Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/6kFKBlQMJFxKYHdo5rLb8nZHVG4.roa
File: 6kFKBlQMJFxKYHdo5rLb8nZHVG4.roa (raw, json)
Hash identifier: +5rZCIfEGw9sYIHiF45MRt2MUgq5EH9RZ1d41bqYhCY=
Subject key identifier: EA:41:4A:06:54:0C:24:5C:4A:60:77:68:E6:B2:DB:F2:76:47:54:6E
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 018D58C236E5E91D78BBF71EC6EF67C1CF53
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/6kFKBlQMJFxKYHdo5rLb8nZHVG4.roa
Signing time: Tue 30 Jan 2024 05:05:39 +0000
ROA not before: Tue 30 Jan 2024 05:05:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44217
IP address blocks: 62.201.192.0/18 maxlen: 18
62.201.192.0/23 maxlen: 23
62.201.193.0/24 maxlen: 24
62.201.194.0/24 maxlen: 24
62.201.195.0/24 maxlen: 24
62.201.197.0/24 maxlen: 24
62.201.200.0/24 maxlen: 24
62.201.201.0/24 maxlen: 24
62.201.202.0/24 maxlen: 24
62.201.203.0/24 maxlen: 24
62.201.204.0/23 maxlen: 23
62.201.204.0/24 maxlen: 24
62.201.205.0/24 maxlen: 24
62.201.206.0/24 maxlen: 24
62.201.207.0/24 maxlen: 24
62.201.208.0/22 maxlen: 22
62.201.208.0/24 maxlen: 24
62.201.209.0/24 maxlen: 24
62.201.210.0/24 maxlen: 24
62.201.211.0/24 maxlen: 24
62.201.212.0/22 maxlen: 22
62.201.212.0/24 maxlen: 24
62.201.213.0/24 maxlen: 24
62.201.214.0/24 maxlen: 24
62.201.215.0/24 maxlen: 24
62.201.216.0/24 maxlen: 24
62.201.217.0/24 maxlen: 24
62.201.218.0/24 maxlen: 24
62.201.219.0/24 maxlen: 24
62.201.220.0/22 maxlen: 22
62.201.220.0/24 maxlen: 24
62.201.221.0/24 maxlen: 24
62.201.222.0/24 maxlen: 24
62.201.223.0/24 maxlen: 24
62.201.224.0/22 maxlen: 22
62.201.224.0/24 maxlen: 24
62.201.225.0/24 maxlen: 24
62.201.226.0/24 maxlen: 24
62.201.227.0/24 maxlen: 24
62.201.228.0/22 maxlen: 22
62.201.228.0/24 maxlen: 24
62.201.229.0/24 maxlen: 24
62.201.230.0/24 maxlen: 24
62.201.231.0/24 maxlen: 24
62.201.232.0/22 maxlen: 22
62.201.232.0/24 maxlen: 24
62.201.233.0/24 maxlen: 24
62.201.234.0/24 maxlen: 24
62.201.235.0/24 maxlen: 24
62.201.236.0/24 maxlen: 24
62.201.238.0/24 maxlen: 24
62.201.239.0/24 maxlen: 24
62.201.240.0/21 maxlen: 21
62.201.240.0/24 maxlen: 24
62.201.241.0/24 maxlen: 24
62.201.242.0/23 maxlen: 24
62.201.242.0/24 maxlen: 24
62.201.243.0/24 maxlen: 24
62.201.244.0/23 maxlen: 23
62.201.246.0/24 maxlen: 24
62.201.247.0/24 maxlen: 24
62.201.248.0/24 maxlen: 24
62.201.249.0/24 maxlen: 24
62.201.250.0/24 maxlen: 24
62.201.251.0/24 maxlen: 24
62.201.252.0/22 maxlen: 24
62.201.253.0/24 maxlen: 24
62.201.254.0/23 maxlen: 24
89.33.66.0/23 maxlen: 23
185.1.98.0/24 maxlen: 24
2a02:b60::/32 maxlen: 32
2a02:b60:0:f::/64 maxlen: 64
2a02:b60:20::/48 maxlen: 48
2a02:b60:2000::/35 maxlen: 35
2a02:b60:2000::/48 maxlen: 48
2a02:b60:2000:3::/64 maxlen: 64
2a02:b60:2010::/48 maxlen: 48
2a02:b60:4000::/34 maxlen: 34
2a02:b60:4000::/48 maxlen: 48
2a02:b60:4005::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:58:c2:36:e5:e9:1d:78:bb:f7:1e:c6:ef:67:c1:cf:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: Jan 30 05:05:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea414a06540c245c4a607768e6b2dbf27647546e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c8:72:02:a5:19:f4:2e:46:a2:a4:ea:72:76:
b3:a5:f5:6c:e7:79:9d:60:bd:4d:7f:64:88:64:33:
ce:43:c0:e6:40:4f:fe:79:23:af:96:af:34:69:84:
1c:81:06:bd:1a:bf:e1:b6:43:29:66:bb:2d:3e:43:
43:e7:cc:e6:56:ca:0b:b2:c6:28:07:0e:b6:ae:19:
e3:bd:3f:b6:03:14:11:cc:82:14:04:ce:1c:42:d7:
09:5f:e7:e9:b2:15:9e:4d:c4:ee:76:69:82:7f:fb:
03:c2:49:83:6b:fd:78:86:b3:b1:51:97:72:f3:94:
98:c1:1f:27:58:2c:58:43:d0:6f:11:12:a0:46:70:
59:3f:27:fb:62:ac:7b:e1:6d:35:9b:dc:ba:d4:17:
aa:e0:3a:fa:c1:f6:5a:72:4b:7f:d0:98:78:52:7e:
3d:2d:28:17:df:c7:a8:fc:c5:d2:aa:c1:e4:e3:6f:
14:e8:47:b5:56:18:da:64:2f:f8:c7:4d:33:ae:a6:
17:24:ab:88:f3:ea:d3:2f:36:ed:f0:c0:c5:6c:e1:
ae:19:b0:43:5c:df:52:b2:84:f5:28:4f:b3:56:bb:
34:53:35:4c:56:ff:eb:f6:21:82:ff:4c:84:d0:54:
79:1c:b1:ac:bc:d5:01:04:5c:9f:a5:3e:5d:71:3e:
cb:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:41:4A:06:54:0C:24:5C:4A:60:77:68:E6:B2:DB:F2:76:47:54:6E
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/6kFKBlQMJFxKYHdo5rLb8nZHVG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/18
89.33.66.0/23
185.1.98.0/24
IPv6:
2a02:b60::/32
Signature Algorithm: sha256WithRSAEncryption
e0:87:11:91:29:cf:b5:b7:30:9f:07:50:59:82:98:dc:a6:f9:
0c:94:d8:f4:83:4f:04:d7:71:5e:16:b3:db:ae:34:6e:58:77:
96:a2:8b:9c:b9:8b:34:4b:e7:46:21:c6:36:6a:8e:cc:3f:c8:
be:17:14:c1:05:11:69:4e:4f:7d:19:5e:1e:76:2f:ef:3c:70:
48:99:c7:c0:84:3d:ff:45:1c:ac:ee:b4:2f:74:80:8c:1a:97:
d4:35:10:79:a7:5e:20:94:8d:97:eb:94:0f:9f:8c:e3:1a:5e:
86:e6:66:c5:31:e4:66:82:e2:d9:ce:a5:ef:85:61:5b:95:fb:
aa:45:a8:bd:77:ac:b5:8c:c5:fc:d1:69:11:ab:6d:e0:b4:30:
8f:3c:78:7a:5a:d4:18:62:b5:0d:18:1f:da:09:31:9b:b5:38:
89:b9:e4:cc:15:df:36:ab:3f:25:60:33:39:2c:35:cc:83:e4:
04:00:4e:f0:d2:49:ba:a6:0d:b8:63:bf:ab:53:b6:87:51:45:
eb:2f:40:ae:71:6e:44:87:bd:35:0d:05:7d:65:e2:e1:f2:1d:
15:5b:9c:ce:3a:4e:b6:e8:1f:af:8a:b0:06:41:7a:41:3c:27:
e6:4c:6c:4b:b8:a9:f4:9d:6e:8d:35:cb:ca:58:93:fc:06:c7:
c8:f0:70:9a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY1Ywjbl6R14u/cexu9nwc9TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTJmZWRmNTljNjBkMzI1NGUzN2E5YzhlY2RlMTFjOWJh
MTI4MmEwHhcNMjQwMTMwMDUwNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTQxNGEwNjU0MGMyNDVjNGE2MDc3NjhlNmIyZGJmMjc2NDc1NDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApshyAqUZ9C5GoqTqcnazpfVs53md
YL1Nf2SIZDPOQ8DmQE/+eSOvlq80aYQcgQa9Gr/htkMpZrstPkND58zmVsoLssYo
Bw62rhnjvT+2AxQRzIIUBM4cQtcJX+fpshWeTcTudmmCf/sDwkmDa/14hrOxUZdy
85SYwR8nWCxYQ9BvERKgRnBZPyf7Yqx74W01m9y61Beq4Dr6wfZackt/0Jh4Un49
LSgX38eo/MXSqsHk428U6Ee1VhjaZC/4x00zrqYXJKuI8+rTLzbt8MDFbOGuGbBD
XN9SsoT1KE+zVrs0UzVMVv/r9iGC/0yE0FR5HLGsvNUBBFyfpT5dcT7LwQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOpBSgZUDCRcSmB3aOay2/J2R1RuMB8GA1UdIwQY
MBaAFDaS/t9Zxg0yVON6nI7N4RyboSgqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEt
ZTdiZTVlMzBhZDJkLzEvNmtGS0JsUU1KRnhLWUhkbzVyTGI4blpIVkc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEtZTdiZTVlMzBhZDJk
LzEvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGPsnAAwQB
WSFCAwQAuQFiMA0EAgACMAcDBQAqAgtgMA0GCSqGSIb3DQEBCwUAA4IBAQDghxGR
Kc+1tzCfB1BZgpjcpvkMlNj0g08E13FeFrPbrjRuWHeWooucuYs0S+dGIcY2ao7M
P8i+FxTBBRFpTk99GV4edi/vPHBImcfAhD3/RRys7rQvdICMGpfUNRB5p14glI2X
65QPn4zjGl6G5mbFMeRmguLZzqXvhWFblfuqRai9d6y1jMX80WkRq23gtDCPPHh6
WtQYYrUNGB/aCTGbtTiJueTMFd82qz8lYDM5LDXMg+QEAE7w0km6pg24Y7+rU7aH
UUXrL0CucW5Eh701DQV9ZeLh8h0VW5zOOk626B+virAGQXpBPCfmTGxLuKn0nW6N
NcvKWJP8BsfI8HCa
-----END CERTIFICATE-----
Generated at Sun Jun 2 07:58:39 2024 by rpki-client on console-fra.rpki-client.org