Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/5OQv1UdZrCOj6wqJny7RdyNf0W4.roa
File: 5OQv1UdZrCOj6wqJny7RdyNf0W4.roa (raw, json)
Hash identifier: vuvDRI3YPsImsHeevvG4vxdS8X27jirk6Nb7Kt0JysA=
Subject key identifier: E4:E4:2F:D5:47:59:AC:23:A3:EB:0A:89:9F:2E:D1:77:23:5F:D1:6E
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018F26BCDD4760B782E84EEBFF82BE05F8A3
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/5OQv1UdZrCOj6wqJny7RdyNf0W4.roa
Signing time: Sun 28 Apr 2024 22:04:22 +0000
ROA not before: Sun 28 Apr 2024 22:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49666
IP address blocks: 2.176.0.0/17 maxlen: 17
2.176.128.0/17 maxlen: 17
2.177.0.0/16 maxlen: 16
2.182.0.0/16 maxlen: 24
2.185.0.0/16 maxlen: 16
2.188.0.0/16 maxlen: 24
2.188.0.0/24 maxlen: 24
2.188.1.0/24 maxlen: 24
2.188.7.0/24 maxlen: 24
2.188.9.0/24 maxlen: 24
2.188.12.0/22 maxlen: 22
2.188.17.0/24 maxlen: 24
2.188.22.0/24 maxlen: 24
2.188.23.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
2.188.30.0/24 maxlen: 24
2.188.64.0/21 maxlen: 21
2.188.76.0/24 maxlen: 24
2.188.179.0/24 maxlen: 24
2.188.181.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.186.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.189.0.0/16 maxlen: 24
2.189.1.0/24 maxlen: 24
2.189.3.0/24 maxlen: 24
2.189.42.0/24 maxlen: 24
2.189.44.0/24 maxlen: 24
2.189.59.0/24 maxlen: 24
2.189.63.0/24 maxlen: 24
2.189.72.0/24 maxlen: 24
2.189.186.0/24 maxlen: 24
78.38.0.0/16 maxlen: 24
78.38.243.0/24 maxlen: 24
78.38.245.0/24 maxlen: 24
78.38.246.0/24 maxlen: 24
78.38.248.0/24 maxlen: 24
78.38.250.0/24 maxlen: 24
78.38.251.0/24 maxlen: 24
78.38.253.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
78.39.0.0/16 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.59.0/24 maxlen: 24
78.39.62.0/23 maxlen: 24
78.39.153.0/24 maxlen: 25
78.39.155.0/24 maxlen: 24
78.39.156.0/24 maxlen: 24
80.191.0.0/16 maxlen: 24
85.185.0.0/16 maxlen: 24
195.146.63.0/24 maxlen: 24
217.218.0.0/16 maxlen: 24
217.218.67.0/24 maxlen: 24
217.219.0.0/16 maxlen: 24
2001:4188:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 03:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:26:bc:dd:47:60:b7:82:e8:4e:eb:ff:82:be:05:f8:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Apr 28 22:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4e42fd54759ac23a3eb0a899f2ed177235fd16e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:78:08:24:59:c5:d8:2b:86:e0:09:3d:c4:d5:
2f:11:c3:ce:65:32:71:28:8f:2b:69:38:eb:76:60:
a7:ad:d1:c2:00:f5:b5:7c:f6:2a:e0:6b:a3:f3:ba:
85:6d:25:43:6a:03:5d:40:85:bf:4b:9e:cb:73:56:
c3:1d:8e:f4:ac:d8:b9:a0:d4:1f:f7:61:10:ec:dc:
bd:75:93:31:17:dc:b6:41:f1:9b:5d:8d:ba:79:4e:
eb:cc:fe:72:69:8a:d8:9f:e2:c7:ec:9f:07:9a:39:
78:23:59:08:05:e0:fb:3a:2d:18:00:63:bf:8b:94:
48:54:c8:18:4e:4e:4f:12:2f:97:1a:7a:e3:8d:80:
77:5d:cf:3f:d6:a7:7e:e5:3c:5f:a8:5d:83:ce:38:
6e:a4:97:05:20:77:74:94:03:15:db:10:06:af:b0:
fb:a2:9f:f1:a7:e2:58:5a:36:ab:a6:8c:1d:88:bf:
40:59:71:37:25:32:52:dd:a8:07:72:53:a0:1d:59:
fb:83:e3:dc:ac:c5:0e:0b:59:1f:1c:d0:cd:86:99:
75:5c:71:da:d7:99:e0:ed:21:21:5b:27:2a:94:1e:
fa:72:b8:23:e4:79:b8:24:fc:87:a5:a1:e2:9c:94:
9f:ac:b5:da:7c:5b:41:5e:43:ee:0d:9f:7f:4e:6a:
bd:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E4:2F:D5:47:59:AC:23:A3:EB:0A:89:9F:2E:D1:77:23:5F:D1:6E
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/5OQv1UdZrCOj6wqJny7RdyNf0W4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.0.0/15
2.182.0.0/16
2.185.0.0/16
2.188.0.0/15
78.38.0.0/15
80.191.0.0/16
85.185.0.0/16
195.146.63.0/24
217.218.0.0/15
IPv6:
2001:4188:2::/48
Signature Algorithm: sha256WithRSAEncryption
61:f4:bb:42:cc:8a:ff:6c:16:9e:c2:99:11:45:44:46:1c:2e:
fd:51:23:ac:d7:14:61:90:e0:56:3f:08:57:f6:2f:40:b8:a9:
8d:1c:d4:6e:d5:98:95:35:ae:b2:e0:37:85:07:38:6b:5f:89:
a9:5d:f6:77:16:3c:86:57:f2:0a:be:38:94:b8:bc:ee:81:95:
c1:ec:5b:4e:49:71:d6:c1:bc:ff:63:02:ce:ea:b2:ab:e5:af:
6b:59:da:db:08:cd:5c:74:fa:c5:57:12:6a:3c:ae:85:1c:de:
a5:81:c4:f6:7c:10:bf:c9:2a:8d:1b:da:d9:7d:60:e1:61:ab:
53:e4:61:9f:02:c7:e8:19:58:05:30:0e:15:86:9f:58:0d:71:
8e:3a:c9:62:a8:63:fb:f7:e8:e1:db:e9:f6:92:6b:d1:61:9e:
86:a1:29:11:07:26:4d:43:75:2e:47:d0:9b:15:fd:e1:cd:fe:
09:c3:7b:7e:74:29:08:3d:88:5e:9d:b5:4c:4b:82:fe:ab:c9:
44:b5:7c:4d:40:17:09:07:f3:91:ec:4c:f0:6a:45:ca:da:29:
ed:72:1d:51:3c:21:ff:4d:f6:27:e4:5b:2f:6d:7f:4b:02:0d:
dc:89:7c:c1:e1:bf:3d:92:8f:02:65:d1:41:2b:b2:e3:a2:2d:
dc:64:51:04
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY8mvN1HYLeC6E7r/4K+BfijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjQwNDI4MjIwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGU0MmZkNTQ3NTlhYzIzYTNlYjBhODk5ZjJlZDE3NzIzNWZkMTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXgIJFnF2CuG4Ak9xNUvEcPOZTJx
KI8raTjrdmCnrdHCAPW1fPYq4Guj87qFbSVDagNdQIW/S57Lc1bDHY70rNi5oNQf
92EQ7Ny9dZMxF9y2QfGbXY26eU7rzP5yaYrYn+LH7J8Hmjl4I1kIBeD7Oi0YAGO/
i5RIVMgYTk5PEi+XGnrjjYB3Xc8/1qd+5TxfqF2DzjhupJcFIHd0lAMV2xAGr7D7
op/xp+JYWjarpowdiL9AWXE3JTJS3agHclOgHVn7g+PcrMUOC1kfHNDNhpl1XHHa
15ng7SEhWycqlB76crgj5Hm4JPyHpaHinJSfrLXafFtBXkPuDZ9/Tmq9fwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFOTkL9VHWawjo+sKiZ8u0XcjX9FuMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvNU9RdjFVZFpyQ09qNndxSm55N1JkeU5mMFc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA0BAIAATAuAwMBArADAwAC
tgMDAAK5AwMBArwDAwFOJgMDAFC/AwMAVbkDBADDkj8DAwHZ2jAPBAIAAjAJAwcA
IAFBiAACMA0GCSqGSIb3DQEBCwUAA4IBAQBh9LtCzIr/bBaewpkRRURGHC79USOs
1xRhkOBWPwhX9i9AuKmNHNRu1ZiVNa6y4DeFBzhrX4mpXfZ3FjyGV/IKvjiUuLzu
gZXB7FtOSXHWwbz/YwLO6rKr5a9rWdrbCM1cdPrFVxJqPK6FHN6lgcT2fBC/ySqN
G9rZfWDhYatT5GGfAsfoGVgFMA4Vhp9YDXGOOsliqGP79+jh2+n2kmvRYZ6GoSkR
ByZNQ3UuR9CbFf3hzf4Jw3t+dCkIPYhenbVMS4L+q8lEtXxNQBcJB/OR7EzwakXK
2intch1RPCH/TfYn5FsvbX9LAg3ciXzB4b89ko8CZdFBK7Ljoi3cZFEE
-----END CERTIFICATE-----
Generated at Sat Jun 8 08:53:11 2024 by rpki-client on console-ams.rpki-client.org