Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/iqzw2LCnserEwJTrekyUrRzELwM.roa
File: iqzw2LCnserEwJTrekyUrRzELwM.roa (raw, json)
Hash identifier: bjBLWRUmLV3ncVzCxUtm5ZDa30SIQH5Sx6Uz/KLDz9o=
Subject key identifier: 8A:AC:F0:D8:B0:A7:B1:EA:C4:C0:94:EB:7A:4C:94:AD:1C:C4:2F:03
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 018EDB5DE27F63539A95BA996993FA6E8D7F
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/iqzw2LCnserEwJTrekyUrRzELwM.roa
Signing time: Sun 14 Apr 2024 06:49:06 +0000
ROA not before: Sun 14 Apr 2024 06:49:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36007
IP address blocks: 45.91.171.0/24 maxlen: 24
91.202.170.0/24 maxlen: 24
91.223.169.0/24 maxlen: 24
103.45.245.0/24 maxlen: 24
103.45.246.0/24 maxlen: 24
103.241.66.0/24 maxlen: 24
103.241.67.0/24 maxlen: 24
185.47.172.0/24 maxlen: 24
185.53.209.0/24 maxlen: 24
185.139.228.0/24 maxlen: 24
185.144.156.0/22 maxlen: 22
193.168.172.0/24 maxlen: 24
2a06:c5c0:1500::/48 maxlen: 48
2a06:c5c0:1600::/48 maxlen: 48
2a06:c5c0:1700::/48 maxlen: 48
2a07:3b80::/48 maxlen: 48
2a07:3b80:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.mft
rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 00:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:db:5d:e2:7f:63:53:9a:95:ba:99:69:93:fa:6e:8d:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Apr 14 06:49:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8aacf0d8b0a7b1eac4c094eb7a4c94ad1cc42f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e9:d4:38:8f:5c:a0:00:7c:d6:11:70:30:ca:
69:e7:64:94:37:13:b9:4e:9a:45:6b:1a:76:cc:fc:
4c:7e:ee:94:8c:df:86:12:70:b4:05:ab:83:ac:09:
ea:33:81:bc:17:1f:be:9e:ec:e9:5e:78:d0:7d:7c:
98:c8:de:7e:53:4b:e8:e3:0c:14:7e:b7:f1:6c:bb:
d8:0e:6f:34:c9:64:11:13:3a:2b:23:7f:dd:87:88:
17:9e:4d:ee:e8:e9:fd:f0:cf:ab:25:17:19:7e:48:
fa:5b:4f:fd:33:e3:98:a0:70:05:e3:83:02:71:5b:
af:91:41:e9:dd:1f:8a:b2:95:eb:c2:2a:4b:87:dc:
de:44:ed:a7:f9:c4:33:33:ef:30:6d:ff:6e:83:25:
16:78:5d:9a:d6:91:c9:03:8d:75:c3:5e:76:5d:a3:
cb:1c:2a:46:db:b8:7f:ba:d1:ab:8c:1a:30:62:9e:
24:34:93:76:3f:8c:b3:24:68:f0:5b:55:d5:d8:c3:
c1:19:41:1a:ff:ac:c5:6d:1c:9c:f2:73:47:74:5f:
5e:e1:de:c8:67:e8:cf:63:aa:f8:3e:10:b9:c9:64:
3a:2a:1c:5b:b8:c5:b3:aa:45:23:32:f3:45:82:bb:
94:2d:a6:d6:12:86:57:39:f2:7b:04:d9:70:38:d5:
08:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:AC:F0:D8:B0:A7:B1:EA:C4:C0:94:EB:7A:4C:94:AD:1C:C4:2F:03
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/iqzw2LCnserEwJTrekyUrRzELwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.171.0/24
91.202.170.0/24
91.223.169.0/24
103.45.245.0-103.45.246.255
103.241.66.0/23
185.47.172.0/24
185.53.209.0/24
185.139.228.0/24
185.144.156.0/22
193.168.172.0/24
IPv6:
2a06:c5c0:1500::/48
2a06:c5c0:1600::/48
2a06:c5c0:1700::/48
2a07:3b80::/48
2a07:3b80:8::/48
Signature Algorithm: sha256WithRSAEncryption
a7:27:70:f8:d3:c4:4d:14:27:a2:d2:5e:33:af:5e:62:65:43:
fd:28:87:06:4e:b5:0d:c5:a8:98:8e:fb:9c:0a:75:71:94:c7:
de:0c:64:17:e3:86:c2:dc:19:f6:82:ef:0a:cf:93:8b:ae:65:
70:d8:1f:17:1e:86:b4:25:17:6a:2c:1a:6d:ff:e4:70:1d:70:
ba:8e:40:44:57:ff:b5:05:f1:46:e5:7a:98:7a:a4:b3:35:99:
2a:8a:4b:6f:67:99:dd:f2:89:d0:4b:02:e1:19:b9:f4:27:6f:
8c:81:74:18:94:84:58:9e:46:75:ff:f2:67:7b:92:33:b3:03:
75:a6:db:e4:a9:a5:bc:e2:bc:5c:60:a0:6e:5b:0d:7b:24:93:
74:37:66:40:cd:8b:e1:c6:15:09:7c:68:c0:35:aa:19:8c:e8:
c1:d9:e2:23:7f:82:58:2b:b8:c8:56:82:70:da:d8:65:c4:8f:
a2:af:80:fa:77:94:f6:02:70:bc:80:c8:42:5d:90:e2:19:fe:
22:87:47:c0:e6:4e:a1:ec:a6:7f:e1:9d:1e:8d:21:a0:73:a7:
19:b2:d6:1c:72:bd:a4:97:41:a0:42:5b:76:bf:f1:27:0d:14:
c1:1c:c9:fe:5c:69:c2:b0:ef:92:f1:d2:78:f1:a8:ea:a2:07:
90:dc:b9:09
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAY7bXeJ/Y1OalbqZaZP6bo1/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjQwNDE0MDY0OTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWFjZjBkOGIwYTdiMWVhYzRjMDk0ZWI3YTRjOTRhZDFjYzQyZjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOnUOI9coAB81hFwMMpp52SUNxO5
TppFaxp2zPxMfu6UjN+GEnC0BauDrAnqM4G8Fx++nuzpXnjQfXyYyN5+U0vo4wwU
frfxbLvYDm80yWQREzorI3/dh4gXnk3u6On98M+rJRcZfkj6W0/9M+OYoHAF44MC
cVuvkUHp3R+KspXrwipLh9zeRO2n+cQzM+8wbf9ugyUWeF2a1pHJA411w152XaPL
HCpG27h/utGrjBowYp4kNJN2P4yzJGjwW1XV2MPBGUEa/6zFbRyc8nNHdF9e4d7I
Z+jPY6r4PhC5yWQ6KhxbuMWzqkUjMvNFgruULabWEoZXOfJ7BNlwONUISQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFIqs8Niwp7HqxMCU63pMlK0cxC8DMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvaXF6dzJMQ25zZXJFd0pUcmVreVVyUnpFTHdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBKBAIAATBEAwQALVur
AwQAW8qqAwQAW9+pMAwDBABnLfUDBABnLfYDBAFn8UIDBAC5L6wDBAC5NdEDBAC5
i+QDBAK5kJwDBADBqKwwMwQCAAIwLQMHACoGxcAVAAMHACoGxcAWAAMHACoGxcAX
AAMHACoHO4AAAAMHACoHO4AACDANBgkqhkiG9w0BAQsFAAOCAQEApydw+NPETRQn
otJeM69eYmVD/SiHBk61DcWomI77nAp1cZTH3gxkF+OGwtwZ9oLvCs+Ti65lcNgf
Fx6GtCUXaiwabf/kcB1wuo5ARFf/tQXxRuV6mHqkszWZKopLb2eZ3fKJ0EsC4Rm5
9CdvjIF0GJSEWJ5Gdf/yZ3uSM7MDdabb5KmlvOK8XGCgblsNeySTdDdmQM2L4cYV
CXxowDWqGYzowdniI3+CWCu4yFaCcNrYZcSPoq+A+neU9gJwvIDIQl2Q4hn+IodH
wOZOoeymf+GdHo0hoHOnGbLWHHK9pJdBoEJbdr/xJw0UwRzJ/lxpwrDvkvHSePGo
6qIHkNy5CQ==
-----END CERTIFICATE-----
Generated at Thu Jun 20 10:01:53 2024 by rpki-client on console-fra.rpki-client.org