Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/Esq4lEmbTuucdxe6QCf1b36D1ik.roa
File: Esq4lEmbTuucdxe6QCf1b36D1ik.roa (raw, json)
Hash identifier: OaAKamsjtpLMt8EqYFTbFNMSbWKaKSHPAEuc9JUIhmw=
Subject key identifier: 12:CA:B8:94:49:9B:4E:EB:9C:77:17:BA:40:27:F5:6F:7E:83:D6:29
Certificate issuer: /CN=49dd8f1a62a5d7f80212de0f3efe75b2fa338ffe
Certificate serial: 018F75AD5875D9BF6267AD6EC855710E84B3
Authority key identifier: 49:DD:8F:1A:62:A5:D7:F8:02:12:DE:0F:3E:FE:75:B2:FA:33:8F:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/Esq4lEmbTuucdxe6QCf1b36D1ik.roa
Signing time: Tue 14 May 2024 05:57:25 +0000
ROA not before: Tue 14 May 2024 05:57:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51684
IP address blocks: 5.181.196.0/24 maxlen: 24
5.181.197.0/24 maxlen: 24
5.181.198.0/24 maxlen: 24
82.199.208.0/23 maxlen: 23
82.199.208.0/24 maxlen: 24
82.199.209.0/24 maxlen: 24
82.199.210.0/24 maxlen: 24
82.199.211.0/24 maxlen: 24
82.199.212.0/23 maxlen: 23
82.199.212.0/24 maxlen: 24
82.199.213.0/24 maxlen: 24
82.199.214.0/23 maxlen: 23
82.199.214.0/24 maxlen: 24
82.199.215.0/24 maxlen: 24
82.199.216.0/23 maxlen: 23
82.199.216.0/24 maxlen: 24
82.199.217.0/24 maxlen: 24
82.199.218.0/23 maxlen: 23
82.199.218.0/24 maxlen: 24
82.199.219.0/24 maxlen: 24
82.199.220.0/23 maxlen: 23
82.199.220.0/24 maxlen: 24
82.199.221.0/24 maxlen: 24
82.199.222.0/23 maxlen: 23
82.199.222.0/24 maxlen: 24
82.199.223.0/24 maxlen: 24
89.46.200.0/23 maxlen: 23
89.46.200.0/24 maxlen: 24
89.46.201.0/24 maxlen: 24
89.46.202.0/23 maxlen: 23
89.46.202.0/24 maxlen: 24
89.46.203.0/24 maxlen: 24
89.46.204.0/23 maxlen: 23
89.46.204.0/24 maxlen: 24
89.46.205.0/24 maxlen: 24
89.46.206.0/23 maxlen: 23
89.46.206.0/24 maxlen: 24
89.46.207.0/24 maxlen: 24
91.213.191.0/24 maxlen: 24
91.217.185.0/24 maxlen: 24
185.16.26.0/23 maxlen: 23
185.16.26.0/24 maxlen: 24
185.95.204.0/23 maxlen: 23
185.95.204.0/24 maxlen: 24
185.95.205.0/24 maxlen: 24
185.95.206.0/23 maxlen: 23
185.95.206.0/24 maxlen: 24
185.95.207.0/24 maxlen: 24
185.247.36.0/23 maxlen: 23
185.247.36.0/24 maxlen: 24
185.247.37.0/24 maxlen: 24
185.247.38.0/23 maxlen: 23
185.247.38.0/24 maxlen: 24
185.247.39.0/24 maxlen: 24
185.254.200.0/23 maxlen: 23
185.254.200.0/24 maxlen: 24
185.254.201.0/24 maxlen: 24
185.254.203.0/24 maxlen: 24
212.95.128.0/24 maxlen: 24
212.95.129.0/24 maxlen: 24
212.95.130.0/24 maxlen: 24
212.95.131.0/24 maxlen: 24
212.95.132.0/24 maxlen: 24
212.95.133.0/24 maxlen: 24
212.95.134.0/24 maxlen: 24
212.95.135.0/24 maxlen: 24
212.95.136.0/24 maxlen: 24
212.95.137.0/24 maxlen: 24
212.95.138.0/24 maxlen: 24
212.95.139.0/24 maxlen: 24
212.95.140.0/24 maxlen: 24
212.95.141.0/24 maxlen: 24
212.95.142.0/24 maxlen: 24
223.25.120.0/24 maxlen: 24
223.25.121.0/24 maxlen: 24
223.25.122.0/24 maxlen: 24
223.25.123.0/24 maxlen: 24
223.25.124.0/24 maxlen: 24
223.25.125.0/24 maxlen: 24
223.25.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/Sd2PGmKl1_gCEt4PPv51svozj_4.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/Sd2PGmKl1_gCEt4PPv51svozj_4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 14:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:75:ad:58:75:d9:bf:62:67:ad:6e:c8:55:71:0e:84:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49dd8f1a62a5d7f80212de0f3efe75b2fa338ffe
Validity
Not Before: May 14 05:57:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12cab894499b4eeb9c7717ba4027f56f7e83d629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:14:c5:1a:27:30:a9:e0:7f:e8:24:2c:d7:8e:
eb:cb:c3:bf:e9:dc:26:47:8a:dd:77:f9:29:09:dd:
1d:44:93:bf:78:30:c8:db:43:1e:61:7b:0d:2d:a8:
61:6c:5d:93:89:b1:f3:3f:88:92:27:7a:a8:20:5a:
15:4e:af:75:0d:94:b5:bd:43:a8:10:a0:db:19:85:
fd:24:ca:cf:ca:f1:18:f7:5d:27:f4:d0:f2:1e:99:
30:72:0f:98:6a:73:c2:e9:d5:24:19:98:98:25:7e:
00:99:a5:3e:cf:f7:22:94:33:0e:20:ae:9a:d8:cd:
01:50:d8:8b:bc:86:52:be:fc:2f:04:6f:fc:fc:60:
a2:bb:56:97:da:16:e2:e6:b5:b1:3c:b1:eb:5f:96:
ee:ee:97:5e:b2:70:8c:00:e1:5c:ef:cf:4a:e5:6b:
d5:76:39:38:b3:fa:b4:ef:d7:f2:87:06:7a:c4:ba:
18:6f:90:e5:a2:ae:ee:c4:06:f2:4b:bd:e5:44:ae:
a8:34:93:f4:18:5f:f5:13:15:ba:cb:81:44:23:56:
d3:ff:a4:5a:d2:48:f3:10:0d:61:63:26:5f:34:7e:
a2:ef:e8:14:ec:0f:89:2d:ed:ee:0e:df:e9:82:0a:
f8:65:d2:4e:80:c0:3d:1e:6c:ab:48:66:c6:2c:73:
f6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:CA:B8:94:49:9B:4E:EB:9C:77:17:BA:40:27:F5:6F:7E:83:D6:29
X509v3 Authority Key Identifier:
keyid:49:DD:8F:1A:62:A5:D7:F8:02:12:DE:0F:3E:FE:75:B2:FA:33:8F:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/Esq4lEmbTuucdxe6QCf1b36D1ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/Sd2PGmKl1_gCEt4PPv51svozj_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.196.0-5.181.198.255
82.199.208.0/20
89.46.200.0/21
91.213.191.0/24
91.217.185.0/24
185.16.26.0/23
185.95.204.0/22
185.247.36.0/22
185.254.200.0/23
185.254.203.0/24
212.95.128.0-212.95.142.255
223.25.120.0-223.25.126.255
Signature Algorithm: sha256WithRSAEncryption
74:9d:ae:b5:28:6f:1f:48:f7:64:14:d5:2e:76:ca:a7:dc:24:
f3:66:32:32:be:e6:73:9b:68:9a:75:09:90:24:3e:d5:d1:b2:
f4:ec:0d:68:e5:e3:0c:23:34:5c:ce:6c:1e:61:a2:79:5b:57:
79:3c:ec:5d:4c:61:7f:c0:43:1b:e6:7c:75:66:c1:a9:8f:3f:
ad:d3:ac:36:34:38:7f:ba:7e:6b:9d:1d:cd:f5:12:87:3f:57:
d5:21:10:91:d4:68:1e:8e:5e:6c:58:84:d8:e0:18:f6:ef:95:
d1:f3:b8:be:bb:d4:03:24:19:3f:d7:bd:79:b6:da:96:a4:4d:
22:64:34:6e:4e:49:f8:5b:c6:94:93:bd:cf:d9:d8:3a:f8:cd:
e2:5e:4d:2e:ad:16:b1:98:96:09:61:15:3b:c9:3e:cf:ef:bb:
0f:80:1e:12:39:7c:c0:83:af:63:09:53:72:09:bf:78:f2:f1:
ff:06:fb:37:e5:1c:b9:72:d1:d9:01:91:53:73:17:69:c5:23:
f0:c4:47:d7:21:15:38:da:de:e1:8c:95:ad:4a:da:59:dd:8d:
99:6f:9a:f0:be:ab:cd:99:e1:69:43:4c:e1:b4:23:9b:89:aa:
1d:85:4e:c5:c9:f8:bd:f5:80:cd:06:d7:eb:43:98:ee:17:76:
5b:f2:92:86
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAY91rVh12b9iZ61uyFVxDoSzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZGQ4ZjFhNjJhNWQ3ZjgwMjEyZGUwZjNlZmU3NWIyZmEz
MzhmZmUwHhcNMjQwNTE0MDU1NzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmNhYjg5NDQ5OWI0ZWViOWM3NzE3YmE0MDI3ZjU2ZjdlODNkNjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBTFGicwqeB/6CQs147ry8O/6dwm
R4rdd/kpCd0dRJO/eDDI20MeYXsNLahhbF2TibHzP4iSJ3qoIFoVTq91DZS1vUOo
EKDbGYX9JMrPyvEY910n9NDyHpkwcg+YanPC6dUkGZiYJX4AmaU+z/cilDMOIK6a
2M0BUNiLvIZSvvwvBG/8/GCiu1aX2hbi5rWxPLHrX5bu7pdesnCMAOFc789K5WvV
djk4s/q079fyhwZ6xLoYb5Dloq7uxAbyS73lRK6oNJP0GF/1ExW6y4FEI1bT/6Ra
0kjzEA1hYyZfNH6i7+gU7A+JLe3uDt/pggr4ZdJOgMA9HmyrSGbGLHP21wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFBLKuJRJm07rnHcXukAn9W9+g9YpMB8GA1UdIwQY
MBaAFEndjxpipdf4AhLeDz7+dbL6M4/+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2QyUEdtS2wxX2dDRXQ0UFB2NTFzdm96al80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8wMWIxZWYtMjMzYi00ZDZmLThkY2Yt
Y2VlYzQ5MTI0YzBmLzEvRXNxNGxFbWJUdXVjZHhlNlFDZjFiMzZEMWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8wMWIxZWYtMjMzYi00ZDZmLThkY2YtY2VlYzQ5MTI0YzBm
LzEvU2QyUEdtS2wxX2dDRXQ0UFB2NTFzdm96al80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgMAwDBAIFtcQD
BAAFtcYDBARSx9ADBANZLsgDBABb1b8DBABb2bkDBAG5EBoDBAK5X8wDBAK59yQD
BAG5/sgDBAC5/sswDAMEB9RfgAMEANRfjjAMAwQD3xl4AwQA3xl+MA0GCSqGSIb3
DQEBCwUAA4IBAQB0na61KG8fSPdkFNUudsqn3CTzZjIyvuZzm2iadQmQJD7V0bL0
7A1o5eMMIzRczmweYaJ5W1d5POxdTGF/wEMb5nx1ZsGpjz+t06w2NDh/un5rnR3N
9RKHP1fVIRCR1Ggejl5sWITY4Bj275XR87i+u9QDJBk/1715ttqWpE0iZDRuTkn4
W8aUk73P2dg6+M3iXk0urRaxmJYJYRU7yT7P77sPgB4SOXzAg69jCVNyCb948vH/
Bvs35Ry5ctHZAZFTcxdpxSPwxEfXIRU42t7hjJWtStpZ3Y2Zb5rwvqvNmeFpQ0zh
tCObiaodhU7Fyfi99YDNBtfrQ5juF3Zb8pKG
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:08:25 2024 by rpki-client on console-fra.rpki-client.org