Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/oqBVfM82zMYj2dhMpTvG8LW5qe4.roa
File: oqBVfM82zMYj2dhMpTvG8LW5qe4.roa (raw, json)
Hash identifier: zsj5b7vzWj3WqSz4EvRDM3J5wSJqzfefBHwTV7BZb4E=
Subject key identifier: A2:A0:55:7C:CF:36:CC:C6:23:D9:D8:4C:A5:3B:C6:F0:B5:B9:A9:EE
Certificate issuer: /CN=12ef9e49fecf2509eb6769eee2cdd4a5253b71c5
Certificate serial: 01920985FBF9104A92FA091EC2AFFE018A71
Authority key identifier: 12:EF:9E:49:FE:CF:25:09:EB:67:69:EE:E2:CD:D4:A5:25:3B:71:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/oqBVfM82zMYj2dhMpTvG8LW5qe4.roa
Signing time: Thu 19 Sep 2024 09:03:48 +0000
ROA not before: Thu 19 Sep 2024 09:03:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39246
IP address blocks: 31.193.189.0/24 maxlen: 24
62.192.132.0/24 maxlen: 24
62.192.133.0/24 maxlen: 24
77.78.128.0/24 maxlen: 24
77.78.129.0/24 maxlen: 24
77.78.130.0/24 maxlen: 24
77.78.131.0/24 maxlen: 24
77.78.132.0/24 maxlen: 24
77.78.133.0/24 maxlen: 24
77.78.134.0/24 maxlen: 24
77.78.135.0/24 maxlen: 24
77.78.136.0/24 maxlen: 24
77.78.137.0/24 maxlen: 24
77.78.138.0/24 maxlen: 24
77.78.139.0/24 maxlen: 24
77.78.140.0/24 maxlen: 24
77.78.141.0/24 maxlen: 24
77.78.142.0/24 maxlen: 24
77.78.143.0/24 maxlen: 24
77.78.144.0/24 maxlen: 24
109.121.129.0/24 maxlen: 24
109.121.130.0/24 maxlen: 24
109.121.131.0/24 maxlen: 24
109.121.132.0/24 maxlen: 24
109.121.148.0/24 maxlen: 24
109.121.149.0/24 maxlen: 24
109.121.150.0/24 maxlen: 24
109.121.151.0/24 maxlen: 24
109.121.154.0/24 maxlen: 24
109.121.155.0/24 maxlen: 24
109.121.156.0/24 maxlen: 24
109.121.157.0/24 maxlen: 24
109.121.158.0/24 maxlen: 24
109.121.164.0/24 maxlen: 24
109.121.165.0/24 maxlen: 24
109.121.167.0/24 maxlen: 24
109.121.168.0/24 maxlen: 24
109.121.169.0/24 maxlen: 24
109.121.170.0/24 maxlen: 24
109.121.171.0/24 maxlen: 24
109.121.176.0/24 maxlen: 24
109.121.177.0/24 maxlen: 24
109.121.178.0/24 maxlen: 24
109.121.179.0/24 maxlen: 24
109.121.184.0/24 maxlen: 24
109.121.185.0/24 maxlen: 24
109.121.186.0/24 maxlen: 24
109.121.187.0/24 maxlen: 24
109.121.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:09:85:fb:f9:10:4a:92:fa:09:1e:c2:af:fe:01:8a:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12ef9e49fecf2509eb6769eee2cdd4a5253b71c5
Validity
Not Before: Sep 19 09:03:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2a0557ccf36ccc623d9d84ca53bc6f0b5b9a9ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fc:29:80:65:88:0b:70:6d:a2:37:d5:e0:ea:
45:cd:3c:01:85:98:34:df:03:ed:76:d1:40:d4:8b:
61:1a:d2:f0:8b:59:21:2d:f5:f3:12:d4:4f:ce:6a:
96:2f:3b:fd:4a:5c:bd:1d:bc:4c:dc:28:46:54:27:
f0:01:97:f3:4c:c1:7c:b4:c8:5f:a2:6f:90:c3:e0:
ae:28:62:06:34:96:01:d2:d8:db:49:41:80:69:1d:
1f:80:7e:a7:1d:69:ba:46:ba:16:f8:73:b1:4f:39:
0c:f6:42:d2:91:e7:20:04:c6:d4:75:fe:34:e4:ae:
25:24:76:89:0d:cf:f3:5f:ef:9a:f7:61:a8:99:fc:
c9:94:2c:2b:97:6a:26:e8:c1:98:e2:39:40:6d:d7:
64:df:1b:2a:1b:d0:1f:d4:dd:c0:70:76:6c:2c:0b:
14:28:db:1e:90:ef:7c:69:dc:a2:93:c9:da:60:ec:
21:91:19:0f:74:ff:3a:fe:b9:5e:3b:59:0e:c6:72:
d0:0c:ae:1a:71:09:84:af:da:55:fe:fa:6c:1a:3b:
61:15:34:d5:cf:24:c9:55:ff:67:b2:88:f3:b6:b1:
ea:ee:8a:43:a5:1d:83:ec:f9:be:6f:db:da:53:07:
ca:58:c5:21:62:37:d4:60:63:d8:55:37:2a:42:75:
07:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A0:55:7C:CF:36:CC:C6:23:D9:D8:4C:A5:3B:C6:F0:B5:B9:A9:EE
X509v3 Authority Key Identifier:
keyid:12:EF:9E:49:FE:CF:25:09:EB:67:69:EE:E2:CD:D4:A5:25:3B:71:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/oqBVfM82zMYj2dhMpTvG8LW5qe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.189.0/24
62.192.132.0/23
77.78.128.0-77.78.144.255
109.121.129.0-109.121.132.255
109.121.148.0/22
109.121.154.0-109.121.158.255
109.121.164.0/23
109.121.167.0-109.121.171.255
109.121.176.0/22
109.121.184.0-109.121.188.255
Signature Algorithm: sha256WithRSAEncryption
62:36:31:83:35:cf:18:bb:6a:60:7c:1b:02:56:f2:02:38:ec:
df:1a:d7:10:54:d0:46:34:7e:64:a0:db:24:7e:89:23:d1:4e:
b4:2f:0f:0c:8b:f0:cc:2b:24:5d:78:93:f4:51:cc:78:7c:c5:
39:22:b2:a9:7a:13:ca:48:6f:a4:c7:64:2d:af:ad:a3:5d:ad:
38:76:8a:b0:05:18:23:89:9a:db:b5:18:b4:5c:ac:98:47:ee:
c3:15:d1:ec:6f:44:14:1c:55:a1:97:6a:10:22:e1:c3:39:b5:
5c:59:d7:6b:38:c1:94:bc:7d:dd:12:72:c0:ba:33:cf:db:9e:
29:f8:18:e8:ef:43:8b:5b:d0:3a:3d:3c:5d:11:84:40:0e:69:
52:e0:46:d9:1f:6b:98:e0:96:0f:ef:a3:5a:4f:09:64:93:3b:
01:92:5e:24:ea:c6:66:7b:45:85:a4:83:9b:00:33:7d:0d:5f:
14:68:9c:ac:08:9a:6f:36:b0:e4:43:6d:9c:89:a8:08:2c:91:
b9:53:cd:04:5f:f7:e4:1f:b9:b7:cf:aa:34:ae:d8:8d:2a:b4:
db:68:5a:fe:17:49:b8:de:8e:72:57:5c:99:56:7c:8a:9b:2d:
19:87:37:fc:97:7b:b4:3c:35:97:1e:bf:a6:eb:66:9a:56:3f:
61:cd:8c:c3
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZIJhfv5EEqS+gkewq/+AYpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZWY5ZTQ5ZmVjZjI1MDllYjY3NjllZWUyY2RkNGE1MjUz
YjcxYzUwHhcNMjQwOTE5MDkwMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmEwNTU3Y2NmMzZjY2M2MjNkOWQ4NGNhNTNiYzZmMGI1YjlhOWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfwpgGWIC3BtojfV4OpFzTwBhZg0
3wPtdtFA1IthGtLwi1khLfXzEtRPzmqWLzv9Sly9HbxM3ChGVCfwAZfzTMF8tMhf
om+Qw+CuKGIGNJYB0tjbSUGAaR0fgH6nHWm6RroW+HOxTzkM9kLSkecgBMbUdf40
5K4lJHaJDc/zX++a92GomfzJlCwrl2om6MGY4jlAbddk3xsqG9Af1N3AcHZsLAsU
KNsekO98adyik8naYOwhkRkPdP86/rleO1kOxnLQDK4acQmEr9pV/vpsGjthFTTV
zyTJVf9nsojztrHq7opDpR2D7Pm+b9vaUwfKWMUhYjfUYGPYVTcqQnUHswIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFKKgVXzPNszGI9nYTKU7xvC1uanuMB8GA1UdIwQY
MBaAFBLvnkn+zyUJ62dp7uLN1KUlO3HFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXUtZVNmN1BKUW5yWjJudTRzM1VwU1U3Y2NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85YzI3YzItZmRiZS00ZTM5LWJhOTIt
MWQ1ZDk0NWEwNWEzLzEvb3FCVmZNODJ6TVlqMmRoTXBUdkc4TFc1cWU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85YzI3YzItZmRiZS00ZTM5LWJhOTItMWQ1ZDk0NWEwNWEz
LzEvRXUtZVNmN1BKUW5yWjJudTRzM1VwU1U3Y2NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQAH8G9AwQB
PsCEMAwDBAdNToADBABNTpAwDAMEAG15gQMEAG15hAMEAm15lDAMAwQBbXmaAwQA
bXmeAwQBbXmkMAwDBABteacDBAJteagDBAJtebAwDAMEA215uAMEAG15vDANBgkq
hkiG9w0BAQsFAAOCAQEAYjYxgzXPGLtqYHwbAlbyAjjs3xrXEFTQRjR+ZKDbJH6J
I9FOtC8PDIvwzCskXXiT9FHMeHzFOSKyqXoTykhvpMdkLa+to12tOHaKsAUYI4ma
27UYtFysmEfuwxXR7G9EFBxVoZdqECLhwzm1XFnXazjBlLx93RJywLozz9ueKfgY
6O9Di1vQOj08XRGEQA5pUuBG2R9rmOCWD++jWk8JZJM7AZJeJOrGZntFhaSDmwAz
fQ1fFGicrAiabzaw5ENtnImoCCyRuVPNBF/35B+5t8+qNK7YjSq022ha/hdJuN6O
cldcmVZ8ipstGYc3/Jd7tDw1lx6/putmmlY/Yc2Mww==
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:31:36 2024 by rpki-client on console-fra.rpki-client.org