Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/7nmM8ErHQaodgHIPCE8Y7EdciyI.roa
File: 7nmM8ErHQaodgHIPCE8Y7EdciyI.roa (raw, json)
Hash identifier: ooBSOP42wgA5LHQ5HWzlzOkjdNFlIXdAg2suzawQKWo=
Subject key identifier: EE:79:8C:F0:4A:C7:41:AA:1D:80:72:0F:08:4F:18:EC:47:5C:8B:22
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018F29CF88209CC2DE03EE858350DB9E2EF4
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/7nmM8ErHQaodgHIPCE8Y7EdciyI.roa
Signing time: Mon 29 Apr 2024 12:23:37 +0000
ROA not before: Mon 29 Apr 2024 12:23:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210906
IP address blocks: 85.254.2.0/24 maxlen: 24
85.254.4.0/24 maxlen: 24
85.254.7.0/24 maxlen: 24
85.254.30.0/24 maxlen: 24
85.254.40.0/24 maxlen: 24
85.254.42.0/23 maxlen: 23
85.254.51.0/24 maxlen: 24
85.254.59.0/24 maxlen: 24
85.254.64.0/23 maxlen: 23
85.254.76.0/22 maxlen: 22
85.254.84.0/23 maxlen: 23
85.254.103.0/24 maxlen: 24
85.254.112.0/22 maxlen: 22
85.254.124.0/23 maxlen: 23
85.254.126.0/24 maxlen: 24
85.254.128.0/22 maxlen: 22
85.254.134.0/24 maxlen: 24
85.254.137.0/24 maxlen: 24
85.254.138.0/23 maxlen: 23
85.254.140.0/24 maxlen: 24
85.254.174.0/23 maxlen: 23
85.254.180.0/23 maxlen: 23
159.148.26.0/24 maxlen: 24
159.148.54.0/24 maxlen: 24
159.148.62.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
159.148.126.0/24 maxlen: 24
159.148.128.0/24 maxlen: 24
159.148.130.0/24 maxlen: 24
159.148.158.0/24 maxlen: 24
159.148.163.0/24 maxlen: 24
159.148.166.0/23 maxlen: 23
159.148.179.0/24 maxlen: 24
159.148.180.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
159.148.216.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.241.0/24 maxlen: 24
159.148.246.0/23 maxlen: 23
159.148.248.0/24 maxlen: 24
185.27.94.0/24 maxlen: 24
217.69.121.0/24 maxlen: 24
217.69.125.0/24 maxlen: 24
217.69.126.0/24 maxlen: 24
217.69.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:cf:88:20:9c:c2:de:03:ee:85:83:50:db:9e:2e:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Apr 29 12:23:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee798cf04ac741aa1d80720f084f18ec475c8b22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:58:06:96:97:e0:72:02:bf:8a:96:6e:5e:fc:
95:22:8f:9a:7a:48:0e:6f:af:32:8a:04:cf:4b:00:
19:82:e6:de:74:4f:3c:50:6e:e9:3b:28:e1:6c:f9:
69:f8:f4:f7:72:13:40:ea:6e:cc:fc:96:e6:39:ee:
0b:85:29:63:b0:57:4e:97:87:36:b7:86:5e:07:14:
33:88:ca:60:f4:18:b1:c1:a4:88:9e:9b:c6:f1:08:
af:19:f0:5c:7e:23:2f:d5:f0:22:8e:f6:c7:e6:65:
aa:c7:a4:44:09:e9:e0:53:79:19:24:9a:66:90:73:
e1:f0:93:02:60:b0:15:f6:6c:12:bb:2e:3c:e4:9c:
c1:66:45:09:e5:9f:9b:f7:17:da:a6:4e:ca:94:ae:
7e:c8:4e:4f:d1:bb:09:f5:da:d3:91:94:0c:51:2b:
43:0e:18:2c:b7:5c:50:18:5b:9c:3e:b5:d7:23:ff:
89:10:2a:20:88:0b:e3:99:9d:7b:77:2c:e1:1b:2e:
84:74:8a:79:19:93:50:95:cf:04:f8:f7:d4:ab:1a:
f1:27:d8:7f:68:0a:83:6d:29:22:75:1e:86:70:cb:
22:34:6d:65:2c:39:53:08:a4:91:cc:66:55:4b:52:
cd:c2:92:c4:f0:dd:1a:68:28:dc:10:11:d4:62:00:
5a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:79:8C:F0:4A:C7:41:AA:1D:80:72:0F:08:4F:18:EC:47:5C:8B:22
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/7nmM8ErHQaodgHIPCE8Y7EdciyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.2.0/24
85.254.4.0/24
85.254.7.0/24
85.254.30.0/24
85.254.40.0/24
85.254.42.0/23
85.254.51.0/24
85.254.59.0/24
85.254.64.0/23
85.254.76.0/22
85.254.84.0/23
85.254.103.0/24
85.254.112.0/22
85.254.124.0-85.254.126.255
85.254.128.0/22
85.254.134.0/24
85.254.137.0-85.254.140.255
85.254.174.0/23
85.254.180.0/23
159.148.26.0/24
159.148.54.0/24
159.148.62.0/24
159.148.66.0/24
159.148.126.0/24
159.148.128.0/24
159.148.130.0/24
159.148.158.0/24
159.148.163.0/24
159.148.166.0/23
159.148.179.0-159.148.180.255
159.148.204.0/24
159.148.216.0/24
159.148.218.0/24
159.148.234.0/24
159.148.241.0/24
159.148.246.0-159.148.248.255
185.27.94.0/24
217.69.121.0/24
217.69.125.0-217.69.127.255
Signature Algorithm: sha256WithRSAEncryption
8e:45:4a:e5:16:d6:6c:2f:5c:72:69:a5:ae:b7:5a:91:7a:fb:
f2:59:fd:3b:ac:35:7d:3d:d7:a1:c7:48:95:f0:8d:85:eb:9e:
18:2c:14:04:32:06:ef:7b:dc:2c:d8:f6:1e:d1:df:47:7c:bc:
8e:fc:01:78:cd:ef:be:06:f5:24:08:ea:f9:0a:be:ac:3e:ea:
84:d1:05:87:fa:40:29:7b:05:4f:da:23:c5:ab:42:d5:b7:43:
06:97:fc:a5:49:46:4a:b8:af:08:86:45:bb:d2:55:99:d4:87:
01:b9:c6:e4:b5:7a:bc:5d:2b:55:7a:02:2b:83:9b:e9:40:3c:
b1:3e:90:44:d2:7c:ff:75:9a:64:cc:12:44:4c:97:b9:9a:47:
81:6e:a6:55:16:52:9a:d4:8e:b5:c6:e4:d9:f7:7d:da:44:8f:
b5:00:3a:3f:99:40:2f:c3:ae:e8:fa:ab:75:d8:e2:fb:88:ca:
e6:6d:ef:5b:25:a4:f6:5d:e9:e6:1b:09:0d:e0:a8:5c:f4:94:
42:7c:6e:f4:30:f0:4e:e2:c3:08:cb:2c:75:69:d5:b6:ab:65:
dd:c5:0a:0c:a3:59:87:9e:f9:a0:b9:69:a3:be:af:e7:5d:ff:
84:3d:09:3f:5f:0e:71:78:10:c2:32:87:5a:09:ed:50:52:a5:
fd:7e:bb:a2
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgISAY8pz4ggnMLeA+6Fg1Dbni70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwNDI5MTIyMzM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTc5OGNmMDRhYzc0MWFhMWQ4MDcyMGYwODRmMThlYzQ3NWM4YjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFgGlpfgcgK/ipZuXvyVIo+aekgO
b68yigTPSwAZgubedE88UG7pOyjhbPlp+PT3chNA6m7M/JbmOe4LhSljsFdOl4c2
t4ZeBxQziMpg9BixwaSInpvG8QivGfBcfiMv1fAijvbH5mWqx6RECengU3kZJJpm
kHPh8JMCYLAV9mwSuy485JzBZkUJ5Z+b9xfapk7KlK5+yE5P0bsJ9drTkZQMUStD
Dhgst1xQGFucPrXXI/+JECogiAvjmZ17dyzhGy6EdIp5GZNQlc8E+PfUqxrxJ9h/
aAqDbSkidR6GcMsiNG1lLDlTCKSRzGZVS1LNwpLE8N0aaCjcEBHUYgBa4wIDAQAB
o4IDHzCCAxswHQYDVR0OBBYEFO55jPBKx0GqHYByDwhPGOxHXIsiMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvN25tTThFckhRYW9kZ0hJUENFOFk3RWRjaXlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMwYIKwYBBQUHAQcBAf8EggEiMIIBHjCCARoEAgABMIIB
EgMEAFX+AgMEAFX+BAMEAFX+BwMEAFX+HgMEAFX+KAMEAVX+KgMEAFX+MwMEAFX+
OwMEAVX+QAMEAlX+TAMEAVX+VAMEAFX+ZwMEAlX+cDAMAwQCVf58AwQAVf5+AwQC
Vf6AAwQAVf6GMAwDBABV/okDBABV/owDBAFV/q4DBAFV/rQDBACflBoDBACflDYD
BACflD4DBACflEIDBACflH4DBACflIADBACflIIDBACflJ4DBACflKMDBAGflKYw
DAMEAJ+UswMEAJ+UtAMEAJ+UzAMEAJ+U2AMEAJ+U2gMEAJ+U6gMEAJ+U8TAMAwQB
n5T2AwQAn5T4AwQAuRteAwQA2UV5MAwDBADZRX0DBAfZRQAwDQYJKoZIhvcNAQEL
BQADggEBAI5FSuUW1mwvXHJppa63WpF6+/JZ/TusNX0916HHSJXwjYXrnhgsFAQy
Bu973CzY9h7R30d8vI78AXjN774G9SQI6vkKvqw+6oTRBYf6QCl7BU/aI8WrQtW3
QwaX/KVJRkq4rwiGRbvSVZnUhwG5xuS1erxdK1V6AiuDm+lAPLE+kETSfP91mmTM
EkRMl7maR4FuplUWUprUjrXG5Nn3fdpEj7UAOj+ZQC/Druj6q3XY4vuIyuZt71sl
pPZd6eYbCQ3gqFz0lEJ8bvQw8E7iwwjLLHVp1barZd3FCgyjWYee+aC5aaO+r+dd
/4Q9CT9fDnF4EMIyh1oJ7VBSpf1+u6I=
-----END CERTIFICATE-----
Generated at Sun Jun 2 07:55:24 2024 by rpki-client on console-fra.rpki-client.org