Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/7iuacioeol-6_viMYEGkYBuKr7g.roa
File: 7iuacioeol-6_viMYEGkYBuKr7g.roa (raw, json)
Hash identifier: B3iCC3kM9JhXKMl14WDlBwClcEdjML7+CceySfEUPw0=
Subject key identifier: EE:2B:9A:72:2A:1E:A2:5F:BA:FE:F8:8C:60:41:A4:60:1B:8A:AF:B8
Certificate issuer: /CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Certificate serial: 0191D6B8EB53E5712A187275FC7DA99D87B7
Authority key identifier: E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/7iuacioeol-6_viMYEGkYBuKr7g.roa
Signing time: Mon 09 Sep 2024 12:18:48 +0000
ROA not before: Mon 09 Sep 2024 12:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24651
IP address blocks: 46.23.32.0/20 maxlen: 32
77.93.0.0/19 maxlen: 32
82.193.64.0/19 maxlen: 32
82.193.67.0/24 maxlen: 27
82.193.67.0/27 maxlen: 27
82.193.83.0/24 maxlen: 32
83.99.128.0/17 maxlen: 32
83.99.167.0/24 maxlen: 24
83.99.167.0/26 maxlen: 27
85.158.72.0/21 maxlen: 24
89.221.112.0/20 maxlen: 24
89.221.121.0/24 maxlen: 24
89.221.122.0/23 maxlen: 23
89.221.122.0/24 maxlen: 24
89.221.123.0/24 maxlen: 24
89.221.124.0/23 maxlen: 24
89.221.124.0/24 maxlen: 24
89.221.125.0/24 maxlen: 24
89.221.126.0/23 maxlen: 24
89.221.127.0/24 maxlen: 24
109.73.96.0/20 maxlen: 32
185.31.44.0/22 maxlen: 32
185.75.236.0/22 maxlen: 32
185.141.52.0/22 maxlen: 32
188.92.16.0/21 maxlen: 32
188.92.16.0/24 maxlen: 32
195.130.205.0/24 maxlen: 24
212.142.64.0/18 maxlen: 32
217.195.48.0/20 maxlen: 32
2a01:4e0::/29 maxlen: 29
2a01:4e0::/32 maxlen: 32
2a01:4e1:460:1::/64 maxlen: 64
2a01:4e1:cc1::/64 maxlen: 64
2a01:4e1:1745::/64 maxlen: 64
2a04:4e00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:b8:eb:53:e5:71:2a:18:72:75:fc:7d:a9:9d:87:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Validity
Not Before: Sep 9 12:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee2b9a722a1ea25fbafef88c6041a4601b8aafb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:01:c0:73:12:87:7f:67:94:1e:13:9c:36:fa:
b9:0c:61:c2:4d:ea:3c:45:cd:f4:db:a6:2f:c7:8c:
a0:0b:58:8c:39:62:fb:b9:82:6f:cd:ca:93:b0:cb:
c2:d5:79:aa:43:69:f4:a4:8c:27:dc:74:5e:c1:2a:
99:2a:02:8a:46:09:f9:e1:3d:1b:53:1f:f8:96:41:
ea:00:61:a8:c1:7d:b4:bf:8a:bb:72:0d:a4:72:fe:
53:e4:13:7b:2c:b0:02:d8:72:b6:31:3b:f4:b6:56:
67:87:58:5b:d3:dd:3a:ed:b7:f9:4b:59:52:e4:63:
69:25:09:ae:02:94:62:65:fd:99:9c:76:a8:ec:b8:
98:22:47:5a:36:cb:fa:55:db:9e:c8:54:ba:0f:53:
5f:19:10:79:50:33:32:71:c3:55:af:a2:0f:87:82:
60:f3:cd:4c:83:02:f8:02:6b:c9:22:bd:45:e3:c7:
56:a4:ab:fa:ce:51:69:f7:61:52:d9:38:c4:c7:4b:
e7:a5:ef:c2:8d:3e:f6:ad:fd:4f:04:52:ae:d9:21:
ee:6a:6f:57:43:21:03:cc:0e:28:b3:df:75:e8:d9:
2b:8e:64:4d:c8:d2:9d:5c:d1:5f:73:a7:98:5d:e4:
3e:e5:f2:e1:09:d2:bf:21:20:40:c5:dd:b0:6b:be:
60:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:2B:9A:72:2A:1E:A2:5F:BA:FE:F8:8C:60:41:A4:60:1B:8A:AF:B8
X509v3 Authority Key Identifier:
keyid:E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/7iuacioeol-6_viMYEGkYBuKr7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.32.0/20
77.93.0.0/19
82.193.64.0/19
83.99.128.0/17
85.158.72.0/21
89.221.112.0/20
109.73.96.0/20
185.31.44.0/22
185.75.236.0/22
185.141.52.0/22
188.92.16.0/21
195.130.205.0/24
212.142.64.0/18
217.195.48.0/20
IPv6:
2a01:4e0::/29
2a04:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
26:b0:63:86:2a:df:fb:43:e0:2e:86:6e:20:15:2b:48:19:64:
ce:c6:69:1c:2d:43:1b:3e:64:1f:16:55:6e:a5:d2:5b:83:f8:
11:52:a5:82:26:0a:37:a4:a4:04:01:3b:1f:dd:10:23:79:ad:
95:23:19:13:50:7c:de:dc:2c:38:18:37:6c:68:df:73:ae:0c:
47:18:3c:fc:dc:88:25:64:6e:56:86:6a:4b:ed:00:07:36:f7:
af:c9:91:d8:ec:13:3a:ca:ba:4e:5d:93:ad:02:16:7a:b6:e5:
5d:51:c3:d3:37:85:1d:dc:c5:d7:5c:b6:fd:52:c3:3c:8a:99:
cc:46:5e:6d:d2:c3:eb:6a:1e:b5:ad:97:34:a1:9f:fe:4c:3f:
1b:1e:b4:a2:61:3f:d7:6c:72:e5:e2:ef:60:f8:65:78:ca:05:
71:8b:25:7b:81:4c:8b:72:a9:bb:1a:a7:9f:d5:c0:68:d6:dc:
0f:1f:99:1b:88:6a:d9:ba:8a:20:6e:45:50:37:37:16:a2:f3:
bb:dd:e0:04:ca:1f:b4:06:6e:84:6c:be:e7:b7:3b:0a:b8:c0:
4f:45:68:73:8c:74:34:59:2c:dc:f6:16:8b:79:dc:a1:b0:03:
0f:40:8b:a4:3c:dd:c7:62:8e:71:38:53:80:78:47:56:11:5f:
a6:6d:8a:56
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZHWuOtT5XEqGHJ1/H2pnYe3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTFiMzY1NTJmOWRhY2NiOTJhYzVjM2I0NGI0MjZkNjQz
NzQ5ZTIwHhcNMjQwOTA5MTIxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTJiOWE3MjJhMWVhMjVmYmFmZWY4OGM2MDQxYTQ2MDFiOGFhZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgHAcxKHf2eUHhOcNvq5DGHCTeo8
Rc3026Yvx4ygC1iMOWL7uYJvzcqTsMvC1XmqQ2n0pIwn3HRewSqZKgKKRgn54T0b
Ux/4lkHqAGGowX20v4q7cg2kcv5T5BN7LLAC2HK2MTv0tlZnh1hb09067bf5S1lS
5GNpJQmuApRiZf2ZnHao7LiYIkdaNsv6VdueyFS6D1NfGRB5UDMyccNVr6IPh4Jg
881MgwL4AmvJIr1F48dWpKv6zlFp92FS2TjEx0vnpe/CjT72rf1PBFKu2SHuam9X
QyEDzA4os9916NkrjmRNyNKdXNFfc6eYXeQ+5fLhCdK/ISBAxd2wa75gcQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFO4rmnIqHqJfuv74jGBBpGAbiq+4MB8GA1UdIwQY
MBaAFOWhs2VS+drMuSrFw7RLQm1kN0niMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMt
YzVlNmQyM2Y4YjA5LzEvN2l1YWNpb2VvbC02X3ZpTVlFR2tZQnVLcjdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMtYzVlNmQyM2Y4YjA5
LzEvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMEBC4XIAME
BU1dAAMEBVLBQAMEB1NjgAMEA1WeSAMEBFndcAMEBG1JYAMEArkfLAMEArlL7AME
ArmNNAMEA7xcEAMEAMOCzQMEBtSOQAMEBNnDMDAUBAIAAjAOAwUDKgEE4AMFAyoE
TgAwDQYJKoZIhvcNAQELBQADggEBACawY4Yq3/tD4C6GbiAVK0gZZM7GaRwtQxs+
ZB8WVW6l0luD+BFSpYImCjekpAQBOx/dECN5rZUjGRNQfN7cLDgYN2xo33OuDEcY
PPzciCVkblaGakvtAAc296/JkdjsEzrKuk5dk60CFnq25V1Rw9M3hR3cxddctv1S
wzyKmcxGXm3Sw+tqHrWtlzShn/5MPxsetKJhP9dscuXi72D4ZXjKBXGLJXuBTIty
qbsap5/VwGjW3A8fmRuIatm6iiBuRVA3Nxai87vd4ATKH7QGboRsvue3Owq4wE9F
aHOMdDRZLNz2Fot53KGwAw9Ai6Q83cdijnE4U4B4R1YRX6ZtilY=
-----END CERTIFICATE-----
Generated at Sat Nov 23 21:59:13 2024 by rpki-client on console-fra.rpki-client.org