Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/zr2z9Od-TcJgIaOcguHaM377x2M.roa
File: zr2z9Od-TcJgIaOcguHaM377x2M.roa (raw, json)
Hash identifier: UxWczV8XLsUi0S8tvrZZEXSlN5BGbRp5dzqmjWk9KRM=
Subject key identifier: CE:BD:B3:F4:E7:7E:4D:C2:60:21:A3:9C:82:E1:DA:33:7E:FB:C7:63
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 018FBECF3AB0AC8EAC6C817B961FCDFC6661
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/zr2z9Od-TcJgIaOcguHaM377x2M.roa
Signing time: Tue 28 May 2024 10:46:42 +0000
ROA not before: Tue 28 May 2024 10:46:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41032
IP address blocks: 62.201.192.0/24 maxlen: 24
62.201.199.0/24 maxlen: 24
62.201.200.0/22 maxlen: 22
62.201.200.0/24 maxlen: 24
62.201.201.0/24 maxlen: 24
62.201.202.0/24 maxlen: 24
62.201.203.0/24 maxlen: 24
62.201.204.0/24 maxlen: 24
62.201.205.0/24 maxlen: 24
62.201.207.0/24 maxlen: 24
62.201.208.0/24 maxlen: 24
62.201.210.0/24 maxlen: 24
62.201.216.0/24 maxlen: 24
62.201.237.0/24 maxlen: 24
62.201.248.0/24 maxlen: 24
62.201.250.0/24 maxlen: 24
185.90.104.0/24 maxlen: 24
185.90.105.0/24 maxlen: 24
185.90.106.0/24 maxlen: 24
185.90.107.0/24 maxlen: 24
2a02:b60:2000::/35 maxlen: 35
2a02:b60:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:be:cf:3a:b0:ac:8e:ac:6c:81:7b:96:1f:cd:fc:66:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: May 28 10:46:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cebdb3f4e77e4dc26021a39c82e1da337efbc763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:51:09:b5:68:54:1a:f0:a6:bb:f8:d9:ba:a9:
3f:51:d4:16:de:c2:48:cb:3d:57:86:3c:59:88:73:
1c:32:62:e3:2a:f5:22:cd:db:04:8f:11:c1:34:b1:
f7:b9:4e:f9:09:23:ce:52:25:f1:a3:9e:af:54:1a:
54:30:ef:25:d4:e1:61:23:74:6a:ee:54:0c:c0:ea:
59:d9:15:00:c4:c1:7b:93:21:45:2d:21:04:9a:b8:
eb:63:fd:84:64:b5:6f:e2:f1:ec:82:13:9d:f7:3a:
ba:f1:8c:10:b8:4c:f4:a0:32:0b:cd:82:70:b6:ae:
88:d1:2b:5c:57:1e:22:0d:7f:7a:c7:1a:96:9f:f8:
85:fc:64:19:62:38:ec:5a:fd:64:7b:3d:f8:20:91:
a0:fd:ad:9f:81:80:07:61:cc:b8:eb:88:72:c1:36:
d1:c1:9b:b2:22:0b:cb:f1:f8:cb:44:78:f9:56:eb:
4e:ea:0d:81:4a:40:44:eb:7e:34:22:ec:e8:be:b0:
07:aa:bc:5e:20:e0:a0:f1:72:b1:ca:09:3d:d5:07:
d0:55:88:78:db:95:30:3c:fc:98:c8:ec:15:7e:2a:
5b:f3:77:a4:ba:77:37:b3:1f:bd:bd:44:2e:f4:b3:
f6:f3:39:a9:1f:d9:b5:45:1a:0b:26:4e:37:41:b1:
e7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:BD:B3:F4:E7:7E:4D:C2:60:21:A3:9C:82:E1:DA:33:7E:FB:C7:63
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/zr2z9Od-TcJgIaOcguHaM377x2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/24
62.201.199.0-62.201.205.255
62.201.207.0-62.201.208.255
62.201.210.0/24
62.201.216.0/24
62.201.237.0/24
62.201.248.0/24
62.201.250.0/24
185.90.104.0/22
IPv6:
2a02:b60:2000::/35
Signature Algorithm: sha256WithRSAEncryption
81:cf:59:0f:81:11:a5:3c:36:1c:ee:5f:b2:dd:ca:77:e3:44:
30:a4:11:de:00:43:f1:79:28:24:90:9d:a7:1a:2a:a8:d9:cc:
a1:10:98:ae:e5:02:a4:4b:0a:7a:5d:c9:9d:8c:9f:2a:f8:62:
46:c2:6d:9f:1f:49:60:77:7f:fa:48:40:27:d3:b9:31:82:85:
79:e2:82:75:a9:f5:fa:0a:6c:8f:e4:06:11:09:4f:be:b2:5a:
27:ba:45:5c:31:9f:93:62:28:16:e9:c3:bd:b2:bc:36:70:9e:
75:5f:9a:65:c3:c6:86:44:8b:9b:9c:03:5a:16:15:a8:d3:61:
d5:a6:90:e1:38:6b:84:5c:a3:ae:85:27:e5:a2:69:34:54:15:
61:26:f5:a8:19:3f:34:7e:bf:4c:56:d0:23:b3:a0:c3:b5:c8:
9d:54:21:e6:93:ae:61:f1:f8:e2:b9:32:26:82:c9:89:d0:e3:
01:7e:d4:4a:09:84:11:9d:76:76:99:f5:12:64:94:fd:8c:5e:
56:dd:0b:33:48:ca:77:ca:9c:59:f7:59:e5:ca:b5:0d:5c:26:
0d:1e:f9:2c:5e:c4:35:31:62:67:3d:b6:ff:b0:22:00:48:e5:
09:83:07:a9:0e:64:5d:91:7b:7e:92:77:65:77:4a:e4:ac:e2:
76:9b:8b:b7
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAY++zzqwrI6sbIF7lh/N/GZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTJmZWRmNTljNjBkMzI1NGUzN2E5YzhlY2RlMTFjOWJh
MTI4MmEwHhcNMjQwNTI4MTA0NjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWJkYjNmNGU3N2U0ZGMyNjAyMWEzOWM4MmUxZGEzMzdlZmJjNzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/FEJtWhUGvCmu/jZuqk/UdQW3sJI
yz1XhjxZiHMcMmLjKvUizdsEjxHBNLH3uU75CSPOUiXxo56vVBpUMO8l1OFhI3Rq
7lQMwOpZ2RUAxMF7kyFFLSEEmrjrY/2EZLVv4vHsghOd9zq68YwQuEz0oDILzYJw
tq6I0StcVx4iDX96xxqWn/iF/GQZYjjsWv1kez34IJGg/a2fgYAHYcy464hywTbR
wZuyIgvL8fjLRHj5VutO6g2BSkBE6340IuzovrAHqrxeIOCg8XKxygk91QfQVYh4
25UwPPyYyOwVfipb83ekunc3sx+9vUQu9LP28zmpH9m1RRoLJk43QbHnQQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFM69s/Tnfk3CYCGjnILh2jN++8djMB8GA1UdIwQY
MBaAFDaS/t9Zxg0yVON6nI7N4RyboSgqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEt
ZTdiZTVlMzBhZDJkLzEvenIyejlPZC1UY0pnSWFPY2d1SGFNMzc3eDJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEtZTdiZTVlMzBhZDJk
LzEvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBMBAIAATBGAwQAPsnAMAwD
BAA+yccDBAE+ycwwDAMEAD7JzwMEAD7J0AMEAD7J0gMEAD7J2AMEAD7J7QMEAD7J
+AMEAD7J+gMEArlaaDAOBAIAAjAIAwYFKgILYCAwDQYJKoZIhvcNAQELBQADggEB
AIHPWQ+BEaU8NhzuX7LdynfjRDCkEd4AQ/F5KCSQnacaKqjZzKEQmK7lAqRLCnpd
yZ2Mnyr4YkbCbZ8fSWB3f/pIQCfTuTGChXnignWp9foKbI/kBhEJT76yWie6RVwx
n5NiKBbpw72yvDZwnnVfmmXDxoZEi5ucA1oWFajTYdWmkOE4a4Rco66FJ+WiaTRU
FWEm9agZPzR+v0xW0COzoMO1yJ1UIeaTrmHx+OK5MiaCyYnQ4wF+1EoJhBGddnaZ
9RJklP2MXlbdCzNIynfKnFn3WeXKtQ1cJg0e+SxexDUxYmc9tv+wIgBI5QmDB6kO
ZF2Re36Sd2V3SuSs4nabi7c=
-----END CERTIFICATE-----
Generated at Sat Nov 23 17:39:35 2024 by rpki-client on console-fra.rpki-client.org