Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/f852ac-9e98-45b7-877f-229e2cb0f66c/1/ayiC7c9JSDSYAte-6gKWmswRL1g.roa
File: ayiC7c9JSDSYAte-6gKWmswRL1g.roa (raw, json)
Hash identifier: N4Ywh1vQ8Z6soe1aZWnO6hNzvUy4X9gXJ0IBilSgbak=
Subject key identifier: 6B:28:82:ED:CF:49:48:34:98:02:D7:BE:EA:02:96:9A:CC:11:2F:58
Certificate issuer: /CN=fde76ca85e96541a5add3cacaf1e5e114faa47ef
Certificate serial: 0196805FE53B411A67B990D43A20AB3084AA
Authority key identifier: FD:E7:6C:A8:5E:96:54:1A:5A:DD:3C:AC:AF:1E:5E:11:4F:AA:47:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_edsqF6WVBpa3Tysrx5eEU-qR-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/f852ac-9e98-45b7-877f-229e2cb0f66c/1/ayiC7c9JSDSYAte-6gKWmswRL1g.roa
Signing time: Tue 29 Apr 2025 07:08:10 +0000
ROA not before: Tue 29 Apr 2025 07:08:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209665
IP address blocks: 62.32.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/f852ac-9e98-45b7-877f-229e2cb0f66c/1/_edsqF6WVBpa3Tysrx5eEU-qR-8.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/f852ac-9e98-45b7-877f-229e2cb0f66c/1/_edsqF6WVBpa3Tysrx5eEU-qR-8.mft
rsync://rpki.ripe.net/repository/DEFAULT/_edsqF6WVBpa3Tysrx5eEU-qR-8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:5f:e5:3b:41:1a:67:b9:90:d4:3a:20:ab:30:84:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fde76ca85e96541a5add3cacaf1e5e114faa47ef
Validity
Not Before: Apr 29 07:08:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b2882edcf4948349802d7beea02969acc112f58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:93:28:22:74:96:06:65:e1:25:51:76:29:f7:
35:94:75:98:d3:ff:de:ac:52:a7:bd:d4:fa:4e:e3:
1f:8d:9f:84:bc:27:f3:e3:e0:a1:e4:d2:32:28:f2:
93:48:c8:99:08:55:07:20:70:7a:d9:31:db:4a:b2:
fe:aa:3d:0f:a8:b7:2d:37:95:c3:aa:05:12:1b:8d:
06:ba:85:ce:7f:97:fb:67:e9:fc:2c:2b:6d:46:eb:
00:67:89:6b:69:28:e4:e7:67:a5:45:b7:7e:08:e7:
4a:07:6a:b7:6a:85:23:a1:e7:cc:e7:87:84:40:de:
4a:72:59:a0:54:e7:dc:76:f4:55:1a:a5:2d:e2:b5:
c1:db:f7:d9:0d:4e:7c:19:01:7e:29:ff:e1:5d:73:
00:83:11:ca:d2:91:e1:f1:03:e8:47:73:c3:c1:0e:
c9:b0:22:2f:c2:f7:63:37:2d:00:ca:15:cd:d0:38:
d3:68:27:6a:a7:43:d5:47:4c:9d:e1:0e:75:ce:de:
43:3f:9e:bc:57:34:99:35:4e:3c:88:a8:d2:5a:fd:
b1:4d:1b:c8:4a:f5:38:82:b4:62:13:66:fe:2a:80:
0b:9a:44:68:bd:cb:4b:a4:e4:5d:8e:22:f6:02:21:
dc:a4:12:d9:48:c9:ad:d0:fb:82:63:2b:ea:3f:56:
a4:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:28:82:ED:CF:49:48:34:98:02:D7:BE:EA:02:96:9A:CC:11:2F:58
X509v3 Authority Key Identifier:
keyid:FD:E7:6C:A8:5E:96:54:1A:5A:DD:3C:AC:AF:1E:5E:11:4F:AA:47:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_edsqF6WVBpa3Tysrx5eEU-qR-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/f852ac-9e98-45b7-877f-229e2cb0f66c/1/ayiC7c9JSDSYAte-6gKWmswRL1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/f852ac-9e98-45b7-877f-229e2cb0f66c/1/_edsqF6WVBpa3Tysrx5eEU-qR-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.32.78.0/24
Signature Algorithm: sha256WithRSAEncryption
24:e0:99:e9:dd:72:49:e4:69:01:73:5a:1b:99:3d:d8:c5:91:
8e:38:07:36:35:46:ca:d2:c6:c4:49:2e:75:a0:25:ba:48:c5:
b5:bc:e0:56:35:a8:e2:b1:e3:4c:4b:d4:3c:6a:74:87:f5:1a:
35:99:32:bc:fd:ef:bf:af:1d:51:c3:37:f3:28:20:04:b5:21:
ca:34:32:27:c6:19:8a:7d:09:f3:ee:aa:cf:57:7d:d3:15:4f:
95:12:78:33:71:eb:64:c4:f7:4f:6c:8d:a1:ea:f1:16:67:97:
9e:d5:e1:62:1a:ab:a9:7d:d7:6e:33:4e:d8:9a:6f:b1:75:dd:
5d:4e:4d:ed:c0:4e:98:dc:77:14:da:00:6c:63:40:ea:f1:89:
72:a3:5b:85:06:91:cf:1c:a1:f6:8c:44:c6:e1:34:cb:e0:b9:
c6:0f:aa:f9:9f:4d:b0:81:1c:d5:11:5f:9b:40:1e:a7:41:0d:
2d:04:27:61:d7:a4:51:3e:87:1f:31:08:1c:2e:97:30:9d:25:
b5:fa:ed:56:50:58:2d:ad:ca:c4:d1:b2:c4:01:d0:88:1f:18:
83:8f:fb:9d:60:74:26:be:96:41:94:0d:82:1f:11:42:05:68:
0c:9c:73:9e:42:90:38:0c:5a:ab:ac:be:14:ac:ea:ce:52:d4:
31:f0:77:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaAX+U7QRpnuZDUOiCrMISqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZTc2Y2E4NWU5NjU0MWE1YWRkM2NhY2FmMWU1ZTExNGZh
YTQ3ZWYwHhcNMjUwNDI5MDcwODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjI4ODJlZGNmNDk0ODM0OTgwMmQ3YmVlYTAyOTY5YWNjMTEyZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ZMoInSWBmXhJVF2Kfc1lHWY0//e
rFKnvdT6TuMfjZ+EvCfz4+Ch5NIyKPKTSMiZCFUHIHB62THbSrL+qj0PqLctN5XD
qgUSG40GuoXOf5f7Z+n8LCttRusAZ4lraSjk52elRbd+COdKB2q3aoUjoefM54eE
QN5KclmgVOfcdvRVGqUt4rXB2/fZDU58GQF+Kf/hXXMAgxHK0pHh8QPoR3PDwQ7J
sCIvwvdjNy0AyhXN0DjTaCdqp0PVR0yd4Q51zt5DP568VzSZNU48iKjSWv2xTRvI
SvU4grRiE2b+KoALmkRovctLpORdjiL2AiHcpBLZSMmt0PuCYyvqP1aktwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGsogu3PSUg0mALXvuoClprMES9YMB8GA1UdIwQY
MBaAFP3nbKhellQaWt08rK8eXhFPqkfvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2Vkc3FGNldWQnBhM1R5c3J4NWVFVS1xUi04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9mODUyYWMtOWU5OC00NWI3LTg3N2Yt
MjI5ZTJjYjBmNjZjLzEvYXlpQzdjOUpTRFNZQXRlLTZnS1dtc3dSTDFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9mODUyYWMtOWU5OC00NWI3LTg3N2YtMjI5ZTJjYjBmNjZj
LzEvX2Vkc3FGNldWQnBhM1R5c3J4NWVFVS1xUi04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPiBOMA0G
CSqGSIb3DQEBCwUAA4IBAQAk4Jnp3XJJ5GkBc1obmT3YxZGOOAc2NUbK0sbESS51
oCW6SMW1vOBWNajiseNMS9Q8anSH9Ro1mTK8/e+/rx1RwzfzKCAEtSHKNDInxhmK
fQnz7qrPV33TFU+VEngzcetkxPdPbI2h6vEWZ5ee1eFiGqupfdduM07Ymm+xdd1d
Tk3twE6Y3HcU2gBsY0Dq8Ylyo1uFBpHPHKH2jETG4TTL4LnGD6r5n02wgRzVEV+b
QB6nQQ0tBCdh16RRPocfMQgcLpcwnSW1+u1WUFgtrcrE0bLEAdCIHxiDj/udYHQm
vpZBlA2CHxFCBWgMnHOeQpA4DFqrrL4UrOrOUtQx8HdW
-----END CERTIFICATE-----
Generated at Mon May 5 08:47:26 2025 by rpki-client