Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/efP4Dktot21j2v4ko3pXy4i55d8.roa
File: efP4Dktot21j2v4ko3pXy4i55d8.roa (raw, json)
Hash identifier: iBtVJb8u3EnSleqllRfSZBP101OAavzb/vrmJOfEZEs=
Subject key identifier: 79:F3:F8:0E:4B:68:B7:6D:63:DA:FE:24:A3:7A:57:CB:88:B9:E5:DF
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0192B504B36D5573E08306A561D35CCD4CF0
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/efP4Dktot21j2v4ko3pXy4i55d8.roa
Signing time: Tue 22 Oct 2024 16:17:16 +0000
ROA not before: Tue 22 Oct 2024 16:17:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 14.102.62.0/24 maxlen: 24
103.61.196.0/24 maxlen: 24
103.138.78.0/24 maxlen: 24
167.160.28.0/24 maxlen: 24
192.253.208.0/24 maxlen: 24
192.253.209.0/24 maxlen: 24
192.253.210.0/24 maxlen: 24
192.253.211.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
203.188.166.0/24 maxlen: 24
203.188.174.0/24 maxlen: 24
203.188.175.0/24 maxlen: 24
203.188.176.0/24 maxlen: 24
203.188.177.0/24 maxlen: 24
203.188.178.0/24 maxlen: 24
203.188.179.0/24 maxlen: 24
203.188.180.0/24 maxlen: 24
203.188.181.0/24 maxlen: 24
203.188.182.0/24 maxlen: 24
203.188.183.0/24 maxlen: 24
203.188.184.0/24 maxlen: 24
203.188.185.0/24 maxlen: 24
203.188.186.0/24 maxlen: 24
203.188.187.0/24 maxlen: 24
203.188.188.0/24 maxlen: 24
203.188.189.0/24 maxlen: 24
203.188.190.0/24 maxlen: 24
203.188.191.0/24 maxlen: 24
212.32.48.0/24 maxlen: 24
212.32.49.0/24 maxlen: 24
212.32.50.0/24 maxlen: 24
212.32.51.0/24 maxlen: 24
212.32.68.0/24 maxlen: 24
212.32.69.0/24 maxlen: 24
212.32.70.0/24 maxlen: 24
212.32.71.0/24 maxlen: 24
212.32.72.0/24 maxlen: 24
212.32.73.0/24 maxlen: 24
212.32.74.0/24 maxlen: 24
212.32.75.0/24 maxlen: 24
212.32.76.0/24 maxlen: 24
212.32.77.0/24 maxlen: 24
212.32.78.0/24 maxlen: 24
212.32.79.0/24 maxlen: 24
212.56.52.0/24 maxlen: 24
212.56.53.0/24 maxlen: 24
212.56.54.0/24 maxlen: 24
212.56.55.0/24 maxlen: 24
213.254.160.0/24 maxlen: 24
213.254.161.0/24 maxlen: 24
213.254.162.0/24 maxlen: 24
213.254.163.0/24 maxlen: 24
213.254.172.0/24 maxlen: 24
213.254.173.0/24 maxlen: 24
213.254.174.0/24 maxlen: 24
213.254.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b5:04:b3:6d:55:73:e0:83:06:a5:61:d3:5c:cd:4c:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Oct 22 16:17:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79f3f80e4b68b76d63dafe24a37a57cb88b9e5df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:06:19:04:dd:85:9e:c4:e2:8e:c1:e8:bd:cf:
6e:22:63:41:63:68:58:f9:fe:97:a6:d8:b2:24:c9:
d9:e0:49:69:5a:d1:43:86:d5:74:63:da:74:d3:f8:
76:d2:38:5d:e5:99:cc:c4:ec:69:84:8e:d1:bd:38:
de:86:f9:0a:43:8a:69:15:7d:26:82:6c:8f:ab:1a:
f7:af:04:8b:9f:ef:90:8d:84:a8:b7:64:17:c8:90:
9f:40:25:01:fb:0b:50:99:1b:4c:ea:87:90:ca:d4:
8f:eb:27:fb:72:bc:77:50:0f:b8:f4:fd:37:08:70:
7f:fb:31:d1:27:55:50:9c:b1:ab:7e:3b:1c:6f:e0:
92:07:c6:ec:8c:e3:e1:26:ad:14:10:4c:42:53:bf:
7f:b9:21:7f:3f:64:9d:54:fa:b0:42:30:bc:64:77:
2c:12:47:f0:ed:75:80:f8:4c:d6:aa:da:b8:55:01:
37:62:aa:0b:3c:9d:c9:a5:e8:6d:ee:2b:4a:cd:b2:
93:4c:a9:cd:8c:d5:81:a8:c8:13:6e:ba:9c:8b:08:
4e:63:9f:e0:6f:ad:bf:a0:40:36:9f:bf:76:ce:33:
f8:db:eb:ac:58:b0:ad:c5:0d:40:f5:7d:f0:b2:b4:
49:fd:e7:0b:c6:f9:ed:a0:c2:6b:01:75:62:70:79:
2c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:F3:F8:0E:4B:68:B7:6D:63:DA:FE:24:A3:7A:57:CB:88:B9:E5:DF
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/efP4Dktot21j2v4ko3pXy4i55d8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.62.0/24
103.61.196.0/24
103.138.78.0/24
167.160.28.0/24
192.253.208.0/22
198.55.31.0/24
203.188.166.0/24
203.188.174.0-203.188.191.255
212.32.48.0/22
212.32.68.0-212.32.79.255
212.56.52.0/22
213.254.160.0/22
213.254.172.0/22
Signature Algorithm: sha256WithRSAEncryption
c6:86:6a:98:7a:85:5d:e7:0f:79:65:13:d3:a2:40:c4:98:4e:
33:d5:57:8b:2f:66:c0:fa:54:2f:bb:f2:bf:6d:ea:8d:f2:35:
7c:92:d1:93:6c:47:6e:40:b6:66:7a:31:e1:03:d7:df:99:70:
59:c3:ff:c7:63:e7:97:15:17:23:24:93:d8:0a:ad:b6:2d:d7:
ad:76:62:52:fb:cc:15:64:4f:06:53:c2:eb:05:c2:f5:55:72:
51:0a:c4:db:fc:a6:cf:09:3c:8d:5e:5f:5f:38:a5:a2:79:1c:
99:6c:0d:b4:1a:b0:36:cc:b7:cd:1f:8d:ca:4b:d5:59:29:73:
23:b4:11:1a:5b:d2:f1:ed:62:ff:1b:ea:fe:e5:f0:2d:59:e4:
58:a8:af:31:fe:b9:aa:e6:08:a4:52:9e:0b:9e:89:11:3b:5d:
3d:b4:8c:78:34:34:24:fb:ac:86:1b:3e:e5:11:25:80:42:05:
d9:73:21:d1:11:1f:55:65:ef:82:94:32:c1:82:e1:04:a3:93:
94:31:94:65:6f:9a:cb:fc:83:06:e1:79:37:7a:04:76:04:18:
9c:72:7c:39:75:bc:7e:e5:ec:2e:42:fe:20:ff:0e:70:bc:c3:
9b:07:5b:b5:da:a2:51:0c:e2:4e:3c:4e:73:d2:85:9c:0c:2d:
28:99:66:4d
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZK1BLNtVXPggwalYdNczUzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQxMDIyMTYxNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWYzZjgwZTRiNjhiNzZkNjNkYWZlMjRhMzdhNTdjYjg4YjllNWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQYZBN2FnsTijsHovc9uImNBY2hY
+f6XptiyJMnZ4ElpWtFDhtV0Y9p00/h20jhd5ZnMxOxphI7RvTjehvkKQ4ppFX0m
gmyPqxr3rwSLn++QjYSot2QXyJCfQCUB+wtQmRtM6oeQytSP6yf7crx3UA+49P03
CHB/+zHRJ1VQnLGrfjscb+CSB8bsjOPhJq0UEExCU79/uSF/P2SdVPqwQjC8ZHcs
Ekfw7XWA+EzWqtq4VQE3YqoLPJ3Jpeht7itKzbKTTKnNjNWBqMgTbrqciwhOY5/g
b62/oEA2n792zjP42+usWLCtxQ1A9X3wsrRJ/ecLxvntoMJrAXVicHks4wIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFHnz+A5LaLdtY9r+JKN6V8uIueXfMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvZWZQNERrdG90MjFqMnY0a28zcFh5NGk1NWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQADmY+AwQA
Zz3EAwQAZ4pOAwQAp6AcAwQCwP3QAwQAxjcfAwQAy7ymMAwDBAHLvK4DBAbLvIAD
BALUIDAwDAMEAtQgRAMEBNQgQAMEAtQ4NAMEAtX+oAMEAtX+rDANBgkqhkiG9w0B
AQsFAAOCAQEAxoZqmHqFXecPeWUT06JAxJhOM9VXiy9mwPpUL7vyv23qjfI1fJLR
k2xHbkC2Znox4QPX35lwWcP/x2PnlxUXIyST2Aqtti3XrXZiUvvMFWRPBlPC6wXC
9VVyUQrE2/ymzwk8jV5fXzilonkcmWwNtBqwNsy3zR+NykvVWSlzI7QRGlvS8e1i
/xvq/uXwLVnkWKivMf65quYIpFKeC56JETtdPbSMeDQ0JPushhs+5RElgEIF2XMh
0REfVWXvgpQywYLhBKOTlDGUZW+ay/yDBuF5N3oEdgQYnHJ8OXW8fuXsLkL+IP8O
cLzDmwdbtdqiUQziTjxOc9KFnAwtKJlmTQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 05:51:54 2024 by rpki-client on console-fra.rpki-client.org