Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/fgXOYlOn8katcS6MMyCw4pAx-po.roa
File: fgXOYlOn8katcS6MMyCw4pAx-po.roa (raw, json)
Hash identifier: AB1i+66TTW5eKzQUMm/K95jLLcwZ4U/B834LTt2ayNo=
Subject key identifier: 7E:05:CE:62:53:A7:F2:46:AD:71:2E:8C:33:20:B0:E2:90:31:FA:9A
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01941FFA4D6D33DB32494969FBEF50B0775F
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/fgXOYlOn8katcS6MMyCw4pAx-po.roa
Signing time: Wed 01 Jan 2025 03:48:05 +0000
ROA not before: Wed 01 Jan 2025 03:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42337
IP address blocks: 62.220.112.0/21 maxlen: 21
62.220.113.0/24 maxlen: 24
62.220.116.0/24 maxlen: 24
62.220.118.0/23 maxlen: 24
81.12.0.0/21 maxlen: 24
81.12.32.0/21 maxlen: 24
81.12.40.0/21 maxlen: 24
81.12.54.0/23 maxlen: 24
81.12.56.0/23 maxlen: 23
81.12.60.0/22 maxlen: 24
81.12.64.0/18 maxlen: 24
81.12.95.0/24 maxlen: 24
87.107.16.0/21 maxlen: 24
87.107.28.0/22 maxlen: 24
87.107.32.0/23 maxlen: 23
87.107.36.0/22 maxlen: 24
87.107.44.0/22 maxlen: 24
87.107.48.0/23 maxlen: 23
87.107.56.0/21 maxlen: 24
87.107.64.0/22 maxlen: 24
87.107.72.0/21 maxlen: 24
87.107.80.0/21 maxlen: 24
87.107.92.0/22 maxlen: 24
87.107.100.0/22 maxlen: 22
87.107.136.0/21 maxlen: 24
87.107.148.0/22 maxlen: 24
87.107.156.0/22 maxlen: 24
87.107.176.0/21 maxlen: 24
87.107.184.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 11:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:4d:6d:33:db:32:49:49:69:fb:ef:50:b0:77:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 1 03:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e05ce6253a7f246ad712e8c3320b0e29031fa9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:20:f9:bb:95:21:5e:d7:8c:46:2f:ff:c8:fc:
a6:3b:27:7a:fb:56:0b:40:c1:1c:39:93:84:bc:ad:
93:f0:f3:d7:d9:66:8c:79:b7:b1:45:88:95:7d:03:
66:55:35:9f:c0:b8:f5:f8:8f:fe:b1:47:4b:23:9e:
26:f7:8c:6b:8c:75:46:e6:60:da:f9:73:40:df:d0:
93:c9:05:6e:fc:6b:99:2d:da:c0:24:ac:27:d8:49:
88:1f:af:0a:ca:ff:c7:68:c9:08:a3:bf:da:c2:af:
a2:24:14:cc:a3:8a:c7:68:eb:0c:89:62:4b:3f:d1:
db:a2:f8:b2:ee:43:7f:5c:a2:77:d5:fd:7b:2b:43:
6c:50:3b:8d:01:c7:d0:1f:c0:5d:47:7a:32:86:ea:
69:07:64:82:57:69:eb:a7:64:72:f3:b6:63:9e:95:
33:0f:d8:4f:67:a8:60:5a:ff:7c:46:49:45:80:7c:
a3:eb:f4:2a:61:04:af:9d:6c:16:fd:ee:59:1e:b8:
0c:96:53:e6:89:8e:ee:d2:60:8c:de:ea:b8:95:95:
c1:07:7a:b6:ad:a2:21:a8:c1:fa:40:d5:28:06:b7:
26:74:dc:6f:fe:e9:3d:54:d2:d9:bb:0a:e3:de:5b:
48:f0:0b:7a:48:7a:34:83:b7:c8:7d:48:17:b3:82:
9e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:05:CE:62:53:A7:F2:46:AD:71:2E:8C:33:20:B0:E2:90:31:FA:9A
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/fgXOYlOn8katcS6MMyCw4pAx-po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.112.0/21
81.12.0.0/21
81.12.32.0/20
81.12.54.0-81.12.57.255
81.12.60.0-81.12.127.255
87.107.16.0/21
87.107.28.0-87.107.33.255
87.107.36.0/22
87.107.44.0-87.107.49.255
87.107.56.0-87.107.67.255
87.107.72.0-87.107.87.255
87.107.92.0/22
87.107.100.0/22
87.107.136.0/21
87.107.148.0/22
87.107.156.0/22
87.107.176.0-87.107.187.255
Signature Algorithm: sha256WithRSAEncryption
93:37:2d:20:80:4d:66:9a:02:54:c0:cd:db:66:23:d7:d6:ff:
ce:64:d2:b4:1d:ea:d0:62:3b:a4:5c:65:b0:b3:c9:6e:c2:20:
7a:9d:1d:73:61:d5:c7:a4:ce:6e:c1:e8:33:4c:9e:5b:26:1b:
28:19:0a:5a:ac:20:ef:4e:6a:ae:1b:a3:bc:d7:a7:c6:60:0d:
10:41:36:26:f7:11:ef:0a:75:70:ca:31:64:65:5a:81:54:20:
2e:85:4b:c1:61:76:e5:aa:6f:28:c7:0a:be:07:69:c0:ec:e9:
f8:23:d4:12:e0:86:2d:a1:c7:52:67:e0:e7:69:f6:ae:ad:f2:
18:ec:92:ff:65:79:7e:23:4c:96:db:0a:a5:32:e7:4b:35:8b:
25:98:ca:0e:94:7d:49:46:e0:b4:79:e6:f2:52:6a:a0:7d:5c:
de:03:2d:db:70:c7:bd:8a:05:23:20:38:14:94:3a:b6:40:55:
01:e5:7d:82:85:45:1d:f2:8f:10:18:40:d6:94:57:f4:1a:01:
cb:0d:6e:c2:fe:3f:a2:73:d2:1f:00:54:8c:db:ad:20:ed:89:
50:c1:c1:2c:b7:8e:88:07:fc:26:2c:cd:f7:9d:3d:17:d4:03:
77:df:4c:20:8a:40:ce:0f:01:7f:49:a2:62:1b:32:bf:a9:18:
82:c2:b2:89
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZQf+k1tM9sySUlp++9QsHdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjUwMTAxMDM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTA1Y2U2MjUzYTdmMjQ2YWQ3MTJlOGMzMzIwYjBlMjkwMzFmYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCD5u5UhXteMRi//yPymOyd6+1YL
QMEcOZOEvK2T8PPX2WaMebexRYiVfQNmVTWfwLj1+I/+sUdLI54m94xrjHVG5mDa
+XNA39CTyQVu/GuZLdrAJKwn2EmIH68Kyv/HaMkIo7/awq+iJBTMo4rHaOsMiWJL
P9Hboviy7kN/XKJ31f17K0NsUDuNAcfQH8BdR3oyhuppB2SCV2nrp2Ry87ZjnpUz
D9hPZ6hgWv98RklFgHyj6/QqYQSvnWwW/e5ZHrgMllPmiY7u0mCM3uq4lZXBB3q2
raIhqMH6QNUoBrcmdNxv/uk9VNLZuwrj3ltI8At6SHo0g7fIfUgXs4KemQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFH4FzmJTp/JGrXEujDMgsOKQMfqaMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvZmdYT1lsT244a2F0Y1M2TU15Q3c0cEF4LXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAM+
3HADBANRDAADBARRDCAwDAMEAVEMNgMEAVEMODAMAwQCUQw8AwQHUQwAAwQDV2sQ
MAwDBAJXaxwDBAFXayADBAJXayQwDAMEAldrLAMEAVdrMDAMAwQDV2s4AwQCV2tA
MAwDBANXa0gDBANXa1ADBAJXa1wDBAJXa2QDBANXa4gDBAJXa5QDBAJXa5wwDAME
BFdrsAMEAldruDANBgkqhkiG9w0BAQsFAAOCAQEAkzctIIBNZpoCVMDN22Yj19b/
zmTStB3q0GI7pFxlsLPJbsIgep0dc2HVx6TObsHoM0yeWyYbKBkKWqwg705qrhuj
vNenxmANEEE2JvcR7wp1cMoxZGVagVQgLoVLwWF25apvKMcKvgdpwOzp+CPUEuCG
LaHHUmfg52n2rq3yGOyS/2V5fiNMltsKpTLnSzWLJZjKDpR9SUbgtHnm8lJqoH1c
3gMt23DHvYoFIyA4FJQ6tkBVAeV9goVFHfKPEBhA1pRX9BoByw1uwv4/onPSHwBU
jNutIO2JUMHBLLeOiAf8JizN9509F9QDd99MIIpAzg8Bf0miYhsyv6kYgsKyiQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:32:57 2025 by rpki-client