Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/u5Bk7xPnoALFxBbED2etkry3Cvw.roa
File: u5Bk7xPnoALFxBbED2etkry3Cvw.roa (raw, json)
Hash identifier: +itpzD98siuZhuRtaDrEzGRrzyplcWdRZU98OvZKBQs=
Subject key identifier: BB:90:64:EF:13:E7:A0:02:C5:C4:16:C4:0F:67:AD:92:BC:B7:0A:FC
Certificate issuer: /CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Certificate serial: 01901C8DD0FE26AB0DC0F76925EF237C9303
Authority key identifier: 94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/u5Bk7xPnoALFxBbED2etkry3Cvw.roa
Signing time: Sat 15 Jun 2024 15:39:34 +0000
ROA not before: Sat 15 Jun 2024 15:39:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62005
IP address blocks: 45.86.228.0/24 maxlen: 24
45.86.229.0/24 maxlen: 24
45.86.231.0/24 maxlen: 24
45.129.199.0/24 maxlen: 24
62.106.66.0/24 maxlen: 24
77.72.85.0/24 maxlen: 24
91.235.234.0/24 maxlen: 24
91.242.241.0/24 maxlen: 24
146.19.143.0/24 maxlen: 24
146.19.254.0/24 maxlen: 24
176.124.32.0/24 maxlen: 24
176.124.33.0/24 maxlen: 24
185.39.18.0/24 maxlen: 24
185.123.53.0/24 maxlen: 24
193.109.120.0/24 maxlen: 24
193.200.16.0/24 maxlen: 24
193.200.17.0/24 maxlen: 24
194.26.141.0/24 maxlen: 24
194.61.120.0/24 maxlen: 24
194.61.121.0/24 maxlen: 24
195.54.160.0/24 maxlen: 24
212.46.38.0/24 maxlen: 24
213.109.147.0/24 maxlen: 24
213.109.192.0/24 maxlen: 24
2a10:1fc0:1::/48 maxlen: 48
2a10:1fc0:2::/48 maxlen: 48
2a10:1fc0:3::/48 maxlen: 48
2a10:1fc0:4::/48 maxlen: 48
2a10:1fc0:5::/48 maxlen: 48
2a10:1fc0:6::/48 maxlen: 48
2a10:1fc0:8::/48 maxlen: 48
2a10:1fc0:b::/48 maxlen: 48
2a10:1fc0:c::/48 maxlen: 48
2a10:1fc0:d::/48 maxlen: 48
2a10:1fc0:e::/48 maxlen: 48
2a10:1fc0:f::/48 maxlen: 48
2a10:1fc0:10::/48 maxlen: 48
2a10:1fc0:11::/48 maxlen: 48
2a10:1fc0:12::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 03:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:1c:8d:d0:fe:26:ab:0d:c0:f7:69:25:ef:23:7c:93:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Validity
Not Before: Jun 15 15:39:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb9064ef13e7a002c5c416c40f67ad92bcb70afc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c1:c4:9c:e7:af:a8:75:1a:29:03:ec:77:49:
4a:f3:6e:c6:02:73:0e:62:e7:89:93:1f:b5:f3:e8:
a4:06:53:01:2c:e0:88:d4:d3:eb:4c:55:f2:d5:32:
af:5c:17:fb:7d:17:8d:d1:46:57:dc:6e:37:82:11:
8e:98:2a:bf:fb:05:57:e4:4c:8b:51:06:b6:4a:ac:
b7:e8:86:c9:ba:d3:7b:f0:44:5f:ac:92:35:93:b4:
a1:b9:4d:cb:b4:be:a3:24:5d:d3:d2:89:e9:b5:ab:
db:4a:e6:a7:44:af:71:b9:48:87:f9:f2:94:dd:92:
f7:1a:72:a0:41:4f:e1:0d:39:6d:e9:86:88:2d:4e:
aa:4f:aa:24:6d:37:d6:07:eb:e4:f7:eb:67:5a:26:
94:ff:0b:6b:e3:ae:42:5a:41:f6:5b:0c:9d:7b:f6:
c4:18:32:53:0c:56:5f:35:ba:50:8c:7e:73:53:bf:
dd:6c:fb:6d:dd:8f:79:61:69:d2:0e:4f:9a:24:d8:
d5:13:9f:08:e9:ac:16:aa:9e:d3:d0:ed:6f:bf:7a:
f6:67:3d:36:75:ff:9e:5a:a1:42:83:81:27:4c:0a:
0e:ad:a6:8f:4a:4b:c8:de:c3:e6:47:c6:0f:b6:82:
39:d0:9d:b1:d9:07:37:b8:0f:cd:4c:61:00:b3:8b:
f3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:90:64:EF:13:E7:A0:02:C5:C4:16:C4:0F:67:AD:92:BC:B7:0A:FC
X509v3 Authority Key Identifier:
keyid:94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/u5Bk7xPnoALFxBbED2etkry3Cvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.228.0/23
45.86.231.0/24
45.129.199.0/24
62.106.66.0/24
77.72.85.0/24
91.235.234.0/24
91.242.241.0/24
146.19.143.0/24
146.19.254.0/24
176.124.32.0/23
185.39.18.0/24
185.123.53.0/24
193.109.120.0/24
193.200.16.0/23
194.26.141.0/24
194.61.120.0/23
195.54.160.0/24
212.46.38.0/24
213.109.147.0/24
213.109.192.0/24
IPv6:
2a10:1fc0:1::-2a10:1fc0:6:ffff:ffff:ffff:ffff:ffff
2a10:1fc0:8::/48
2a10:1fc0:b::-2a10:1fc0:12:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4f:83:9f:72:4f:dc:b4:50:f5:31:b2:ed:54:30:43:8c:56:55:
9d:2c:4b:8d:d9:eb:14:5f:4b:3b:bb:49:11:29:f5:68:b9:4b:
b9:d4:d4:e1:58:40:61:bb:12:46:07:2b:16:68:cd:a2:66:f7:
df:ef:05:86:e8:d9:de:6b:1a:cc:90:88:a4:b3:4b:b4:8c:ee:
3c:8f:ad:9a:27:64:6e:2c:67:d3:71:8d:bc:e6:2d:34:4c:db:
c4:2d:55:e8:87:ae:25:86:6f:8c:0f:b4:5e:3e:07:f7:4e:41:
ba:de:08:a0:7f:f4:cd:65:af:4c:c5:ab:69:b1:a5:3b:56:33:
c0:04:ff:c2:8e:fe:fc:78:aa:3d:e4:ee:e9:e5:64:c9:4f:2b:
95:57:d4:38:1c:fd:78:75:7b:e5:ce:58:5c:ff:65:46:7f:00:
77:b8:eb:c8:b1:d9:1b:27:1a:f7:ec:ca:3c:60:5d:c2:93:3e:
79:b6:06:25:67:26:63:fb:01:e6:80:2e:4e:2e:63:90:e2:53:
12:49:dc:f2:16:7c:d3:93:4a:5b:ca:68:df:b1:0e:3e:26:2c:
00:75:bd:cb:7a:0e:07:70:cd:da:7a:b8:99:a4:d9:61:21:24:
37:e2:65:02:17:00:f6:46:b7:1d:d1:a7:4d:ce:50:28:dd:45:
4a:f4:9a:1e
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAZAcjdD+JqsNwPdpJe8jfJMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzMyMGQwMzA5MzAxNzhlNmY3Y2VlZjkxZDJhYjg3ODRk
M2RjMTYwHhcNMjQwNjE1MTUzOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjkwNjRlZjEzZTdhMDAyYzVjNDE2YzQwZjY3YWQ5MmJjYjcwYWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8HEnOevqHUaKQPsd0lK827GAnMO
YueJkx+18+ikBlMBLOCI1NPrTFXy1TKvXBf7fReN0UZX3G43ghGOmCq/+wVX5EyL
UQa2Sqy36IbJutN78ERfrJI1k7ShuU3LtL6jJF3T0onptavbSuanRK9xuUiH+fKU
3ZL3GnKgQU/hDTlt6YaILU6qT6okbTfWB+vk9+tnWiaU/wtr465CWkH2Wwyde/bE
GDJTDFZfNbpQjH5zU7/dbPtt3Y95YWnSDk+aJNjVE58I6awWqp7T0O1vv3r2Zz02
df+eWqFCg4EnTAoOraaPSkvI3sPmR8YPtoI50J2x2Qc3uA/NTGEAs4vzVQIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFLuQZO8T56ACxcQWxA9nrZK8twr8MB8GA1UdIwQY
MBaAFJRzINAwkwF45vfO75HSq4eE09wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEt
OGFjNGEyMTkzOGI0LzEvdTVCazd4UG5vQUxGeEJiRUQyZXRrcnkzQ3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEtOGFjNGEyMTkzOGI0
LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTB+BAIAATB4AwQBLVbk
AwQALVbnAwQALYHHAwQAPmpCAwQATUhVAwQAW+vqAwQAW/LxAwQAkhOPAwQAkhP+
AwQBsHwgAwQAuScSAwQAuXs1AwQAwW14AwQBwcgQAwQAwhqNAwQBwj14AwQAwzag
AwQA1C4mAwQA1W2TAwQA1W3AMDcEAgACMDEwEgMHACoQH8AAAQMHACoQH8AABgMH
ACoQH8AACDASAwcAKhAfwAALAwcAKhAfwAASMA0GCSqGSIb3DQEBCwUAA4IBAQBP
g59yT9y0UPUxsu1UMEOMVlWdLEuN2esUX0s7u0kRKfVouUu51NThWEBhuxJGBysW
aM2iZvff7wWG6NneaxrMkIiks0u0jO48j62aJ2RuLGfTcY285i00TNvELVXoh64l
hm+MD7RePgf3TkG63gigf/TNZa9MxatpsaU7VjPABP/Cjv78eKo95O7p5WTJTyuV
V9Q4HP14dXvlzlhc/2VGfwB3uOvIsdkbJxr37Mo8YF3Ckz55tgYlZyZj+wHmgC5O
LmOQ4lMSSdzyFnzTk0pbymjfsQ4+JiwAdb3Leg4HcM3aeriZpNlhISQ34mUCFwD2
Rrcd0adNzlAo3UVK9Joe
-----END CERTIFICATE-----
Generated at Wed Jun 26 10:34:26 2024 by rpki-client on console-fra.rpki-client.org