Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/eFfRN4l9gOo7MbGQkTS4K3pZuSA.roa
File: eFfRN4l9gOo7MbGQkTS4K3pZuSA.roa (raw, json)
Hash identifier: XZMnTMSULrW/9I6r1Jm/VOLX3yaybq6tigRDzhRskrM=
Subject key identifier: 78:57:D1:37:89:7D:80:EA:3B:31:B1:90:91:34:B8:2B:7A:59:B9:20
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 018CC794EEEF853647CED09E751F877C132A
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/eFfRN4l9gOo7MbGQkTS4K3pZuSA.roa
Signing time: Tue 02 Jan 2024 00:31:15 +0000
ROA not before: Tue 02 Jan 2024 00:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 88.218.80.0/24 maxlen: 24
176.118.191.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
176.118.188.0/24 maxlen: 24
45.130.186.0/24 maxlen: 24
45.130.185.0/24 maxlen: 24
45.130.184.0/24 maxlen: 24
5.104.74.0/24 maxlen: 24
5.104.72.0/24 maxlen: 24
88.218.239.0/24 maxlen: 24
194.28.157.0/24 maxlen: 24
84.252.64.0/22 maxlen: 24
45.140.4.0/24 maxlen: 24
45.140.7.0/24 maxlen: 24
193.160.68.0/24 maxlen: 24
193.160.72.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
193.228.48.0/22 maxlen: 24
95.214.83.0/24 maxlen: 24
185.177.77.0/24 maxlen: 24
185.177.76.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
212.69.135.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
77.83.20.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:ee:ef:85:36:47:ce:d0:9e:75:1f:87:7c:13:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jan 2 00:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7857d137897d80ea3b31b1909134b82b7a59b920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:28:9b:c0:83:98:cf:d0:96:d7:74:e5:61:76:
2b:b4:9f:8f:fd:24:42:d7:82:a7:69:a8:bd:d3:60:
5c:3f:bd:12:c9:56:68:1e:ef:b3:b1:5f:91:23:83:
3f:a4:12:7e:a3:10:23:9e:cb:29:67:f5:eb:95:4c:
e1:8f:ce:7c:48:7b:fc:ff:62:6d:f5:dc:1a:9f:14:
03:32:14:35:0e:be:4a:31:48:e3:5a:27:71:48:7f:
a1:e4:31:cd:fe:f5:10:a9:5c:25:6c:d3:4e:e1:41:
7d:38:f2:57:66:bd:92:a0:6b:59:82:86:ca:b4:bb:
f9:76:7f:bc:34:0a:d9:6a:ef:d5:36:0c:72:31:3d:
76:3c:c9:8f:95:43:b9:40:39:04:4a:7d:4b:7a:ed:
06:be:14:85:b9:b9:f0:8a:e7:3c:ef:42:ce:63:74:
42:da:0a:de:04:e1:36:44:79:05:b8:7e:d5:ac:34:
c5:c4:9e:00:46:80:b3:df:d8:c0:30:dc:c9:f0:3d:
2d:e7:40:2e:e6:4e:f3:39:90:1b:70:19:5c:18:82:
18:c1:5d:55:fb:e2:eb:e8:b5:a8:15:d0:6e:e0:1e:
5f:57:df:ae:5d:f4:32:36:9e:7b:58:6d:1d:a4:04:
c2:53:04:ac:75:96:63:d5:d0:dd:b2:0e:12:f6:ee:
4d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:57:D1:37:89:7D:80:EA:3B:31:B1:90:91:34:B8:2B:7A:59:B9:20
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/eFfRN4l9gOo7MbGQkTS4K3pZuSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0/24
5.104.74.0/24
45.130.184.0-45.130.186.255
45.140.4.0/24
45.140.7.0/24
77.83.20.0/22
84.252.64.0/22
88.218.80.0/24
88.218.239.0/24
91.245.239.0/24
95.214.83.0/24
95.214.92.0/23
95.214.95.0/24
176.118.188.0/23
176.118.191.0/24
185.177.76.0/23
193.160.68.0/24
193.160.72.0/24
193.228.48.0/22
194.28.157.0/24
212.69.135.0/24
Signature Algorithm: sha256WithRSAEncryption
81:7c:91:f7:34:15:9c:bd:a9:75:c8:f7:e2:86:e5:86:63:37:
a4:e4:05:69:3e:7c:e0:15:17:6a:71:c8:a5:c5:d1:3d:e3:d0:
b2:11:c3:a4:fe:ec:c9:b5:60:cd:4c:df:da:6c:c7:84:d8:f7:
b8:82:74:5a:be:ee:90:02:a7:61:28:d7:69:ec:85:68:ea:d4:
9f:b1:9b:69:82:a7:be:92:29:19:b7:ab:d1:7b:36:c0:77:39:
98:e4:f9:0b:d9:ad:6e:14:c6:f4:2b:91:7d:64:d0:89:cb:9c:
ae:9a:cf:8d:4b:e5:87:72:49:16:cd:d4:71:d8:2e:a6:c9:96:
52:7b:00:ae:a7:14:32:09:88:28:69:a6:bd:e8:c2:5d:52:1a:
42:c7:27:3d:be:45:55:7f:97:ee:78:9b:d6:01:a5:27:c5:56:
0a:85:be:b9:8b:0a:56:54:ea:05:b7:27:e1:3e:be:8d:64:2c:
7d:db:a8:e2:19:b6:34:d2:90:c1:47:bf:cd:8c:76:dd:a9:e8:
bb:4f:dd:8e:33:ae:9b:ba:38:a3:14:7f:ea:0e:69:97:6c:9f:
ee:f2:38:04:3a:da:df:cc:80:ee:82:e9:f5:60:d4:31:59:15:
0d:3c:20:7b:fd:42:5c:8e:b8:82:96:20:68:e2:78:00:12:7a:
88:2a:c8:51
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYzHlO7vhTZHztCedR+HfBMqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjQwMTAyMDAzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODU3ZDEzNzg5N2Q4MGVhM2IzMWIxOTA5MTM0YjgyYjdhNTliOTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCibwIOYz9CW13TlYXYrtJ+P/SRC
14Knaai902BcP70SyVZoHu+zsV+RI4M/pBJ+oxAjnsspZ/XrlUzhj858SHv8/2Jt
9dwanxQDMhQ1Dr5KMUjjWidxSH+h5DHN/vUQqVwlbNNO4UF9OPJXZr2SoGtZgobK
tLv5dn+8NArZau/VNgxyMT12PMmPlUO5QDkESn1Leu0GvhSFubnwiuc870LOY3RC
2greBOE2RHkFuH7VrDTFxJ4ARoCz39jAMNzJ8D0t50Au5k7zOZAbcBlcGIIYwV1V
++Lr6LWoFdBu4B5fV9+uXfQyNp57WG0dpATCUwSsdZZj1dDdsg4S9u5NuQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFHhX0TeJfYDqOzGxkJE0uCt6WbkgMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvZUZmUk40bDlnT283TWJHUWtUUzRLM3BadVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAF
aEgDBAAFaEowDAMEAy2CuAMEAC2CugMEAC2MBAMEAC2MBwMEAk1TFAMEAlT8QAME
AFjaUAMEAFja7wMEAFv17wMEAF/WUwMEAV/WXAMEAF/WXwMEAbB2vAMEALB2vwME
AbmxTAMEAMGgRAMEAMGgSAMEAsHkMAMEAMIcnQMEANRFhzANBgkqhkiG9w0BAQsF
AAOCAQEAgXyR9zQVnL2pdcj34oblhmM3pOQFaT584BUXanHIpcXRPePQshHDpP7s
ybVgzUzf2mzHhNj3uIJ0Wr7ukAKnYSjXaeyFaOrUn7GbaYKnvpIpGber0Xs2wHc5
mOT5C9mtbhTG9CuRfWTQicucrprPjUvlh3JJFs3UcdgupsmWUnsArqcUMgmIKGmm
vejCXVIaQscnPb5FVX+X7nib1gGlJ8VWCoW+uYsKVlTqBbcn4T6+jWQsfduo4hm2
NNKQwUe/zYx23anou0/djjOum7o4oxR/6g5pl2yf7vI4BDra38yA7oLp9WDUMVkV
DTwge/1CXI64gpYgaOJ4ABJ6iCrIUQ==
-----END CERTIFICATE-----
Generated at Sun May 5 21:16:58 2024 by rpki-client on console-fra.rpki-client.org