Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/bD2SAAEzWCy4lWSCmFzr4hw1d7s.roa
File: bD2SAAEzWCy4lWSCmFzr4hw1d7s.roa (raw, json)
Hash identifier: aC+JJdvU405HpSAkN2TfP/lT6lKsDuegh69FtZjHtjE=
Subject key identifier: 6C:3D:92:00:01:33:58:2C:B8:95:64:82:98:5C:EB:E2:1C:35:77:BB
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019854A8CCEEF57CE65A5010E4172155C4D2
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/bD2SAAEzWCy4lWSCmFzr4hw1d7s.roa
Signing time: Tue 29 Jul 2025 05:30:05 +0000
ROA not before: Tue 29 Jul 2025 05:30:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60798
IP address blocks: 62.169.133.0/24 maxlen: 24
124.198.130.0/24 maxlen: 24
155.2.213.0/24 maxlen: 24
158.173.132.0/24 maxlen: 24
185.102.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:54:a8:cc:ee:f5:7c:e6:5a:50:10:e4:17:21:55:c4:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jul 29 05:30:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c3d92000133582cb8956482985cebe21c3577bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:19:27:58:85:86:31:41:cb:26:af:22:be:b1:
56:3e:16:7c:b6:4b:f3:93:76:43:95:fb:bc:ff:13:
ed:0a:ab:b1:de:b6:23:b2:cc:a0:9f:ef:61:c6:01:
25:8b:8e:0d:a1:f1:31:dc:e0:19:db:d5:4d:f9:6b:
99:19:a3:db:43:ef:cc:0c:40:0f:dd:f9:e5:03:55:
fa:c6:67:8d:bd:10:1a:d3:ac:74:8b:bf:07:da:54:
ed:23:50:71:a7:21:84:67:09:82:d9:25:53:ce:61:
17:14:51:26:af:b0:92:a5:69:cf:f8:48:64:9c:7b:
a4:de:a3:5e:fe:f3:62:d1:ca:c2:01:a4:e6:2f:e9:
44:7d:8c:5d:f6:9d:16:e5:2d:ea:74:b0:18:f5:05:
47:26:1e:7e:8d:e4:c1:54:0d:59:e5:88:68:20:8c:
47:ae:dc:02:4e:f3:e2:7f:ef:cd:12:06:1a:51:a5:
3c:6f:04:68:70:fd:c4:8b:fc:e8:ed:4c:ea:75:17:
7f:c5:b3:78:cf:c5:a4:9d:8f:de:38:83:8c:1d:ac:
7a:0f:4b:9c:b6:62:6e:2b:6b:ac:15:b5:ed:8b:bc:
fb:ef:a9:65:45:cd:a9:0b:94:6e:ba:a4:5e:99:53:
7a:2e:f0:6c:4e:48:17:31:79:59:ee:cc:92:41:8a:
e5:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:3D:92:00:01:33:58:2C:B8:95:64:82:98:5C:EB:E2:1C:35:77:BB
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/bD2SAAEzWCy4lWSCmFzr4hw1d7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.169.133.0/24
124.198.130.0/24
155.2.213.0/24
158.173.132.0/24
185.102.169.0/24
Signature Algorithm: sha256WithRSAEncryption
62:5c:df:a6:37:d5:e6:ec:a8:62:49:d8:bd:75:93:aa:cb:cf:
01:04:b0:69:68:ca:33:c1:ac:b7:e6:9d:88:ee:06:89:05:fe:
77:3a:42:2f:6d:9b:cf:8f:21:c9:24:d0:14:4b:3b:f4:3a:1f:
a2:00:a5:c7:f2:ef:34:0f:7f:74:b7:1b:2d:3a:91:6b:e9:10:
5c:30:86:4c:15:51:0a:15:d7:27:1a:e0:f3:b7:c0:92:e5:a0:
f8:17:e2:c6:82:78:2f:d4:fc:7a:85:5c:f4:34:6f:5d:43:57:
9b:f2:23:2a:82:52:36:84:f3:af:48:b0:cb:2d:9d:0a:a5:ac:
86:c2:da:de:28:6d:d3:fe:8b:b5:b3:3a:ae:89:66:99:5c:5a:
55:67:32:12:1b:e0:c6:85:50:37:53:08:ad:53:90:b4:75:7c:
e7:84:ab:4e:0d:03:58:d1:ac:9d:00:8a:0b:be:12:9e:ed:af:
e4:69:67:40:a8:e2:04:94:c1:22:0f:1b:97:13:6b:c2:a9:94:
56:8d:67:1b:80:39:27:6b:1e:bc:08:9f:f2:6e:2e:09:19:74:
5e:8b:97:b2:22:38:12:3d:36:d9:d2:b3:ad:a0:2c:61:e7:98:
54:d5:b3:8a:dc:3b:c6:0d:24:51:1d:5b:7b:c7:00:8f:9e:08:
fe:87:50:e1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZhUqMzu9XzmWlAQ5BchVcTSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNzI5MDUzMDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzNkOTIwMDAxMzM1ODJjYjg5NTY0ODI5ODVjZWJlMjFjMzU3N2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7BknWIWGMUHLJq8ivrFWPhZ8tkvz
k3ZDlfu8/xPtCqux3rYjssygn+9hxgEli44NofEx3OAZ29VN+WuZGaPbQ+/MDEAP
3fnlA1X6xmeNvRAa06x0i78H2lTtI1BxpyGEZwmC2SVTzmEXFFEmr7CSpWnP+Ehk
nHuk3qNe/vNi0crCAaTmL+lEfYxd9p0W5S3qdLAY9QVHJh5+jeTBVA1Z5YhoIIxH
rtwCTvPif+/NEgYaUaU8bwRocP3Ei/zo7UzqdRd/xbN4z8WknY/eOIOMHax6D0uc
tmJuK2usFbXti7z776llRc2pC5RuuqRemVN6LvBsTkgXMXlZ7sySQYrl8wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGw9kgABM1gsuJVkgphc6+IcNXe7MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvYkQyU0FBRXpXQ3k0bFdTQ21GenI0aHcxZDdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAPqmFAwQA
fMaCAwQAmwLVAwQAnq2EAwQAuWapMA0GCSqGSIb3DQEBCwUAA4IBAQBiXN+mN9Xm
7KhiSdi9dZOqy88BBLBpaMozway35p2I7gaJBf53OkIvbZvPjyHJJNAUSzv0Oh+i
AKXH8u80D390txstOpFr6RBcMIZMFVEKFdcnGuDzt8CS5aD4F+LGgngv1Px6hVz0
NG9dQ1eb8iMqglI2hPOvSLDLLZ0KpayGwtreKG3T/ou1szquiWaZXFpVZzISG+DG
hVA3UwitU5C0dXznhKtODQNY0aydAIoLvhKe7a/kaWdAqOIElMEiDxuXE2vCqZRW
jWcbgDknax68CJ/ybi4JGXRei5eyIjgSPTbZ0rOtoCxh55hU1bOK3DvGDSRRHVt7
xwCPngj+h1Dh
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:43:55 2025 by rpki-client