Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/5avQS7V5KoFK9wPCZWf1mKbef0o.roa
File: 5avQS7V5KoFK9wPCZWf1mKbef0o.roa (raw, json)
Hash identifier: CWVr1CMjh4VQHe4otjBIpGvVv9NFPYi8ufRKDrz+0Fs=
Subject key identifier: E5:AB:D0:4B:B5:79:2A:81:4A:F7:03:C2:65:67:F5:98:A6:DE:7F:4A
Certificate issuer: /CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Certificate serial: 018DC2CDB0DA1C90218CB47CFD6ED5174D11
Authority key identifier: EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/5avQS7V5KoFK9wPCZWf1mKbef0o.roa
Signing time: Mon 19 Feb 2024 19:17:56 +0000
ROA not before: Mon 19 Feb 2024 19:17:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 93.180.216.0/24 maxlen: 24
93.180.217.0/24 maxlen: 24
93.180.218.0/24 maxlen: 24
93.180.219.0/24 maxlen: 24
93.180.220.0/24 maxlen: 24
93.180.221.0/24 maxlen: 24
93.180.222.0/24 maxlen: 24
93.180.223.0/24 maxlen: 24
144.86.228.0/24 maxlen: 24
144.86.229.0/24 maxlen: 24
144.86.230.0/24 maxlen: 24
144.86.231.0/24 maxlen: 24
185.20.196.0/24 maxlen: 24
185.20.197.0/24 maxlen: 24
185.20.198.0/23 maxlen: 23
185.20.198.0/24 maxlen: 24
185.20.199.0/24 maxlen: 24
185.138.120.0/23 maxlen: 23
185.138.120.0/24 maxlen: 24
185.138.121.0/24 maxlen: 24
185.138.122.0/24 maxlen: 24
185.138.123.0/24 maxlen: 24
185.254.12.0/24 maxlen: 24
185.254.13.0/24 maxlen: 24
185.254.14.0/24 maxlen: 24
185.254.15.0/24 maxlen: 24
195.133.220.0/24 maxlen: 24
195.133.221.0/24 maxlen: 24
195.133.222.0/24 maxlen: 24
195.133.223.0/24 maxlen: 24
199.74.189.0/24 maxlen: 24
199.74.191.0/24 maxlen: 24
2a0b:1880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c2:cd:b0:da:1c:90:21:8c:b4:7c:fd:6e:d5:17:4d:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Validity
Not Before: Feb 19 19:17:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5abd04bb5792a814af703c26567f598a6de7f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:25:53:e2:fe:a9:46:e8:55:69:69:5e:c3:16:
50:11:c0:74:08:c2:fe:f0:63:45:9c:06:50:48:8e:
c5:23:96:a2:6b:88:8f:93:27:11:46:32:3f:b6:f9:
c2:51:e3:39:a5:17:ce:e5:11:fb:06:b2:dc:80:db:
d8:a5:15:4f:8b:34:0d:8a:4c:ba:e4:29:dc:3e:ff:
84:c7:3e:57:ee:dd:05:65:c1:b1:da:78:ed:41:60:
8b:aa:64:6a:a2:66:82:5a:b7:3a:e0:38:b8:80:72:
65:54:7f:b3:c9:67:d1:9a:91:bf:94:31:33:4c:15:
30:05:ac:8b:b6:4a:80:9a:ae:cc:5f:4f:b4:b6:21:
76:b7:e0:9c:73:37:95:18:67:b6:5c:37:a5:e7:45:
64:0f:fc:11:77:7b:ee:0f:04:de:fd:55:91:2e:d7:
71:11:ab:2d:b7:fa:55:ac:65:0c:d8:d2:9e:ab:d2:
5e:d2:8f:39:af:33:00:09:3d:67:f9:90:d2:a3:61:
7f:9c:e6:08:d8:cc:58:73:46:45:6a:74:f6:70:92:
63:75:4d:6d:a0:76:05:c2:1c:29:db:85:69:c3:56:
f4:2c:00:9c:a9:33:fb:a6:72:d5:57:ee:e0:f0:b2:
5b:58:9b:75:f0:a6:d4:0e:2d:67:e0:5a:7b:2f:bf:
c8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:AB:D0:4B:B5:79:2A:81:4A:F7:03:C2:65:67:F5:98:A6:DE:7F:4A
X509v3 Authority Key Identifier:
keyid:EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/5avQS7V5KoFK9wPCZWf1mKbef0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.216.0/21
144.86.228.0/22
185.20.196.0/22
185.138.120.0/22
185.254.12.0/22
195.133.220.0/22
199.74.189.0/24
199.74.191.0/24
IPv6:
2a0b:1880::/29
Signature Algorithm: sha256WithRSAEncryption
5a:7c:e7:df:00:a5:f9:e5:bb:b0:90:54:c6:95:2f:fa:db:63:
0a:42:b6:7b:81:2d:44:a0:68:e2:0c:70:db:ea:a4:19:f8:5d:
32:c2:19:f9:04:85:08:36:22:93:92:59:f6:80:dd:19:ef:cc:
53:b8:50:a6:86:e2:5e:93:e4:86:51:a4:83:87:4e:60:68:ee:
85:06:20:9b:71:7e:ce:db:17:ca:88:8e:49:67:5e:c1:e8:11:
6d:3f:1c:a0:bb:88:33:f6:c7:00:f1:ec:b7:68:2e:c4:e9:a5:
0a:f1:2c:a8:78:2d:a3:b5:04:72:fd:14:b4:9d:1e:a4:08:93:
2f:60:ca:ba:9d:e7:f3:34:1c:f4:9c:3a:da:78:f4:26:d2:09:
f6:be:b7:ef:11:fe:ee:02:a6:d4:0e:5d:51:fd:6c:19:93:54:
d2:d3:88:ab:ca:84:11:63:b2:73:6c:ce:2e:b6:04:22:bb:99:
91:a0:9a:a8:1d:8a:20:7a:4b:16:d6:6a:30:d9:93:b8:1f:89:
ed:68:e7:b5:27:0a:d5:5d:fb:7c:09:0a:b9:40:38:81:64:fa:
04:6f:85:45:b5:f5:77:48:a9:58:4c:fe:35:96:1c:ce:a8:42:
5e:e5:d0:a5:0c:ae:c1:e5:43:ff:4c:72:4d:4a:23:e7:0d:e9:
37:b9:f0:49
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY3CzbDaHJAhjLR8/W7VF00RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTRkOWU0MWVhNWUyZDE2MWI3YzRjZGIyZTQ3MDJjNGYy
NDhlMTQwHhcNMjQwMjE5MTkxNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWFiZDA0YmI1NzkyYTgxNGFmNzAzYzI2NTY3ZjU5OGE2ZGU3ZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSVT4v6pRuhVaWlewxZQEcB0CML+
8GNFnAZQSI7FI5aia4iPkycRRjI/tvnCUeM5pRfO5RH7BrLcgNvYpRVPizQNiky6
5CncPv+Exz5X7t0FZcGx2njtQWCLqmRqomaCWrc64Di4gHJlVH+zyWfRmpG/lDEz
TBUwBayLtkqAmq7MX0+0tiF2t+CcczeVGGe2XDel50VkD/wRd3vuDwTe/VWRLtdx
Eastt/pVrGUM2NKeq9Je0o85rzMACT1n+ZDSo2F/nOYI2MxYc0ZFanT2cJJjdU1t
oHYFwhwp24Vpw1b0LACcqTP7pnLVV+7g8LJbWJt18KbUDi1n4Fp7L7/I3QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFOWr0Eu1eSqBSvcDwmVn9Zim3n9KMB8GA1UdIwQY
MBaAFO9U2eQepeLRYbfEzbLkcCxPJI4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzIt
ZmJjNmZjYjVlN2E2LzEvNWF2UVM3VjVLb0ZLOXdQQ1pXZjFtS2JlZjBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzItZmJjNmZjYjVlN2E2
LzEvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDXbTYAwQC
kFbkAwQCuRTEAwQCuYp4AwQCuf4MAwQCw4XcAwQAx0q9AwQAx0q/MA0EAgACMAcD
BQMqCxiAMA0GCSqGSIb3DQEBCwUAA4IBAQBafOffAKX55buwkFTGlS/622MKQrZ7
gS1EoGjiDHDb6qQZ+F0ywhn5BIUINiKTkln2gN0Z78xTuFCmhuJek+SGUaSDh05g
aO6FBiCbcX7O2xfKiI5JZ17B6BFtPxygu4gz9scA8ey3aC7E6aUK8SyoeC2jtQRy
/RS0nR6kCJMvYMq6nefzNBz0nDraePQm0gn2vrfvEf7uAqbUDl1R/WwZk1TS04ir
yoQRY7JzbM4utgQiu5mRoJqoHYogeksW1mow2ZO4H4ntaOe1JwrVXft8CQq5QDiB
ZPoEb4VFtfV3SKlYTP41lhzOqEJe5dClDK7B5UP/THJNSiPnDek3ufBJ
-----END CERTIFICATE-----
Generated at Thu May 2 21:17:28 2024 by rpki-client on console-fra.rpki-client.org