Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/7LusiMOGLPQ_CigNc88ecC8p5gg.roa
File: 7LusiMOGLPQ_CigNc88ecC8p5gg.roa (raw, json)
Hash identifier: yZvG9DnLOdiEagHvdQrYTO5RwKygYrRkODYEnGAO0Vc=
Subject key identifier: EC:BB:AC:88:C3:86:2C:F4:3F:0A:28:0D:73:CF:1E:70:2F:29:E6:08
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01917E3E8500CAADA281A5EC84BCD9393DA6
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/7LusiMOGLPQ_CigNc88ecC8p5gg.roa
Signing time: Fri 23 Aug 2024 07:58:32 +0000
ROA not before: Fri 23 Aug 2024 07:58:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213250
IP address blocks: 2.56.245.0/24 maxlen: 24
5.182.204.0/23 maxlen: 23
5.182.206.0/23 maxlen: 23
5.252.100.0/22 maxlen: 22
5.252.100.0/24 maxlen: 24
5.252.101.0/24 maxlen: 24
5.252.102.0/24 maxlen: 24
5.252.103.0/24 maxlen: 24
5.253.247.0/24 maxlen: 24
37.221.93.0/24 maxlen: 24
45.11.229.0/24 maxlen: 24
45.13.224.0/23 maxlen: 23
45.13.224.0/24 maxlen: 24
45.86.155.0/24 maxlen: 24
45.89.124.0/23 maxlen: 23
45.89.126.0/23 maxlen: 23
45.131.64.0/24 maxlen: 24
45.131.66.0/23 maxlen: 23
45.133.74.0/24 maxlen: 24
109.71.252.0/24 maxlen: 24
194.15.36.0/24 maxlen: 24
212.87.212.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7e:3e:85:00:ca:ad:a2:81:a5:ec:84:bc:d9:39:3d:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Aug 23 07:58:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ecbbac88c3862cf43f0a280d73cf1e702f29e608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:91:c6:4e:4f:5a:44:37:1e:ef:9b:6e:30:63:
33:79:f6:cf:8f:df:15:46:6e:cf:de:20:de:87:31:
dc:9f:60:9d:d5:00:62:52:19:6a:17:cb:23:76:04:
98:db:e2:c7:64:aa:69:18:67:ba:47:75:39:77:b6:
f3:59:de:53:15:8a:0f:3c:64:db:33:74:31:4e:1e:
f0:7f:3b:84:62:18:fa:50:b4:a8:e5:fd:5b:da:00:
db:3c:92:f9:9b:df:de:70:20:ed:7c:ab:57:17:e7:
ff:e8:0a:47:8b:fd:d2:96:19:13:de:a7:e6:a5:38:
9c:55:e8:9c:2d:b4:16:de:f0:b5:40:d0:16:e2:4f:
51:90:02:6d:00:d4:e1:9e:e8:c5:51:93:f1:e1:dc:
11:14:eb:b4:f9:2d:93:44:a2:ab:fa:3d:30:68:6c:
50:c0:a2:11:a4:57:0a:04:78:c6:cc:09:be:95:ad:
14:2e:34:98:95:18:ee:f4:f4:c4:18:64:75:c9:6a:
49:6a:c9:c3:0a:e9:0d:29:a7:e3:0e:bb:94:95:0e:
9c:75:47:91:90:9c:fd:08:1c:12:63:c0:6a:25:c9:
77:b8:3d:fe:ae:6c:27:4e:9d:13:5d:ff:c3:7d:49:
60:a9:17:2f:d1:83:bc:d1:5b:02:86:66:59:ab:51:
e7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:BB:AC:88:C3:86:2C:F4:3F:0A:28:0D:73:CF:1E:70:2F:29:E6:08
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/7LusiMOGLPQ_CigNc88ecC8p5gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.245.0/24
5.182.204.0/22
5.252.100.0/22
5.253.247.0/24
37.221.93.0/24
45.11.229.0/24
45.13.224.0/23
45.86.155.0/24
45.89.124.0/22
45.131.64.0/24
45.131.66.0/23
45.133.74.0/24
109.71.252.0/24
194.15.36.0/24
212.87.212.0/23
Signature Algorithm: sha256WithRSAEncryption
96:df:f4:c7:c9:e6:73:c2:6b:8f:b3:34:76:a4:40:1c:83:9b:
cf:b8:e7:5a:3b:72:32:4a:2a:24:0b:93:df:4f:66:c1:d4:14:
7e:d7:c6:f6:c0:a5:91:a3:df:56:44:1e:03:ac:42:67:6c:ab:
7c:0c:71:7a:da:8f:60:5a:a0:d4:c4:e1:64:39:9c:5f:58:39:
18:1c:99:18:53:23:5d:75:4c:4c:d3:a0:24:32:ea:5a:1a:e4:
a5:dc:84:c6:7c:00:ad:53:40:81:0b:0e:51:c0:1b:9c:a4:61:
ed:ca:33:f9:51:ce:a1:46:d9:6d:78:da:6c:9b:10:c5:0c:f9:
d8:85:12:c2:fc:ff:20:3a:49:72:1c:4d:71:db:98:38:85:1d:
2a:0d:5e:a6:f6:5e:b9:07:b5:94:f6:b5:f5:ed:cb:d6:e2:9a:
75:13:45:72:87:cc:df:b4:6e:0c:19:51:7a:4e:a0:72:1c:10:
de:8c:e2:5c:1a:ec:d4:3f:fc:81:18:11:ba:3e:ba:18:77:f9:
76:6d:d0:fe:9e:66:77:f6:28:73:50:c9:bd:9c:e4:0a:02:73:
68:98:09:99:ef:f3:18:06:60:7e:8c:b2:1e:1f:e1:2d:7e:d1:
0c:a0:a6:87:e8:ae:52:f0:38:38:c6:cb:0b:bd:12:a3:16:18:
ef:11:62:17
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZF+PoUAyq2igaXshLzZOT2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwODIzMDc1ODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2JiYWM4OGMzODYyY2Y0M2YwYTI4MGQ3M2NmMWU3MDJmMjllNjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZHGTk9aRDce75tuMGMzefbPj98V
Rm7P3iDehzHcn2Cd1QBiUhlqF8sjdgSY2+LHZKppGGe6R3U5d7bzWd5TFYoPPGTb
M3QxTh7wfzuEYhj6ULSo5f1b2gDbPJL5m9/ecCDtfKtXF+f/6ApHi/3SlhkT3qfm
pTicVeicLbQW3vC1QNAW4k9RkAJtANThnujFUZPx4dwRFOu0+S2TRKKr+j0waGxQ
wKIRpFcKBHjGzAm+la0ULjSYlRju9PTEGGR1yWpJasnDCukNKafjDruUlQ6cdUeR
kJz9CBwSY8BqJcl3uD3+rmwnTp0TXf/DfUlgqRcv0YO80VsChmZZq1HngQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFOy7rIjDhiz0PwooDXPPHnAvKeYIMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvN0x1c2lNT0dMUFFfQ2lnTmM4OGVjQzhwNWdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAAjj1AwQC
BbbMAwQCBfxkAwQABf33AwQAJd1dAwQALQvlAwQBLQ3gAwQALVabAwQCLVl8AwQA
LYNAAwQBLYNCAwQALYVKAwQAbUf8AwQAwg8kAwQB1FfUMA0GCSqGSIb3DQEBCwUA
A4IBAQCW3/THyeZzwmuPszR2pEAcg5vPuOdaO3IySiokC5PfT2bB1BR+18b2wKWR
o99WRB4DrEJnbKt8DHF62o9gWqDUxOFkOZxfWDkYHJkYUyNddUxM06AkMupaGuSl
3ITGfACtU0CBCw5RwBucpGHtyjP5Uc6hRtlteNpsmxDFDPnYhRLC/P8gOklyHE1x
25g4hR0qDV6m9l65B7WU9rX17cvW4pp1E0Vyh8zftG4MGVF6TqByHBDejOJcGuzU
P/yBGBG6ProYd/l2bdD+nmZ39ihzUMm9nOQKAnNomAmZ7/MYBmB+jLIeH+EtftEM
oKaH6K5S8Dg4xssLvRKjFhjvEWIX
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:01:45 2024 by rpki-client on console-ams.rpki-client.org