Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/e7TLSxFRDoYJAoLh7ed8bgsZJpo.roa
File: e7TLSxFRDoYJAoLh7ed8bgsZJpo.roa (raw, json)
Hash identifier: 6wu2fYUWQvUUaPXtuANImbdktwPzkaAi46p9sszXRqI=
Subject key identifier: 7B:B4:CB:4B:11:51:0E:86:09:02:82:E1:ED:E7:7C:6E:0B:19:26:9A
Certificate issuer: /CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Certificate serial: 018CC50049E3E33131DF438F2BE6C278E38A
Authority key identifier: 0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/e7TLSxFRDoYJAoLh7ed8bgsZJpo.roa
Signing time: Mon 01 Jan 2024 12:29:39 +0000
ROA not before: Mon 01 Jan 2024 12:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29518
IP address blocks: 188.120.160.0/19 maxlen: 19
94.255.128.0/17 maxlen: 17
31.208.0.0/16 maxlen: 16
85.235.0.0/19 maxlen: 19
85.235.17.0/24 maxlen: 24
85.235.20.0/22 maxlen: 22
85.235.18.0/23 maxlen: 23
85.235.24.0/24 maxlen: 24
89.160.0.0/17 maxlen: 17
62.220.160.0/19 maxlen: 19
185.18.164.0/22 maxlen: 22
77.53.0.0/16 maxlen: 16
87.241.64.0/18 maxlen: 18
185.52.180.0/22 maxlen: 22
185.113.96.0/22 maxlen: 22
37.17.248.0/21 maxlen: 21
217.118.208.0/20 maxlen: 20
5.44.192.0/20 maxlen: 20
217.72.56.0/22 maxlen: 22
217.72.54.0/24 maxlen: 24
217.72.52.0/23 maxlen: 23
217.72.62.0/24 maxlen: 24
217.72.60.0/23 maxlen: 23
178.132.248.0/21 maxlen: 21
185.58.144.0/22 maxlen: 22
89.233.192.0/18 maxlen: 18
195.78.224.0/22 maxlen: 22
146.247.80.0/21 maxlen: 21
217.78.32.0/20 maxlen: 20
31.192.192.0/20 maxlen: 20
5.172.144.0/21 maxlen: 21
83.219.192.0/19 maxlen: 19
87.253.64.0/19 maxlen: 19
83.233.0.0/16 maxlen: 16
82.117.96.0/19 maxlen: 19
94.198.64.0/21 maxlen: 21
91.191.128.0/20 maxlen: 20
94.245.16.0/20 maxlen: 20
94.245.48.0/20 maxlen: 20
178.251.240.0/21 maxlen: 21
213.185.16.0/23 maxlen: 23
213.185.12.0/22 maxlen: 22
91.232.59.0/24 maxlen: 24
213.185.24.0/24 maxlen: 24
91.232.60.0/23 maxlen: 23
213.185.20.0/23 maxlen: 23
195.238.255.0/24 maxlen: 24
213.185.26.0/24 maxlen: 24
109.124.128.0/18 maxlen: 18
79.138.0.0/17 maxlen: 17
85.238.192.0/19 maxlen: 19
109.225.64.0/18 maxlen: 18
193.23.57.0/24 maxlen: 24
85.30.0.0/18 maxlen: 18
213.185.4.0/24 maxlen: 24
213.185.10.0/24 maxlen: 24
213.185.8.0/23 maxlen: 23
213.185.7.0/24 maxlen: 24
213.185.6.0/24 maxlen: 24
80.244.64.0/19 maxlen: 19
87.251.192.0/19 maxlen: 19
94.245.0.0/20 maxlen: 20
87.96.128.0/17 maxlen: 17
217.76.80.0/20 maxlen: 20
88.83.32.0/19 maxlen: 19
213.21.64.0/18 maxlen: 18
188.122.128.0/19 maxlen: 19
88.129.0.0/16 maxlen: 16
85.8.0.0/18 maxlen: 18
89.236.4.0/22 maxlen: 22
89.236.2.0/23 maxlen: 23
89.236.0.0/23 maxlen: 23
89.236.8.0/23 maxlen: 23
89.236.11.0/24 maxlen: 24
89.236.17.0/24 maxlen: 24
89.236.15.0/24 maxlen: 24
89.236.20.0/22 maxlen: 22
89.236.18.0/23 maxlen: 23
89.236.24.0/23 maxlen: 23
89.236.26.0/24 maxlen: 24
89.236.36.0/23 maxlen: 23
89.236.35.0/24 maxlen: 24
89.236.38.0/24 maxlen: 24
89.236.48.0/24 maxlen: 24
89.236.47.0/24 maxlen: 24
62.182.0.0/21 maxlen: 21
31.209.0.0/18 maxlen: 18
83.209.0.0/16 maxlen: 16
82.209.128.0/18 maxlen: 18
95.155.192.0/18 maxlen: 18
89.236.56.0/22 maxlen: 22
89.236.54.0/23 maxlen: 23
89.236.53.0/24 maxlen: 24
46.236.64.0/18 maxlen: 18
213.142.0.0/19 maxlen: 19
87.236.88.0/21 maxlen: 21
46.162.64.0/18 maxlen: 18
217.115.32.0/19 maxlen: 19
2a00:1598::/29 maxlen: 29
2a02:7b8::/32 maxlen: 32
2a00:8280::/32 maxlen: 32
2a02:23c0::/32 maxlen: 32
2a01:b700::/32 maxlen: 32
2001:9c8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:49:e3:e3:31:31:df:43:8f:2b:e6:c2:78:e3:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Validity
Not Before: Jan 1 12:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bb4cb4b11510e86090282e1ede77c6e0b19269a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:37:fc:f0:e8:66:29:77:9d:1d:e8:55:3f:23:
09:3b:17:da:89:49:b0:c6:cc:5e:0b:c2:ad:b2:89:
57:00:2f:be:22:7a:a2:c1:24:02:77:6c:6a:be:17:
b0:31:4a:d0:b6:36:0e:41:2e:1e:5b:c6:18:e5:8b:
e0:25:c3:54:c3:9d:f1:3a:f4:81:7c:bd:0b:3f:b7:
68:d7:0c:c4:69:60:d3:f5:4c:06:70:85:b8:ed:66:
46:0c:77:2d:51:39:ea:c4:9f:60:ab:65:6e:86:7c:
93:f3:29:2a:e6:8d:cd:a2:54:a7:5c:45:bf:32:9e:
08:4b:e8:e3:80:81:e4:f9:01:c9:c1:15:3d:89:c4:
ab:02:f5:fd:e2:2c:49:38:66:c2:b6:3c:7b:7a:c6:
66:f8:05:6c:12:df:93:57:ee:61:dc:06:c4:2a:d8:
fb:c5:1b:1a:3b:4e:5a:0f:90:9a:31:73:90:d1:6d:
4d:a6:6e:36:4d:3c:c2:a2:ca:78:fe:33:93:dc:2d:
6d:3a:d5:3c:f6:e4:33:bf:3b:e3:9b:7d:c4:5b:14:
79:04:b6:39:77:95:1a:3b:f9:b4:23:ff:09:08:b9:
0e:a8:8c:61:6e:03:3d:62:35:5a:1e:0a:00:35:a8:
07:31:fd:f2:e0:4f:ed:e3:e6:17:ec:f6:66:37:fc:
0a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:B4:CB:4B:11:51:0E:86:09:02:82:E1:ED:E7:7C:6E:0B:19:26:9A
X509v3 Authority Key Identifier:
keyid:0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/e7TLSxFRDoYJAoLh7ed8bgsZJpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.192.0/20
5.172.144.0/21
31.192.192.0/20
31.208.0.0-31.209.63.255
37.17.248.0/21
46.162.64.0/18
46.236.64.0/18
62.182.0.0/21
62.220.160.0/19
77.53.0.0/16
79.138.0.0/17
80.244.64.0/19
82.117.96.0/19
82.209.128.0/18
83.209.0.0/16
83.219.192.0/19
83.233.0.0/16
85.8.0.0/18
85.30.0.0/18
85.235.0.0/19
85.238.192.0/19
87.96.128.0/17
87.236.88.0/21
87.241.64.0/18
87.251.192.0/19
87.253.64.0/19
88.83.32.0/19
88.129.0.0/16
89.160.0.0/17
89.233.192.0/18
89.236.0.0-89.236.9.255
89.236.11.0/24
89.236.15.0/24
89.236.17.0-89.236.26.255
89.236.35.0-89.236.38.255
89.236.47.0-89.236.48.255
89.236.53.0-89.236.59.255
91.191.128.0/20
91.232.59.0-91.232.61.255
94.198.64.0/21
94.245.0.0/19
94.245.48.0/20
94.255.128.0/17
95.155.192.0/18
109.124.128.0/18
109.225.64.0/18
146.247.80.0/21
178.132.248.0/21
178.251.240.0/21
185.18.164.0/22
185.52.180.0/22
185.58.144.0/22
185.113.96.0/22
188.120.160.0/19
188.122.128.0/19
193.23.57.0/24
195.78.224.0/22
195.238.255.0/24
213.21.64.0/18
213.142.0.0/19
213.185.4.0/24
213.185.6.0-213.185.10.255
213.185.12.0-213.185.17.255
213.185.20.0/23
213.185.24.0/24
213.185.26.0/24
217.72.52.0-217.72.54.255
217.72.56.0-217.72.62.255
217.76.80.0/20
217.78.32.0/20
217.115.32.0/19
217.118.208.0/20
IPv6:
2001:9c8::/29
2a00:1598::/29
2a00:8280::/32
2a01:b700::/32
2a02:7b8::/32
2a02:23c0::/32
Signature Algorithm: sha256WithRSAEncryption
2b:43:6e:5c:d5:ec:53:ee:60:f2:92:fb:4c:8d:65:a9:e0:a0:
e9:47:7f:5d:4b:70:8a:9a:4f:33:5f:bd:58:cc:47:da:6e:19:
e8:0a:8c:1d:fa:f6:1d:c4:75:32:86:d6:f9:e2:27:9d:6b:3a:
da:4f:10:d2:5a:62:5e:9e:e6:26:95:52:ce:a9:b9:df:86:5f:
b3:65:8d:7b:f8:71:b8:1c:6f:80:23:62:39:d6:9f:1a:e0:34:
23:54:6e:d0:8b:f9:26:50:05:2a:65:32:0f:b7:64:24:8f:6a:
55:68:f5:94:c7:1e:66:d3:79:dc:d1:5f:35:8e:2a:e9:49:2e:
42:4f:a5:ec:da:8b:1d:ea:7e:ca:32:24:ae:48:9f:dc:d6:1d:
5c:67:be:20:82:6d:dd:e8:94:46:2d:d7:07:a7:fe:11:22:c0:
d3:64:b1:ad:a8:42:82:45:c3:e8:64:ef:2d:08:76:ee:75:30:
5d:c3:79:a9:d5:69:d4:47:96:5c:4d:77:c8:90:6f:92:4e:e4:
50:77:92:fb:88:98:fd:d0:fb:1f:ff:50:31:d8:27:1e:45:9b:
19:c3:14:ae:2c:e9:99:24:b7:d5:8e:7e:c9:a4:69:b5:c0:0a:
d8:78:a0:6e:31:2d:be:8e:ad:fc:b8:ce:39:0b:ae:47:d8:f7:
3f:00:fe:23
-----BEGIN CERTIFICATE-----
MIIHNTCCBh2gAwIBAgISAYzFAEnj4zEx30OPK+bCeOOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTEzMDhlYWQ2YWRiMWQwODVlN2U1OTEwYTBjYjJkZTU2
YWEzMmUwHhcNMjQwMTAxMTIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmI0Y2I0YjExNTEwZTg2MDkwMjgyZTFlZGU3N2M2ZTBiMTkyNjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijf88OhmKXedHehVPyMJOxfaiUmw
xsxeC8KtsolXAC++InqiwSQCd2xqvhewMUrQtjYOQS4eW8YY5YvgJcNUw53xOvSB
fL0LP7do1wzEaWDT9UwGcIW47WZGDHctUTnqxJ9gq2VuhnyT8ykq5o3NolSnXEW/
Mp4IS+jjgIHk+QHJwRU9icSrAvX94ixJOGbCtjx7esZm+AVsEt+TV+5h3AbEKtj7
xRsaO05aD5CaMXOQ0W1Npm42TTzCosp4/jOT3C1tOtU89uQzvzvjm33EWxR5BLY5
d5UaO/m0I/8JCLkOqIxhbgM9YjVaHgoANagHMf3y4E/t4+YX7PZmN/wKiQIDAQAB
o4IEQTCCBD0wHQYDVR0OBBYEFHu0y0sRUQ6GCQKC4e3nfG4LGSaaMB8GA1UdIwQY
MBaAFAzhMI6tatsdCF5+WRCgyy3laqMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUt
YjBiYWQxOGYwMmQwLzEvZTdUTFN4RlJEb1lKQW9MaDdlZDhiZ3NaSnBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUtYjBiYWQxOGYwMmQw
LzEvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICVQYIKwYBBQUHAQcBAf8EggJEMIICQDCCAgoEAgABMIIC
AgMEBAUswAMEAwWskAMEBB/AwDALAwMEH9ADBAYf0QADBAMlEfgDBAYuokADBAYu
7EADBAM+tgADBAU+3KADAwBNNQMEB0+KAAMEBVD0QAMEBVJ1YAMEBlLRgAMDAFPR
AwQFU9vAAwMAU+kDBAZVCAADBAZVHgADBAVV6wADBAVV7sADBAdXYIADBANX7FgD
BAZX8UADBAVX+8ADBAVX/UADBAVYUyADAwBYgQMEB1mgAAMEBlnpwDALAwMCWewD
BAFZ7AgDBABZ7AsDBABZ7A8wDAMEAFnsEQMEAFnsGjAMAwQAWewjAwQAWewmMAwD
BABZ7C8DBABZ7DAwDAMEAFnsNQMEAlnsOAMEBFu/gDAMAwQAW+g7AwQBW+g8AwQD
XsZAAwQFXvUAAwQEXvUwAwQHXv+AAwQGX5vAAwQGbXyAAwQGbeFAAwQDkvdQAwQD
soT4AwQDsvvwAwQCuRKkAwQCuTS0AwQCuTqQAwQCuXFgAwQFvHigAwQFvHqAAwQA
wRc5AwQCw07gAwQAw+7/AwQG1RVAAwQF1Y4AAwQA1bkEMAwDBAHVuQYDBADVuQow
DAMEAtW5DAMEAdW5EAMEAdW5FAMEANW5GAMEANW5GjAMAwQC2Ug0AwQA2Ug2MAwD
BAPZSDgDBADZSD4DBATZTFADBATZTiADBAXZcyADBATZdtAwMAQCAAIwKgMFAyAB
CcgDBQMqABWYAwUAKgCCgAMFACoBtwADBQAqAge4AwUAKgIjwDANBgkqhkiG9w0B
AQsFAAOCAQEAK0NuXNXsU+5g8pL7TI1lqeCg6Ud/XUtwippPM1+9WMxH2m4Z6AqM
Hfr2HcR1MobW+eInnWs62k8Q0lpiXp7mJpVSzqm534Zfs2WNe/hxuBxvgCNiOdaf
GuA0I1Ru0Iv5JlAFKmUyD7dkJI9qVWj1lMceZtN53NFfNY4q6UkuQk+l7NqLHep+
yjIkrkif3NYdXGe+IIJt3eiURi3XB6f+ESLA02SxrahCgkXD6GTvLQh27nUwXcN5
qdVp1EeWXE13yJBvkk7kUHeS+4iY/dD7H/9QMdgnHkWbGcMUrizpmSS31Y5+yaRp
tcAK2HigbjEtvo6t/LjOOQuuR9j3PwD+Iw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 21:59:13 2024 by rpki-client on console-fra.rpki-client.org