Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/9577f8-b8b8-4994-b855-a98ef3008580/1/nhH0f8YrsZbPIXW8xTSorKAhQWg.roa
File: nhH0f8YrsZbPIXW8xTSorKAhQWg.roa (raw, json)
Hash identifier: UkA3IcBbEJENHBzSBQlkD9Qpnz5ghpEJH4gNaI8ZrkE=
Subject key identifier: 9E:11:F4:7F:C6:2B:B1:96:CF:21:75:BC:C5:34:A8:AC:A0:21:41:68
Certificate issuer: /CN=ce56360624cc1b4c49da72bc325f5bb6ab4d8300
Certificate serial: 019716F0463564967A46E723DFA51F7BC0EB
Authority key identifier: CE:56:36:06:24:CC:1B:4C:49:DA:72:BC:32:5F:5B:B6:AB:4D:83:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zlY2BiTMG0xJ2nK8Ml9btqtNgwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/9577f8-b8b8-4994-b855-a98ef3008580/1/nhH0f8YrsZbPIXW8xTSorKAhQWg.roa
Signing time: Wed 28 May 2025 12:48:54 +0000
ROA not before: Wed 28 May 2025 12:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25530
IP address blocks: 62.113.32.0/23 maxlen: 24
62.113.33.0/24 maxlen: 24
62.113.34.0/23 maxlen: 23
62.113.38.0/24 maxlen: 24
62.113.40.0/24 maxlen: 24
62.113.45.0/24 maxlen: 24
62.113.46.0/24 maxlen: 24
62.113.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/9577f8-b8b8-4994-b855-a98ef3008580/1/zlY2BiTMG0xJ2nK8Ml9btqtNgwA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/9577f8-b8b8-4994-b855-a98ef3008580/1/zlY2BiTMG0xJ2nK8Ml9btqtNgwA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zlY2BiTMG0xJ2nK8Ml9btqtNgwA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:16:f0:46:35:64:96:7a:46:e7:23:df:a5:1f:7b:c0:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce56360624cc1b4c49da72bc325f5bb6ab4d8300
Validity
Not Before: May 28 12:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e11f47fc62bb196cf2175bcc534a8aca0214168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:93:dd:89:77:8b:d5:b9:8e:44:41:29:26:31:
3c:6e:5d:34:ff:22:9b:7c:68:f3:8a:98:e0:6c:ea:
84:0a:d3:c0:17:60:1d:5c:8f:9a:63:87:6d:12:75:
99:e0:d4:b0:75:ed:6e:80:9b:98:d6:82:a2:d0:2b:
08:b2:19:ff:0d:74:ae:2e:94:9a:21:3c:7b:93:bc:
1c:ce:47:d2:15:57:c7:7f:d7:93:96:b6:ec:a7:bc:
97:a4:6d:cd:3f:11:92:b3:39:92:4a:db:4e:b0:07:
ec:bb:f7:2e:4f:bc:0e:4e:55:cc:91:79:44:4b:3c:
cb:73:71:d2:37:08:5e:6d:4a:1d:a5:77:92:2a:4e:
f0:64:8c:06:cc:3e:6c:7f:02:18:e2:15:1e:d7:6f:
e4:e1:4e:5d:6c:68:c9:23:f3:12:dc:06:70:15:6a:
be:bf:d6:7f:98:43:d7:e9:69:5e:da:ce:fb:4a:52:
23:2b:46:ef:5f:3f:76:23:03:74:84:d6:ed:bc:de:
83:6f:a6:1d:80:fc:54:02:39:c2:fd:f3:b5:28:37:
7a:2b:b6:9a:7d:58:fa:91:69:90:a8:23:5c:24:84:
58:03:1f:5a:a5:53:83:cc:49:43:c4:79:7f:95:d1:
a7:9f:99:0e:34:01:46:75:75:26:7d:bc:3b:36:78:
7a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:11:F4:7F:C6:2B:B1:96:CF:21:75:BC:C5:34:A8:AC:A0:21:41:68
X509v3 Authority Key Identifier:
keyid:CE:56:36:06:24:CC:1B:4C:49:DA:72:BC:32:5F:5B:B6:AB:4D:83:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zlY2BiTMG0xJ2nK8Ml9btqtNgwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/9577f8-b8b8-4994-b855-a98ef3008580/1/nhH0f8YrsZbPIXW8xTSorKAhQWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/9577f8-b8b8-4994-b855-a98ef3008580/1/zlY2BiTMG0xJ2nK8Ml9btqtNgwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.113.32.0/22
62.113.38.0/24
62.113.40.0/24
62.113.45.0-62.113.47.255
Signature Algorithm: sha256WithRSAEncryption
14:9f:89:9b:36:e7:1b:a5:e8:cd:67:34:01:94:07:51:ed:60:
e9:77:f6:77:48:d0:6e:ee:8e:8f:66:a3:12:5c:13:e1:7a:6c:
42:6f:27:78:6b:ab:1d:25:40:be:3a:ef:93:9e:a6:27:33:d2:
8c:83:a4:5e:3b:7d:91:a3:c8:c1:1a:9e:93:37:f7:1e:60:2c:
28:90:cd:b3:c0:55:8d:06:b3:1d:9c:8e:97:27:45:b6:04:7d:
62:59:42:38:9f:95:67:3f:24:5f:62:74:1a:a0:ef:c3:4f:9d:
30:c0:c6:49:ff:eb:57:c7:4e:c8:d0:e7:df:a7:0b:f4:44:ed:
14:79:e8:63:09:e6:9a:3e:74:85:e8:c1:b3:f2:b6:a0:7e:55:
cc:c3:55:f8:94:79:63:28:1b:13:00:ac:c4:8d:69:44:8e:fc:
cd:02:81:ed:98:58:52:a0:46:fb:a6:9f:a6:6c:11:5f:a4:af:
b4:b5:7e:f3:3a:91:35:57:42:0e:b9:2e:d9:71:40:90:4f:51:
0c:b2:a7:c9:fb:b5:f3:9c:49:5a:b1:05:0c:27:59:08:96:16:
b7:cc:5a:77:38:5f:1b:02:50:08:f0:4f:98:76:9b:b4:01:f7:
fc:15:d3:97:4b:70:49:21:77:28:8c:82:ac:bb:37:f5:5d:3f:
d3:a3:d7:3c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZcW8EY1ZJZ6Rucj36Ufe8DrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNTYzNjA2MjRjYzFiNGM0OWRhNzJiYzMyNWY1YmI2YWI0
ZDgzMDAwHhcNMjUwNTI4MTI0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTExZjQ3ZmM2MmJiMTk2Y2YyMTc1YmNjNTM0YThhY2EwMjE0MTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZPdiXeL1bmOREEpJjE8bl00/yKb
fGjzipjgbOqECtPAF2AdXI+aY4dtEnWZ4NSwde1ugJuY1oKi0CsIshn/DXSuLpSa
ITx7k7wczkfSFVfHf9eTlrbsp7yXpG3NPxGSszmSSttOsAfsu/cuT7wOTlXMkXlE
SzzLc3HSNwhebUodpXeSKk7wZIwGzD5sfwIY4hUe12/k4U5dbGjJI/MS3AZwFWq+
v9Z/mEPX6Wle2s77SlIjK0bvXz92IwN0hNbtvN6Db6YdgPxUAjnC/fO1KDd6K7aa
fVj6kWmQqCNcJIRYAx9apVODzElDxHl/ldGnn5kONAFGdXUmfbw7Nnh6QQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJ4R9H/GK7GWzyF1vMU0qKygIUFoMB8GA1UdIwQY
MBaAFM5WNgYkzBtMSdpyvDJfW7arTYMAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemxZMkJpVE1HMHhKMm5LOE1sOWJ0cXROZ3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi85NTc3ZjgtYjhiOC00OTk0LWI4NTUt
YTk4ZWYzMDA4NTgwLzEvbmhIMGY4WXJzWmJQSVhXOHhUU29yS0FoUVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi85NTc3ZjgtYjhiOC00OTk0LWI4NTUtYTk4ZWYzMDA4NTgw
LzEvemxZMkJpVE1HMHhKMm5LOE1sOWJ0cXROZ3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCPnEgAwQA
PnEmAwQAPnEoMAwDBAA+cS0DBAQ+cSAwDQYJKoZIhvcNAQELBQADggEBABSfiZs2
5xul6M1nNAGUB1HtYOl39ndI0G7ujo9moxJcE+F6bEJvJ3hrqx0lQL4675Oepicz
0oyDpF47fZGjyMEanpM39x5gLCiQzbPAVY0Gsx2cjpcnRbYEfWJZQjiflWc/JF9i
dBqg78NPnTDAxkn/61fHTsjQ59+nC/RE7RR56GMJ5po+dIXowbPytqB+VczDVfiU
eWMoGxMArMSNaUSO/M0Cge2YWFKgRvumn6ZsEV+kr7S1fvM6kTVXQg65LtlxQJBP
UQyyp8n7tfOcSVqxBQwnWQiWFrfMWnc4XxsCUAjwT5h2m7QB9/wV05dLcEkhdyiM
gqy7N/VdP9Oj1zw=
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:37:39 2025 by rpki-client