Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/e5stL5CQNhEfoU7j4QHE_ElMKHk.roa
File: e5stL5CQNhEfoU7j4QHE_ElMKHk.roa (raw, json)
Hash identifier: 9H/dJy/RU4d0eHQOfpOI5IE8r+D5oU5WnuLn+1kEK9E=
Subject key identifier: 7B:9B:2D:2F:90:90:36:11:1F:A1:4E:E3:E1:01:C4:FC:49:4C:28:79
Certificate issuer: /CN=352ae33b11b36a319ba81347d852480d8e74c87d
Certificate serial: 018CCA999E5B72D62FD0122278DA1BF8E646
Authority key identifier: 35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/e5stL5CQNhEfoU7j4QHE_ElMKHk.roa
Signing time: Tue 02 Jan 2024 14:35:14 +0000
ROA not before: Tue 02 Jan 2024 14:35:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12430
IP address blocks: 194.220.0.0/16 maxlen: 16
62.87.0.0/17 maxlen: 17
95.60.0.0/14 maxlen: 14
87.235.0.0/16 maxlen: 16
178.139.0.0/16 maxlen: 16
77.208.0.0/14 maxlen: 14
89.6.0.0/15 maxlen: 15
188.84.0.0/14 maxlen: 14
46.136.0.0/16 maxlen: 16
188.211.228.0/22 maxlen: 22
37.222.0.0/15 maxlen: 15
212.166.128.0/17 maxlen: 17
93.113.16.0/21 maxlen: 21
77.224.0.0/13 maxlen: 13
178.57.128.0/18 maxlen: 18
217.130.0.0/16 maxlen: 16
193.125.0.0/16 maxlen: 16
87.125.0.0/16 maxlen: 16
5.224.0.0/15 maxlen: 15
87.124.192.0/18 maxlen: 18
212.145.0.0/16 maxlen: 16
31.4.0.0/16 maxlen: 16
94.248.64.0/18 maxlen: 18
93.113.136.0/21 maxlen: 21
212.73.32.0/19 maxlen: 19
148.56.0.0/16 maxlen: 16
159.147.0.0/16 maxlen: 16
46.24.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.mft
rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:9e:5b:72:d6:2f:d0:12:22:78:da:1b:f8:e6:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352ae33b11b36a319ba81347d852480d8e74c87d
Validity
Not Before: Jan 2 14:35:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b9b2d2f909036111fa14ee3e101c4fc494c2879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ed:c5:68:34:59:d0:91:13:53:40:28:ac:5e:
52:f9:aa:fb:37:73:36:5c:d5:e4:8d:71:25:f0:09:
34:99:00:35:a0:81:63:d4:7e:a1:68:a1:fa:39:7f:
c9:41:97:0e:81:12:03:93:28:76:17:fb:49:ac:6e:
5c:89:cb:72:f8:05:2a:0b:e7:83:e6:f2:e7:d4:84:
cd:de:a9:6e:23:c1:28:a0:ab:05:82:7f:79:d8:83:
e1:97:33:d6:bd:ac:47:f1:ba:82:a2:39:26:b8:6d:
b7:2a:aa:94:39:5e:84:a1:4d:0b:c3:90:2d:30:00:
a7:78:24:0b:1e:a9:22:3e:e2:9f:32:9c:d5:3b:ac:
67:5b:27:09:67:75:92:e3:07:a5:e5:14:13:75:7b:
5b:fc:3d:67:bb:40:b3:b5:87:a2:c9:c6:b1:26:35:
19:d5:91:d8:c9:9a:7b:f9:c1:d6:9d:c7:1b:dc:5f:
bb:72:06:b6:8b:2c:e0:28:18:ea:c6:b1:c6:19:89:
b8:61:f6:d2:0b:e2:07:67:03:89:fa:54:57:0a:8b:
27:30:64:7c:b1:2b:b7:99:39:55:21:5d:e9:17:61:
58:14:3d:bc:f3:9e:45:f4:97:72:97:02:fd:5e:50:
ab:c5:51:9a:75:ea:9f:84:cb:c4:e1:49:a8:6d:92:
3c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:9B:2D:2F:90:90:36:11:1F:A1:4E:E3:E1:01:C4:FC:49:4C:28:79
X509v3 Authority Key Identifier:
keyid:35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/e5stL5CQNhEfoU7j4QHE_ElMKHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.224.0.0/15
31.4.0.0/16
37.222.0.0/15
46.24.0.0/14
46.136.0.0/16
62.87.0.0/17
77.208.0.0/14
77.224.0.0/13
87.124.192.0-87.125.255.255
87.235.0.0/16
89.6.0.0/15
93.113.16.0/21
93.113.136.0/21
94.248.64.0/18
95.60.0.0/14
148.56.0.0/16
159.147.0.0/16
178.57.128.0/18
178.139.0.0/16
188.84.0.0/14
188.211.228.0/22
193.125.0.0/16
194.220.0.0/16
212.73.32.0/19
212.145.0.0/16
212.166.128.0/17
217.130.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:42:09:f1:a4:5e:1e:aa:25:54:8c:0d:6d:e5:71:0b:d9:2c:
8f:23:87:c9:f0:c7:09:bd:20:98:e8:05:bf:a7:5d:d0:81:f1:
04:ee:06:c4:66:8e:70:b3:3e:08:f8:09:d7:7d:d7:5a:f8:cf:
fd:91:b9:45:16:06:c0:3f:b4:52:79:b8:3f:a0:76:3c:46:3f:
75:59:c7:26:5a:08:50:cb:24:20:94:c8:81:63:74:f1:ec:66:
4b:3e:81:2d:54:80:01:ec:45:64:9c:98:43:2d:7f:1c:93:99:
3f:66:80:83:9f:a0:4d:aa:47:de:14:d4:97:55:48:42:52:0c:
34:9f:df:8f:81:fd:b6:c5:78:e2:19:64:3a:13:1a:bb:00:43:
28:3b:ac:f7:a8:f4:ed:a4:0d:26:89:a0:4d:cb:4b:d5:97:60:
61:6d:41:23:4c:3f:db:cd:cc:24:bd:91:f9:38:da:85:8c:4e:
e2:c1:44:5f:fa:d7:27:a5:66:b7:9c:9e:80:1a:b1:02:e8:e5:
91:74:33:17:2a:33:61:aa:db:10:d2:7a:b9:a1:5d:66:ba:43:
d2:13:fc:4d:c2:ac:4e:a0:2f:77:fc:68:73:d0:0a:0a:e2:b8:
84:e1:b2:1e:c2:e5:12:0b:99:4c:6c:13:8d:31:d2:7d:78:99:
f0:f9:97:44
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYzKmZ5bctYv0BIieNob+OZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmFlMzNiMTFiMzZhMzE5YmE4MTM0N2Q4NTI0ODBkOGU3
NGM4N2QwHhcNMjQwMTAyMTQzNTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjliMmQyZjkwOTAzNjExMWZhMTRlZTNlMTAxYzRmYzQ5NGMyODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApO3FaDRZ0JETU0AorF5S+ar7N3M2
XNXkjXEl8Ak0mQA1oIFj1H6haKH6OX/JQZcOgRIDkyh2F/tJrG5cicty+AUqC+eD
5vLn1ITN3qluI8EooKsFgn952IPhlzPWvaxH8bqCojkmuG23KqqUOV6EoU0Lw5At
MACneCQLHqkiPuKfMpzVO6xnWycJZ3WS4wel5RQTdXtb/D1nu0CztYeiycaxJjUZ
1ZHYyZp7+cHWnccb3F+7cga2iyzgKBjqxrHGGYm4YfbSC+IHZwOJ+lRXCosnMGR8
sSu3mTlVIV3pF2FYFD28855F9JdylwL9XlCrxVGadeqfhMvE4UmobZI81wIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFHubLS+QkDYRH6FO4+EBxPxJTCh5MB8GA1UdIwQY
MBaAFDUq4zsRs2oxm6gTR9hSSA2OdMh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMt
MjUwNTBjNTkzYWExLzEvZTVzdEw1Q1FOaEVmb1U3ajRRSEVfRWxNS0hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMtMjUwNTBjNTkzYWEx
LzEvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBngQCAAEwgZcDAwEF
4AMDAB8EAwMBJd4DAwIuGAMDAC6IAwQHPlcAAwMCTdADAwNN4DALAwQGV3zAAwMB
V3wDAwBX6wMDAVkGAwQDXXEQAwQDXXGIAwQGXvhAAwMCXzwDAwCUOAMDAJ+TAwQG
sjmAAwMAsosDAwK8VAMEArzT5AMDAMF9AwMAwtwDBAXUSSADAwDUkQMEB9SmgAMD
ANmCMA0GCSqGSIb3DQEBCwUAA4IBAQBVQgnxpF4eqiVUjA1t5XEL2SyPI4fJ8McJ
vSCY6AW/p13QgfEE7gbEZo5wsz4I+AnXfdda+M/9kblFFgbAP7RSebg/oHY8Rj91
WccmWghQyyQglMiBY3Tx7GZLPoEtVIAB7EVknJhDLX8ck5k/ZoCDn6BNqkfeFNSX
VUhCUgw0n9+Pgf22xXjiGWQ6Exq7AEMoO6z3qPTtpA0miaBNy0vVl2BhbUEjTD/b
zcwkvZH5ONqFjE7iwURf+tcnpWa3nJ6AGrEC6OWRdDMXKjNhqtsQ0nq5oV1mukPS
E/xNwqxOoC93/Ghz0AoK4riE4bIewuUSC5lMbBONMdJ9eJnw+ZdE
-----END CERTIFICATE-----
Generated at Fri Jun 7 15:48:57 2024 by rpki-client on console-fra.rpki-client.org