Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/ORHwXtHEUQVnycTjYyyfc1Cr2nI.roa
File: ORHwXtHEUQVnycTjYyyfc1Cr2nI.roa (raw, json)
Hash identifier: jnu/sgcOnyOGtZg+Ww45radV0Dtf8Zy8q8rUuzlmnfo=
Subject key identifier: 39:11:F0:5E:D1:C4:51:05:67:C9:C4:E3:63:2C:9F:73:50:AB:DA:72
Certificate issuer: /CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Certificate serial: 018CC795516969EB07466DB33956FE8CADF7
Authority key identifier: F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/ORHwXtHEUQVnycTjYyyfc1Cr2nI.roa
Signing time: Tue 02 Jan 2024 00:31:40 +0000
ROA not before: Tue 02 Jan 2024 00:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5607
IP address blocks: 93.96.224.0/23 maxlen: 23
93.96.224.0/19 maxlen: 19
93.96.228.0/23 maxlen: 23
87.80.0.0/15 maxlen: 15
51.198.0.0/16 maxlen: 16
51.198.0.0/15 maxlen: 15
176.255.240.0/24 maxlen: 24
176.255.242.0/24 maxlen: 24
176.255.241.0/24 maxlen: 24
151.224.0.0/13 maxlen: 13
51.194.0.0/16 maxlen: 16
93.96.0.0/17 maxlen: 17
78.86.0.0/16 maxlen: 16
149.241.0.0/16 maxlen: 16
51.241.0.0/16 maxlen: 16
176.248.0.0/13 maxlen: 13
2.120.0.0/13 maxlen: 13
93.96.128.0/18 maxlen: 18
51.19.0.0/16 maxlen: 16
51.199.224.0/20 maxlen: 20
188.220.0.0/14 maxlen: 14
51.146.0.0/16 maxlen: 16
51.199.240.0/21 maxlen: 21
51.199.248.0/22 maxlen: 22
90.192.0.0/11 maxlen: 11
51.199.192.0/19 maxlen: 19
51.190.0.0/15 maxlen: 15
5.64.0.0/13 maxlen: 13
51.199.0.0/17 maxlen: 17
46.64.0.0/15 maxlen: 15
94.192.0.0/14 maxlen: 14
51.182.0.0/15 maxlen: 15
2.216.0.0/13 maxlen: 13
51.199.128.0/18 maxlen: 18
51.186.0.0/15 maxlen: 15
94.0.0.0/12 maxlen: 12
176.24.0.0/14 maxlen: 14
78.105.0.0/16 maxlen: 16
2a06:5902::/31 maxlen: 31
2a06:5904::/31 maxlen: 31
2a02:c7a:1200::/48 maxlen: 48
2a02:c7a:1202::/48 maxlen: 48
2a02:c7e::/33 maxlen: 33
2a02:c7e:8000::/33 maxlen: 33
2a06:5901::/33 maxlen: 33
2a02:c78::/29 maxlen: 29
2a02:c7b::/32 maxlen: 32
2a02:c7a::/32 maxlen: 32
2a02:c7d::/33 maxlen: 33
2a02:c7d:8000::/33 maxlen: 33
2a06:5906::/31 maxlen: 31
2a02:c7c::/30 maxlen: 30
2a02:c7f::/33 maxlen: 33
2a02:c7f:8000::/33 maxlen: 33
2a06:5900::/32 maxlen: 32
2a02:c7c::/33 maxlen: 33
2a02:c7c:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.mft
rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:51:69:69:eb:07:46:6d:b3:39:56:fe:8c:ad:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Validity
Not Before: Jan 2 00:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3911f05ed1c4510567c9c4e3632c9f7350abda72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2e:ec:7b:0d:9d:d2:9e:21:90:27:4b:57:69:
2a:34:55:15:dd:36:a9:70:f4:b3:b5:f3:58:a5:87:
0a:5a:aa:b7:a1:57:3f:34:b1:a9:0b:ea:08:b9:9d:
5b:56:76:ca:32:fa:a8:e2:20:92:bf:70:3f:54:58:
f7:d6:5c:7e:c7:40:3b:62:94:32:74:17:af:46:03:
8c:0b:e9:ee:c3:28:65:96:5a:e4:76:6f:f3:e2:99:
7d:a2:ee:ae:7b:ff:64:4c:b4:52:ea:5a:27:60:39:
62:4b:21:c3:fa:b4:c1:cf:7c:71:d0:1a:67:c4:70:
5a:09:cb:ec:8a:74:16:24:90:a4:da:68:fc:5a:d3:
cd:2b:6a:04:06:c4:ad:14:66:1f:3d:b8:4e:b3:b7:
72:ad:8d:8f:5f:5d:17:fb:1d:1f:46:58:8e:17:5c:
2a:6c:55:cd:31:ad:19:21:70:46:ed:57:ae:d8:73:
8c:56:41:4c:99:12:b8:84:70:eb:b9:d1:30:97:f2:
31:93:f2:9a:de:db:9b:88:02:2f:78:69:2b:10:f5:
37:4c:ce:ed:b2:cf:ab:f7:b3:92:ab:44:ca:14:c4:
bf:e2:02:c9:f9:29:b3:98:74:e9:6d:10:2b:02:00:
5f:a6:01:5c:ff:be:0a:3a:bb:46:79:b7:12:9a:9b:
a9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:11:F0:5E:D1:C4:51:05:67:C9:C4:E3:63:2C:9F:73:50:AB:DA:72
X509v3 Authority Key Identifier:
keyid:F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/ORHwXtHEUQVnycTjYyyfc1Cr2nI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.120.0.0/13
2.216.0.0/13
5.64.0.0/13
46.64.0.0/15
51.19.0.0/16
51.146.0.0/16
51.182.0.0/15
51.186.0.0/15
51.190.0.0/15
51.194.0.0/16
51.198.0.0/15
51.241.0.0/16
78.86.0.0/16
78.105.0.0/16
87.80.0.0/15
90.192.0.0/11
93.96.0.0-93.96.191.255
93.96.224.0/19
94.0.0.0/12
94.192.0.0/14
149.241.0.0/16
151.224.0.0/13
176.24.0.0/14
176.248.0.0/13
188.220.0.0/14
IPv6:
2a02:c78::/29
2a06:5900::-2a06:5901:7fff:ffff:ffff:ffff:ffff:ffff
2a06:5902::-2a06:5907:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b1:fa:05:30:ef:8c:29:c9:22:b7:68:b9:df:96:e5:64:7a:23:
5e:e5:23:ba:51:ab:7d:07:95:bd:f0:44:2b:64:29:be:ff:ae:
a1:2e:ef:96:b7:ee:3d:b9:b9:d5:05:81:a0:ad:3a:b4:23:ca:
ed:7e:e4:59:4b:f0:ce:50:d5:10:53:9c:f4:4f:39:ca:e2:53:
4c:8f:02:c4:41:33:b4:42:87:c0:c6:c5:90:68:a6:3f:04:46:
c9:d4:0b:8d:cc:1d:04:5c:ec:f7:e5:90:7a:5c:5e:43:0f:a2:
d6:27:70:fd:51:5d:3c:65:4d:f2:47:3a:87:2a:06:30:31:d7:
44:3c:7f:f3:0e:63:4e:d7:8a:8f:95:17:28:75:95:b3:b0:7f:
5f:2f:b9:c1:6d:bf:24:ab:bc:fb:9b:2e:1c:bc:0b:77:eb:1c:
43:81:23:3b:b7:d6:56:5e:84:fd:b7:2e:9b:46:1b:c2:0d:8b:
3c:e9:94:90:8b:49:b5:03:57:1f:45:2c:13:18:81:1d:c7:f5:
56:d6:c6:da:c8:20:62:1a:ef:e6:ec:7b:0d:01:98:7b:e4:e8:
26:17:a7:5f:d4:11:80:0e:d2:e6:8c:6d:53:01:94:4a:f5:b1:
0b:47:5a:7b:3f:fa:7f:ee:57:3d:2b:4f:e5:03:37:d6:3f:44:
f6:0c:af:ed
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgISAYzHlVFpaesHRm2zOVb+jK33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MWQ0YTQzNzRkZjIyMmFjMzIzNWI5NjAyMjA2ZDk2YmYx
ZGFjODIwHhcNMjQwMTAyMDAzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTExZjA1ZWQxYzQ1MTA1NjdjOWM0ZTM2MzJjOWY3MzUwYWJkYTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAji7sew2d0p4hkCdLV2kqNFUV3Tap
cPSztfNYpYcKWqq3oVc/NLGpC+oIuZ1bVnbKMvqo4iCSv3A/VFj31lx+x0A7YpQy
dBevRgOMC+nuwyhlllrkdm/z4pl9ou6ue/9kTLRS6lonYDliSyHD+rTBz3xx0Bpn
xHBaCcvsinQWJJCk2mj8WtPNK2oEBsStFGYfPbhOs7dyrY2PX10X+x0fRliOF1wq
bFXNMa0ZIXBG7Veu2HOMVkFMmRK4hHDrudEwl/Ixk/Ka3tubiAIveGkrEPU3TM7t
ss+r97OSq0TKFMS/4gLJ+SmzmHTpbRArAgBfpgFc/74KOrtGebcSmpupFQIDAQAB
o4ICvTCCArkwHQYDVR0OBBYEFDkR8F7RxFEFZ8nE42Msn3NQq9pyMB8GA1UdIwQY
MBaAFPcdSkN03yIqwyNblgIgbZa/HayCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUt
ZTlhYzJiMDAzMTZhLzEvT1JId1h0SEVVUVZueWNUall5eWZjMUNyMm5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUtZTlhYzJiMDAzMTZh
LzEvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHSBggrBgEFBQcBBwEB/wSBwjCBvzCBjQQCAAEwgYYDAwMC
eAMDAwLYAwMDBUADAwEuQAMDADMTAwMAM5IDAwEztgMDATO6AwMBM74DAwAzwgMD
ATPGAwMAM/EDAwBOVgMDAE5pAwMBV1ADAwVawDALAwMFXWADBAZdYIADBAVdYOAD
AwReAAMDAl7AAwMAlfEDAwOX4AMDArAYAwMDsPgDAwK83DAtBAIAAjAnAwUDKgIM
eDAOAwQAKgZZAwYHKgZZAQAwDgMFASoGWQIDBQMqBlkAMA0GCSqGSIb3DQEBCwUA
A4IBAQCx+gUw74wpySK3aLnfluVkeiNe5SO6Uat9B5W98EQrZCm+/66hLu+Wt+49
ubnVBYGgrTq0I8rtfuRZS/DOUNUQU5z0TznK4lNMjwLEQTO0QofAxsWQaKY/BEbJ
1AuNzB0EXOz35ZB6XF5DD6LWJ3D9UV08ZU3yRzqHKgYwMddEPH/zDmNO14qPlRco
dZWzsH9fL7nBbb8kq7z7my4cvAt36xxDgSM7t9ZWXoT9ty6bRhvCDYs86ZSQi0m1
A1cfRSwTGIEdx/VW1sbayCBiGu/m7HsNAZh75OgmF6df1BGADtLmjG1TAZRK9bEL
R1p7P/p/7lc9K0/lAzfWP0T2DK/t
-----END CERTIFICATE-----
Generated at Fri May 17 21:42:44 2024 by rpki-client on console-fra.rpki-client.org