Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/BOO54NLTA4FbBH4Fjb76z1yJ7As.roa
File: BOO54NLTA4FbBH4Fjb76z1yJ7As.roa (raw, json)
Hash identifier: NXDm1+sKt5XmZbWjxQkYLn5NqCp0Vaqxw8fLny+5YeM=
Subject key identifier: 04:E3:B9:E0:D2:D3:03:81:5B:04:7E:05:8D:BE:FA:CF:5C:89:EC:0B
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 01926913F5F16FC0A3C1D65FB64F2479979F
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/BOO54NLTA4FbBH4Fjb76z1yJ7As.roa
Signing time: Mon 07 Oct 2024 22:22:48 +0000
ROA not before: Mon 07 Oct 2024 22:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42910
IP address blocks: 31.210.32.0/24 maxlen: 24
31.210.33.0/24 maxlen: 24
31.210.56.0/24 maxlen: 24
31.210.57.0/24 maxlen: 24
31.210.58.0/24 maxlen: 24
31.210.59.0/24 maxlen: 24
31.210.60.0/24 maxlen: 24
31.210.61.0/24 maxlen: 32
77.92.128.0/24 maxlen: 24
77.92.129.0/24 maxlen: 24
77.92.132.0/24 maxlen: 24
77.92.133.0/24 maxlen: 32
77.92.134.0/24 maxlen: 24
77.92.135.0/24 maxlen: 24
77.92.136.0/24 maxlen: 24
77.92.137.0/24 maxlen: 24
77.92.138.0/24 maxlen: 24
77.92.139.0/24 maxlen: 24
77.92.140.0/24 maxlen: 32
77.92.141.0/24 maxlen: 24
77.92.149.0/24 maxlen: 24
77.92.155.0/24 maxlen: 32
77.92.156.0/24 maxlen: 24
77.92.157.0/24 maxlen: 32
77.92.158.0/24 maxlen: 24
77.92.159.0/24 maxlen: 24
78.135.79.0/24 maxlen: 24
78.135.108.0/24 maxlen: 32
78.135.113.0/24 maxlen: 32
78.135.114.0/24 maxlen: 32
78.135.116.0/24 maxlen: 24
188.132.134.0/24 maxlen: 24
188.132.135.0/24 maxlen: 32
188.132.142.0/24 maxlen: 24
188.132.147.0/24 maxlen: 32
188.132.148.0/24 maxlen: 24
188.132.157.0/24 maxlen: 24
188.132.158.0/24 maxlen: 32
188.132.172.0/24 maxlen: 24
188.132.175.0/24 maxlen: 24
188.132.176.0/24 maxlen: 32
188.132.180.0/24 maxlen: 24
188.132.194.0/24 maxlen: 24
188.132.204.0/24 maxlen: 32
188.132.205.0/24 maxlen: 32
188.132.244.0/24 maxlen: 32
188.132.245.0/24 maxlen: 24
188.132.246.0/24 maxlen: 24
188.132.252.0/24 maxlen: 24
188.132.253.0/24 maxlen: 24
188.132.254.0/24 maxlen: 24
188.132.255.0/24 maxlen: 24
212.68.32.0/24 maxlen: 24
212.68.33.0/24 maxlen: 32
212.68.40.0/24 maxlen: 32
212.68.41.0/24 maxlen: 32
212.68.42.0/24 maxlen: 32
212.68.43.0/24 maxlen: 32
212.68.44.0/24 maxlen: 24
212.68.45.0/24 maxlen: 32
212.68.46.0/24 maxlen: 32
212.68.50.0/24 maxlen: 32
212.68.51.0/24 maxlen: 24
212.68.57.0/24 maxlen: 32
212.68.61.0/24 maxlen: 32
2a02:26b0::/32 maxlen: 32
2a02:26b0:8000::/48 maxlen: 48
2a02:26b0:8001::/48 maxlen: 48
2a02:26b0:800e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:69:13:f5:f1:6f:c0:a3:c1:d6:5f:b6:4f:24:79:97:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Oct 7 22:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04e3b9e0d2d303815b047e058dbefacf5c89ec0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c6:58:55:98:35:6b:fd:fe:89:0f:c8:8a:b0:
fe:b8:35:fd:72:da:f1:64:66:78:71:3c:15:1e:a9:
6c:16:af:80:cf:9d:9a:ce:b9:0f:e3:18:0e:9b:01:
07:8d:97:93:0f:56:40:87:64:31:2c:3a:f0:cc:85:
1e:89:60:00:b2:aa:db:41:43:19:28:26:ac:ef:9d:
10:af:50:16:1c:0a:9e:c5:c2:6e:20:cd:ee:cd:cf:
15:4f:a4:aa:89:a6:8f:62:64:73:ad:37:6d:fe:2b:
c0:c9:3c:be:77:3a:2d:14:dd:4a:11:26:a9:a0:04:
e1:a8:86:ee:f4:69:4b:ae:a3:f7:8c:b8:bc:39:e0:
b2:b3:38:89:71:72:da:c0:7b:cd:1b:f2:82:ff:b7:
c0:4c:6f:df:4c:88:81:c2:6f:d3:22:1c:b7:12:1b:
56:bc:b5:fd:4b:81:dd:a5:66:4f:0a:66:c7:30:e6:
a6:21:de:15:5c:4e:ca:39:9f:b8:86:27:00:a1:73:
4c:5a:80:41:6f:bb:cd:49:00:c0:99:d0:58:41:b1:
f6:d0:87:51:6e:d6:7e:a7:c9:a9:87:6e:79:88:a9:
6e:3b:92:60:70:bf:b0:bb:26:91:4b:e0:a2:81:27:
cc:1b:6a:3f:cb:6b:87:d0:99:2e:c3:0e:45:7a:fd:
da:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E3:B9:E0:D2:D3:03:81:5B:04:7E:05:8D:BE:FA:CF:5C:89:EC:0B
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/BOO54NLTA4FbBH4Fjb76z1yJ7As.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.32.0/23
31.210.56.0-31.210.61.255
77.92.128.0/23
77.92.132.0-77.92.141.255
77.92.149.0/24
77.92.155.0-77.92.159.255
78.135.79.0/24
78.135.108.0/24
78.135.113.0-78.135.114.255
78.135.116.0/24
188.132.134.0/23
188.132.142.0/24
188.132.147.0-188.132.148.255
188.132.157.0-188.132.158.255
188.132.172.0/24
188.132.175.0-188.132.176.255
188.132.180.0/24
188.132.194.0/24
188.132.204.0/23
188.132.244.0-188.132.246.255
188.132.252.0/22
212.68.32.0/23
212.68.40.0-212.68.46.255
212.68.50.0/23
212.68.57.0/24
212.68.61.0/24
IPv6:
2a02:26b0::/32
Signature Algorithm: sha256WithRSAEncryption
69:0f:fa:64:c6:e5:80:17:67:30:c0:0b:c8:a3:db:6b:bc:ae:
3f:ac:8e:31:aa:ca:5f:d6:19:21:26:89:8f:6b:0f:d0:ee:66:
36:0e:99:93:c1:43:39:a8:6a:aa:40:bc:d3:f3:95:f1:24:20:
f6:98:57:aa:30:8d:2e:c8:2c:82:75:61:20:dd:02:59:e5:81:
08:73:ad:51:dd:50:74:14:16:b2:f6:8b:49:48:5e:e2:ff:94:
14:ea:d4:32:3e:da:fa:2c:08:2d:f6:86:04:bb:bb:b8:da:7d:
f8:1f:db:ad:29:71:14:1e:ed:91:60:33:64:64:03:42:4c:e6:
fc:95:f3:bf:b3:57:c1:3b:41:b7:e9:6f:10:ab:1e:7e:0e:1b:
48:18:f6:5b:fd:8d:29:e2:40:c9:68:cf:5f:09:12:11:df:a4:
aa:7b:09:1c:b5:50:82:5e:bc:b0:e8:e7:4a:38:3a:81:88:45:
be:02:de:c3:5b:fc:b1:fe:54:ac:34:b0:07:48:0a:2c:84:c1:
31:8d:8c:bf:2c:e0:c7:23:38:7e:a9:5a:eb:ed:ef:07:71:46:
c0:7f:53:ed:40:eb:22:3f:3d:e2:11:7b:c2:e1:fe:68:87:06:
2e:0e:49:03:16:fe:06:5e:ec:d1:92:c1:e9:95:5b:7f:7c:a1:
1a:55:c5:41
-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgISAZJpE/Xxb8CjwdZftk8keZefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjQxMDA3MjIyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGUzYjllMGQyZDMwMzgxNWIwNDdlMDU4ZGJlZmFjZjVjODllYzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksZYVZg1a/3+iQ/IirD+uDX9ctrx
ZGZ4cTwVHqlsFq+Az52azrkP4xgOmwEHjZeTD1ZAh2QxLDrwzIUeiWAAsqrbQUMZ
KCas750Qr1AWHAqexcJuIM3uzc8VT6SqiaaPYmRzrTdt/ivAyTy+dzotFN1KESap
oAThqIbu9GlLrqP3jLi8OeCysziJcXLawHvNG/KC/7fATG/fTIiBwm/TIhy3EhtW
vLX9S4HdpWZPCmbHMOamId4VXE7KOZ+4hicAoXNMWoBBb7vNSQDAmdBYQbH20IdR
btZ+p8mph255iKluO5JgcL+wuyaRS+CigSfMG2o/y2uH0Jkuww5Fev3aAQIDAQAB
o4IC/TCCAvkwHQYDVR0OBBYEFATjueDS0wOBWwR+BY2++s9ciewLMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvQk9PNTROTFRBNEZiQkg0RmpiNzZ6MXlKN0FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEQYIKwYBBQUHAQcBAf8EggEAMIH9MIHrBAIAATCB5AME
AR/SIDAMAwQDH9I4AwQBH9I8AwQBTVyAMAwDBAJNXIQDBAFNXIwDBABNXJUwDAME
AE1cmwMEBU1cgAMEAE6HTwMEAE6HbDAMAwQATodxAwQATodyAwQATod0AwQBvISG
AwQAvISOMAwDBAC8hJMDBAC8hJQwDAMEALyEnQMEALyEngMEALyErDAMAwQAvISv
AwQAvISwAwQAvIS0AwQAvITCAwQBvITMMAwDBAK8hPQDBAC8hPYDBAK8hPwDBAHU
RCAwDAMEA9REKAMEANRELgMEAdREMgMEANREOQMEANREPTANBAIAAjAHAwUAKgIm
sDANBgkqhkiG9w0BAQsFAAOCAQEAaQ/6ZMblgBdnMMALyKPba7yuP6yOMarKX9YZ
ISaJj2sP0O5mNg6Zk8FDOahqqkC80/OV8SQg9phXqjCNLsgsgnVhIN0CWeWBCHOt
Ud1QdBQWsvaLSUhe4v+UFOrUMj7a+iwILfaGBLu7uNp9+B/brSlxFB7tkWAzZGQD
Qkzm/JXzv7NXwTtBt+lvEKsefg4bSBj2W/2NKeJAyWjPXwkSEd+kqnsJHLVQgl68
sOjnSjg6gYhFvgLew1v8sf5UrDSwB0gKLITBMY2MvyzgxyM4fqla6+3vB3FGwH9T
7UDrIj894hF7wuH+aIcGLg5JAxb+Bl7s0ZLB6ZVbf3yhGlXFQQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:14:47 2024 by rpki-client on console-fra.rpki-client.org