Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/gi4rNk-7pyNGhmQq8040k4Mc6DI.roa
File: gi4rNk-7pyNGhmQq8040k4Mc6DI.roa (raw, json)
Hash identifier: Y3+op0bF4O7Rdmvi9FK/04wfydeHFid5TZZrXT0ZYSA=
Subject key identifier: 82:2E:2B:36:4F:BB:A7:23:46:86:64:2A:F3:4E:34:93:83:1C:E8:32
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0192C032A3B3E85EF2663E7ECB562A382733
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/gi4rNk-7pyNGhmQq8040k4Mc6DI.roa
Signing time: Thu 24 Oct 2024 20:23:16 +0000
ROA not before: Thu 24 Oct 2024 20:23:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 14.102.52.0/24 maxlen: 24
14.102.53.0/24 maxlen: 24
14.102.54.0/24 maxlen: 24
14.102.55.0/24 maxlen: 24
14.102.63.0/24 maxlen: 24
14.102.84.0/24 maxlen: 24
14.102.85.0/24 maxlen: 24
14.102.86.0/24 maxlen: 24
14.102.87.0/24 maxlen: 24
62.169.128.0/24 maxlen: 24
62.169.129.0/24 maxlen: 24
62.169.130.0/24 maxlen: 24
62.169.131.0/24 maxlen: 24
62.169.132.0/24 maxlen: 24
62.169.133.0/24 maxlen: 24
62.169.134.0/24 maxlen: 24
62.169.135.0/24 maxlen: 24
84.51.234.0/24 maxlen: 24
84.51.235.0/24 maxlen: 24
92.51.232.0/24 maxlen: 24
92.51.233.0/24 maxlen: 24
92.51.238.0/24 maxlen: 24
92.51.239.0/24 maxlen: 24
92.51.248.0/24 maxlen: 24
92.51.249.0/24 maxlen: 24
92.51.250.0/24 maxlen: 24
92.51.251.0/24 maxlen: 24
92.51.252.0/24 maxlen: 24
92.51.253.0/24 maxlen: 24
92.51.254.0/24 maxlen: 24
103.61.197.0/24 maxlen: 24
103.61.198.0/24 maxlen: 24
103.61.199.0/24 maxlen: 24
103.125.77.0/24 maxlen: 24
103.125.78.0/24 maxlen: 24
103.125.79.0/24 maxlen: 24
103.210.198.0/24 maxlen: 24
103.210.199.0/24 maxlen: 24
103.213.212.0/24 maxlen: 24
103.213.213.0/24 maxlen: 24
103.213.214.0/24 maxlen: 24
103.213.215.0/24 maxlen: 24
103.255.76.0/24 maxlen: 24
103.255.77.0/24 maxlen: 24
167.160.16.0/24 maxlen: 24
167.160.17.0/24 maxlen: 24
167.160.29.0/24 maxlen: 24
170.62.89.0/24 maxlen: 24
170.62.90.0/24 maxlen: 24
170.62.91.0/24 maxlen: 24
170.62.92.0/24 maxlen: 24
170.62.93.0/24 maxlen: 24
170.62.94.0/24 maxlen: 24
170.62.95.0/24 maxlen: 24
170.62.160.0/24 maxlen: 24
198.55.28.0/24 maxlen: 24
198.55.29.0/24 maxlen: 24
203.188.164.0/24 maxlen: 24
203.188.167.0/24 maxlen: 24
203.188.168.0/24 maxlen: 24
203.188.169.0/24 maxlen: 24
203.188.170.0/24 maxlen: 24
203.188.171.0/24 maxlen: 24
203.188.172.0/24 maxlen: 24
203.188.173.0/24 maxlen: 24
212.56.48.0/24 maxlen: 24
212.56.49.0/24 maxlen: 24
212.56.50.0/24 maxlen: 24
212.56.51.0/24 maxlen: 24
212.78.245.0/24 maxlen: 24
212.78.246.0/24 maxlen: 24
212.78.247.0/24 maxlen: 24
212.78.248.0/24 maxlen: 24
212.78.249.0/24 maxlen: 24
212.78.250.0/24 maxlen: 24
212.78.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c0:32:a3:b3:e8:5e:f2:66:3e:7e:cb:56:2a:38:27:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Oct 24 20:23:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=822e2b364fbba7234686642af34e3493831ce832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:60:d6:35:5a:52:d8:8a:ed:fc:cd:da:37:8e:
34:8b:f5:6c:17:0f:62:68:06:47:7d:ca:a2:86:c7:
6d:cf:09:df:d6:e0:62:ef:23:58:4a:2f:7a:43:90:
81:47:e7:31:75:8b:59:5d:a7:d1:49:e6:a3:1b:38:
83:1d:5a:13:e8:7a:9f:af:9c:4d:cb:d5:2e:89:9d:
be:14:81:77:b8:60:15:b0:ab:ac:c5:8f:1e:9d:d4:
4d:8d:cc:b8:ff:6c:44:69:52:e6:4c:76:2a:9b:c8:
51:00:53:b5:fe:a8:f1:fe:9e:3a:6c:4c:5e:c2:3b:
89:90:b4:cc:48:20:99:3d:a0:81:1b:1a:7c:f2:7e:
ec:83:c5:34:3c:ba:1a:b4:01:06:d4:6a:c6:ac:39:
96:94:96:25:81:9f:7d:57:d1:32:70:be:1e:32:d2:
fe:49:40:73:52:1c:c3:6f:34:62:05:d6:69:df:e7:
ef:e0:6b:bb:67:9b:70:30:26:02:3f:1a:05:3a:90:
15:d4:ea:6f:28:14:5a:e0:4c:7b:4d:13:45:c0:78:
b5:0a:c1:f1:fb:99:d6:5b:68:df:9d:15:2a:c0:6e:
80:c1:39:93:4d:0b:93:39:5f:19:c9:0b:30:eb:4f:
3a:25:d0:21:01:0e:e5:8e:64:63:ae:5d:6a:36:ef:
10:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:2E:2B:36:4F:BB:A7:23:46:86:64:2A:F3:4E:34:93:83:1C:E8:32
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/gi4rNk-7pyNGhmQq8040k4Mc6DI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.52.0/22
14.102.63.0/24
14.102.84.0/22
62.169.128.0/21
84.51.234.0/23
92.51.232.0/23
92.51.238.0/23
92.51.248.0-92.51.254.255
103.61.197.0-103.61.199.255
103.125.77.0-103.125.79.255
103.210.198.0/23
103.213.212.0/22
103.255.76.0/23
167.160.16.0/23
167.160.29.0/24
170.62.89.0-170.62.95.255
170.62.160.0/24
198.55.28.0/23
203.188.164.0/24
203.188.167.0-203.188.173.255
212.56.48.0/22
212.78.245.0-212.78.251.255
Signature Algorithm: sha256WithRSAEncryption
38:57:fa:38:c3:6a:a3:ef:89:8d:a1:e0:59:04:1c:85:18:10:
b0:bb:41:5e:d4:05:85:74:f9:8f:a2:ed:a4:2e:90:10:49:da:
5d:8d:5e:d1:2e:84:a4:1c:8d:24:ce:e3:c4:eb:b8:98:cc:62:
90:59:e8:7c:a4:e9:e6:2c:26:ff:92:1a:3e:f2:32:ac:ca:46:
f7:08:93:de:93:17:e9:2f:7f:5b:27:8f:1f:be:67:61:54:83:
f2:36:83:2c:dc:fd:9d:d3:f8:52:ef:2a:95:90:19:0b:48:f4:
ff:48:29:ad:7d:c3:5d:2b:a1:4a:f9:75:78:57:38:8b:bf:22:
33:03:2f:71:0d:4e:c9:49:ab:a0:90:88:6d:8b:87:85:9b:91:
0f:0f:72:4e:96:92:61:a1:8f:cd:41:26:e8:c2:9d:b9:2a:53:
e0:2e:1d:22:8a:b1:5b:ad:56:ec:84:30:75:ae:3d:16:ff:65:
e8:9d:97:aa:e5:ec:3c:50:31:20:ed:21:12:d1:50:23:97:1f:
6a:d0:b1:fe:23:ba:c3:1e:1f:08:a6:1a:b7:ce:48:90:4e:87:
b9:d0:78:09:a6:15:66:7f:ed:86:47:ce:fc:d4:2f:d2:e6:41:
71:4c:98:22:57:29:ce:2b:a1:89:64:a0:62:8b:0d:82:bb:0f:
09:e7:7c:1c
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAZLAMqOz6F7yZj5+y1YqOCczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQxMDI0MjAyMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjJlMmIzNjRmYmJhNzIzNDY4NjY0MmFmMzRlMzQ5MzgzMWNlODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42DWNVpS2Irt/M3aN440i/VsFw9i
aAZHfcqihsdtzwnf1uBi7yNYSi96Q5CBR+cxdYtZXafRSeajGziDHVoT6Hqfr5xN
y9UuiZ2+FIF3uGAVsKusxY8endRNjcy4/2xEaVLmTHYqm8hRAFO1/qjx/p46bExe
wjuJkLTMSCCZPaCBGxp88n7sg8U0PLoatAEG1GrGrDmWlJYlgZ99V9EycL4eMtL+
SUBzUhzDbzRiBdZp3+fv4Gu7Z5twMCYCPxoFOpAV1OpvKBRa4Ex7TRNFwHi1CsHx
+5nWW2jfnRUqwG6AwTmTTQuTOV8ZyQsw6086JdAhAQ7ljmRjrl1qNu8Q9QIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFIIuKzZPu6cjRoZkKvNONJODHOgyMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvZ2k0ck5rLTdweU5HaG1RcTgwNDBrNE1jNkRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBAIO
ZjQDBAAOZj8DBAIOZlQDBAM+qYADBAFUM+oDBAFcM+gDBAFcM+4wDAMEA1wz+AME
AFwz/jAMAwQAZz3FAwQDZz3AMAwDBABnfU0DBARnfUADBAFn0sYDBAJn1dQDBAFn
/0wDBAGnoBADBACnoB0wDAMEAKo+WQMEBao+QAMEAKo+oAMEAcY3HAMEAMu8pDAM
AwQAy7ynAwQBy7ysAwQC1DgwMAwDBADUTvUDBALUTvgwDQYJKoZIhvcNAQELBQAD
ggEBADhX+jjDaqPviY2h4FkEHIUYELC7QV7UBYV0+Y+i7aQukBBJ2l2NXtEuhKQc
jSTO48TruJjMYpBZ6Hyk6eYsJv+SGj7yMqzKRvcIk96TF+kvf1snjx++Z2FUg/I2
gyzc/Z3T+FLvKpWQGQtI9P9IKa19w10roUr5dXhXOIu/IjMDL3ENTslJq6CQiG2L
h4WbkQ8Pck6WkmGhj81BJujCnbkqU+AuHSKKsVutVuyEMHWuPRb/Zeidl6rl7DxQ
MSDtIRLRUCOXH2rQsf4jusMeHwimGrfOSJBOh7nQeAmmFWZ/7YZHzvzUL9LmQXFM
mCJXKc4roYlkoGKLDYK7DwnnfBw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:34:32 2024 by rpki-client on console-fra.rpki-client.org