Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/sbZqWM95b4Pe7TcuD0hFibRwnrY.roa
File: sbZqWM95b4Pe7TcuD0hFibRwnrY.roa (raw, json)
Hash identifier: oe0zFcnCaPpIGU8Hiin8TBJBKYFrjWakUSxRbtV+M1Q=
Subject key identifier: B1:B6:6A:58:CF:79:6F:83:DE:ED:37:2E:0F:48:45:89:B4:70:9E:B6
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01934FBEE27A88C4B34B63ADD95551AD6A1D
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/sbZqWM95b4Pe7TcuD0hFibRwnrY.roa
Signing time: Thu 21 Nov 2024 17:22:10 +0000
ROA not before: Thu 21 Nov 2024 17:22:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.150.168.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
89.40.161.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.73.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.125.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
185.173.244.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
193.31.104.0/22 maxlen: 22
194.50.200.0/24 maxlen: 24
194.50.201.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.109.0/24 maxlen: 24
195.138.110.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.113.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.115.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.124.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 17:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4f:be:e2:7a:88:c4:b3:4b:63:ad:d9:55:51:ad:6a:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Nov 21 17:22:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1b66a58cf796f83deed372e0f484589b4709eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4f:63:43:80:38:83:ad:da:6f:92:87:c1:c7:
fb:22:17:c8:00:b6:22:2f:e7:b7:6e:07:fc:f4:9e:
ca:67:f0:30:84:58:9c:0e:21:ce:a7:c9:e6:f4:c4:
a4:95:be:36:23:35:81:36:45:b4:be:8d:e6:af:8a:
e3:21:a3:65:e8:79:8a:bb:2f:f4:9d:d2:bb:c7:37:
22:9c:6d:1a:4a:08:d1:21:3e:df:fe:e3:ce:ce:20:
ad:f0:0a:df:01:d5:50:84:1d:66:91:95:cc:9d:77:
db:5d:fa:91:dd:c5:02:60:cd:6c:f3:64:3a:09:78:
09:a1:60:0f:30:1a:b0:87:e1:ef:a0:97:6c:63:70:
2c:24:9f:05:86:f1:9a:3a:76:3f:cc:f5:b8:88:51:
0d:41:87:60:f4:21:eb:4d:b2:65:92:0c:6c:ee:75:
3e:89:f1:98:e8:ee:3c:30:05:05:1c:ee:af:f8:6e:
13:11:4a:9d:7b:f6:e8:7b:af:b7:3e:df:76:b8:39:
08:0c:62:4e:e3:1f:14:a2:44:5c:f0:16:77:81:b9:
1f:7a:23:9f:c2:36:97:a1:26:ec:a4:26:01:24:bb:
1c:3e:63:c4:87:c6:e2:c7:d2:f0:7f:53:4e:95:12:
36:58:15:f4:28:b9:c8:54:c8:2d:33:7c:02:67:51:
ff:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B6:6A:58:CF:79:6F:83:DE:ED:37:2E:0F:48:45:89:B4:70:9E:B6
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/sbZqWM95b4Pe7TcuD0hFibRwnrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.67.117.0/24
45.150.168.0/22
45.151.196.0/22
89.40.161.0/24
91.239.59.0/24
91.242.70.0-91.242.73.255
91.242.75.0/24
91.242.105.0/24
91.242.123.0-91.242.127.255
185.40.105.0/24
185.173.244.0/24
185.180.145.0/24
193.31.104.0/22
194.50.200.0/23
194.180.238.0/24
195.138.103.0-195.138.107.255
195.138.109.0-195.138.111.255
195.138.113.0-195.138.116.255
195.138.118.0/24
195.138.120.0/24
195.138.124.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:e0:9c:a0:5c:9b:b4:49:47:fc:5b:a5:44:68:c0:a5:01:1a:
84:e6:7a:52:85:63:ce:c8:d9:10:af:02:1a:c7:6b:62:5c:42:
15:da:e8:59:02:f1:1a:7b:9e:34:69:bc:fb:a5:fd:3f:8b:60:
dd:48:c0:9f:dd:d0:4c:cf:b9:33:64:ae:6e:bb:c3:10:2b:80:
af:6d:f0:8b:6f:a3:0c:8d:42:d0:5f:17:a8:b6:71:db:d5:1a:
69:c8:25:37:f2:b4:fa:14:17:4c:20:e3:d5:ed:ef:62:3e:c4:
f8:f7:65:77:c9:73:42:c2:1a:58:52:17:7c:bd:f4:81:20:5d:
a3:23:31:20:4f:f3:83:cc:4e:18:b5:42:57:56:a7:35:e3:98:
74:79:2a:60:84:8c:84:be:92:a5:19:a2:26:fd:70:b9:07:b0:
2d:77:02:89:c8:33:5e:d6:52:a2:06:21:50:1e:4d:b0:43:1f:
9f:63:59:ac:5a:b1:37:8e:f7:26:1a:47:1f:8f:4c:e1:6f:69:
e8:d8:40:69:48:de:03:bc:22:16:53:1b:be:4a:58:d3:13:4a:
47:d5:f6:06:99:5a:25:6c:2e:55:80:ee:d1:9c:ec:ad:90:e2:
e9:aa:a6:22:ed:f4:82:f2:6c:1f:7b:b3:8a:dd:9c:99:bb:60:
d2:49:e4:5c
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZNPvuJ6iMSzS2Ot2VVRrWodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQxMTIxMTcyMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWI2NmE1OGNmNzk2ZjgzZGVlZDM3MmUwZjQ4NDU4OWI0NzA5ZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjk9jQ4A4g63ab5KHwcf7IhfIALYi
L+e3bgf89J7KZ/AwhFicDiHOp8nm9MSklb42IzWBNkW0vo3mr4rjIaNl6HmKuy/0
ndK7xzcinG0aSgjRIT7f/uPOziCt8ArfAdVQhB1mkZXMnXfbXfqR3cUCYM1s82Q6
CXgJoWAPMBqwh+HvoJdsY3AsJJ8FhvGaOnY/zPW4iFENQYdg9CHrTbJlkgxs7nU+
ifGY6O48MAUFHO6v+G4TEUqde/boe6+3Pt92uDkIDGJO4x8UokRc8BZ3gbkfeiOf
wjaXoSbspCYBJLscPmPEh8bix9Lwf1NOlRI2WBX0KLnIVMgtM3wCZ1H/qQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFLG2aljPeW+D3u03Lg9IRYm0cJ62MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvc2JacVdNOTViNFBlN1RjdUQwaEZpYlJ3bnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAIF
thwDBAAtQ3UDBAItlqgDBAItl8QDBABZKKEDBABb7zswDAMEAVvyRgMEAVvySAME
AFvySwMEAFvyaTAMAwQAW/J7AwQHW/IAAwQAuShpAwQAua30AwQAubSRAwQCwR9o
AwQBwjLIAwQAwrTuMAwDBADDimcDBALDimgwDAMEAMOKbQMEBMOKYDAMAwQAw4px
AwQAw4p0AwQAw4p2AwQAw4p4AwQCw4p8MA0GCSqGSIb3DQEBCwUAA4IBAQCw4Jyg
XJu0SUf8W6VEaMClARqE5npShWPOyNkQrwIax2tiXEIV2uhZAvEae540abz7pf0/
i2DdSMCf3dBMz7kzZK5uu8MQK4CvbfCLb6MMjULQXxeotnHb1RppyCU38rT6FBdM
IOPV7e9iPsT492V3yXNCwhpYUhd8vfSBIF2jIzEgT/ODzE4YtUJXVqc145h0eSpg
hIyEvpKlGaIm/XC5B7AtdwKJyDNe1lKiBiFQHk2wQx+fY1msWrE3jvcmGkcfj0zh
b2no2EBpSN4DvCIWUxu+SljTE0pH1fYGmVolbC5VgO7RnOytkOLpqqYi7fSC8mwf
e7OK3ZyZu2DSSeRc
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:20:38 2024 by rpki-client on console-fra.rpki-client.org