Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/rUMbEaveLhPfnGp8S1EuIFh_Ny0.roa
File: rUMbEaveLhPfnGp8S1EuIFh_Ny0.roa (raw, json)
Hash identifier: Rpl4ZhDAJ9/RLjXYjsOMIQDgPlMMARN+6/PLOaLRVCA=
Subject key identifier: AD:43:1B:11:AB:DE:2E:13:DF:9C:6A:7C:4B:51:2E:20:58:7F:37:2D
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 019744BEB30DC3CA3DC3725FF5F66520311A
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/rUMbEaveLhPfnGp8S1EuIFh_Ny0.roa
Signing time: Fri 06 Jun 2025 10:17:17 +0000
ROA not before: Fri 06 Jun 2025 10:17:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 62.60.148.0/22 maxlen: 24
62.60.152.0/23 maxlen: 24
62.60.154.0/23 maxlen: 24
62.60.156.0/22 maxlen: 24
62.60.176.0/22 maxlen: 24
62.60.186.0/24 maxlen: 24
62.60.216.0/23 maxlen: 24
62.60.228.0/22 maxlen: 24
62.60.235.0/24 maxlen: 24
62.60.236.0/22 maxlen: 24
62.60.240.0/22 maxlen: 24
62.60.244.0/22 maxlen: 24
62.60.248.0/22 maxlen: 24
62.60.252.0/22 maxlen: 24
213.176.64.0/22 maxlen: 24
213.176.74.0/23 maxlen: 24
213.176.92.0/22 maxlen: 24
213.176.112.0/22 maxlen: 24
213.176.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 16:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:be:b3:0d:c3:ca:3d:c3:72:5f:f5:f6:65:20:31:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jun 6 10:17:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad431b11abde2e13df9c6a7c4b512e20587f372d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:df:df:bf:f6:4e:39:10:12:59:a8:5f:ef:8b:
e8:56:ec:bb:5d:fc:9a:42:02:b8:c6:0e:2b:67:2e:
f6:0a:60:33:51:35:04:25:5b:a9:9e:f6:de:46:7c:
31:60:d2:d5:30:18:23:09:4f:2f:45:4c:8c:ba:07:
e1:a7:dd:a0:ad:76:b9:bc:ee:5b:99:63:b7:af:70:
6a:2f:79:fb:4e:da:f9:b6:a8:47:4f:b7:49:5f:2a:
eb:0a:6f:96:d0:e9:f9:07:ee:31:15:4a:22:44:e9:
35:af:6b:1f:c0:6a:26:2e:d8:8e:bb:4b:fb:ef:50:
31:30:69:ef:bf:13:ca:d3:23:55:d8:26:ae:8d:54:
0f:d8:00:68:09:73:73:64:b1:b2:4e:a4:c5:a3:5d:
56:e0:90:92:29:f7:22:dd:7c:2c:70:cb:b6:9c:1a:
f5:3f:fb:5d:5e:01:ce:38:ac:0c:a7:ca:31:20:92:
63:10:56:f3:08:74:2d:50:af:76:c6:89:b9:44:aa:
ea:50:e5:38:ed:b8:c1:36:c3:91:c6:35:39:4c:bd:
0b:68:32:5c:4e:c5:f6:ea:26:89:d7:b3:b4:af:8b:
a7:f6:8b:6d:0e:51:e7:19:a3:d9:55:18:f4:9e:0b:
4b:9a:54:69:22:1a:af:6f:24:ff:1c:c7:95:54:e2:
0d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:43:1B:11:AB:DE:2E:13:DF:9C:6A:7C:4B:51:2E:20:58:7F:37:2D
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/rUMbEaveLhPfnGp8S1EuIFh_Ny0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.148.0-62.60.159.255
62.60.176.0/22
62.60.186.0/24
62.60.216.0/23
62.60.228.0/22
62.60.235.0-62.60.255.255
213.176.64.0/22
213.176.74.0/23
213.176.92.0/22
213.176.112.0/21
Signature Algorithm: sha256WithRSAEncryption
ba:1d:d7:fa:7c:0c:f2:89:57:fe:05:3f:08:13:9c:e9:4e:90:
a9:14:44:fd:1b:ef:d0:eb:33:fc:21:7a:7d:7b:9c:82:90:df:
82:2d:bd:15:0c:d7:22:98:40:89:45:30:cc:e7:5e:20:a9:e3:
37:e6:fc:57:b7:e3:09:ec:89:05:79:de:5b:98:17:7c:a3:ed:
19:d9:a3:eb:4b:0a:fb:1b:34:cb:20:77:0e:1f:4a:4f:65:56:
cf:77:b0:a7:f3:27:5d:ca:76:c8:19:a6:19:5d:c0:74:38:30:
68:46:9e:86:b3:27:59:d2:66:91:76:f1:92:7e:b5:21:ef:eb:
10:05:70:fd:45:d7:e5:53:cc:85:d9:2b:ec:f0:4f:ae:19:ab:
74:67:a6:14:c9:21:98:af:c6:4e:a4:c1:8f:98:f4:fc:e0:81:
22:8c:6d:87:c0:f9:74:e4:f5:fb:ed:21:ef:e5:50:4c:10:c2:
8a:d7:21:c6:37:ee:ec:a1:b3:8c:09:16:6a:da:10:12:9e:ca:
25:ff:84:3b:c6:9e:1e:60:c8:ae:76:64:e5:c3:d9:4c:43:6c:
1e:d9:16:9d:e1:55:ba:b5:94:30:5c:c1:d5:00:cd:db:0c:38:
35:36:46:9e:41:23:ab:c7:46:13:70:6a:24:cf:e9:c3:5f:8a:
36:7e:b1:14
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZdEvrMNw8o9w3Jf9fZlIDEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjUwNjA2MTAxNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDQzMWIxMWFiZGUyZTEzZGY5YzZhN2M0YjUxMmUyMDU4N2YzNzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwd/fv/ZOORASWahf74voVuy7Xfya
QgK4xg4rZy72CmAzUTUEJVupnvbeRnwxYNLVMBgjCU8vRUyMugfhp92grXa5vO5b
mWO3r3BqL3n7Ttr5tqhHT7dJXyrrCm+W0On5B+4xFUoiROk1r2sfwGomLtiOu0v7
71AxMGnvvxPK0yNV2CaujVQP2ABoCXNzZLGyTqTFo11W4JCSKfci3XwscMu2nBr1
P/tdXgHOOKwMp8oxIJJjEFbzCHQtUK92xom5RKrqUOU47bjBNsORxjU5TL0LaDJc
TsX26iaJ17O0r4un9ottDlHnGaPZVRj0ngtLmlRpIhqvbyT/HMeVVOINoQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFK1DGxGr3i4T35xqfEtRLiBYfzctMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvclVNYkVhdmVMaFBmbkdwOFMxRXVJRmhfTnkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBRBAIAATBLMAwDBAI+PJQD
BAU+PIADBAI+PLADBAA+PLoDBAE+PNgDBAI+POQwCwMEAD486wMDAD48AwQC1bBA
AwQB1bBKAwQC1bBcAwQD1bBwMA0GCSqGSIb3DQEBCwUAA4IBAQC6Hdf6fAzyiVf+
BT8IE5zpTpCpFET9G+/Q6zP8IXp9e5yCkN+CLb0VDNcimECJRTDM514gqeM35vxX
t+MJ7IkFed5bmBd8o+0Z2aPrSwr7GzTLIHcOH0pPZVbPd7Cn8yddynbIGaYZXcB0
ODBoRp6GsydZ0maRdvGSfrUh7+sQBXD9RdflU8yF2Svs8E+uGat0Z6YUySGYr8ZO
pMGPmPT84IEijG2HwPl05PX77SHv5VBMEMKK1yHGN+7sobOMCRZq2hASnsol/4Q7
xp4eYMiudmTlw9lMQ2we2Rad4VW6tZQwXMHVAM3bDDg1NkaeQSOrx0YTcGokz+nD
X4o2frEU
-----END CERTIFICATE-----
Generated at Sun Jun 15 03:13:34 2025 by rpki-client