Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/i16ilfmrEmGll-8P1By27TRNxjs.roa
File: i16ilfmrEmGll-8P1By27TRNxjs.roa (raw, json)
Hash identifier: b9oY0GhLijC6RRV6+0ZoYX7cAxCSwlkMlJ1wrgHM1qc=
Subject key identifier: 8B:5E:A2:95:F9:AB:12:61:A5:97:EF:0F:D4:1C:B6:ED:34:4D:C6:3B
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 0195F5209BB077FF15C0EB25D732E441715A
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/i16ilfmrEmGll-8P1By27TRNxjs.roa
Signing time: Wed 02 Apr 2025 06:11:49 +0000
ROA not before: Wed 02 Apr 2025 06:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 62.201.192.0/24 maxlen: 24
62.201.199.0/24 maxlen: 24
62.201.200.0/24 maxlen: 24
62.201.201.0/24 maxlen: 24
62.201.203.0/24 maxlen: 24
62.201.204.0/24 maxlen: 24
62.201.205.0/24 maxlen: 24
62.201.207.0/24 maxlen: 24
62.201.208.0/24 maxlen: 24
62.201.237.0/24 maxlen: 24
62.201.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 06:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f5:20:9b:b0:77:ff:15:c0:eb:25:d7:32:e4:41:71:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: Apr 2 06:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b5ea295f9ab1261a597ef0fd41cb6ed344dc63b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8e:88:b8:99:eb:0f:67:19:63:d0:eb:b9:6f:
96:e1:b8:00:44:15:86:36:fb:dc:43:fc:0c:b0:f2:
db:0b:d2:97:28:50:70:c9:58:4b:cc:df:24:34:03:
93:db:59:d8:02:4c:d4:c0:85:72:73:14:e8:25:1d:
be:70:c8:96:38:84:9f:fc:96:8f:c8:ef:f7:d4:e1:
3a:09:34:35:3b:69:56:3a:33:d9:00:ef:aa:fe:b4:
24:ef:01:04:e4:b8:96:62:3c:fb:bc:3f:be:61:2c:
94:d4:95:a3:51:1c:65:80:77:ed:2e:23:e8:7a:59:
28:f0:ec:42:da:44:ad:aa:ac:07:d8:b1:cf:06:6d:
2b:6f:a8:e8:5d:7a:bf:89:31:b1:3c:87:2b:3b:9c:
f5:76:ff:e8:c5:b8:a7:17:02:6b:ea:a9:f1:c4:58:
c0:5f:10:7d:c5:23:ce:07:c2:0e:61:0d:54:18:a3:
e5:b0:74:f0:02:66:d9:a5:66:4f:4a:d8:7e:c6:dd:
fe:4f:26:dd:98:8a:88:17:2e:f6:08:a8:ac:b3:84:
7c:3f:29:8a:0e:13:60:ca:36:51:1c:f9:be:8a:b0:
7d:03:29:e5:ea:18:8f:71:f1:d8:ba:1a:2c:87:d8:
20:cd:45:cc:64:03:e8:72:68:e2:23:5c:7b:6d:56:
ed:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:5E:A2:95:F9:AB:12:61:A5:97:EF:0F:D4:1C:B6:ED:34:4D:C6:3B
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/i16ilfmrEmGll-8P1By27TRNxjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/24
62.201.199.0-62.201.201.255
62.201.203.0-62.201.205.255
62.201.207.0-62.201.208.255
62.201.237.0/24
62.201.248.0/24
Signature Algorithm: sha256WithRSAEncryption
87:e9:15:a5:08:f5:d0:fb:1a:d4:51:6c:83:74:4c:19:e4:56:
2b:36:4d:37:07:13:46:85:8e:ba:a9:a2:b0:59:c9:29:42:d9:
13:61:a2:4b:cd:ae:43:b1:03:56:13:39:76:54:c2:04:16:5e:
52:e4:c5:f3:85:9f:0b:41:dd:9c:cb:ad:71:8f:e4:be:8f:e9:
d3:76:36:68:db:c8:c0:25:ae:97:2c:e5:05:c0:66:d3:da:69:
11:72:2d:b2:4d:a8:c8:c0:c2:a3:fe:0e:82:f9:fa:ff:4a:dd:
20:58:35:be:7f:01:7e:41:1e:ae:3c:7f:37:66:67:62:48:59:
a1:61:9f:ac:c6:a1:69:b0:e2:d8:12:bc:0b:dc:b1:c5:ba:28:
30:1d:6a:9f:83:e9:1e:a9:e1:e2:3a:4c:bb:96:cc:d9:c5:a0:
7c:cf:64:22:9d:ba:52:19:1b:9a:c9:07:80:83:ef:14:38:17:
ec:f3:ed:8e:f9:b9:81:5d:8f:3d:28:0f:86:37:21:85:32:63:
be:75:28:0b:ab:41:5a:d3:df:5f:0f:9f:59:27:97:f7:13:be:
56:60:b0:ec:86:c3:49:49:b8:65:7e:d0:8c:76:32:91:2c:0b:
9c:27:b2:21:2e:3b:af:d0:66:bf:10:cc:f3:55:f4:ee:1a:e6:
a1:e9:3e:5f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZX1IJuwd/8VwOsl1zLkQXFaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTJmZWRmNTljNjBkMzI1NGUzN2E5YzhlY2RlMTFjOWJh
MTI4MmEwHhcNMjUwNDAyMDYxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjVlYTI5NWY5YWIxMjYxYTU5N2VmMGZkNDFjYjZlZDM0NGRjNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnI6IuJnrD2cZY9DruW+W4bgARBWG
NvvcQ/wMsPLbC9KXKFBwyVhLzN8kNAOT21nYAkzUwIVycxToJR2+cMiWOISf/JaP
yO/31OE6CTQ1O2lWOjPZAO+q/rQk7wEE5LiWYjz7vD++YSyU1JWjURxlgHftLiPo
elko8OxC2kStqqwH2LHPBm0rb6joXXq/iTGxPIcrO5z1dv/oxbinFwJr6qnxxFjA
XxB9xSPOB8IOYQ1UGKPlsHTwAmbZpWZPSth+xt3+TybdmIqIFy72CKiss4R8PymK
DhNgyjZRHPm+irB9Aynl6hiPcfHYuhosh9ggzUXMZAPocmjiI1x7bVbtIQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFIteopX5qxJhpZfvD9Qctu00TcY7MB8GA1UdIwQY
MBaAFDaS/t9Zxg0yVON6nI7N4RyboSgqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEt
ZTdiZTVlMzBhZDJkLzEvaTE2aWxmbXJFbUdsbC04UDFCeTI3VFJOeGpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEtZTdiZTVlMzBhZDJk
LzEvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAPsnAMAwD
BAA+yccDBAE+ycgwDAMEAD7JywMEAT7JzDAMAwQAPsnPAwQAPsnQAwQAPsntAwQA
Psn4MA0GCSqGSIb3DQEBCwUAA4IBAQCH6RWlCPXQ+xrUUWyDdEwZ5FYrNk03BxNG
hY66qaKwWckpQtkTYaJLza5DsQNWEzl2VMIEFl5S5MXzhZ8LQd2cy61xj+S+j+nT
djZo28jAJa6XLOUFwGbT2mkRci2yTajIwMKj/g6C+fr/St0gWDW+fwF+QR6uPH83
ZmdiSFmhYZ+sxqFpsOLYErwL3LHFuigwHWqfg+keqeHiOky7lszZxaB8z2QinbpS
GRuayQeAg+8UOBfs8+2O+bmBXY89KA+GNyGFMmO+dSgLq0Fa099fD59ZJ5f3E75W
YLDshsNJSbhlftCMdjKRLAucJ7IhLjuv0Ga/EMzzVfTuGuah6T5f
-----END CERTIFICATE-----
Generated at Mon Apr 14 13:08:50 2025 by rpki-client