Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/zq9UqUS0RZIhqpe3lT_Ne35ZCv4.roa
File: zq9UqUS0RZIhqpe3lT_Ne35ZCv4.roa (raw, json)
Hash identifier: QePM8WVO7RjBpTuJLQPaFYVgtWDk3QnXLzAEJmyQ7jg=
Subject key identifier: CE:AF:54:A9:44:B4:45:92:21:AA:97:B7:95:3F:CD:7B:7E:59:0A:FE
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 01932C89848FD507784249DB14A3C0022B6F
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/zq9UqUS0RZIhqpe3lT_Ne35ZCv4.roa
Signing time: Thu 14 Nov 2024 21:17:10 +0000
ROA not before: Thu 14 Nov 2024 21:17:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28964
IP address blocks: 5.172.32.0/24 maxlen: 24
89.23.64.0/24 maxlen: 24
89.23.72.0/23 maxlen: 23
89.23.91.0/24 maxlen: 24
89.23.94.0/23 maxlen: 23
109.111.241.0/24 maxlen: 24
109.111.242.0/24 maxlen: 24
109.111.251.0/24 maxlen: 24
109.111.255.0/24 maxlen: 24
178.254.150.0/24 maxlen: 24
178.254.160.0/23 maxlen: 23
178.254.162.0/24 maxlen: 24
178.254.164.0/24 maxlen: 24
178.254.166.0/24 maxlen: 24
178.254.167.0/24 maxlen: 24
178.254.173.0/24 maxlen: 24
178.254.174.0/24 maxlen: 24
178.254.178.0/24 maxlen: 24
178.254.185.0/24 maxlen: 24
185.157.45.0/24 maxlen: 24
185.157.46.0/24 maxlen: 24
185.157.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2c:89:84:8f:d5:07:78:42:49:db:14:a3:c0:02:2b:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Nov 14 21:17:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ceaf54a944b4459221aa97b7953fcd7b7e590afe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c7:8e:24:30:cc:73:db:ed:3c:29:5d:b0:9b:
ca:43:03:fe:51:6b:08:83:40:de:36:15:07:ec:f6:
21:f1:7c:44:f4:5f:2e:85:8c:02:bb:a5:b9:bb:bf:
a8:d1:48:39:9f:29:c3:16:f3:dd:7a:0e:b3:20:86:
a1:bb:5b:7a:d7:df:81:8e:ad:79:2d:46:5f:2d:09:
90:22:e0:7c:a4:f4:e8:87:ea:46:b0:be:89:cb:95:
35:00:96:10:2d:64:7a:b7:94:c8:4b:5e:7e:8b:0a:
b9:e9:7b:fa:11:06:28:bd:62:3a:52:43:f1:6f:23:
7f:4c:4e:12:39:76:4b:ac:6d:67:d8:04:27:42:bf:
a7:52:15:0a:0a:f7:40:33:77:67:89:5b:94:c6:67:
4b:9d:5e:a3:c7:d1:79:19:7a:6e:d5:1e:05:17:c6:
2c:7c:64:73:b6:63:6e:2f:7c:75:2c:83:44:23:e7:
35:01:e0:b6:94:98:69:fc:b0:b7:6c:4c:d9:00:bf:
ba:f1:78:79:43:62:4e:10:37:77:f1:14:80:fb:2c:
a7:a5:54:21:54:d3:92:10:0e:e7:73:3f:4f:79:3f:
de:dc:31:64:39:38:af:22:d4:4f:a7:f5:dc:91:e0:
82:59:1e:1c:45:2e:32:c0:92:70:6e:29:c6:5c:eb:
81:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:AF:54:A9:44:B4:45:92:21:AA:97:B7:95:3F:CD:7B:7E:59:0A:FE
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/zq9UqUS0RZIhqpe3lT_Ne35ZCv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.32.0/24
89.23.64.0/24
89.23.72.0/23
89.23.91.0/24
89.23.94.0/23
109.111.241.0-109.111.242.255
109.111.251.0/24
109.111.255.0/24
178.254.150.0/24
178.254.160.0-178.254.162.255
178.254.164.0/24
178.254.166.0/23
178.254.173.0-178.254.174.255
178.254.178.0/24
178.254.185.0/24
185.157.45.0-185.157.47.255
Signature Algorithm: sha256WithRSAEncryption
0b:ad:e1:e6:2f:08:5b:25:90:b0:7e:76:25:0f:d2:f1:9d:66:
e7:6e:46:62:f6:3c:90:7c:f4:28:9f:8d:59:bd:e8:a1:2a:52:
67:9e:6b:e7:cb:cf:f0:96:b5:98:c6:a8:75:85:d9:29:68:29:
ff:1e:6f:71:69:2d:91:1f:75:e8:bb:37:8b:17:80:1c:aa:54:
62:6a:40:c3:86:1a:b0:e6:8d:75:11:c2:46:18:ab:f5:3a:b2:
4a:d2:c8:95:c5:1a:7c:af:41:a3:c3:31:3e:db:88:fe:6f:34:
2d:3f:bc:e2:9e:c8:2a:2e:d8:5c:33:97:1c:c0:11:65:7a:45:
50:98:b4:04:32:15:b5:12:cf:33:0a:66:2b:0d:2e:49:93:d0:
1f:5c:6d:f1:10:11:22:f7:dc:d6:54:6b:f6:76:e5:92:12:44:
fe:1f:4c:1b:84:5f:37:bd:da:67:db:b9:d9:3c:8f:39:0d:95:
6c:5a:d7:c0:a6:5e:6f:6b:91:3c:93:37:cc:9a:4f:e3:eb:f0:
ab:f7:c5:d5:78:28:fa:52:6b:79:d9:97:aa:da:64:41:44:8b:
67:17:48:59:17:aa:dc:2d:19:5d:2a:01:30:aa:08:b9:95:d2:
3d:38:c6:a2:ba:eb:55:67:b8:c8:19:db:f1:d6:05:ba:cd:86:
cb:8c:dd:46
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZMsiYSP1Qd4QknbFKPAAitvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjQxMTE0MjExNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWFmNTRhOTQ0YjQ0NTkyMjFhYTk3Yjc5NTNmY2Q3YjdlNTkwYWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMeOJDDMc9vtPCldsJvKQwP+UWsI
g0DeNhUH7PYh8XxE9F8uhYwCu6W5u7+o0Ug5nynDFvPdeg6zIIahu1t619+Bjq15
LUZfLQmQIuB8pPToh+pGsL6Jy5U1AJYQLWR6t5TIS15+iwq56Xv6EQYovWI6UkPx
byN/TE4SOXZLrG1n2AQnQr+nUhUKCvdAM3dniVuUxmdLnV6jx9F5GXpu1R4FF8Ys
fGRztmNuL3x1LINEI+c1AeC2lJhp/LC3bEzZAL+68Xh5Q2JOEDd38RSA+yynpVQh
VNOSEA7ncz9PeT/e3DFkOTivItRPp/XckeCCWR4cRS4ywJJwbinGXOuBlQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFM6vVKlEtEWSIaqXt5U/zXt+WQr+MB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvenE5VXFVUzBSWklocXBlM2xUX05lMzVaQ3Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAAF
rCADBABZF0ADBAFZF0gDBABZF1sDBAFZF14wDAMEAG1v8QMEAG1v8gMEAG1v+wME
AG1v/wMEALL+ljAMAwQFsv6gAwQAsv6iAwQAsv6kAwQBsv6mMAwDBACy/q0DBACy
/q4DBACy/rIDBACy/rkwDAMEALmdLQMEBLmdIDANBgkqhkiG9w0BAQsFAAOCAQEA
C63h5i8IWyWQsH52JQ/S8Z1m525GYvY8kHz0KJ+NWb3ooSpSZ55r58vP8Ja1mMao
dYXZKWgp/x5vcWktkR916Ls3ixeAHKpUYmpAw4YasOaNdRHCRhir9TqyStLIlcUa
fK9Bo8MxPtuI/m80LT+84p7IKi7YXDOXHMARZXpFUJi0BDIVtRLPMwpmKw0uSZPQ
H1xt8RARIvfc1lRr9nblkhJE/h9MG4RfN73aZ9u52TyPOQ2VbFrXwKZeb2uRPJM3
zJpP4+vwq/fF1Xgo+lJredmXqtpkQUSLZxdIWReq3C0ZXSoBMKoIuZXSPTjGorrr
VWe4yBnb8dYFus2Gy4zdRg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:41:51 2024 by rpki-client on console-fra.rpki-client.org