Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/jD20aZmi_BXkx_t4OhIGj8PD8Xs.roa
File: jD20aZmi_BXkx_t4OhIGj8PD8Xs.roa (raw, json)
Hash identifier: HTlOKXfj+hdlSIyPVlb3We94XddbrwPK92+WGXKz8K0=
Subject key identifier: 8C:3D:B4:69:99:A2:FC:15:E4:C7:FB:78:3A:12:06:8F:C3:C3:F1:7B
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 0197BA54B392DD9462B683A8F5A05DA8FFC9
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/jD20aZmi_BXkx_t4OhIGj8PD8Xs.roa
Signing time: Sun 29 Jun 2025 06:16:42 +0000
ROA not before: Sun 29 Jun 2025 06:16:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 62.60.148.0/22 maxlen: 24
62.60.152.0/23 maxlen: 24
62.60.154.0/23 maxlen: 24
62.60.156.0/22 maxlen: 24
62.60.172.0/22 maxlen: 24
62.60.176.0/22 maxlen: 24
62.60.186.0/24 maxlen: 24
62.60.216.0/23 maxlen: 24
62.60.228.0/22 maxlen: 24
62.60.235.0/24 maxlen: 24
62.60.236.0/22 maxlen: 24
62.60.240.0/22 maxlen: 24
62.60.244.0/22 maxlen: 24
62.60.248.0/22 maxlen: 24
62.60.252.0/22 maxlen: 24
213.176.64.0/22 maxlen: 24
213.176.74.0/23 maxlen: 24
213.176.92.0/22 maxlen: 24
213.176.112.0/22 maxlen: 24
213.176.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ba:54:b3:92:dd:94:62:b6:83:a8:f5:a0:5d:a8:ff:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jun 29 06:16:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c3db46999a2fc15e4c7fb783a12068fc3c3f17b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:cd:c5:69:04:87:ae:b7:58:e0:63:1c:b5:3f:
72:b7:59:4a:21:33:43:61:a9:25:c6:a3:63:cb:56:
ab:13:ad:4b:74:28:42:be:c9:e2:0a:db:cb:66:01:
d9:51:94:aa:89:46:21:26:24:bb:2b:f4:7b:84:a4:
36:87:53:e4:a4:fb:f7:69:df:21:a6:fe:66:2e:0a:
2b:08:ad:78:0f:7e:e0:cf:de:8b:03:b2:0c:ca:93:
ef:06:74:3b:f3:02:58:2d:e0:04:ea:77:42:f6:c6:
3a:30:90:fe:c7:54:2f:67:73:59:64:83:64:1d:cb:
06:35:0e:0b:fd:bc:9b:d2:79:ac:2e:e8:7f:4c:a7:
10:d4:8a:70:1f:4f:ce:50:66:56:63:4e:e7:b6:b3:
65:ed:75:55:b7:c0:db:a5:d2:6f:41:d8:87:04:ec:
ae:e1:79:6d:bf:f1:ee:83:d2:0d:93:d8:ec:ab:76:
32:80:c0:75:6c:58:52:a4:4c:f8:ea:22:b9:92:02:
0f:27:42:39:7b:92:a6:69:ba:cf:e3:60:55:fb:7d:
b7:ab:9c:9c:72:34:42:78:b2:1a:06:9b:b2:bb:29:
78:04:d0:ad:9e:3c:aa:c7:09:89:71:9e:de:b2:f4:
48:09:fb:fd:1b:76:2f:64:07:8e:f1:fd:b2:e2:54:
1c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:3D:B4:69:99:A2:FC:15:E4:C7:FB:78:3A:12:06:8F:C3:C3:F1:7B
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/jD20aZmi_BXkx_t4OhIGj8PD8Xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.148.0-62.60.159.255
62.60.172.0-62.60.179.255
62.60.186.0/24
62.60.216.0/23
62.60.228.0/22
62.60.235.0-62.60.255.255
213.176.64.0/22
213.176.74.0/23
213.176.92.0/22
213.176.112.0/21
Signature Algorithm: sha256WithRSAEncryption
8f:b3:41:1c:b0:7c:85:fe:b7:94:07:8c:6d:53:75:6e:80:2d:
9a:18:fd:88:07:6a:d8:80:e5:37:ef:2a:5c:f9:4b:f1:af:45:
c9:a4:91:0a:26:62:f9:61:5a:f0:b6:7e:f3:6c:b7:1c:4d:b4:
06:9a:1a:3d:80:1d:4e:b1:93:98:d9:85:9d:c6:0f:d8:57:3d:
51:fb:9c:41:44:59:c1:c5:6e:24:f3:e7:d7:45:86:f1:df:09:
9a:2d:90:25:43:db:7a:c2:77:c8:86:8e:ff:58:85:55:46:8e:
bb:12:fe:54:86:c8:a4:1d:2c:81:c1:2c:8f:ee:1a:51:3d:55:
73:f2:78:19:ab:1c:60:23:23:f0:6f:b5:d4:35:44:6f:81:b6:
21:ae:2e:ca:c6:80:5d:05:20:f0:7f:6a:17:0d:db:e2:e9:77:
11:78:1c:d7:5b:d4:04:0b:7a:85:7e:be:e3:f3:42:59:17:6d:
92:ec:a2:ac:66:76:63:ba:e4:69:1a:70:d9:4b:6c:d6:5e:0d:
7a:1d:b8:23:93:4d:a5:b0:3b:c8:4e:5f:e1:f3:de:2b:d0:58:
38:b5:ac:05:32:a6:52:13:78:01:01:79:3f:d0:ad:80:21:27:
6e:af:03:da:b2:6c:85:94:3a:bd:6b:29:3a:6e:3c:6f:26:4c:
15:8a:e2:e5
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZe6VLOS3ZRitoOo9aBdqP/JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjUwNjI5MDYxNjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzNkYjQ2OTk5YTJmYzE1ZTRjN2ZiNzgzYTEyMDY4ZmMzYzNmMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5s3FaQSHrrdY4GMctT9yt1lKITND
YaklxqNjy1arE61LdChCvsniCtvLZgHZUZSqiUYhJiS7K/R7hKQ2h1PkpPv3ad8h
pv5mLgorCK14D37gz96LA7IMypPvBnQ78wJYLeAE6ndC9sY6MJD+x1QvZ3NZZINk
HcsGNQ4L/byb0nmsLuh/TKcQ1IpwH0/OUGZWY07ntrNl7XVVt8DbpdJvQdiHBOyu
4Xltv/Hug9INk9jsq3YygMB1bFhSpEz46iK5kgIPJ0I5e5KmabrP42BV+323q5yc
cjRCeLIaBpuyuyl4BNCtnjyqxwmJcZ7esvRICfv9G3YvZAeO8f2y4lQc9wIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFIw9tGmZovwV5Mf7eDoSBo/Dw/F7MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvakQyMGFabWlfQlhreF90NE9oSUdqOFBEOFhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBZBAIAATBTMAwDBAI+PJQD
BAU+PIAwDAMEAj48rAMEAj48sAMEAD48ugMEAT482AMEAj485DALAwQAPjzrAwMA
PjwDBALVsEADBAHVsEoDBALVsFwDBAPVsHAwDQYJKoZIhvcNAQELBQADggEBAI+z
QRywfIX+t5QHjG1TdW6ALZoY/YgHatiA5TfvKlz5S/GvRcmkkQomYvlhWvC2fvNs
txxNtAaaGj2AHU6xk5jZhZ3GD9hXPVH7nEFEWcHFbiTz59dFhvHfCZotkCVD23rC
d8iGjv9YhVVGjrsS/lSGyKQdLIHBLI/uGlE9VXPyeBmrHGAjI/BvtdQ1RG+BtiGu
LsrGgF0FIPB/ahcN2+LpdxF4HNdb1AQLeoV+vuPzQlkXbZLsoqxmdmO65GkacNlL
bNZeDXoduCOTTaWwO8hOX+Hz3ivQWDi1rAUyplITeAEBeT/QrYAhJ26vA9qybIWU
Or1rKTpuPG8mTBWK4uU=
-----END CERTIFICATE-----
Generated at Mon Jun 30 09:54:54 2025 by rpki-client