ef:
5a:0b:6a:f5:c1:a1:9a:bb:d0:03:7e:e9:bb:c9:da:ec:d1:36:
94:11:3b:66:87:87:60:8f:20:82:bc:fc:0a:fb:bf:b5:6a:eb:
3f:79:50:72:bc:ea:2d:9f:f6:4b:7b:2f:58:98:c3:64:56:81:
b4:f7:b5:48:f3:ba:b3:f7:a3:66:dd:7a:c3:71:a9:10:de:eb:
5c:00:a8:9e:3a:ee:2f:62:d5:7d:fd:81:90:08:b8:18:2f:f4:
ad:0b:d9:81
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQf+lkRgO/HQWtF4xltT8UrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjUwMTAxMDM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDQ3ZjBlZWUwZWJhM2E0NmE4NjM1M2MxNzJjMjBmMWNiYWFiZjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoOuweUiKHXYZoNbGmPNxUYZtRdL
9+MKvWWxACmjALHTK6V0/Ka4cH0lyisbs44hmSTAbQobyJ8V0V+pzlRayMsD4xFM
a2CYUotN81a+teYaX+pmRBZXMaxrBEwaTXWoteDLJVCrj81KSuwCehM57xuiNwvK
OoO/PUFrV4uznBpUVtsdjrlnVscFcGHuh+gYHlIquR/KQwaett+hh/cWx8IP99yl
O9hWf2TjXobSiY0VpInqNbJotS74RnhOD/FvW3zOw1H8kKWzOLd0CBcMRKHzJakn
MUN45WWyQoY54Jso/y3FXX+wO6Rd6RL+70NnTHpzA7a7E/LZRW2EWDWEWQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDRH8O7g66OkaoY1PBcsIPHLqr85MB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvTkVmdzd1RHJvNlJxaGpVOEZ5d2c4Y3VxdnprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBPtx+AwQC
UQwYAwQBUQweAwQAV2uQAwQBV2uYAwQBV2umAwQBV2uuMA0GCSqGSIb3DQEBCwUA
A4IBAQBxhvJgKLTUqiW7onwMLicOQBGxAOJQeiG8o0QK1vvZ4Q2bZuQFZOFHNS9q
ukC+7kN5ZfoNgWP7Eaxn1DaRhTXtWxLq3byCdNrqtRve/kEcNDn329E2TBlfJQAd
GyqTjkeb8GG3grbjbM3EGuQqSdnbgq3loUmYueHcDW/xAH4JdIXq6hlagaOVkKfr
u0hLWxNhhP3Sne0eEGfDKQrlD0r/fO9aC2r1waGau9ADfum7ydrs0TaUETtmh4dg
jyCCvPwK+7+1aus/eVByvOotn/ZLey9YmMNkVoG097VI87qz96Nm3XrDcakQ3utc
AKieOu4vYtV9/YGQCLgYL/StC9mB
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:34 2025 by rpki-client