Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4ephU6kRlc6pTIHHrk2zjgEzTUQ.roa
File: 4ephU6kRlc6pTIHHrk2zjgEzTUQ.roa (raw, json)
Hash identifier: rYCwKrHd13GMsSdYS8FcC1NMLP8F9uB9Y+3fkOdbXTs=
Subject key identifier: E1:EA:61:53:A9:11:95:CE:A9:4C:81:C7:AE:4D:B3:8E:01:33:4D:44
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019339F928D4DB718D7252E40E18776F8B51
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4ephU6kRlc6pTIHHrk2zjgEzTUQ.roa
Signing time: Sun 17 Nov 2024 11:54:10 +0000
ROA not before: Sun 17 Nov 2024 11:54:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26383
IP address blocks: 62.76.234.0/24 maxlen: 24
62.76.239.0/24 maxlen: 24
185.72.8.0/24 maxlen: 24
192.124.176.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.124.22.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
194.58.34.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.58.45.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.68.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.87.58.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
195.133.67.0/24 maxlen: 24
195.133.92.0/24 maxlen: 24
212.192.12.0/24 maxlen: 24
212.192.13.0/24 maxlen: 24
212.192.15.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:39:f9:28:d4:db:71:8d:72:52:e4:0e:18:77:6f:8b:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 17 11:54:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1ea6153a91195cea94c81c7ae4db38e01334d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:73:da:4a:14:ec:b3:98:29:8e:be:27:25:d9:
9a:ec:c6:25:35:2a:b8:81:e2:6e:56:cd:39:6e:a8:
93:45:3a:1d:5d:c3:a7:1f:5a:d3:34:29:7a:8d:d0:
29:af:d8:80:13:99:f8:eb:22:ee:8d:d8:7c:88:b0:
4e:9a:6c:50:f3:53:58:16:85:46:72:fc:3d:fa:84:
c0:81:af:f3:6e:40:01:d0:58:d1:d7:b6:26:fd:2e:
44:4c:42:b2:d0:c9:07:ac:ee:58:fa:54:37:28:4b:
d3:be:2c:62:6f:28:20:d7:02:36:bd:e1:52:5a:e6:
03:fd:62:b7:79:1e:12:e2:d7:0b:66:dc:93:5f:a5:
f7:f0:1a:cc:ba:51:07:34:e7:21:c5:e5:10:13:0f:
53:42:ae:f5:cf:7a:e6:86:21:aa:4b:95:dd:61:14:
72:6a:0c:8b:45:37:ff:92:1c:47:1d:44:0f:8c:99:
aa:e3:4d:64:d5:7c:4b:ed:35:be:69:ea:b3:f2:1b:
6b:9b:4c:90:28:ef:31:64:aa:45:09:e2:78:4b:15:
39:b3:d9:69:8a:28:92:e8:7d:16:9a:5c:1f:58:97:
9e:a5:df:e5:65:80:90:09:3c:34:7d:c0:f9:26:5f:
c3:e3:65:83:f0:89:71:d7:22:15:36:1a:9f:57:10:
22:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:EA:61:53:A9:11:95:CE:A9:4C:81:C7:AE:4D:B3:8E:01:33:4D:44
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4ephU6kRlc6pTIHHrk2zjgEzTUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.234.0/24
62.76.239.0/24
185.72.8.0/24
192.124.176.0/24
192.124.209.0/24
193.124.22.0/24
193.124.41.0/24
193.124.46.0/24
193.124.49.0/24
194.58.34.0/24
194.58.38.0-194.58.40.255
194.58.44.0/23
194.58.59.0/24
194.58.66.0/24
194.58.68.0/24
194.87.10.0/24
194.87.18.0/24
194.87.30.0/24
194.87.39.0/24
194.87.47.0/24
194.87.58.0/24
194.87.82.0/24
194.87.198.0/24
194.87.227.0/24
194.87.230.0/24
195.133.67.0/24
195.133.92.0/24
212.192.12.0/23
212.192.15.0/24
212.192.215.0/24
212.192.221.0/24
212.192.223.0/24
212.193.1.0-212.193.2.255
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:84:fb:e0:1c:85:47:61:05:3e:8e:27:d3:6f:4f:e9:50:6e:
cf:de:ce:4f:df:33:d8:2f:be:2e:93:79:fc:15:a8:db:94:6f:
73:67:cc:01:19:34:22:62:59:5f:39:7e:ee:9d:30:29:b3:9c:
4c:d2:56:c3:62:ca:86:e3:23:90:16:d5:da:47:41:37:db:d7:
a6:5c:f7:7c:d7:89:dc:13:ad:6c:8e:df:48:f3:e6:f9:5e:bd:
4a:eb:26:d9:08:d1:94:4b:55:78:b7:da:a9:08:78:f4:9a:ba:
f7:b4:b1:d8:a2:55:23:57:33:92:82:2c:e8:9c:9a:a5:79:13:
f7:11:26:3b:aa:a0:39:ea:05:01:7f:23:54:a9:9f:b9:48:60:
cd:cf:56:60:f6:d6:2f:ef:0a:81:be:8b:cd:8c:87:fb:7d:7b:
e2:20:f2:55:f2:0b:83:c5:e9:02:b0:ed:84:c2:83:50:8b:c8:
e1:fd:e7:63:a0:13:93:42:18:e3:b7:c8:a2:19:4f:a8:92:1e:
0e:80:d0:b1:14:4d:f3:28:00:85:39:af:c7:e6:e4:c4:a8:45:
d0:d4:61:ac:62:00:5a:be:6c:eb:c7:81:fa:dc:b2:7f:20:13:
32:17:d2:0b:ea:70:e9:09:3c:4d:5f:af:77:b6:80:86:73:9d:
bc:a9:64:a0
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZM5+SjU23GNclLkDhh3b4tRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMTE3MTE1NDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWVhNjE1M2E5MTE5NWNlYTk0YzgxYzdhZTRkYjM4ZTAxMzM0ZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXPaShTss5gpjr4nJdma7MYlNSq4
geJuVs05bqiTRTodXcOnH1rTNCl6jdApr9iAE5n46yLujdh8iLBOmmxQ81NYFoVG
cvw9+oTAga/zbkAB0FjR17Ym/S5ETEKy0MkHrO5Y+lQ3KEvTvixibygg1wI2veFS
WuYD/WK3eR4S4tcLZtyTX6X38BrMulEHNOchxeUQEw9TQq71z3rmhiGqS5XdYRRy
agyLRTf/khxHHUQPjJmq401k1XxL7TW+aeqz8htrm0yQKO8xZKpFCeJ4SxU5s9lp
iiiS6H0WmlwfWJeepd/lZYCQCTw0fcD5Jl/D42WD8Ilx1yIVNhqfVxAiRwIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFOHqYVOpEZXOqUyBx65Ns44BM01EMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNGVwaFU2a1JsYzZwVElISHJrMnpqZ0V6VFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwDBAA+
TOoDBAA+TO8DBAC5SAgDBADAfLADBADAfNEDBADBfBYDBADBfCkDBADBfC4DBADB
fDEDBADCOiIwDAMEAcI6JgMEAMI6KAMEAcI6LAMEAMI6OwMEAMI6QgMEAMI6RAME
AMJXCgMEAMJXEgMEAMJXHgMEAMJXJwMEAMJXLwMEAMJXOgMEAMJXUgMEAMJXxgME
AMJX4wMEAMJX5gMEAMOFQwMEAMOFXAMEAdTADAMEANTADwMEANTA1wMEANTA3QME
ANTA3zAMAwQA1MEBAwQA1MECAwQA1MEGMA0GCSqGSIb3DQEBCwUAA4IBAQBehPvg
HIVHYQU+jifTb0/pUG7P3s5P3zPYL74uk3n8FajblG9zZ8wBGTQiYllfOX7unTAp
s5xM0lbDYsqG4yOQFtXaR0E329emXPd814ncE61sjt9I8+b5Xr1K6ybZCNGUS1V4
t9qpCHj0mrr3tLHYolUjVzOSgizonJqleRP3ESY7qqA56gUBfyNUqZ+5SGDNz1Zg
9tYv7wqBvovNjIf7fXviIPJV8guDxekCsO2EwoNQi8jh/edjoBOTQhjjt8iiGU+o
kh4OgNCxFE3zKACFOa/H5uTEqEXQ1GGsYgBavmzrx4H63LJ/IBMyF9IL6nDpCTxN
X693toCGc528qWSg
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:14:50 2024 by rpki-client on console-ams.rpki-client.org