Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/Hda5fzDtekyqYzvl-Gphd16Qg3I.roa
File: Hda5fzDtekyqYzvl-Gphd16Qg3I.roa (raw, json)
Hash identifier: /jrseR1poUz8GFcuLczVWILtGEo8Ff2jthoFqBO2cyc=
Subject key identifier: 1D:D6:B9:7F:30:ED:7A:4C:AA:63:3B:E5:F8:6A:61:77:5E:90:83:72
Certificate issuer: /CN=fdd2b36206439bbce15b363f09eeff1d738cecc7
Certificate serial: 018D7D56C6B5B9FD4C476ED3574569BD0CCB
Authority key identifier: FD:D2:B3:62:06:43:9B:BC:E1:5B:36:3F:09:EE:FF:1D:73:8C:EC:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/Hda5fzDtekyqYzvl-Gphd16Qg3I.roa
Signing time: Tue 06 Feb 2024 07:34:15 +0000
ROA not before: Tue 06 Feb 2024 07:34:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16010
IP address blocks: 5.178.128.0/17 maxlen: 24
46.49.0.0/17 maxlen: 24
62.168.160.0/19 maxlen: 24
77.74.40.0/21 maxlen: 21
80.241.240.0/22 maxlen: 22
80.241.248.0/22 maxlen: 22
80.241.253.0/24 maxlen: 24
80.241.254.0/23 maxlen: 23
82.211.128.0/18 maxlen: 19
85.114.224.0/19 maxlen: 24
89.232.32.0/19 maxlen: 24
93.177.128.0/18 maxlen: 24
94.137.160.0/19 maxlen: 24
94.240.192.0/18 maxlen: 24
95.104.0.0/17 maxlen: 24
109.172.128.0/17 maxlen: 24
134.19.224.0/19 maxlen: 24
185.115.4.0/22 maxlen: 22
185.115.4.0/24 maxlen: 24
188.121.192.0/19 maxlen: 24
188.129.128.0/17 maxlen: 18
212.58.96.0/19 maxlen: 24
212.72.128.0/23 maxlen: 24
212.72.131.0/24 maxlen: 24
212.72.132.0/22 maxlen: 22
212.72.136.0/21 maxlen: 24
212.72.144.0/21 maxlen: 21
212.72.152.0/23 maxlen: 23
212.72.154.0/24 maxlen: 24
212.72.156.0/22 maxlen: 22
213.157.192.0/19 maxlen: 24
213.200.0.0/19 maxlen: 24
2a0b:6200::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.mft
rsync://rpki.ripe.net/repository/DEFAULT/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 13:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:56:c6:b5:b9:fd:4c:47:6e:d3:57:45:69:bd:0c:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd2b36206439bbce15b363f09eeff1d738cecc7
Validity
Not Before: Feb 6 07:34:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1dd6b97f30ed7a4caa633be5f86a61775e908372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2b:0d:d9:c9:3a:39:72:30:b6:fd:b1:44:8d:
52:ed:72:74:70:c9:c9:40:fd:d1:88:ca:f2:a7:e5:
0f:97:c2:30:81:5a:a3:cd:05:b9:82:2c:21:ec:08:
2d:d3:3d:09:73:6a:94:07:68:b9:fa:6d:b6:c7:70:
e4:4c:90:02:b3:d0:23:dd:01:77:bb:24:55:cd:2d:
5d:95:95:10:85:0f:d1:75:df:f3:c1:8c:93:60:89:
28:73:ae:e1:dc:de:b8:a3:34:d4:b8:a8:61:92:c5:
fe:9f:2b:87:77:ff:a1:29:a1:1e:93:48:9b:be:82:
8c:db:87:91:ed:f2:b4:19:f7:85:35:fe:29:fc:8b:
15:d8:ec:72:9e:c7:e7:7b:fe:eb:93:2e:39:ff:c4:
0a:9c:04:21:76:e4:ea:56:b4:5e:61:44:2d:69:d8:
40:f7:ea:52:ea:dd:a9:4b:6e:91:f4:8e:cd:2b:8c:
f3:a7:77:e8:97:83:d9:6c:4f:27:d8:6a:c7:ab:e4:
a0:bb:ba:7b:ad:01:ae:8d:36:80:82:50:41:54:54:
5a:6a:43:1d:e8:ab:15:64:b2:8f:83:6e:1b:6a:9b:
8c:1d:15:c7:3d:d8:55:0a:71:87:ac:92:2a:c1:eb:
45:2e:d5:2b:d6:f3:19:81:c8:2b:ff:2d:fc:1c:38:
76:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D6:B9:7F:30:ED:7A:4C:AA:63:3B:E5:F8:6A:61:77:5E:90:83:72
X509v3 Authority Key Identifier:
keyid:FD:D2:B3:62:06:43:9B:BC:E1:5B:36:3F:09:EE:FF:1D:73:8C:EC:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/Hda5fzDtekyqYzvl-Gphd16Qg3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.128.0/17
46.49.0.0/17
62.168.160.0/19
77.74.40.0/21
80.241.240.0/22
80.241.248.0/22
80.241.253.0-80.241.255.255
82.211.128.0/18
85.114.224.0/19
89.232.32.0/19
93.177.128.0/18
94.137.160.0/19
94.240.192.0/18
95.104.0.0/17
109.172.128.0/17
134.19.224.0/19
185.115.4.0/22
188.121.192.0/19
188.129.128.0/17
212.58.96.0/19
212.72.128.0/23
212.72.131.0-212.72.154.255
212.72.156.0/22
213.157.192.0/19
213.200.0.0/19
IPv6:
2a0b:6200::/29
Signature Algorithm: sha256WithRSAEncryption
8a:3c:91:08:3b:29:13:af:12:46:c4:c0:86:08:ef:81:1c:18:
69:1d:9f:94:9e:cb:29:35:81:6c:d2:f3:48:d3:7f:8b:dc:c6:
b1:d3:c5:a6:2a:c8:13:2a:db:e2:39:58:f1:e6:fc:68:d2:af:
51:63:da:24:a0:5f:17:c1:f1:5e:9f:d3:f5:a3:d8:27:2d:bd:
ff:7f:3d:58:cb:3c:4e:88:07:84:ee:2c:48:20:9e:90:d7:5e:
24:a3:fa:5a:3d:d0:f0:8d:74:cf:90:f3:bd:fc:23:3e:6e:7c:
74:04:19:ad:e0:51:12:89:8e:86:67:d6:2d:d5:d4:0c:ed:0d:
ea:6e:f0:05:b5:12:b9:b5:c9:60:c6:6e:cd:e8:4d:67:11:a2:
1d:71:57:93:e8:bc:76:4e:66:6a:03:ed:be:55:9e:3a:1c:77:
04:4c:6e:18:cf:6a:08:80:a8:27:27:5c:44:b4:f2:7d:d8:08:
f9:a5:9a:67:84:58:29:db:98:ac:0d:09:69:73:93:af:c0:a6:
6f:6e:a2:bc:93:ab:12:63:ce:ab:62:dc:f9:8a:d4:a9:1b:32:
7e:70:f2:27:f0:ae:c8:4f:95:89:e0:f9:35:2d:e5:bc:31:84:
bc:9b:ed:14:bd:06:5c:af:eb:34:71:68:93:9c:3d:2a:29:3e:
ee:e7:84:58
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAY19Vsa1uf1MR27TV0VpvQzLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDJiMzYyMDY0MzliYmNlMTViMzYzZjA5ZWVmZjFkNzM4
Y2VjYzcwHhcNMjQwMjA2MDczNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGQ2Yjk3ZjMwZWQ3YTRjYWE2MzNiZTVmODZhNjE3NzVlOTA4MzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoysN2ck6OXIwtv2xRI1S7XJ0cMnJ
QP3RiMryp+UPl8IwgVqjzQW5giwh7Agt0z0Jc2qUB2i5+m22x3DkTJACs9Aj3QF3
uyRVzS1dlZUQhQ/Rdd/zwYyTYIkoc67h3N64ozTUuKhhksX+nyuHd/+hKaEek0ib
voKM24eR7fK0GfeFNf4p/IsV2Oxynsfne/7rky45/8QKnAQhduTqVrReYUQtadhA
9+pS6t2pS26R9I7NK4zzp3fol4PZbE8n2GrHq+Sgu7p7rQGujTaAglBBVFRaakMd
6KsVZLKPg24bapuMHRXHPdhVCnGHrJIqwetFLtUr1vMZgcgr/y38HDh21wIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFB3WuX8w7XpMqmM75fhqYXdekINyMB8GA1UdIwQY
MBaAFP3Ss2IGQ5u84Vs2Pwnu/x1zjOzHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RLellnWkRtN3poV3pZX0NlN19IWE9NN01jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82MmI5MDktMWUzZS00YTFiLTllMjQt
YjAxZTAyOTdiMDcwLzEvSGRhNWZ6RHRla3lxWXp2bC1HcGhkMTZRZzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82MmI5MDktMWUzZS00YTFiLTllMjQtYjAxZTAyOTdiMDcw
LzEvX2RLellnWkRtN3poV3pZX0NlN19IWE9NN01jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBrAQCAAEwgaUDBAcF
soADBAcuMQADBAU+qKADBANNSigDBAJQ8fADBAJQ8fgwCwMEAFDx/QMDAVDwAwQG
UtOAAwQFVXLgAwQFWeggAwQGXbGAAwQFXomgAwQGXvDAAwQHX2gAAwQHbayAAwQF
hhPgAwQCuXMEAwQFvHnAAwQHvIGAAwQF1DpgAwQB1EiAMAwDBADUSIMDBADUSJoD
BALUSJwDBAXVncADBAXVyAAwDQQCAAIwBwMFAyoLYgAwDQYJKoZIhvcNAQELBQAD
ggEBAIo8kQg7KROvEkbEwIYI74EcGGkdn5Seyyk1gWzS80jTf4vcxrHTxaYqyBMq
2+I5WPHm/GjSr1Fj2iSgXxfB8V6f0/Wj2Cctvf9/PVjLPE6IB4TuLEggnpDXXiSj
+lo90PCNdM+Q8738Iz5ufHQEGa3gURKJjoZn1i3V1AztDepu8AW1Erm1yWDGbs3o
TWcRoh1xV5PovHZOZmoD7b5VnjocdwRMbhjPagiAqCcnXES08n3YCPmlmmeEWCnb
mKwNCWlzk6/Apm9uoryTqxJjzqti3PmK1KkbMn5w8ifwrshPlYng+TUt5bwxhLyb
7RS9Blyv6zRxaJOcPSopPu7nhFg=
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:08:56 2024 by rpki-client on console-fra.rpki-client.org