Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/UEh_7He4I8OW7q94CWOHUgRLdgg.roa
File: UEh_7He4I8OW7q94CWOHUgRLdgg.roa (raw, json)
Hash identifier: e+I1aUhXz6O0djUyyaZqaCbQHdCbfeJAoLMeUejjW7I=
Subject key identifier: 50:48:7F:EC:77:B8:23:C3:96:EE:AF:78:09:63:87:52:04:4B:76:08
Certificate issuer: /CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Certificate serial: 01906DA9BB9DA76C3561BD758E5E2F13CC45
Authority key identifier: DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/UEh_7He4I8OW7q94CWOHUgRLdgg.roa
Signing time: Mon 01 Jul 2024 09:39:18 +0000
ROA not before: Mon 01 Jul 2024 09:39:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200350
IP address blocks: 37.230.172.0/22 maxlen: 24
37.230.188.0/22 maxlen: 24
45.133.96.0/22 maxlen: 24
46.21.244.0/22 maxlen: 24
51.250.0.0/17 maxlen: 24
62.84.112.0/20 maxlen: 24
84.201.128.0/18 maxlen: 24
84.252.128.0/20 maxlen: 24
89.169.128.0/18 maxlen: 24
89.232.188.0/22 maxlen: 24
130.193.32.0/19 maxlen: 24
158.160.0.0/16 maxlen: 24
178.154.192.0/18 maxlen: 24
185.206.164.0/22 maxlen: 24
185.216.194.0/23 maxlen: 24
193.32.216.0/22 maxlen: 24
217.28.224.0/20 maxlen: 24
217.198.168.0/21 maxlen: 24
2a0d:d6c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.mft
rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6d:a9:bb:9d:a7:6c:35:61:bd:75:8e:5e:2f:13:cc:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Validity
Not Before: Jul 1 09:39:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50487fec77b823c396eeaf7809638752044b7608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:1a:b0:f1:18:56:21:c7:5e:72:99:65:fb:f8:
8f:2d:e3:be:64:ca:d9:5a:d5:03:f3:f2:9c:e9:61:
e3:a9:a4:f0:94:09:54:28:fd:a4:ae:d1:b3:9f:54:
12:44:86:75:70:a0:33:49:6e:51:3d:d8:28:46:85:
03:54:3d:59:7a:a1:81:d6:4f:b5:e9:6b:38:fb:0f:
f9:16:19:c3:05:11:60:a4:9e:07:97:a5:88:a0:b8:
7b:4a:ef:ed:dc:56:3a:0a:ab:03:b2:54:c2:d3:c9:
56:14:e8:08:b2:18:00:ff:78:7a:49:fa:a7:86:ce:
7c:9b:64:3e:ee:f9:ff:57:b0:bd:09:28:67:c5:88:
b4:f6:3f:83:cb:54:75:14:f0:b9:6b:80:9d:f2:9f:
2e:54:b2:0d:d1:16:26:7b:22:d5:2e:d4:08:d4:6c:
7f:fb:e3:9e:21:31:f3:84:1b:50:4f:0a:6f:64:1d:
9f:31:d9:9c:c0:7d:9c:ac:f5:90:89:1d:16:a8:78:
09:0f:ec:fc:ea:f0:ec:39:5a:e5:10:b5:59:3d:cc:
07:8c:c7:95:b9:6f:62:bb:b8:a0:db:49:cf:45:e0:
cd:b7:9b:bb:21:96:9a:ce:8e:f8:ce:16:87:2d:57:
35:7f:96:87:39:c3:e3:b4:28:ad:da:56:ed:06:59:
a0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:48:7F:EC:77:B8:23:C3:96:EE:AF:78:09:63:87:52:04:4B:76:08
X509v3 Authority Key Identifier:
keyid:DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/UEh_7He4I8OW7q94CWOHUgRLdgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.172.0/22
37.230.188.0/22
45.133.96.0/22
46.21.244.0/22
51.250.0.0/17
62.84.112.0/20
84.201.128.0/18
84.252.128.0/20
89.169.128.0/18
89.232.188.0/22
130.193.32.0/19
158.160.0.0/16
178.154.192.0/18
185.206.164.0/22
185.216.194.0/23
193.32.216.0/22
217.28.224.0/20
217.198.168.0/21
IPv6:
2a0d:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
41:16:3c:bd:a0:3d:67:8c:16:6d:72:c9:2b:d4:1c:20:a5:93:
29:77:f6:34:e3:b0:6d:10:b3:d1:39:8c:b2:cd:df:fa:59:66:
f9:66:07:99:f3:aa:18:b3:94:6d:0f:67:49:91:49:4b:15:a7:
f9:b6:b0:90:7b:ec:4b:f0:a1:e3:74:a8:01:ef:ec:ea:72:63:
71:c7:db:f4:ab:8d:4b:eb:df:41:db:ba:04:23:1f:ca:47:3c:
ff:16:c1:ef:db:c7:22:f2:c8:0d:b9:75:a1:2d:d6:cc:d9:7e:
0d:21:b3:f6:4b:6e:f9:9d:37:62:99:50:c1:18:40:6b:ab:69:
e8:66:13:cc:0f:d0:a1:b9:e3:93:a5:41:b8:2d:4a:4e:f3:bc:
6f:05:5e:29:61:87:8e:15:02:ae:2e:da:23:d7:32:a4:3b:5a:
88:61:e3:15:e1:19:9b:b9:5f:18:94:3a:f3:ad:4f:5a:ab:c7:
a4:d7:8c:a3:1f:68:5a:07:66:48:ea:6d:93:ca:08:ca:1a:82:
c4:5e:0a:29:2e:09:5c:e8:49:d3:ee:b8:b0:f1:7d:23:e6:88:
18:34:2d:7a:57:e2:bf:d4:78:5d:55:03:47:50:c5:83:c0:48:
d4:31:5e:57:82:58:e8:c5:bb:03:b8:a2:ae:87:a1:bc:76:40:
14:63:b9:fc
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAZBtqbudp2w1Yb11jl4vE8xFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODZlM2U5MjhjN2YwYzlkYjY5NTE1ZmYzYWExZjY3OGNl
ZTQzYzAwHhcNMjQwNzAxMDkzOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDQ4N2ZlYzc3YjgyM2MzOTZlZWFmNzgwOTYzODc1MjA0NGI3NjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xqw8RhWIcdecpll+/iPLeO+ZMrZ
WtUD8/Kc6WHjqaTwlAlUKP2krtGzn1QSRIZ1cKAzSW5RPdgoRoUDVD1ZeqGB1k+1
6Ws4+w/5FhnDBRFgpJ4Hl6WIoLh7Su/t3FY6CqsDslTC08lWFOgIshgA/3h6Sfqn
hs58m2Q+7vn/V7C9CShnxYi09j+Dy1R1FPC5a4Cd8p8uVLIN0RYmeyLVLtQI1Gx/
++OeITHzhBtQTwpvZB2fMdmcwH2crPWQiR0WqHgJD+z86vDsOVrlELVZPcwHjMeV
uW9iu7ig20nPReDNt5u7IZaazo74zhaHLVc1f5aHOcPjtCit2lbtBlmgXQIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFFBIf+x3uCPDlu6veAljh1IES3YIMB8GA1UdIwQY
MBaAFNyG4+kox/DJ22lRX/OqH2eM7kPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0liajZTakg4TW5iYVZGZjg2b2ZaNHp1UThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80NzFhYTUtYzNmNy00YWZkLWIxMjIt
OWM4ZTU5YzI3NzFjLzEvVUVoXzdIZTRJOE9XN3E5NENXT0hVZ1JMZGdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80NzFhYTUtYzNmNy00YWZkLWIxMjItOWM4ZTU5YzI3NzFj
LzEvM0liajZTakg4TW5iYVZGZjg2b2ZaNHp1UThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjBxBAIAATBrAwQCJeas
AwQCJea8AwQCLYVgAwQCLhX0AwQHM/oAAwQEPlRwAwQGVMmAAwQEVPyAAwQGWamA
AwQCWei8AwQFgsEgAwMAnqADBAaymsADBAK5zqQDBAG52MIDBALBINgDBATZHOAD
BAPZxqgwDQQCAAIwBwMFAyoN1sAwDQYJKoZIhvcNAQELBQADggEBAEEWPL2gPWeM
Fm1yySvUHCClkyl39jTjsG0Qs9E5jLLN3/pZZvlmB5nzqhizlG0PZ0mRSUsVp/m2
sJB77EvwoeN0qAHv7OpyY3HH2/SrjUvr30HbugQjH8pHPP8Wwe/bxyLyyA25daEt
1szZfg0hs/ZLbvmdN2KZUMEYQGuraehmE8wP0KG545OlQbgtSk7zvG8FXilhh44V
Aq4u2iPXMqQ7Wohh4xXhGZu5XxiUOvOtT1qrx6TXjKMfaFoHZkjqbZPKCMoagsRe
CikuCVzoSdPuuLDxfSPmiBg0LXpX4r/UeF1VA0dQxYPASNQxXleCWOjFuwO4oq6H
obx2QBRjufw=
-----END CERTIFICATE-----
Generated at Sat Sep 28 14:42:57 2024 by rpki-client on console-ams.rpki-client.org