Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/1eZlwD4fnzVx_ZuiX-KY-unzRYA.roa
File: 1eZlwD4fnzVx_ZuiX-KY-unzRYA.roa (raw, json)
Hash identifier: FfjJukJvNSQzT9n6wjLCsM9xDWFdpCKe+CsdvwMwZRs=
Subject key identifier: D5:E6:65:C0:3E:1F:9F:35:71:FD:9B:A2:5F:E2:98:FA:E9:F3:45:80
Certificate issuer: /CN=493a2d48376330a582faf3e3032ef7b0bcca33e8
Certificate serial: 019754EAB7F556A88E66FC7B862DFFFD1256
Authority key identifier: 49:3A:2D:48:37:63:30:A5:82:FA:F3:E3:03:2E:F7:B0:BC:CA:33:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STotSDdjMKWC-vPjAy73sLzKM-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/1eZlwD4fnzVx_ZuiX-KY-unzRYA.roa
Signing time: Mon 09 Jun 2025 13:39:17 +0000
ROA not before: Mon 09 Jun 2025 13:39:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8565
IP address blocks: 62.244.82.0/23 maxlen: 23
62.244.100.0/22 maxlen: 24
62.244.104.0/22 maxlen: 22
62.244.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/STotSDdjMKWC-vPjAy73sLzKM-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/STotSDdjMKWC-vPjAy73sLzKM-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/STotSDdjMKWC-vPjAy73sLzKM-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:54:ea:b7:f5:56:a8:8e:66:fc:7b:86:2d:ff:fd:12:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=493a2d48376330a582faf3e3032ef7b0bcca33e8
Validity
Not Before: Jun 9 13:39:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5e665c03e1f9f3571fd9ba25fe298fae9f34580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e2:c4:d9:e0:82:0a:68:e2:2e:fc:01:92:da:
5e:9a:a5:13:c2:da:dd:be:11:92:ba:09:f7:59:2d:
6b:c4:09:22:ca:4e:35:e4:a0:0d:53:af:93:90:3d:
3d:d9:09:19:40:f3:2c:a1:e9:b9:a4:36:88:f0:76:
ed:6f:f0:21:2c:37:6f:76:f8:58:1b:7b:83:32:2d:
0d:ca:5d:af:d8:d1:ec:26:1f:ba:bf:71:0e:df:1e:
fe:47:67:70:ee:f4:de:78:69:47:bd:56:eb:7b:a5:
9d:07:de:95:b2:b8:72:fd:11:76:2d:a1:cb:54:3b:
47:0d:b7:b5:3f:a7:8a:b2:c1:8e:bc:05:db:c1:54:
b5:d8:05:af:23:30:a1:99:b0:ac:a8:5f:95:f4:b7:
d4:f6:ac:22:90:a5:c0:84:15:c3:3c:8c:82:43:ff:
67:5e:37:7a:3f:76:8d:10:66:19:ca:cc:a6:cc:03:
03:d8:20:99:2a:a4:de:66:9c:4b:c3:7d:80:7d:87:
db:b3:67:f0:ab:d5:ac:67:44:33:1c:96:7b:0a:8a:
33:4a:36:42:1c:9a:aa:6e:c1:26:41:b8:dd:7e:8c:
ba:5d:6a:e4:87:88:83:ab:fe:50:f5:92:01:85:56:
52:ea:d5:8d:58:79:d3:d2:3b:b7:6b:d3:b9:f9:19:
aa:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E6:65:C0:3E:1F:9F:35:71:FD:9B:A2:5F:E2:98:FA:E9:F3:45:80
X509v3 Authority Key Identifier:
keyid:49:3A:2D:48:37:63:30:A5:82:FA:F3:E3:03:2E:F7:B0:BC:CA:33:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STotSDdjMKWC-vPjAy73sLzKM-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/1eZlwD4fnzVx_ZuiX-KY-unzRYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/STotSDdjMKWC-vPjAy73sLzKM-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.244.82.0/23
62.244.100.0-62.244.107.255
62.244.120.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:5d:f7:2b:72:32:1f:c6:d3:c8:3d:8a:d4:a4:43:1b:77:9d:
1b:6b:90:5a:f8:8b:e5:b8:f3:7d:c3:6c:c0:28:12:72:4c:d3:
b3:21:73:07:f5:47:e0:38:f3:81:84:2f:b5:57:bf:d7:d9:7e:
70:44:00:b5:fd:2b:7e:07:f1:9f:25:4b:06:f6:dc:eb:0c:44:
58:b4:69:2b:8a:5e:d0:bc:e3:34:45:48:e2:cb:0e:b8:ec:9c:
7d:5d:78:e7:8f:b4:98:d5:ed:ed:5a:d1:ab:38:9a:17:91:16:
fa:43:c7:d8:8e:25:3f:c0:b8:5b:90:23:30:ba:20:a0:ce:e0:
47:a8:57:48:cd:f3:cd:83:a8:eb:f4:8a:d1:a0:1d:76:db:34:
2a:cd:e9:a0:37:f6:8b:81:36:39:0e:2d:e6:80:e1:d9:e6:f6:
39:10:fe:e7:df:10:a3:6a:e2:83:64:7c:b8:b8:39:0c:41:47:
92:8d:1e:52:71:9e:38:f7:c1:4b:10:3b:b4:ac:4e:c9:11:b8:
e4:73:6f:21:bf:35:8f:5b:11:44:9c:b3:3c:68:d6:51:3c:38:
7d:65:5b:5d:c6:f9:3f:4d:4c:f3:1e:cd:78:38:12:0d:ff:c2:
c2:9c:59:c7:88:59:71:50:5f:bb:24:48:5a:2d:57:c0:60:8e:
1a:25:86:cc
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZdU6rf1VqiOZvx7hi3//RJWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5M2EyZDQ4Mzc2MzMwYTU4MmZhZjNlMzAzMmVmN2IwYmNj
YTMzZTgwHhcNMjUwNjA5MTMzOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWU2NjVjMDNlMWY5ZjM1NzFmZDliYTI1ZmUyOThmYWU5ZjM0NTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+LE2eCCCmjiLvwBktpemqUTwtrd
vhGSugn3WS1rxAkiyk415KANU6+TkD092QkZQPMsoem5pDaI8Hbtb/AhLDdvdvhY
G3uDMi0Nyl2v2NHsJh+6v3EO3x7+R2dw7vTeeGlHvVbre6WdB96Vsrhy/RF2LaHL
VDtHDbe1P6eKssGOvAXbwVS12AWvIzChmbCsqF+V9LfU9qwikKXAhBXDPIyCQ/9n
Xjd6P3aNEGYZysymzAMD2CCZKqTeZpxLw32AfYfbs2fwq9WsZ0QzHJZ7CoozSjZC
HJqqbsEmQbjdfoy6XWrkh4iDq/5Q9ZIBhVZS6tWNWHnT0ju3a9O5+RmqWwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNXmZcA+H581cf2bol/imPrp80WAMB8GA1UdIwQY
MBaAFEk6LUg3YzClgvrz4wMu97C8yjPoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RvdFNEZGpNS1dDLXZQakF5NzNzTHpLTS1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9kNzY1YTQtNTRlYi00MTBkLThmM2Qt
Njg5YmE0ZDMzYzRiLzEvMWVabHdENGZuelZ4X1p1aVgtS1ktdW56UllBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9kNzY1YTQtNTRlYi00MTBkLThmM2QtNjg5YmE0ZDMzYzRi
LzEvU1RvdFNEZGpNS1dDLXZQakF5NzNzTHpLTS1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBPvRSMAwD
BAI+9GQDBAI+9GgDBAI+9HgwDQYJKoZIhvcNAQELBQADggEBADxd9ytyMh/G08g9
itSkQxt3nRtrkFr4i+W4833DbMAoEnJM07Mhcwf1R+A484GEL7VXv9fZfnBEALX9
K34H8Z8lSwb23OsMRFi0aSuKXtC84zRFSOLLDrjsnH1deOePtJjV7e1a0as4mheR
FvpDx9iOJT/AuFuQIzC6IKDO4EeoV0jN882DqOv0itGgHXbbNCrN6aA39ouBNjkO
LeaA4dnm9jkQ/uffEKNq4oNkfLi4OQxBR5KNHlJxnjj3wUsQO7SsTskRuORzbyG/
NY9bEUScszxo1lE8OH1lW13G+T9NTPMezXg4Eg3/wsKcWceIWXFQX7skSFotV8Bg
jholhsw=
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:42:32 2025 by rpki-client