Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/T24Mb-6KOyII9Zj4ApmqBzXBKxg.roa
File: T24Mb-6KOyII9Zj4ApmqBzXBKxg.roa (raw, json)
Hash identifier: l/FPlArXvYmwy1iwUTLkf9bdXt1EQpVFOKjPM76DwnU=
Subject key identifier: 4F:6E:0C:6F:EE:8A:3B:22:08:F5:98:F8:02:99:AA:07:35:C1:2B:18
Certificate issuer: /CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529
Certificate serial: 019425FC5F835B43C82A154A62E60120A29B
Authority key identifier: 3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/T24Mb-6KOyII9Zj4ApmqBzXBKxg.roa
Signing time: Thu 02 Jan 2025 07:48:04 +0000
ROA not before: Thu 02 Jan 2025 07:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60855
IP address blocks: 164.131.80.0/24 maxlen: 24
164.131.124.0/23 maxlen: 23
164.131.124.0/24 maxlen: 24
164.131.125.0/24 maxlen: 24
164.131.126.0/23 maxlen: 23
164.131.126.0/24 maxlen: 24
164.131.127.0/24 maxlen: 24
164.131.130.0/23 maxlen: 23
164.131.130.0/24 maxlen: 24
164.131.131.0/24 maxlen: 24
164.131.132.0/23 maxlen: 23
164.131.132.0/24 maxlen: 24
164.131.133.0/24 maxlen: 24
164.131.142.0/23 maxlen: 23
164.131.142.0/24 maxlen: 24
164.131.143.0/24 maxlen: 24
164.131.160.0/24 maxlen: 24
164.131.197.0/24 maxlen: 24
164.131.198.0/23 maxlen: 23
164.131.198.0/24 maxlen: 24
164.131.199.0/24 maxlen: 24
164.131.212.0/23 maxlen: 24
164.131.214.0/23 maxlen: 24
164.131.224.0/24 maxlen: 24
164.131.226.0/23 maxlen: 24
164.131.232.0/23 maxlen: 23
164.131.232.0/24 maxlen: 24
164.131.233.0/24 maxlen: 24
164.131.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:5f:83:5b:43:c8:2a:15:4a:62:e6:01:20:a2:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529
Validity
Not Before: Jan 2 07:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f6e0c6fee8a3b2208f598f80299aa0735c12b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ef:80:8b:46:d3:f1:48:6f:00:2b:e5:59:91:
a2:2f:a4:a8:aa:54:02:47:70:ba:c4:1b:60:41:a9:
27:4c:b7:90:c3:af:c7:3e:59:b8:43:aa:75:05:3d:
1f:22:75:2e:23:ea:d1:66:6b:75:f0:32:fa:b8:ec:
23:d1:bb:05:1d:4d:c3:29:57:4f:30:9b:3f:5a:ae:
85:cd:19:81:e8:98:dd:27:26:55:f2:c8:4c:21:fe:
36:50:b8:0d:d4:f2:c2:a1:af:59:13:6d:73:de:9f:
68:21:69:85:6c:66:48:2f:7e:03:f5:75:f7:a1:a3:
5b:22:73:a5:d8:8e:7c:e2:d0:ec:7a:68:6c:de:9b:
4f:96:3a:09:67:7a:e7:39:58:90:d6:16:66:c6:04:
82:d3:53:49:1d:7c:75:72:46:c1:0d:76:dd:7d:84:
c6:f2:94:52:ac:33:5d:3c:39:0c:91:cf:f9:b0:3d:
12:59:af:96:f9:61:25:00:cd:d6:ad:30:83:39:0b:
0a:e3:db:24:30:26:8d:fa:64:5d:f1:61:ec:6c:a5:
c9:4e:31:35:46:38:c4:f7:8f:6c:bd:04:ac:28:8a:
8d:99:fb:63:c0:03:46:53:d3:37:b5:f5:e5:08:1e:
1f:0e:35:00:cb:85:22:5f:34:c4:d5:b9:bf:a9:54:
7d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:6E:0C:6F:EE:8A:3B:22:08:F5:98:F8:02:99:AA:07:35:C1:2B:18
X509v3 Authority Key Identifier:
keyid:3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/T24Mb-6KOyII9Zj4ApmqBzXBKxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.131.80.0/24
164.131.124.0/22
164.131.130.0-164.131.133.255
164.131.142.0/23
164.131.160.0/24
164.131.197.0-164.131.199.255
164.131.212.0/22
164.131.224.0/24
164.131.226.0/23
164.131.232.0/23
164.131.244.0/24
Signature Algorithm: sha256WithRSAEncryption
31:86:9d:30:7f:ce:8f:ae:94:c1:88:2d:ff:ab:c2:c8:40:28:
6b:80:2d:d7:d0:73:79:de:9b:26:a0:53:55:01:16:97:82:e9:
af:ac:e6:19:0b:80:97:a2:e4:51:b8:6b:23:66:cb:74:66:00:
2c:97:dd:72:69:a7:05:b3:0b:98:89:18:d7:d1:60:62:85:53:
2f:28:e5:4a:6e:71:28:f1:55:5e:65:94:37:8f:36:3f:60:f3:
16:6e:f9:25:9a:4f:eb:ee:88:0c:2a:3a:fa:2a:f5:e8:03:58:
cf:22:f8:83:8b:41:da:e4:e9:75:51:2f:00:1a:65:75:e7:5b:
61:86:6a:e7:81:cd:d9:6f:25:79:30:fe:af:f0:6a:6c:ac:a2:
1e:6f:17:d5:7e:4f:0d:19:64:da:cc:c2:8a:a2:d5:36:4c:0b:
04:b3:1f:b2:a2:0b:a6:24:9c:da:95:33:89:2f:5a:9c:7e:1f:
22:3a:87:0c:f5:f7:96:65:1f:23:60:6b:6c:98:8e:d3:87:60:
a2:1f:fe:61:c8:28:18:00:dd:10:a3:b1:05:2b:e8:80:9b:20:
db:a8:b3:ac:b6:f5:70:6b:5b:cb:bb:75:c9:14:00:33:b9:23:
91:76:34:50:9d:5b:31:d1:0d:5b:75:e3:a1:99:fc:ff:b6:a0:
22:b3:e3:08
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZQl/F+DW0PIKhVKYuYBIKKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOTM2ZDJmMjk4ZTZjZmQ1NjYwNDU3M2QxZWY5ZTBlODI5
OWI1MjkwHhcNMjUwMTAyMDc0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjZlMGM2ZmVlOGEzYjIyMDhmNTk4ZjgwMjk5YWEwNzM1YzEyYjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs++Ai0bT8UhvACvlWZGiL6SoqlQC
R3C6xBtgQaknTLeQw6/HPlm4Q6p1BT0fInUuI+rRZmt18DL6uOwj0bsFHU3DKVdP
MJs/Wq6FzRmB6JjdJyZV8shMIf42ULgN1PLCoa9ZE21z3p9oIWmFbGZIL34D9XX3
oaNbInOl2I584tDsemhs3ptPljoJZ3rnOViQ1hZmxgSC01NJHXx1ckbBDXbdfYTG
8pRSrDNdPDkMkc/5sD0SWa+W+WElAM3WrTCDOQsK49skMCaN+mRd8WHsbKXJTjE1
RjjE949svQSsKIqNmftjwANGU9M3tfXlCB4fDjUAy4UiXzTE1bm/qVR9WwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFE9uDG/uijsiCPWY+AKZqgc1wSsYMB8GA1UdIwQY
MBaAFDqTbS8pjmz9VmBFc9Hvng6CmbUpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQt
YjVmOGVjMGFhZDdjLzEvVDI0TWItNktPeUlJOVpqNEFwbXFCelhCS3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQtYjVmOGVjMGFhZDdj
LzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQApINQAwQC
pIN8MAwDBAGkg4IDBAGkg4QDBAGkg44DBACkg6AwDAMEAKSDxQMEA6SDwAMEAqSD
1AMEAKSD4AMEAaSD4gMEAaSD6AMEAKSD9DANBgkqhkiG9w0BAQsFAAOCAQEAMYad
MH/Oj66UwYgt/6vCyEAoa4At19Bzed6bJqBTVQEWl4Lpr6zmGQuAl6LkUbhrI2bL
dGYALJfdcmmnBbMLmIkY19FgYoVTLyjlSm5xKPFVXmWUN482P2DzFm75JZpP6+6I
DCo6+ir16ANYzyL4g4tB2uTpdVEvABpldedbYYZq54HN2W8leTD+r/BqbKyiHm8X
1X5PDRlk2szCiqLVNkwLBLMfsqILpiSc2pUziS9anH4fIjqHDPX3lmUfI2BrbJiO
04dgoh/+YcgoGADdEKOxBSvogJsg26izrLb1cGtby7t1yRQAM7kjkXY0UJ1bMdEN
W3XjoZn8/7agIrPjCA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 09:05:07 2025 by rpki-client