Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/361bae-ab14-4aab-bb8f-7418b92aa209/1/aU__37kt8ckO_YJQdDxx1zfJXr4.roa
File: aU__37kt8ckO_YJQdDxx1zfJXr4.roa (raw, json)
Hash identifier: G2q1R6crWsWgIzSolrfZ7On3iNyzuy0vug1zXtUIFQY=
Subject key identifier: 69:4F:FF:DF:B9:2D:F1:C9:0E:FD:82:50:74:3C:71:D7:37:C9:5E:BE
Certificate issuer: /CN=c0520cecba251cd37cdf3c4d5ab03625522bbaac
Certificate serial: 0194221FE6FD00F4FD2480457E8E01E84A99
Authority key identifier: C0:52:0C:EC:BA:25:1C:D3:7C:DF:3C:4D:5A:B0:36:25:52:2B:BA:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wFIM7LolHNN83zxNWrA2JVIruqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/361bae-ab14-4aab-bb8f-7418b92aa209/1/aU__37kt8ckO_YJQdDxx1zfJXr4.roa
Signing time: Wed 01 Jan 2025 13:48:23 +0000
ROA not before: Wed 01 Jan 2025 13:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48744
IP address blocks: 62.122.8.0/22 maxlen: 22
62.122.8.0/24 maxlen: 24
62.122.9.0/24 maxlen: 24
62.122.10.0/24 maxlen: 24
62.122.11.0/24 maxlen: 24
62.122.12.0/22 maxlen: 22
62.122.12.0/24 maxlen: 24
62.122.13.0/24 maxlen: 24
62.122.14.0/24 maxlen: 24
62.122.15.0/24 maxlen: 24
185.240.124.0/23 maxlen: 23
185.240.124.0/24 maxlen: 24
185.240.126.0/23 maxlen: 23
185.240.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/361bae-ab14-4aab-bb8f-7418b92aa209/1/wFIM7LolHNN83zxNWrA2JVIruqw.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/361bae-ab14-4aab-bb8f-7418b92aa209/1/wFIM7LolHNN83zxNWrA2JVIruqw.mft
rsync://rpki.ripe.net/repository/DEFAULT/wFIM7LolHNN83zxNWrA2JVIruqw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:e6:fd:00:f4:fd:24:80:45:7e:8e:01:e8:4a:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0520cecba251cd37cdf3c4d5ab03625522bbaac
Validity
Not Before: Jan 1 13:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=694fffdfb92df1c90efd8250743c71d737c95ebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:70:1d:f9:dd:f9:19:67:34:63:8f:8f:bc:f8:
66:0a:79:d4:83:d6:46:ef:b6:9b:7e:d4:7a:8c:a5:
73:31:00:37:3f:ca:8c:bb:88:80:7b:f2:30:2f:1b:
7c:83:43:e3:ab:11:f1:89:92:e1:1f:3d:af:a8:a9:
ed:e2:bd:30:a0:50:09:e1:91:2b:7c:e2:5a:15:6f:
e6:6e:cf:81:f7:06:3f:98:77:77:fb:77:7a:99:bf:
4d:9f:f4:92:cd:3e:65:e3:41:db:0c:dc:6c:66:50:
1c:49:ed:79:47:bd:35:02:97:02:5c:31:c9:92:6c:
b6:ff:7d:f0:76:2f:33:71:2e:8e:05:d6:57:45:59:
c4:2e:a5:f4:0a:6e:fe:5f:bb:09:78:1d:14:7a:d5:
9d:95:84:2c:55:36:ce:1d:43:91:d3:2b:7d:5e:e3:
b8:c5:f7:fa:96:93:9a:88:f2:2c:e3:60:9f:6f:f7:
38:09:21:b0:a1:4b:0c:89:99:d1:d9:15:30:62:1c:
aa:95:34:e1:66:74:ce:49:77:da:5d:88:c5:25:b1:
da:2e:0d:7b:1f:45:9e:6a:2f:13:dd:96:fa:ca:fc:
1a:b8:c2:c4:4d:f2:cb:d0:aa:04:02:c3:9d:fb:af:
e8:f2:c4:57:69:73:2c:8c:88:30:ae:53:61:d9:5b:
5d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:4F:FF:DF:B9:2D:F1:C9:0E:FD:82:50:74:3C:71:D7:37:C9:5E:BE
X509v3 Authority Key Identifier:
keyid:C0:52:0C:EC:BA:25:1C:D3:7C:DF:3C:4D:5A:B0:36:25:52:2B:BA:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wFIM7LolHNN83zxNWrA2JVIruqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/361bae-ab14-4aab-bb8f-7418b92aa209/1/aU__37kt8ckO_YJQdDxx1zfJXr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/361bae-ab14-4aab-bb8f-7418b92aa209/1/wFIM7LolHNN83zxNWrA2JVIruqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.122.8.0/21
185.240.124.0/22
Signature Algorithm: sha256WithRSAEncryption
06:dc:cc:63:d6:1a:ca:48:01:9a:8e:8c:79:d4:63:39:8d:1c:
6d:20:17:2c:96:a4:95:27:6f:50:95:15:66:85:21:14:ba:b7:
e4:d0:ca:f0:4c:06:69:a8:12:6e:74:7a:d5:7f:9b:16:c2:68:
10:fb:42:1e:36:17:77:18:6b:8c:1c:ce:ff:38:f7:f3:85:d0:
bc:a0:d8:71:9e:7f:7a:30:8c:e8:fc:56:de:a8:a2:17:ca:17:
06:0b:45:d1:45:d7:de:a5:e9:de:45:7d:06:fa:89:2b:df:e3:
7e:55:66:46:44:75:cf:83:30:47:a3:7c:10:ff:6e:88:16:3c:
ae:f4:d2:6f:a6:a9:06:f8:a3:93:48:90:f2:5f:e2:40:b3:fb:
a1:73:77:46:9d:43:df:2d:50:99:c7:0c:29:c8:55:5d:a9:8e:
67:e6:38:a7:a3:39:55:24:58:6b:d6:a2:47:25:13:cb:d6:3c:
9d:d9:c7:f3:ab:e7:1f:b9:f5:ec:71:2c:3f:2e:f7:f2:c4:f6:
63:a0:2e:a5:07:1c:cb:5a:fc:31:1a:4d:84:ba:61:1e:25:b9:
df:fc:bb:b6:7f:04:96:c8:14:5d:86:68:8e:a5:31:2d:61:2d:
e1:47:3a:a4:10:89:af:b0:04:7e:ef:06:90:44:51:f9:d4:15:
62:df:39:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH+b9APT9JIBFfo4B6EqZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNTIwY2VjYmEyNTFjZDM3Y2RmM2M0ZDVhYjAzNjI1NTIy
YmJhYWMwHhcNMjUwMTAxMTM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTRmZmZkZmI5MmRmMWM5MGVmZDgyNTA3NDNjNzFkNzM3Yzk1ZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHAd+d35GWc0Y4+PvPhmCnnUg9ZG
77abftR6jKVzMQA3P8qMu4iAe/IwLxt8g0PjqxHxiZLhHz2vqKnt4r0woFAJ4ZEr
fOJaFW/mbs+B9wY/mHd3+3d6mb9Nn/SSzT5l40HbDNxsZlAcSe15R701ApcCXDHJ
kmy2/33wdi8zcS6OBdZXRVnELqX0Cm7+X7sJeB0UetWdlYQsVTbOHUOR0yt9XuO4
xff6lpOaiPIs42Cfb/c4CSGwoUsMiZnR2RUwYhyqlTThZnTOSXfaXYjFJbHaLg17
H0Weai8T3Zb6yvwauMLETfLL0KoEAsOd+6/o8sRXaXMsjIgwrlNh2VtdyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGlP/9+5LfHJDv2CUHQ8cdc3yV6+MB8GA1UdIwQY
MBaAFMBSDOy6JRzTfN88TVqwNiVSK7qsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0ZJTTdMb2xITk44M3p4TldyQTJKVklydXF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zNjFiYWUtYWIxNC00YWFiLWJiOGYt
NzQxOGI5MmFhMjA5LzEvYVVfXzM3a3Q4Y2tPX1lKUWREeHgxemZKWHI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zNjFiYWUtYWIxNC00YWFiLWJiOGYtNzQxOGI5MmFhMjA5
LzEvd0ZJTTdMb2xITk44M3p4TldyQTJKVklydXF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDPnoIAwQC
ufB8MA0GCSqGSIb3DQEBCwUAA4IBAQAG3Mxj1hrKSAGajox51GM5jRxtIBcslqSV
J29QlRVmhSEUurfk0MrwTAZpqBJudHrVf5sWwmgQ+0IeNhd3GGuMHM7/OPfzhdC8
oNhxnn96MIzo/FbeqKIXyhcGC0XRRdfepeneRX0G+okr3+N+VWZGRHXPgzBHo3wQ
/26IFjyu9NJvpqkG+KOTSJDyX+JAs/uhc3dGnUPfLVCZxwwpyFVdqY5n5jinozlV
JFhr1qJHJRPL1jyd2cfzq+cfufXscSw/LvfyxPZjoC6lBxzLWvwxGk2EumEeJbnf
/Lu2fwSWyBRdhmiOpTEtYS3hRzqkEImvsAR+7waQRFH51BVi3znf
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:22:55 2025 by rpki-client