Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/07NWID6jL0m5jirJinvrrEJ4kNU.roa
File: 07NWID6jL0m5jirJinvrrEJ4kNU.roa (raw, json)
Hash identifier: 9WZ9BexeSLxuwcQaPTctipRPoq8r5S6vpHcmIv4h3eg=
Subject key identifier: D3:B3:56:20:3E:A3:2F:49:B9:8E:2A:C9:8A:7B:EB:AC:42:78:90:D5
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 018CD56AB09769671775D8A34E5D48CE7D78
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/07NWID6jL0m5jirJinvrrEJ4kNU.roa
Signing time: Thu 04 Jan 2024 16:59:48 +0000
ROA not before: Thu 04 Jan 2024 16:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10557
IP address blocks: 203.17.237.0/24 maxlen: 24
203.78.164.0/24 maxlen: 24
203.78.163.0/24 maxlen: 24
203.78.161.0/24 maxlen: 24
203.78.166.0/23 maxlen: 23
94.156.40.0/23 maxlen: 23
94.156.43.0/24 maxlen: 24
37.61.225.0/24 maxlen: 24
192.175.2.0/24 maxlen: 24
94.156.132.0/23 maxlen: 23
94.156.145.0/24 maxlen: 24
37.60.142.0/24 maxlen: 24
37.61.230.0/24 maxlen: 24
94.156.62.0/23 maxlen: 23
87.120.247.0/24 maxlen: 24
158.120.252.0/23 maxlen: 23
188.212.110.0/24 maxlen: 24
94.156.224.0/23 maxlen: 23
203.25.139.0/24 maxlen: 24
31.13.214.0/24 maxlen: 24
87.121.102.0/24 maxlen: 24
93.123.25.0/24 maxlen: 24
87.120.58.0/24 maxlen: 24
87.120.62.0/24 maxlen: 24
93.123.111.0/24 maxlen: 24
198.160.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d5:6a:b0:97:69:67:17:75:d8:a3:4e:5d:48:ce:7d:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Jan 4 16:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3b356203ea32f49b98e2ac98a7bebac427890d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:79:b6:3d:c8:55:1b:dc:40:cc:a2:dd:06:d0:
f0:b1:cd:b4:d5:ae:57:ee:8f:9e:fa:cd:17:8a:87:
f2:14:bb:23:0e:f4:d5:ed:f6:d7:2d:18:c9:8a:73:
d3:d2:29:4a:ee:13:6b:92:9a:f4:97:1b:7c:82:13:
94:aa:6e:ac:4d:fe:67:d2:be:ce:e1:b0:fd:75:91:
af:18:cc:36:a7:5b:e6:a2:87:cc:51:5b:88:9c:ba:
21:5d:bf:2a:6b:d2:c0:9a:e7:22:a4:1c:31:f0:64:
13:5e:55:0f:6a:47:16:ca:94:14:c0:fc:4c:bc:a0:
39:17:e7:82:4f:c8:0a:11:b0:f3:7c:64:42:f7:2a:
b8:0a:52:de:d2:80:db:63:ec:64:c2:e4:6a:8e:11:
9a:31:24:33:43:ab:70:83:33:92:a2:9d:aa:7a:0e:
eb:a1:95:15:1e:2e:ea:45:cb:8e:93:a6:7b:1a:2d:
cb:6c:19:c1:1d:4b:95:60:15:8d:e1:3b:75:b9:d2:
e3:b9:15:57:d3:e8:69:82:bb:ae:2b:61:8e:5d:7a:
4a:30:34:1f:60:6a:01:2a:1a:9f:73:19:b0:4f:72:
44:45:be:a9:db:79:b7:93:2b:41:d0:a1:fe:b0:62:
0d:ae:b4:97:0b:62:40:e6:5e:1e:d0:48:74:32:70:
10:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:B3:56:20:3E:A3:2F:49:B9:8E:2A:C9:8A:7B:EB:AC:42:78:90:D5
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/07NWID6jL0m5jirJinvrrEJ4kNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.214.0/24
37.60.142.0/24
37.61.225.0/24
37.61.230.0/24
87.120.58.0/24
87.120.62.0/24
87.120.247.0/24
87.121.102.0/24
93.123.25.0/24
93.123.111.0/24
94.156.40.0/23
94.156.43.0/24
94.156.62.0/23
94.156.132.0/23
94.156.145.0/24
94.156.224.0/23
158.120.252.0/23
188.212.110.0/24
192.175.2.0/24
198.160.152.0/24
203.17.237.0/24
203.25.139.0/24
203.78.161.0/24
203.78.163.0-203.78.164.255
203.78.166.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:98:88:54:bb:6d:34:81:22:f3:91:43:15:60:4c:17:45:36:
55:50:7a:49:84:21:da:c4:d5:a7:9a:16:5a:f5:f0:7b:64:26:
cd:2d:e1:2c:0e:f1:0d:de:52:9d:1a:74:90:be:e7:d2:e6:dd:
ab:c7:8b:3f:d1:6b:7d:1b:3b:72:2a:f0:83:6e:46:c1:99:cb:
0a:e7:af:96:8c:94:6f:10:be:3b:6f:9d:17:41:63:29:d2:80:
3b:66:ee:0a:29:83:e6:3f:8d:8f:16:02:62:0b:4f:f0:95:0c:
8a:c2:34:4f:fd:1b:6c:b7:9c:62:0f:18:b2:86:2b:81:cc:61:
5c:d0:08:a0:8b:cb:be:a4:00:c9:16:8f:15:29:bc:2e:bd:81:
28:c1:c7:87:f0:76:53:0b:9d:79:9a:80:da:ea:34:8a:0a:2c:
ac:15:7d:0c:5f:9a:e4:29:0c:66:f8:5b:73:d8:fc:f8:88:7e:
8a:4f:0a:43:1c:26:b0:48:35:2d:7d:4e:00:f3:ca:f4:49:3f:
07:ef:d4:9b:b4:19:80:71:6b:07:56:78:f1:e8:42:9b:51:52:
35:11:39:dc:92:80:3b:5d:0f:10:8a:69:cf:0e:ea:c5:02:41:
c8:96:1a:2c:21:05:43:d2:d8:63:f8:d6:2a:2e:b2:b9:e2:cb:
e4:05:68:63
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYzVarCXaWcXddijTl1Izn14MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjQwMTA0MTY1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2IzNTYyMDNlYTMyZjQ5Yjk4ZTJhYzk4YTdiZWJhYzQyNzg5MGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHm2PchVG9xAzKLdBtDwsc201a5X
7o+e+s0XiofyFLsjDvTV7fbXLRjJinPT0ilK7hNrkpr0lxt8ghOUqm6sTf5n0r7O
4bD9dZGvGMw2p1vmoofMUVuInLohXb8qa9LAmucipBwx8GQTXlUPakcWypQUwPxM
vKA5F+eCT8gKEbDzfGRC9yq4ClLe0oDbY+xkwuRqjhGaMSQzQ6twgzOSop2qeg7r
oZUVHi7qRcuOk6Z7Gi3LbBnBHUuVYBWN4Tt1udLjuRVX0+hpgruuK2GOXXpKMDQf
YGoBKhqfcxmwT3JERb6p23m3kytB0KH+sGINrrSXC2JA5l4e0Eh0MnAQMQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFNOzViA+oy9JuY4qyYp766xCeJDVMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvMDdOV0lENmpMMG01amlySmludnJyRUo0a05VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAf
DdYDBAAlPI4DBAAlPeEDBAAlPeYDBABXeDoDBABXeD4DBABXePcDBABXeWYDBABd
exkDBABde28DBAFenCgDBABenCsDBAFenD4DBAFenIQDBABenJEDBAFenOADBAGe
ePwDBAC81G4DBADArwIDBADGoJgDBADLEe0DBADLGYsDBADLTqEwDAMEAMtOowME
AMtOpAMEActOpjANBgkqhkiG9w0BAQsFAAOCAQEAapiIVLttNIEi85FDFWBMF0U2
VVB6SYQh2sTVp5oWWvXwe2QmzS3hLA7xDd5SnRp0kL7n0ubdq8eLP9FrfRs7cirw
g25GwZnLCuevloyUbxC+O2+dF0FjKdKAO2buCimD5j+NjxYCYgtP8JUMisI0T/0b
bLecYg8YsoYrgcxhXNAIoIvLvqQAyRaPFSm8Lr2BKMHHh/B2UwudeZqA2uo0igos
rBV9DF+a5CkMZvhbc9j8+Ih+ik8KQxwmsEg1LX1OAPPK9Ek/B+/Um7QZgHFrB1Z4
8ehCm1FSNRE53JKAO10PEIppzw7qxQJByJYaLCEFQ9LYY/jWKi6yueLL5AVoYw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:41:02 2024 by rpki-client on console-ams.rpki-client.org