Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/18b52b-5011-4309-bfbf-6eaa1c89824a/1/I-Uqa1zPH3U2lg8ZFnzuOmPnTWg.roa
File: I-Uqa1zPH3U2lg8ZFnzuOmPnTWg.roa (raw, json)
Hash identifier: u740YP79Lg/XA3U3RRNbSWSMGjpptyvItjaGSDwTCrE=
Subject key identifier: 23:E5:2A:6B:5C:CF:1F:75:36:96:0F:19:16:7C:EE:3A:63:E7:4D:68
Certificate issuer: /CN=b236f2e42522e98d376be38a89e5dd51abbf7996
Certificate serial: 0196666DBEF623A99E770C59FFBF2921AA8A
Authority key identifier: B2:36:F2:E4:25:22:E9:8D:37:6B:E3:8A:89:E5:DD:51:AB:BF:79:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sjby5CUi6Y03a-OKieXdUau_eZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/18b52b-5011-4309-bfbf-6eaa1c89824a/1/I-Uqa1zPH3U2lg8ZFnzuOmPnTWg.roa
Signing time: Thu 24 Apr 2025 06:13:10 +0000
ROA not before: Thu 24 Apr 2025 06:13:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31027
IP address blocks: 62.122.160.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/18b52b-5011-4309-bfbf-6eaa1c89824a/1/sjby5CUi6Y03a-OKieXdUau_eZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/18b52b-5011-4309-bfbf-6eaa1c89824a/1/sjby5CUi6Y03a-OKieXdUau_eZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sjby5CUi6Y03a-OKieXdUau_eZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:66:6d:be:f6:23:a9:9e:77:0c:59:ff:bf:29:21:aa:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b236f2e42522e98d376be38a89e5dd51abbf7996
Validity
Not Before: Apr 24 06:13:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23e52a6b5ccf1f7536960f19167cee3a63e74d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:db:62:bd:64:e0:ed:73:a9:2d:ec:55:99:06:
b3:0e:99:49:a4:f6:0e:c4:85:56:a4:23:ff:9f:16:
e9:f6:fa:49:f9:28:da:8c:49:fc:af:c2:f2:63:f6:
6b:de:c2:b4:aa:c5:10:da:d0:a5:e8:ec:a2:d2:88:
41:22:8a:d2:e8:2a:ea:a8:9d:de:23:fc:61:27:ea:
b2:5a:38:b1:3f:75:26:a8:71:a3:7e:f4:49:f9:db:
d4:8f:31:59:3f:ea:ad:bc:1e:dd:c7:5e:d1:5c:2d:
2f:ff:01:40:11:4a:4a:7d:49:fd:06:83:83:68:d3:
5c:e9:22:1e:cc:64:9d:47:ce:b6:93:dd:d5:a5:c4:
dc:d3:47:bc:69:70:79:24:1c:3d:63:04:72:e7:9f:
1a:71:1f:ef:9b:84:d0:a5:0e:06:e6:58:12:a2:f8:
c1:7e:8f:06:e7:fb:da:ed:d7:0c:0a:f9:e0:83:c9:
d9:a7:f1:af:4e:5d:12:94:8f:a4:31:2f:83:78:bf:
0b:37:32:3e:40:31:d2:af:e9:cd:8f:57:b2:c2:25:
fa:ed:8a:9e:e6:97:29:76:5f:3d:8e:bc:c6:27:26:
07:f5:5b:20:d5:95:24:03:86:3a:28:b3:22:54:8c:
bc:5c:93:54:cf:77:f3:03:35:5f:cf:a7:a6:89:38:
c3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E5:2A:6B:5C:CF:1F:75:36:96:0F:19:16:7C:EE:3A:63:E7:4D:68
X509v3 Authority Key Identifier:
keyid:B2:36:F2:E4:25:22:E9:8D:37:6B:E3:8A:89:E5:DD:51:AB:BF:79:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sjby5CUi6Y03a-OKieXdUau_eZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/18b52b-5011-4309-bfbf-6eaa1c89824a/1/I-Uqa1zPH3U2lg8ZFnzuOmPnTWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/18b52b-5011-4309-bfbf-6eaa1c89824a/1/sjby5CUi6Y03a-OKieXdUau_eZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.122.160.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:4e:c9:42:67:21:69:86:00:44:75:4b:d7:e3:36:de:63:91:
e9:d6:c5:6b:55:70:6b:f2:65:a5:ea:58:7c:1d:4b:2e:c4:93:
d7:33:7f:17:0e:52:bf:e0:86:9d:fa:b5:52:8b:b2:e9:b7:75:
12:d1:dd:4e:63:33:85:c7:7d:ca:75:e0:ea:d0:02:19:a9:01:
1d:48:9c:b2:96:a2:65:74:02:3f:58:f2:9f:2e:ab:30:c4:4b:
e1:1f:6e:67:dc:bd:2d:29:32:21:09:32:ed:82:02:5e:1a:90:
38:ca:b5:12:73:2d:5f:1e:80:25:9b:af:4e:de:c3:65:94:99:
14:f1:68:00:ac:3a:f9:84:4c:28:b8:7c:3c:04:86:ad:77:e9:
ed:a8:ae:3a:ba:b2:e6:b2:0c:ad:52:29:b0:a5:23:ef:2d:e4:
84:14:41:66:55:e0:c5:4b:3e:a9:c5:fe:40:79:82:5a:67:27:
6a:61:a8:19:5f:14:ac:1d:9a:f7:5c:3a:92:50:7a:7d:f2:cb:
ec:f9:4c:37:74:dd:f9:1f:6f:4b:08:75:41:ec:a6:b5:b2:36:
53:17:20:d1:ab:0d:be:15:2f:c6:ef:87:49:45:8d:11:d4:17:
3d:b1:eb:f1:d9:04:68:18:b1:d7:1d:7f:5c:36:20:14:51:01:
60:87:b1:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZmbb72I6medwxZ/78pIaqKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMzZmMmU0MjUyMmU5OGQzNzZiZTM4YTg5ZTVkZDUxYWJi
Zjc5OTYwHhcNMjUwNDI0MDYxMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2U1MmE2YjVjY2YxZjc1MzY5NjBmMTkxNjdjZWUzYTYzZTc0ZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNtivWTg7XOpLexVmQazDplJpPYO
xIVWpCP/nxbp9vpJ+SjajEn8r8LyY/Zr3sK0qsUQ2tCl6Oyi0ohBIorS6CrqqJ3e
I/xhJ+qyWjixP3UmqHGjfvRJ+dvUjzFZP+qtvB7dx17RXC0v/wFAEUpKfUn9BoOD
aNNc6SIezGSdR862k93VpcTc00e8aXB5JBw9YwRy558acR/vm4TQpQ4G5lgSovjB
fo8G5/va7dcMCvngg8nZp/GvTl0SlI+kMS+DeL8LNzI+QDHSr+nNj1eywiX67Yqe
5pcpdl89jrzGJyYH9Vsg1ZUkA4Y6KLMiVIy8XJNUz3fzAzVfz6emiTjDrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCPlKmtczx91NpYPGRZ87jpj501oMB8GA1UdIwQY
MBaAFLI28uQlIumNN2vjionl3VGrv3mWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2pieTVDVWk2WTAzYS1PS2llWGRVYXVfZVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8xOGI1MmItNTAxMS00MzA5LWJmYmYt
NmVhYTFjODk4MjRhLzEvSS1VcWExelBIM1UybGc4WkZuenVPbVBuVFdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8xOGI1MmItNTAxMS00MzA5LWJmYmYtNmVhYTFjODk4MjRh
LzEvc2pieTVDVWk2WTAzYS1PS2llWGRVYXVfZVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPnqgMA0G
CSqGSIb3DQEBCwUAA4IBAQAsTslCZyFphgBEdUvX4zbeY5Hp1sVrVXBr8mWl6lh8
HUsuxJPXM38XDlK/4Iad+rVSi7Lpt3US0d1OYzOFx33KdeDq0AIZqQEdSJyylqJl
dAI/WPKfLqswxEvhH25n3L0tKTIhCTLtggJeGpA4yrUScy1fHoAlm69O3sNllJkU
8WgArDr5hEwouHw8BIatd+ntqK46urLmsgytUimwpSPvLeSEFEFmVeDFSz6pxf5A
eYJaZydqYagZXxSsHZr3XDqSUHp98svs+Uw3dN35H29LCHVB7Ka1sjZTFyDRqw2+
FS/G74dJRY0R1Bc9sevx2QRoGLHXHX9cNiAUUQFgh7FY
-----END CERTIFICATE-----
Generated at Sat May 3 04:04:13 2025 by rpki-client