Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/es46d9eye1Nh1JX-UaFh2TWekms.roa
File: es46d9eye1Nh1JX-UaFh2TWekms.roa (raw, json)
Hash identifier: ukRUSwbdgUveT4kmaWed81tol2nMzwEFv8QP96sxlWk=
Subject key identifier: 7A:CE:3A:77:D7:B2:7B:53:61:D4:95:FE:51:A1:61:D9:35:9E:92:6B
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01929FB6231D16943A9215C3BDEAC418CFBC
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/es46d9eye1Nh1JX-UaFh2TWekms.roa
Signing time: Fri 18 Oct 2024 12:59:26 +0000
ROA not before: Fri 18 Oct 2024 12:59:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8772
IP address blocks: 62.205.128.0/19 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.152.0/24 maxlen: 24
62.205.159.0/24 maxlen: 24
94.131.0.0/23 maxlen: 23
94.131.0.0/24 maxlen: 24
94.131.4.0/24 maxlen: 24
94.131.6.0/24 maxlen: 24
94.131.7.0/24 maxlen: 24
94.131.124.0/24 maxlen: 24
94.131.127.0/24 maxlen: 24
95.164.12.0/23 maxlen: 23
95.164.15.0/24 maxlen: 24
95.164.20.0/24 maxlen: 24
95.164.40.0/22 maxlen: 22
95.164.49.0/24 maxlen: 24
95.164.50.0/24 maxlen: 24
95.164.52.0/22 maxlen: 22
95.164.56.0/22 maxlen: 22
95.164.72.0/22 maxlen: 22
95.164.76.0/24 maxlen: 24
95.164.80.0/22 maxlen: 22
95.164.120.0/24 maxlen: 24
95.164.121.0/24 maxlen: 24
95.164.122.0/24 maxlen: 24
95.164.123.0/24 maxlen: 24
95.164.160.0/22 maxlen: 24
95.164.164.0/22 maxlen: 24
95.164.170.0/23 maxlen: 23
95.164.172.0/22 maxlen: 22
95.164.248.0/23 maxlen: 23
95.164.251.0/24 maxlen: 24
195.214.208.0/21 maxlen: 21
195.214.208.0/22 maxlen: 22
195.214.210.0/24 maxlen: 24
195.214.212.0/22 maxlen: 22
2a01:d0::/32 maxlen: 32
2a01:d0:4::/48 maxlen: 48
2a01:d0:a::/48 maxlen: 48
2a01:d0:28::/48 maxlen: 48
2a01:d0:3b::/48 maxlen: 48
2a01:d0:43::/48 maxlen: 48
2a01:d0:105::/48 maxlen: 48
2a01:d0:303::/48 maxlen: 48
2a01:d0:305::/48 maxlen: 48
2a01:d0:308::/48 maxlen: 48
2a01:d0:317::/48 maxlen: 48
2a01:d0:31d::/48 maxlen: 48
2a01:d0:333::/48 maxlen: 48
2a01:d0:962::/48 maxlen: 48
2a01:d0:1657::/48 maxlen: 48
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:8000::/33 maxlen: 33
2a01:d0:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9f:b6:23:1d:16:94:3a:92:15:c3:bd:ea:c4:18:cf:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Oct 18 12:59:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ace3a77d7b27b5361d495fe51a161d9359e926b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b8:f4:ba:04:70:c6:36:84:7d:3d:5b:51:b7:
1c:51:27:e3:98:d8:65:e6:2d:bb:64:c7:da:4f:3b:
ba:d0:61:9d:f3:9c:ac:5b:cd:0d:2d:58:b5:a6:76:
8c:28:34:59:a4:8e:6b:e5:26:ef:6a:7c:4a:06:4c:
c5:25:8a:e2:db:4e:ed:e4:4b:17:5f:77:a1:34:8e:
f2:c3:9a:94:d8:8e:5c:e9:3e:ab:e3:37:53:7b:65:
c0:b8:de:36:71:1e:f8:a1:75:d4:22:02:3c:91:6b:
75:c3:ed:d0:37:7c:65:87:2a:c9:33:eb:5b:58:a3:
74:cb:13:96:11:01:bf:70:25:a2:66:27:4b:fb:29:
a0:96:df:1c:bc:18:2b:2e:5e:38:5a:1d:e3:89:f1:
c7:2d:49:46:60:82:8c:14:bc:9c:c5:6a:51:9f:0f:
14:01:8e:87:f8:f0:99:c3:58:45:41:22:56:4b:b7:
fc:e0:9a:75:c4:78:fc:19:7a:15:6e:55:d8:6e:2f:
06:b1:4d:07:e2:a3:00:3e:1d:7f:dc:ca:fc:f0:79:
eb:ff:7b:65:5b:b9:95:c6:b0:4f:7e:ed:47:71:7f:
9d:e8:a8:68:f5:f9:0a:76:14:18:2e:41:13:ec:20:
48:59:e5:0a:c0:0e:50:ee:68:82:70:36:a5:d4:3f:
f1:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:CE:3A:77:D7:B2:7B:53:61:D4:95:FE:51:A1:61:D9:35:9E:92:6B
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/es46d9eye1Nh1JX-UaFh2TWekms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
94.131.0.0/23
94.131.4.0/24
94.131.6.0/23
94.131.124.0/24
94.131.127.0/24
95.164.12.0/23
95.164.15.0/24
95.164.20.0/24
95.164.40.0/22
95.164.49.0-95.164.50.255
95.164.52.0-95.164.59.255
95.164.72.0-95.164.76.255
95.164.80.0/22
95.164.120.0/22
95.164.160.0/21
95.164.170.0-95.164.175.255
95.164.248.0/23
95.164.251.0/24
195.214.208.0/21
IPv6:
2a01:d0::/32
Signature Algorithm: sha256WithRSAEncryption
5c:7f:bf:2d:5a:dd:25:10:ca:74:51:2d:1c:b1:a1:1e:15:b6:
9f:39:86:ac:e9:4f:45:26:bc:bb:30:85:34:df:b5:62:d0:4b:
46:b4:8c:d7:68:7b:b0:1b:e5:73:8c:be:0c:34:f9:b2:ec:f0:
3e:01:23:b7:82:ba:1e:9a:2c:54:1e:e2:f3:24:0c:d5:8c:d6:
66:7e:44:f8:ff:8c:37:3a:83:85:f8:97:4c:62:05:72:cd:8a:
47:07:20:34:a8:ce:bd:72:e6:db:21:d6:3f:95:e2:d9:b2:70:
55:7b:f0:99:8f:15:f6:bd:13:e3:ba:0d:ad:76:0f:5c:4a:5a:
69:f3:5c:8f:88:a2:e1:6b:ab:3b:e4:8a:ab:1b:4e:a7:21:3e:
9a:3b:1d:06:b0:a3:17:d2:bf:13:11:0b:48:5a:9a:ef:5b:5f:
3b:b3:fc:e3:c9:ee:d6:e5:1c:a3:97:38:bb:79:c5:77:89:08:
90:d6:ab:56:4e:69:b6:db:c0:35:31:a6:57:46:c9:89:e5:e7:
50:63:34:c3:76:b4:39:5c:2a:60:2d:ea:32:f9:da:ce:e0:ad:
a1:08:ed:fb:14:d0:34:af:7e:54:5b:a3:96:6b:a0:f1:af:7b:
d2:44:dc:59:74:6e:bf:55:4a:92:92:c9:d4:de:0a:ff:63:58:
32:d2:58:19
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZKftiMdFpQ6khXDverEGM+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQxMDE4MTI1OTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWNlM2E3N2Q3YjI3YjUzNjFkNDk1ZmU1MWExNjFkOTM1OWU5MjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7j0ugRwxjaEfT1bUbccUSfjmNhl
5i27ZMfaTzu60GGd85ysW80NLVi1pnaMKDRZpI5r5SbvanxKBkzFJYri207t5EsX
X3ehNI7yw5qU2I5c6T6r4zdTe2XAuN42cR74oXXUIgI8kWt1w+3QN3xlhyrJM+tb
WKN0yxOWEQG/cCWiZidL+ymglt8cvBgrLl44Wh3jifHHLUlGYIKMFLycxWpRnw8U
AY6H+PCZw1hFQSJWS7f84Jp1xHj8GXoVblXYbi8GsU0H4qMAPh1/3Mr88Hnr/3tl
W7mVxrBPfu1HcX+d6Kho9fkKdhQYLkET7CBIWeUKwA5Q7miCcDal1D/xawIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFHrOOnfXsntTYdSV/lGhYdk1npJrMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvZXM0NmQ5ZXllMU5oMUpYLVVhRmgyVFdla21zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBnwQCAAEwgZgDBAU+
zYADBAFegwADBABegwQDBAFegwYDBABeg3wDBABeg38DBAFfpAwDBABfpA8DBABf
pBQDBAJfpCgwDAMEAF+kMQMEAF+kMjAMAwQCX6Q0AwQCX6Q4MAwDBANfpEgDBABf
pEwDBAJfpFADBAJfpHgDBANfpKAwDAMEAV+kqgMEBF+koAMEAV+k+AMEAF+k+wME
A8PW0DANBAIAAjAHAwUAKgEA0DANBgkqhkiG9w0BAQsFAAOCAQEAXH+/LVrdJRDK
dFEtHLGhHhW2nzmGrOlPRSa8uzCFNN+1YtBLRrSM12h7sBvlc4y+DDT5suzwPgEj
t4K6HposVB7i8yQM1YzWZn5E+P+MNzqDhfiXTGIFcs2KRwcgNKjOvXLm2yHWP5Xi
2bJwVXvwmY8V9r0T47oNrXYPXEpaafNcj4ii4WurO+SKqxtOpyE+mjsdBrCjF9K/
ExELSFqa71tfO7P848nu1uUco5c4u3nFd4kIkNarVk5pttvANTGmV0bJieXnUGM0
w3a0OVwqYC3qMvnazuCtoQjt+xTQNK9+VFujlmug8a970kTcWXRuv1VKkpLJ1N4K
/2NYMtJYGQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:09:47 2024 by rpki-client on console-fra.rpki-client.org