Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/eh296nLCSptPg6qq0l-hiNgSg8s.roa
File: eh296nLCSptPg6qq0l-hiNgSg8s.roa (raw, json)
Hash identifier: kVuRpdEJxlUkflKXQSCqrY0EKJTwkUP2EszNXGQOqXE=
Subject key identifier: 7A:1D:BD:EA:72:C2:4A:9B:4F:83:AA:AA:D2:5F:A1:88:D8:12:83:CB
Certificate issuer: /CN=26bdec99d89565a634a7b2c5401fed7ac47bf232
Certificate serial: 019427479A545AB0E26E3F0FB56FB387C743
Authority key identifier: 26:BD:EC:99:D8:95:65:A6:34:A7:B2:C5:40:1F:ED:7A:C4:7B:F2:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jr3smdiVZaY0p7LFQB_tesR78jI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/eh296nLCSptPg6qq0l-hiNgSg8s.roa
Signing time: Thu 02 Jan 2025 13:49:51 +0000
ROA not before: Thu 02 Jan 2025 13:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16074
IP address blocks: 62.112.160.0/19 maxlen: 20
62.145.32.0/19 maxlen: 24
62.145.62.0/24 maxlen: 24
62.145.63.0/24 maxlen: 24
192.113.0.0/16 maxlen: 24
217.115.224.0/20 maxlen: 21
2a01:67c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/Jr3smdiVZaY0p7LFQB_tesR78jI.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/Jr3smdiVZaY0p7LFQB_tesR78jI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jr3smdiVZaY0p7LFQB_tesR78jI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 13:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:9a:54:5a:b0:e2:6e:3f:0f:b5:6f:b3:87:c7:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26bdec99d89565a634a7b2c5401fed7ac47bf232
Validity
Not Before: Jan 2 13:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a1dbdea72c24a9b4f83aaaad25fa188d81283cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:95:fe:fe:9b:ee:16:a4:e4:55:33:54:48:52:
a9:0d:2c:1d:a3:59:4f:7b:4a:63:6e:28:b7:20:92:
5a:b7:10:f9:08:00:88:94:2d:db:65:2b:d4:38:e1:
cd:98:d3:29:4b:77:58:2c:d4:15:14:d3:b1:71:71:
05:f1:89:06:79:2c:2c:65:e8:bb:96:c9:25:c2:ee:
cc:bb:de:13:77:bc:ec:f5:28:29:e8:6e:5b:74:2d:
10:10:73:3a:bc:e0:4c:f9:bb:a7:01:eb:e2:6e:6c:
74:03:79:b7:a7:84:93:f5:ec:b5:b0:a4:1c:68:7c:
0c:34:2d:cf:e7:56:ec:08:48:d6:40:8f:8c:29:c3:
1c:ae:2a:f4:7b:c7:64:a3:61:1b:57:1b:d8:4b:d8:
33:aa:aa:aa:8d:75:81:d8:9d:e2:0e:62:90:29:30:
35:50:3a:47:a3:3d:9c:e3:fe:f6:c7:68:1c:21:a6:
17:ca:a0:9b:19:9a:a9:d4:23:15:d3:35:dd:58:b9:
3f:be:f0:28:68:ff:1c:ec:cb:ac:d3:17:35:92:f5:
39:82:50:c4:58:c0:a7:21:9d:88:a7:37:c1:85:91:
b5:ce:c6:cf:d2:f0:c6:71:27:1c:ed:6f:aa:34:c6:
f7:31:db:54:e6:3c:88:fb:2d:08:b8:5d:1c:af:44:
95:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:1D:BD:EA:72:C2:4A:9B:4F:83:AA:AA:D2:5F:A1:88:D8:12:83:CB
X509v3 Authority Key Identifier:
keyid:26:BD:EC:99:D8:95:65:A6:34:A7:B2:C5:40:1F:ED:7A:C4:7B:F2:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jr3smdiVZaY0p7LFQB_tesR78jI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/eh296nLCSptPg6qq0l-hiNgSg8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/Jr3smdiVZaY0p7LFQB_tesR78jI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.160.0/19
62.145.32.0/19
192.113.0.0/16
217.115.224.0/20
IPv6:
2a01:67c0::/32
Signature Algorithm: sha256WithRSAEncryption
17:a8:7c:96:e5:d7:ff:e0:3c:a8:db:ab:51:73:cf:de:ce:5d:
a7:d9:a0:61:dd:19:32:b6:0f:04:4a:91:a9:2b:6f:6d:b3:d2:
a3:97:1c:fb:39:2b:fd:f7:75:05:a4:f4:2a:b0:4f:a3:83:31:
5c:26:b8:f1:22:d7:40:54:61:69:0b:31:c1:59:98:99:47:05:
9c:78:05:f1:70:4b:50:8a:59:2a:9c:a2:d8:70:8d:3b:0b:b9:
5b:3c:90:ee:9e:44:f6:83:e8:d5:29:95:fc:cb:6b:74:38:f0:
56:cf:01:c6:07:06:55:da:2f:ad:11:e2:b8:fb:76:2e:a7:c4:
10:73:67:a7:7e:ce:7f:9f:4a:a5:c2:a2:75:ad:ec:e7:a9:7c:
c8:d1:d8:43:02:5a:fc:82:26:72:e7:f7:6e:e1:c8:df:ac:a6:
ec:2e:1c:38:f7:2b:fb:ff:ef:25:8f:61:e7:df:56:6d:9a:ea:
32:f2:48:5a:64:58:8b:4c:27:0b:ce:12:68:70:63:82:9d:86:
2a:f8:8f:f7:c4:bb:d8:70:77:3b:d0:dc:c9:2e:33:49:a3:da:
a8:fe:a4:0c:f0:5c:af:41:0f:0a:36:0a:0d:a2:0a:5d:06:a7:
0f:42:59:f2:26:ba:c4:45:79:5a:c5:19:89:c8:46:d2:6d:ad:
88:f8:34:6e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQnR5pUWrDibj8PtW+zh8dDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YmRlYzk5ZDg5NTY1YTYzNGE3YjJjNTQwMWZlZDdhYzQ3
YmYyMzIwHhcNMjUwMTAyMTM0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTFkYmRlYTcyYzI0YTliNGY4M2FhYWFkMjVmYTE4OGQ4MTI4M2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJX+/pvuFqTkVTNUSFKpDSwdo1lP
e0pjbii3IJJatxD5CACIlC3bZSvUOOHNmNMpS3dYLNQVFNOxcXEF8YkGeSwsZei7
lsklwu7Mu94Td7zs9Sgp6G5bdC0QEHM6vOBM+bunAevibmx0A3m3p4ST9ey1sKQc
aHwMNC3P51bsCEjWQI+MKcMcrir0e8dko2EbVxvYS9gzqqqqjXWB2J3iDmKQKTA1
UDpHoz2c4/72x2gcIaYXyqCbGZqp1CMV0zXdWLk/vvAoaP8c7Mus0xc1kvU5glDE
WMCnIZ2IpzfBhZG1zsbP0vDGcScc7W+qNMb3MdtU5jyI+y0IuF0cr0SVJQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHodvepywkqbT4OqqtJfoYjYEoPLMB8GA1UdIwQY
MBaAFCa97JnYlWWmNKeyxUAf7XrEe/IyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnIzc21kaVZaYVkwcDdMRlFCX3Rlc1I3OGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9jNTdkYzItY2ZhOS00MmI5LWI5Yzct
N2YyMDEyMTJkODgzLzEvZWgyOTZuTENTcHRQZzZxcTBsLWhpTmdTZzhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9jNTdkYzItY2ZhOS00MmI5LWI5YzctN2YyMDEyMTJkODgz
LzEvSnIzc21kaVZaYVkwcDdMRlFCX3Rlc1I3OGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQFPnCgAwQF
PpEgAwMAwHEDBATZc+AwDQQCAAIwBwMFACoBZ8AwDQYJKoZIhvcNAQELBQADggEB
ABeofJbl1//gPKjbq1Fzz97OXafZoGHdGTK2DwRKkakrb22z0qOXHPs5K/33dQWk
9CqwT6ODMVwmuPEi10BUYWkLMcFZmJlHBZx4BfFwS1CKWSqcothwjTsLuVs8kO6e
RPaD6NUplfzLa3Q48FbPAcYHBlXaL60R4rj7di6nxBBzZ6d+zn+fSqXConWt7Oep
fMjR2EMCWvyCJnLn927hyN+spuwuHDj3K/v/7yWPYeffVm2a6jLySFpkWItMJwvO
EmhwY4Kdhir4j/fEu9hwdzvQ3MkuM0mj2qj+pAzwXK9BDwo2Cg2iCl0Gpw9CWfIm
usRFeVrFGYnIRtJtrYj4NG4=
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:44:53 2025 by rpki-client