Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/1JHJoINhbi5MSmW_V8yycl3vh_E.roa
File: 1JHJoINhbi5MSmW_V8yycl3vh_E.roa (raw, json)
Hash identifier: hoRvvNZMW/ByvPdIRzM6nLDsBfGIdYq/0gq2BJr9Fig=
Subject key identifier: D4:91:C9:A0:83:61:6E:2E:4C:4A:65:BF:57:CC:B2:72:5D:EF:87:F1
Certificate issuer: /CN=e9aab1446100a8fce03df19d755e06329ee24713
Certificate serial: 019300BF319B56F6682B2BC4B980A3B179C2
Authority key identifier: E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/1JHJoINhbi5MSmW_V8yycl3vh_E.roa
Signing time: Wed 06 Nov 2024 09:12:30 +0000
ROA not before: Wed 06 Nov 2024 09:12:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42708
IP address blocks: 5.178.72.0/21 maxlen: 21
31.192.224.0/21 maxlen: 24
31.192.228.0/24 maxlen: 24
37.152.56.0/21 maxlen: 24
46.21.96.0/20 maxlen: 24
46.21.100.0/24 maxlen: 24
46.246.0.0/17 maxlen: 24
79.99.0.0/21 maxlen: 24
80.67.0.0/20 maxlen: 24
91.213.246.0/24 maxlen: 24
91.217.189.0/24 maxlen: 24
91.223.232.0/24 maxlen: 24
91.228.193.0/24 maxlen: 24
91.228.194.0/23 maxlen: 24
94.247.168.0/21 maxlen: 24
109.74.0.0/20 maxlen: 24
159.253.24.0/21 maxlen: 24
159.253.28.0/24 maxlen: 24
159.253.29.0/24 maxlen: 24
178.73.192.0/18 maxlen: 24
178.73.224.0/19 maxlen: 19
185.11.96.0/22 maxlen: 22
185.21.88.0/22 maxlen: 22
185.39.144.0/22 maxlen: 24
185.118.36.0/22 maxlen: 22
185.157.220.0/22 maxlen: 24
188.126.64.0/19 maxlen: 24
193.108.196.0/24 maxlen: 24
193.201.96.0/24 maxlen: 24
194.54.164.0/22 maxlen: 24
195.20.206.0/23 maxlen: 24
195.149.101.0/24 maxlen: 24
195.238.76.0/23 maxlen: 24
195.246.120.0/23 maxlen: 24
212.112.0.0/19 maxlen: 24
2a00:1a28::/32 maxlen: 48
2a02:750::/29 maxlen: 48
2a02:750:8::/48 maxlen: 48
2a02:750:10::/48 maxlen: 48
2a02:750:14::/48 maxlen: 48
2a02:e400::/29 maxlen: 29
2a03:5e00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/6aqxRGEAqPzgPfGddV4GMp7iRxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/6aqxRGEAqPzgPfGddV4GMp7iRxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:00:bf:31:9b:56:f6:68:2b:2b:c4:b9:80:a3:b1:79:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9aab1446100a8fce03df19d755e06329ee24713
Validity
Not Before: Nov 6 09:12:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d491c9a083616e2e4c4a65bf57ccb2725def87f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f3:30:2f:0a:2e:eb:4d:ea:1f:19:85:ab:1a:
b0:c5:72:7d:e1:ab:2f:27:61:fa:db:f7:dc:47:55:
28:6c:b1:95:d8:9b:51:26:b2:fc:22:ba:6d:c0:dc:
8c:2f:38:9d:87:3d:2f:6f:03:af:2c:94:0d:4e:d2:
3c:60:37:f2:8c:5c:6e:df:c3:c8:09:25:9f:29:0b:
1c:06:45:49:3e:9e:18:84:a6:9a:da:80:8e:78:1b:
7e:ef:34:50:6a:a0:cf:c3:1e:e6:c1:e3:d8:9d:a4:
94:71:72:78:6c:65:38:f3:d8:65:4b:f3:1d:16:99:
60:c0:bd:36:7a:e3:11:36:52:9d:cf:5d:38:b0:60:
c8:54:bc:91:70:84:00:bb:51:35:65:1d:2e:3c:a4:
6f:30:bb:66:c6:e3:b6:1a:19:0a:8c:53:7f:4b:ae:
16:ef:bb:bb:9d:43:a0:81:3a:20:65:3b:d5:bc:a8:
c5:0a:ee:b3:52:d9:f9:6b:a8:9a:a8:0f:d4:1b:9c:
44:09:45:6d:a5:ee:e9:92:94:74:ee:e1:35:79:36:
b3:41:56:8b:71:f3:b3:20:c5:ab:66:0f:6d:f0:93:
cc:c3:11:3f:59:f6:50:f0:87:1d:48:69:44:02:ad:
e2:d4:63:70:43:a6:52:34:32:17:9f:6f:78:d2:aa:
a1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:91:C9:A0:83:61:6E:2E:4C:4A:65:BF:57:CC:B2:72:5D:EF:87:F1
X509v3 Authority Key Identifier:
keyid:E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/1JHJoINhbi5MSmW_V8yycl3vh_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/6aqxRGEAqPzgPfGddV4GMp7iRxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.72.0/21
31.192.224.0/21
37.152.56.0/21
46.21.96.0/20
46.246.0.0/17
79.99.0.0/21
80.67.0.0/20
91.213.246.0/24
91.217.189.0/24
91.223.232.0/24
91.228.193.0-91.228.195.255
94.247.168.0/21
109.74.0.0/20
159.253.24.0/21
178.73.192.0/18
185.11.96.0/22
185.21.88.0/22
185.39.144.0/22
185.118.36.0/22
185.157.220.0/22
188.126.64.0/19
193.108.196.0/24
193.201.96.0/24
194.54.164.0/22
195.20.206.0/23
195.149.101.0/24
195.238.76.0/23
195.246.120.0/23
212.112.0.0/19
IPv6:
2a00:1a28::/32
2a02:750::/29
2a02:e400::/29
2a03:5e00::/32
Signature Algorithm: sha256WithRSAEncryption
9b:b2:2b:53:fb:9b:8c:f2:71:13:cc:38:3a:70:7a:41:2e:46:
cb:6e:4a:4d:db:df:e0:40:e7:1d:e7:27:d2:53:04:fd:00:4f:
9b:35:9e:65:6b:82:b9:3b:1e:2a:34:f4:d1:2d:6f:8f:2f:39:
40:13:95:d9:70:19:1b:7b:08:76:f1:6e:bc:66:49:31:25:10:
79:69:3c:4a:0f:dd:cd:ea:e4:d6:81:5e:39:0b:19:bd:96:a5:
98:1d:66:cd:58:85:22:3b:0c:64:b2:fc:3d:6b:b7:0e:18:1a:
6b:dc:3e:da:26:31:a6:5d:70:6b:c2:36:5b:38:db:fb:f4:f9:
07:06:80:7d:e6:18:7f:a7:6e:3a:bd:80:2d:1d:ea:9b:4b:ec:
ce:54:43:50:6d:22:c0:c9:5e:07:a4:8b:ec:6a:c0:ce:d7:74:
8f:52:bc:38:e4:06:9d:7f:b6:05:1b:73:49:8e:08:3a:ad:0f:
1e:7f:7a:d3:be:90:b6:32:79:86:25:63:f1:73:61:d3:80:4c:
88:93:37:73:6a:26:e0:c3:62:d3:09:52:5c:7f:d2:bf:88:17:
44:cd:57:61:18:70:27:a8:55:51:e1:e5:f7:e4:eb:25:fd:30:
5f:0c:4a:a8:76:2c:c5:30:c7:46:b4:1f:fe:18:ac:64:c9:fc:
7f:8c:72:a3
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZMAvzGbVvZoKyvEuYCjsXnCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YWFiMTQ0NjEwMGE4ZmNlMDNkZjE5ZDc1NWUwNjMyOWVl
MjQ3MTMwHhcNMjQxMTA2MDkxMjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDkxYzlhMDgzNjE2ZTJlNGM0YTY1YmY1N2NjYjI3MjVkZWY4N2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvMwLwou603qHxmFqxqwxXJ94asv
J2H62/fcR1UobLGV2JtRJrL8IrptwNyMLzidhz0vbwOvLJQNTtI8YDfyjFxu38PI
CSWfKQscBkVJPp4YhKaa2oCOeBt+7zRQaqDPwx7mwePYnaSUcXJ4bGU489hlS/Md
FplgwL02euMRNlKdz104sGDIVLyRcIQAu1E1ZR0uPKRvMLtmxuO2GhkKjFN/S64W
77u7nUOggTogZTvVvKjFCu6zUtn5a6iaqA/UG5xECUVtpe7pkpR07uE1eTazQVaL
cfOzIMWrZg9t8JPMwxE/WfZQ8IcdSGlEAq3i1GNwQ6ZSNDIXn2940qqhbQIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFNSRyaCDYW4uTEplv1fMsnJd74fxMB8GA1UdIwQY
MBaAFOmqsURhAKj84D3xnXVeBjKe4kcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmFxeFJHRUFxUHpnUGZHZGRWNEdNcDdpUnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MWUwOWMtMjhmMy00ODI1LTgwNmYt
YTBkYzM1NGY0Y2EzLzEvMUpISm9JTmhiaTVNU21XX1Y4eXljbDN2aF9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MWUwOWMtMjhmMy00ODI1LTgwNmYtYTBkYzM1NGY0Y2Ez
LzEvNmFxeFJHRUFxUHpnUGZHZGRWNEdNcDdpUnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCBvQQCAAEwgbYDBAMF
skgDBAMfwOADBAMlmDgDBAQuFWADBAcu9gADBANPYwADBARQQwADBABb1fYDBABb
2b0DBABb3+gwDAMEAFvkwQMEAlvkwAMEA173qAMEBG1KAAMEA5/9GAMEBrJJwAME
ArkLYAMEArkVWAMEArknkAMEArl2JAMEArmd3AMEBbx+QAMEAMFsxAMEAMHJYAME
AsI2pAMEAcMUzgMEAMOVZQMEAcPuTAMEAcP2eAMEBdRwADAiBAIAAjAcAwUAKgAa
KAMFAyoCB1ADBQMqAuQAAwUAKgNeADANBgkqhkiG9w0BAQsFAAOCAQEAm7IrU/ub
jPJxE8w4OnB6QS5Gy25KTdvf4EDnHecn0lME/QBPmzWeZWuCuTseKjT00S1vjy85
QBOV2XAZG3sIdvFuvGZJMSUQeWk8Sg/dzerk1oFeOQsZvZalmB1mzViFIjsMZLL8
PWu3Dhgaa9w+2iYxpl1wa8I2Wzjb+/T5BwaAfeYYf6duOr2ALR3qm0vszlRDUG0i
wMleB6SL7GrAztd0j1K8OOQGnX+2BRtzSY4IOq0PHn96076QtjJ5hiVj8XNh04BM
iJM3c2om4MNi0wlSXH/Sv4gXRM1XYRhwJ6hVUeHl9+TrJf0wXwxKqHYsxTDHRrQf
/hisZMn8f4xyow==
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:29:58 2024 by rpki-client on console-ams.rpki-client.org