Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/fVarUzhB1EXD0hzATQm55VPODDI.roa
File: fVarUzhB1EXD0hzATQm55VPODDI.roa (raw, json)
Hash identifier: V0vnTonOo330FM0dDDRwKoTgYxb2Gc42y/VBCoYsKXo=
Subject key identifier: 7D:56:AB:53:38:41:D4:45:C3:D2:1C:C0:4D:09:B9:E5:53:CE:0C:32
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 0192B39851BCFF014C8413B30F9DB1EF338D
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/fVarUzhB1EXD0hzATQm55VPODDI.roa
Signing time: Tue 22 Oct 2024 09:39:16 +0000
ROA not before: Tue 22 Oct 2024 09:39:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44217
IP address blocks: 62.201.192.0/18 maxlen: 18
62.201.192.0/23 maxlen: 23
62.201.193.0/24 maxlen: 24
62.201.194.0/24 maxlen: 24
62.201.195.0/24 maxlen: 24
62.201.196.0/24 maxlen: 24
62.201.197.0/24 maxlen: 24
62.201.198.0/24 maxlen: 24
62.201.200.0/24 maxlen: 24
62.201.201.0/24 maxlen: 24
62.201.202.0/24 maxlen: 24
62.201.203.0/24 maxlen: 24
62.201.204.0/23 maxlen: 23
62.201.205.0/24 maxlen: 24
62.201.206.0/24 maxlen: 24
62.201.207.0/24 maxlen: 24
62.201.208.0/22 maxlen: 22
62.201.208.0/24 maxlen: 24
62.201.209.0/24 maxlen: 24
62.201.210.0/24 maxlen: 24
62.201.211.0/24 maxlen: 24
62.201.212.0/22 maxlen: 22
62.201.212.0/24 maxlen: 24
62.201.213.0/24 maxlen: 24
62.201.214.0/24 maxlen: 24
62.201.215.0/24 maxlen: 24
62.201.216.0/24 maxlen: 24
62.201.217.0/24 maxlen: 24
62.201.218.0/24 maxlen: 24
62.201.219.0/24 maxlen: 24
62.201.220.0/22 maxlen: 22
62.201.220.0/24 maxlen: 24
62.201.221.0/24 maxlen: 24
62.201.222.0/24 maxlen: 24
62.201.223.0/24 maxlen: 24
62.201.224.0/22 maxlen: 22
62.201.224.0/24 maxlen: 24
62.201.225.0/24 maxlen: 24
62.201.226.0/24 maxlen: 24
62.201.227.0/24 maxlen: 24
62.201.228.0/22 maxlen: 22
62.201.228.0/24 maxlen: 24
62.201.229.0/24 maxlen: 24
62.201.230.0/24 maxlen: 24
62.201.231.0/24 maxlen: 24
62.201.232.0/22 maxlen: 22
62.201.232.0/24 maxlen: 24
62.201.233.0/24 maxlen: 24
62.201.234.0/24 maxlen: 24
62.201.235.0/24 maxlen: 24
62.201.236.0/24 maxlen: 24
62.201.238.0/24 maxlen: 24
62.201.239.0/24 maxlen: 24
62.201.240.0/21 maxlen: 21
62.201.240.0/24 maxlen: 24
62.201.241.0/24 maxlen: 24
62.201.242.0/23 maxlen: 24
62.201.242.0/24 maxlen: 24
62.201.243.0/24 maxlen: 24
62.201.244.0/23 maxlen: 24
62.201.246.0/24 maxlen: 24
62.201.247.0/24 maxlen: 24
62.201.248.0/24 maxlen: 24
62.201.249.0/24 maxlen: 24
62.201.250.0/24 maxlen: 24
62.201.251.0/24 maxlen: 24
62.201.252.0/22 maxlen: 24
62.201.253.0/24 maxlen: 24
62.201.254.0/23 maxlen: 24
89.33.66.0/23 maxlen: 23
185.1.98.0/24 maxlen: 24
2a02:b60::/32 maxlen: 32
2a02:b60:0:f::/64 maxlen: 64
2a02:b60:20::/48 maxlen: 48
2a02:b60:2000::/35 maxlen: 35
2a02:b60:2000::/48 maxlen: 48
2a02:b60:2000:3::/64 maxlen: 64
2a02:b60:2010::/48 maxlen: 48
2a02:b60:4000::/34 maxlen: 34
2a02:b60:4000::/48 maxlen: 48
2a02:b60:4005::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:98:51:bc:ff:01:4c:84:13:b3:0f:9d:b1:ef:33:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: Oct 22 09:39:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d56ab533841d445c3d21cc04d09b9e553ce0c32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8b:32:79:15:f4:59:62:2e:75:02:21:ce:99:
25:4a:66:38:ea:dd:96:2f:7c:a7:31:7e:35:c4:eb:
1c:67:13:89:42:15:44:95:7f:d1:dc:75:86:52:77:
c9:6b:5e:80:27:f8:d0:da:d4:7d:84:4d:1e:72:42:
7b:6b:b8:b2:1b:e5:c8:60:ab:7c:f4:9b:0a:d9:87:
cc:10:71:6b:7c:4d:44:4f:9d:e1:54:ef:1d:99:19:
a6:8d:cb:f7:1f:ef:09:1f:0a:52:dc:3d:89:2f:d5:
3a:d1:f7:83:23:ae:0e:d3:50:0b:4e:8b:08:f8:c3:
bf:e8:65:4f:37:fc:f8:08:c6:da:0d:c2:49:8f:75:
77:81:78:01:70:54:ec:fe:df:bf:4b:bc:34:39:e6:
93:ff:f4:fa:fd:e7:50:08:35:7f:9a:62:ac:46:78:
81:4e:d0:1d:c1:ff:21:11:1d:8c:6b:dc:c3:16:11:
0c:b8:b4:4b:20:b2:5c:6a:2d:79:a5:4e:aa:5d:ab:
28:17:e1:f2:8f:93:9a:bb:4a:16:f0:af:85:8b:56:
87:02:ff:bb:14:bf:81:6d:76:82:ad:96:7b:29:09:
09:9a:a4:37:a6:63:01:ae:f0:75:f2:9b:03:76:63:
59:64:55:b9:70:37:7c:9f:02:e8:40:b9:4a:2f:c6:
ca:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:56:AB:53:38:41:D4:45:C3:D2:1C:C0:4D:09:B9:E5:53:CE:0C:32
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/fVarUzhB1EXD0hzATQm55VPODDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/18
89.33.66.0/23
185.1.98.0/24
IPv6:
2a02:b60::/32
Signature Algorithm: sha256WithRSAEncryption
7b:04:bd:f4:1e:4b:8c:f5:09:db:02:2e:a4:8a:46:d8:47:a8:
52:41:92:d6:5c:d2:2a:42:06:d3:cd:70:f8:5e:8e:88:cb:3a:
b7:bc:c0:f5:76:7a:b2:48:31:68:ec:d0:67:3a:96:c3:e5:1b:
22:c2:d0:ab:76:f3:9f:86:9e:12:bf:04:78:70:67:cd:55:94:
95:f2:3a:e9:2f:40:11:6b:d0:3f:e8:cd:b5:20:f7:94:fe:da:
8e:96:e3:96:d1:c3:4a:90:e8:d9:50:fd:e2:75:1e:59:42:b0:
86:d1:a6:89:17:f2:c6:12:ec:9a:5b:96:10:95:63:32:ac:d9:
45:25:1a:9d:f6:59:f6:cf:96:34:29:60:f3:e7:b4:3d:01:11:
b1:4b:26:9d:20:e8:00:33:28:5a:cc:2f:06:25:f5:22:29:b6:
1d:98:5c:79:a8:f2:00:d2:fe:63:26:dd:9a:32:b8:00:b1:23:
d4:5a:ab:dc:54:8d:0c:12:fa:5e:8c:d1:6f:b8:ae:01:1b:56:
2a:fb:5b:7f:35:06:a6:ba:90:5f:cb:92:82:2c:2d:ec:98:a1:
f7:1e:55:77:cc:d6:22:75:8a:c1:f0:55:07:1f:ba:be:01:a6:
c3:87:65:d6:1b:e2:d7:50:ed:78:ec:3a:9d:c7:66:26:b7:59:
1e:b5:4a:ad
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZKzmFG8/wFMhBOzD52x7zONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTJmZWRmNTljNjBkMzI1NGUzN2E5YzhlY2RlMTFjOWJh
MTI4MmEwHhcNMjQxMDIyMDkzOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDU2YWI1MzM4NDFkNDQ1YzNkMjFjYzA0ZDA5YjllNTUzY2UwYzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYsyeRX0WWIudQIhzpklSmY46t2W
L3ynMX41xOscZxOJQhVElX/R3HWGUnfJa16AJ/jQ2tR9hE0eckJ7a7iyG+XIYKt8
9JsK2YfMEHFrfE1ET53hVO8dmRmmjcv3H+8JHwpS3D2JL9U60feDI64O01ALTosI
+MO/6GVPN/z4CMbaDcJJj3V3gXgBcFTs/t+/S7w0OeaT//T6/edQCDV/mmKsRniB
TtAdwf8hER2Ma9zDFhEMuLRLILJcai15pU6qXasoF+Hyj5Oau0oW8K+Fi1aHAv+7
FL+BbXaCrZZ7KQkJmqQ3pmMBrvB18psDdmNZZFW5cDd8nwLoQLlKL8bKMQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFH1Wq1M4QdRFw9IcwE0JueVTzgwyMB8GA1UdIwQY
MBaAFDaS/t9Zxg0yVON6nI7N4RyboSgqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEt
ZTdiZTVlMzBhZDJkLzEvZlZhclV6aEIxRVhEMGh6QVRRbTU1VlBPRERJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEtZTdiZTVlMzBhZDJk
LzEvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGPsnAAwQB
WSFCAwQAuQFiMA0EAgACMAcDBQAqAgtgMA0GCSqGSIb3DQEBCwUAA4IBAQB7BL30
HkuM9QnbAi6kikbYR6hSQZLWXNIqQgbTzXD4Xo6Iyzq3vMD1dnqySDFo7NBnOpbD
5RsiwtCrdvOfhp4SvwR4cGfNVZSV8jrpL0ARa9A/6M21IPeU/tqOluOW0cNKkOjZ
UP3idR5ZQrCG0aaJF/LGEuyaW5YQlWMyrNlFJRqd9ln2z5Y0KWDz57Q9ARGxSyad
IOgAMyhazC8GJfUiKbYdmFx5qPIA0v5jJt2aMrgAsSPUWqvcVI0MEvpejNFvuK4B
G1Yq+1t/NQamupBfy5KCLC3smKH3HlV3zNYidYrB8FUHH7q+AabDh2XWG+LXUO14
7Dqdx2Ymt1ketUqt
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:14:05 2024 by rpki-client on console-fra.rpki-client.org