Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/8zzToX2_MSbXjPU6GvHQQ_9Dvvk.roa
File: 8zzToX2_MSbXjPU6GvHQQ_9Dvvk.roa (raw, json)
Hash identifier: wilJSEirQsqEx26ndpfgfkDVvj+zVkzSkCh5uXU9fHI=
Subject key identifier: F3:3C:D3:A1:7D:BF:31:26:D7:8C:F5:3A:1A:F1:D0:43:FF:43:BE:F9
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 0195F5209D390702C576AC18ABE8D1A52D2C
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/8zzToX2_MSbXjPU6GvHQQ_9Dvvk.roa
Signing time: Wed 02 Apr 2025 06:11:50 +0000
ROA not before: Wed 02 Apr 2025 06:11:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62419
IP address blocks: 62.201.192.0/24 maxlen: 24
62.201.202.0/24 maxlen: 24
62.201.237.0/24 maxlen: 24
62.201.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 06:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f5:20:9d:39:07:02:c5:76:ac:18:ab:e8:d1:a5:2d:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: Apr 2 06:11:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f33cd3a17dbf3126d78cf53a1af1d043ff43bef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e7:bd:92:af:ee:cd:ac:dc:0f:04:4f:9a:fe:
cc:ef:51:95:b5:33:c8:33:29:a6:41:14:84:45:7e:
9a:0c:32:29:23:9b:88:03:c2:70:af:38:bb:65:ee:
f6:c5:fd:e2:d5:cf:8f:66:5d:7a:4d:93:51:f4:44:
a8:21:7f:1f:69:65:fe:89:fb:2f:7f:69:ad:18:af:
85:1e:0c:65:6f:84:8c:8b:83:cd:9f:6a:f6:8a:71:
50:a9:18:01:a5:32:03:26:ef:40:ce:6b:1f:d4:0b:
5f:65:96:7a:96:97:ac:30:25:38:34:36:2f:5d:de:
15:81:fc:81:7f:e3:42:11:98:a1:15:a1:7b:5b:00:
50:07:da:e5:ca:1a:a8:3f:0b:89:25:61:2f:1f:1a:
a3:54:92:98:0d:16:19:79:d2:d5:3e:2e:72:76:03:
97:b5:bc:3f:1b:1c:4b:57:6b:01:53:0c:1f:39:f9:
97:96:fe:97:75:b9:23:d1:9a:10:d7:66:6a:4b:04:
26:e3:60:c0:af:19:eb:a9:8c:a6:30:20:a5:a5:d7:
a0:f3:d8:e8:ff:f9:c5:7d:89:ad:fc:26:f9:36:c5:
56:7b:7f:70:08:73:18:36:53:79:eb:94:41:5c:a7:
8d:20:df:d9:8a:86:25:8f:1c:a3:28:d8:56:16:e8:
8b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:3C:D3:A1:7D:BF:31:26:D7:8C:F5:3A:1A:F1:D0:43:FF:43:BE:F9
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/8zzToX2_MSbXjPU6GvHQQ_9Dvvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/24
62.201.202.0/24
62.201.237.0/24
62.201.248.0/24
Signature Algorithm: sha256WithRSAEncryption
36:e7:98:56:90:1b:83:6c:8d:ff:b2:95:c6:9f:fa:f2:16:ae:
a3:73:2f:2e:4f:7e:d1:c0:7b:f0:6c:ec:16:13:02:66:35:fb:
35:e6:14:d9:85:1f:2e:38:5e:e2:37:aa:ed:32:aa:cc:e2:60:
75:dd:a1:d8:a9:dc:89:0a:f4:ac:f8:8a:5d:7a:a0:ab:2b:85:
95:60:c4:55:13:57:89:d7:be:52:c7:35:62:90:30:2c:03:fc:
65:de:b8:ad:d2:84:f4:3a:75:fa:5c:50:33:5d:73:72:d1:82:
a7:5d:16:0d:43:10:36:2a:64:13:e5:fb:ac:b7:48:87:ef:78:
5e:47:f9:a6:4f:fe:7d:aa:ac:30:c2:c6:4d:91:de:59:91:80:
07:3e:ab:39:f3:e6:90:3d:ec:ec:fe:87:3d:56:7f:32:03:2b:
39:c5:62:cd:65:1e:df:0f:9a:c0:7d:1a:51:ee:9e:52:f6:7b:
05:0e:b0:6d:6d:26:57:44:58:21:06:80:31:ac:3f:22:6c:52:
d3:7f:32:f6:e5:c2:e8:d3:09:ad:2e:b8:bb:11:41:6a:1e:23:
df:95:1c:27:02:16:be:93:b5:0d:60:a7:1c:bf:26:a0:4f:90:
ae:7b:e7:56:25:69:67:f5:eb:43:b0:15:4b:c0:35:d7:3d:ce:
3d:07:00:06
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZX1IJ05BwLFdqwYq+jRpS0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTJmZWRmNTljNjBkMzI1NGUzN2E5YzhlY2RlMTFjOWJh
MTI4MmEwHhcNMjUwNDAyMDYxMTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzNjZDNhMTdkYmYzMTI2ZDc4Y2Y1M2ExYWYxZDA0M2ZmNDNiZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+e9kq/uzazcDwRPmv7M71GVtTPI
MymmQRSERX6aDDIpI5uIA8Jwrzi7Ze72xf3i1c+PZl16TZNR9ESoIX8faWX+ifsv
f2mtGK+FHgxlb4SMi4PNn2r2inFQqRgBpTIDJu9Azmsf1AtfZZZ6lpesMCU4NDYv
Xd4VgfyBf+NCEZihFaF7WwBQB9rlyhqoPwuJJWEvHxqjVJKYDRYZedLVPi5ydgOX
tbw/GxxLV2sBUwwfOfmXlv6Xdbkj0ZoQ12ZqSwQm42DArxnrqYymMCClpdeg89jo
//nFfYmt/Cb5NsVWe39wCHMYNlN565RBXKeNIN/ZioYljxyjKNhWFuiLTwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPM806F9vzEm14z1Ohrx0EP/Q775MB8GA1UdIwQY
MBaAFDaS/t9Zxg0yVON6nI7N4RyboSgqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEt
ZTdiZTVlMzBhZDJkLzEvOHp6VG9YMl9NU2JYalBVNkd2SFFRXzlEdnZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEtZTdiZTVlMzBhZDJk
LzEvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPsnAAwQA
PsnKAwQAPsntAwQAPsn4MA0GCSqGSIb3DQEBCwUAA4IBAQA255hWkBuDbI3/spXG
n/ryFq6jcy8uT37RwHvwbOwWEwJmNfs15hTZhR8uOF7iN6rtMqrM4mB13aHYqdyJ
CvSs+IpdeqCrK4WVYMRVE1eJ175SxzVikDAsA/xl3rit0oT0OnX6XFAzXXNy0YKn
XRYNQxA2KmQT5fust0iH73heR/mmT/59qqwwwsZNkd5ZkYAHPqs58+aQPezs/oc9
Vn8yAys5xWLNZR7fD5rAfRpR7p5S9nsFDrBtbSZXRFghBoAxrD8ibFLTfzL25cLo
0wmtLri7EUFqHiPflRwnAha+k7UNYKccvyagT5Cue+dWJWln9etDsBVLwDXXPc49
BwAG
-----END CERTIFICATE-----
Generated at Mon Apr 14 13:08:51 2025 by rpki-client