Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/63Cq2H6CdgVKSgqlVNNQY-1NDtM.roa
File: 63Cq2H6CdgVKSgqlVNNQY-1NDtM.roa (raw, json)
Hash identifier: ujfNPZf+WzGbz7PFSXs15VYZu00jxaloGF/aQBU8Sic=
Subject key identifier: EB:70:AA:D8:7E:82:76:05:4A:4A:0A:A5:54:D3:50:63:ED:4D:0E:D3
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01965DF21E71343CE769D2ED2DBA53CC88CE
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/63Cq2H6CdgVKSgqlVNNQY-1NDtM.roa
Signing time: Tue 22 Apr 2025 14:41:10 +0000
ROA not before: Tue 22 Apr 2025 14:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136501
IP address blocks: 217.60.0.0/21 maxlen: 24
217.60.8.0/21 maxlen: 24
217.60.24.0/22 maxlen: 24
217.60.32.0/21 maxlen: 24
217.60.44.0/22 maxlen: 24
217.60.56.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 19:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5d:f2:1e:71:34:3c:e7:69:d2:ed:2d:ba:53:cc:88:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 22 14:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb70aad87e8276054a4a0aa554d35063ed4d0ed3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9b:29:d3:24:37:67:ae:c4:65:43:11:20:c5:
fa:83:bc:30:03:a2:9e:0f:fe:5d:95:b5:dd:79:f0:
04:9c:02:14:38:fe:50:cc:fc:fb:79:71:48:f7:ff:
05:42:d9:fd:16:c7:0e:29:9b:e9:14:b2:b7:4a:a8:
43:7b:f2:6c:db:e0:49:0f:4a:6b:09:60:46:2e:47:
30:fc:c6:0e:2e:a2:c2:17:fe:9b:e2:4a:4d:26:05:
e2:7f:7d:b5:2f:07:ad:b0:63:a9:d0:5d:27:7b:80:
bd:66:53:d1:0f:f2:64:f2:27:af:ee:b9:88:45:ed:
3a:77:4a:32:ae:f1:b2:a1:04:ff:54:d5:a8:ff:f3:
55:56:7e:8e:2a:b8:2a:42:be:b9:63:3b:df:4a:51:
94:64:ee:c4:eb:89:69:e6:65:06:9f:d8:7d:e2:cf:
9e:bb:38:4f:11:24:88:7d:76:58:87:08:63:0a:81:
26:59:70:22:49:14:85:38:cd:5b:47:10:4f:bc:8d:
a6:7c:10:17:f7:bf:8f:cc:2b:1e:cf:08:96:61:a4:
b5:0f:b3:59:80:9f:b0:af:db:c8:aa:31:4a:9d:c8:
3e:2b:64:2e:30:cc:9c:ae:26:9b:51:1e:8e:ac:8e:
7a:86:a1:ec:30:fd:81:0e:a1:d6:f5:08:71:0f:19:
63:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:70:AA:D8:7E:82:76:05:4A:4A:0A:A5:54:D3:50:63:ED:4D:0E:D3
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/63Cq2H6CdgVKSgqlVNNQY-1NDtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.0.0/20
217.60.24.0/22
217.60.32.0/21
217.60.44.0/22
217.60.56.0/21
Signature Algorithm: sha256WithRSAEncryption
95:b0:71:57:5d:dc:d5:18:43:c3:0c:eb:81:68:ab:5f:a0:c8:
7d:e1:44:c8:36:fd:78:14:8d:cf:12:d4:6c:b8:1f:6b:30:c7:
27:25:ff:a3:93:74:3a:f6:d1:3b:e5:29:dd:f8:b2:ce:0d:71:
82:3f:41:a0:bc:4f:a6:6e:10:c2:6c:f7:a6:3d:33:31:a9:09:
99:09:02:0a:a8:b2:bc:3e:c7:a1:f7:40:d1:fe:25:df:94:7b:
a9:11:b3:3f:67:40:8a:8b:31:3f:87:a1:ac:a0:be:c4:73:92:
c8:ea:ca:e9:14:f4:f4:8c:49:29:d4:06:bb:ec:7a:dd:e3:16:
2c:2e:54:51:a6:57:08:85:44:c1:3f:34:b0:4a:6b:28:ca:6f:
81:9e:b2:27:f2:eb:c6:f5:6c:f3:f5:d0:f1:f6:a6:91:3a:a0:
e9:23:e2:5b:06:fa:cc:4b:ec:d4:5c:4a:1f:ed:95:96:a2:39:
6a:16:f4:77:32:36:f6:3c:d1:cc:ca:ed:ea:8b:5e:09:74:07:
49:c1:62:2f:b7:38:ca:b1:22:e6:42:53:ec:e3:89:4e:b6:58:
3e:f6:72:cd:a4:7e:3a:50:f3:63:95:15:dd:60:c1:2a:af:79:
8d:e0:6f:97:a7:8b:9a:e9:1a:de:3f:91:60:be:4a:15:17:f2:
4f:8f:5b:cd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZZd8h5xNDznadLtLbpTzIjOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDIyMTQ0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjcwYWFkODdlODI3NjA1NGE0YTBhYTU1NGQzNTA2M2VkNGQwZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpsp0yQ3Z67EZUMRIMX6g7wwA6Ke
D/5dlbXdefAEnAIUOP5QzPz7eXFI9/8FQtn9FscOKZvpFLK3SqhDe/Js2+BJD0pr
CWBGLkcw/MYOLqLCF/6b4kpNJgXif321LwetsGOp0F0ne4C9ZlPRD/Jk8iev7rmI
Re06d0oyrvGyoQT/VNWo//NVVn6OKrgqQr65YzvfSlGUZO7E64lp5mUGn9h94s+e
uzhPESSIfXZYhwhjCoEmWXAiSRSFOM1bRxBPvI2mfBAX97+PzCsezwiWYaS1D7NZ
gJ+wr9vIqjFKncg+K2QuMMycriabUR6OrI56hqHsMP2BDqHW9QhxDxljpwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOtwqth+gnYFSkoKpVTTUGPtTQ7TMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNjNDcTJINkNkZ1ZLU2dxbFZOTlFZLTFORHRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQE2TwAAwQC
2TwYAwQD2TwgAwQC2TwsAwQD2Tw4MA0GCSqGSIb3DQEBCwUAA4IBAQCVsHFXXdzV
GEPDDOuBaKtfoMh94UTINv14FI3PEtRsuB9rMMcnJf+jk3Q69tE75Snd+LLODXGC
P0GgvE+mbhDCbPemPTMxqQmZCQIKqLK8Pseh90DR/iXflHupEbM/Z0CKizE/h6Gs
oL7Ec5LI6srpFPT0jEkp1Aa77Hrd4xYsLlRRplcIhUTBPzSwSmsoym+BnrIn8uvG
9Wzz9dDx9qaROqDpI+JbBvrMS+zUXEof7ZWWojlqFvR3Mjb2PNHMyu3qi14JdAdJ
wWIvtzjKsSLmQlPs44lOtlg+9nLNpH46UPNjlRXdYMEqr3mN4G+Xp4ua6RreP5Fg
vkoVF/JPj1vN
-----END CERTIFICATE-----
Generated at Sun Apr 27 04:06:27 2025 by rpki-client