Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/e7CwKyo8Ti3WiD5Y-UfvDyVybq8.roa
File: e7CwKyo8Ti3WiD5Y-UfvDyVybq8.roa (raw, json)
Hash identifier: xnR0dVRDaXc/1mS7Ps3DNuT25ry3/nuuNyy/K9Rtevk=
Subject key identifier: 7B:B0:B0:2B:2A:3C:4E:2D:D6:88:3E:58:F9:47:EF:0F:25:72:6E:AF
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019253E80AEC2BF708BCA2AD8083276472D5
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/e7CwKyo8Ti3WiD5Y-UfvDyVybq8.roa
Signing time: Thu 03 Oct 2024 19:42:48 +0000
ROA not before: Thu 03 Oct 2024 19:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 84.32.4.0/24 maxlen: 24
84.32.11.0/24 maxlen: 24
84.32.14.0/24 maxlen: 24
84.32.27.0/24 maxlen: 24
84.32.28.0/24 maxlen: 24
84.32.29.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.31.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
84.32.43.0/24 maxlen: 24
84.32.62.0/24 maxlen: 24
84.32.65.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.85.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.90.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
84.32.93.0/24 maxlen: 24
84.32.94.0/24 maxlen: 24
84.32.105.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.155.0/24 maxlen: 24
84.32.157.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.172.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.211.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.213.0/24 maxlen: 24
84.32.219.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.226.0/24 maxlen: 24
84.32.228.0/24 maxlen: 24
84.32.229.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.233.0/24 maxlen: 24
84.32.234.0/24 maxlen: 24
84.32.235.0/24 maxlen: 24
84.32.237.0/24 maxlen: 24
84.32.238.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.241.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
84.32.246.0/24 maxlen: 24
84.32.247.0/24 maxlen: 24
84.32.252.0/24 maxlen: 24
84.32.253.0/24 maxlen: 24
84.32.254.0/24 maxlen: 24
84.32.255.0/24 maxlen: 24
88.216.0.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.18.0/24 maxlen: 24
88.216.22.0/24 maxlen: 24
88.216.23.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.33.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.38.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
88.216.42.0/24 maxlen: 24
88.216.47.0/24 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.94.0/24 maxlen: 24
88.216.95.0/24 maxlen: 24
88.216.97.0/24 maxlen: 24
88.216.101.0/24 maxlen: 24
88.216.102.0/24 maxlen: 24
88.216.109.0/24 maxlen: 24
88.216.110.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 14:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:53:e8:0a:ec:2b:f7:08:bc:a2:ad:80:83:27:64:72:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 3 19:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bb0b02b2a3c4e2dd6883e58f947ef0f25726eaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f1:d5:05:11:b9:6c:b6:29:68:d6:0e:2e:5c:
12:2b:1d:cf:ae:04:74:f0:38:76:71:ed:9e:1b:59:
98:cb:fa:43:1b:d3:0f:af:64:7a:13:5e:f1:e4:d3:
63:bc:93:50:81:50:74:1d:07:f1:f7:c9:4f:9e:27:
4e:64:0d:d4:cd:01:ae:5d:91:ca:01:16:24:5a:e0:
d9:0f:cb:ce:78:f9:25:31:a4:82:ca:3c:9b:17:86:
b3:3e:e7:22:3c:2b:da:c9:cf:b2:b2:ca:5e:0a:9d:
1a:5a:5a:97:11:66:24:15:f8:6a:6d:8e:5e:5d:36:
ed:c6:80:ed:0a:6b:54:9b:16:a5:3e:73:ca:ae:ba:
7d:b7:d7:67:d4:1e:13:94:56:5d:92:51:73:dd:fb:
cf:b0:8b:f9:ea:e0:41:cd:49:75:cf:9a:9d:5d:de:
f9:94:1e:43:d7:98:9b:72:28:12:a2:eb:45:e0:e4:
35:a2:87:3f:18:d3:ab:5f:8f:d1:8e:7b:27:67:0d:
55:b0:e1:8a:0a:98:99:e3:28:7f:0c:b7:f7:ce:02:
3a:21:e1:4f:d0:09:4c:17:70:10:68:75:94:23:b1:
38:9d:c2:88:5c:a5:8a:ab:f2:0a:9c:c6:2f:2a:72:
1d:bb:0e:67:09:5b:1b:37:20:47:37:13:b7:72:44:
d4:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:B0:B0:2B:2A:3C:4E:2D:D6:88:3E:58:F9:47:EF:0F:25:72:6E:AF
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/e7CwKyo8Ti3WiD5Y-UfvDyVybq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.4.0/24
84.32.11.0/24
84.32.14.0/24
84.32.27.0-84.32.31.255
84.32.42.0/23
84.32.62.0/24
84.32.65.0/24
84.32.68.0/24
84.32.76.0/23
84.32.79.0/24
84.32.85.0/24
84.32.88.0-84.32.90.255
84.32.92.0-84.32.94.255
84.32.105.0/24
84.32.150.0/24
84.32.153.0/24
84.32.155.0/24
84.32.157.0-84.32.159.255
84.32.172.0/24
84.32.174.0/23
84.32.211.0-84.32.213.255
84.32.219.0/24
84.32.221.0-84.32.222.255
84.32.224.0/24
84.32.226.0/24
84.32.228.0/23
84.32.232.0/22
84.32.237.0-84.32.243.255
84.32.245.0-84.32.247.255
84.32.252.0/22
88.216.0.0/23
88.216.3.0/24
88.216.16.0/24
88.216.18.0/24
88.216.22.0/23
88.216.32.0/23
88.216.35.0/24
88.216.38.0/24
88.216.40.0/24
88.216.42.0/24
88.216.47.0/24
88.216.58.0/24
88.216.64.0/23
88.216.94.0/23
88.216.97.0/24
88.216.101.0-88.216.102.255
88.216.109.0-88.216.111.255
88.216.128.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:47:a5:fd:e1:81:5b:69:2d:f2:cb:3e:2a:71:26:49:a8:c3:
d6:f7:7f:33:1d:88:dd:0f:2e:d9:65:24:e6:c8:fb:e6:39:1c:
d0:c8:87:e6:3e:60:4d:bf:ec:29:ec:3c:cb:a2:ae:72:02:1a:
9a:c5:fb:be:f2:e6:61:d8:8b:aa:fc:37:8a:d6:f1:c0:15:db:
cc:24:f0:dd:63:dc:48:2a:ce:b6:68:6a:41:88:23:9f:6f:3e:
13:53:16:df:fc:79:c4:25:bc:03:27:b5:ea:08:e4:14:02:3c:
89:41:87:7f:cb:09:94:ba:93:a1:cc:d9:51:c5:a9:4f:a4:cf:
fa:3f:7f:54:17:a7:94:ca:66:25:2d:e3:56:9e:f9:89:07:5e:
86:7c:ff:cb:96:3a:56:2f:50:0f:b2:89:3a:87:1d:61:a2:13:
56:a2:ae:a2:24:47:4d:48:34:10:0d:a3:92:47:e6:93:4e:1b:
fc:99:63:0f:aa:2e:70:3a:61:e0:0f:ed:f4:ad:55:f3:76:5b:
37:bd:92:27:48:25:d7:c0:09:68:23:a5:b9:fa:29:7f:df:a8:
44:d0:84:b5:40:3f:8c:f6:4b:9f:7b:df:7b:92:46:68:df:cf:
a1:70:42:c5:79:fd:40:5a:a3:59:6f:bd:07:00:5d:8a:7a:ca:
30:8b:33:b3
-----BEGIN CERTIFICATE-----
MIIGcTCCBVmgAwIBAgISAZJT6ArsK/cIvKKtgIMnZHLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQxMDAzMTk0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmIwYjAyYjJhM2M0ZTJkZDY4ODNlNThmOTQ3ZWYwZjI1NzI2ZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fHVBRG5bLYpaNYOLlwSKx3PrgR0
8Dh2ce2eG1mYy/pDG9MPr2R6E17x5NNjvJNQgVB0HQfx98lPnidOZA3UzQGuXZHK
ARYkWuDZD8vOePklMaSCyjybF4azPuciPCvayc+ysspeCp0aWlqXEWYkFfhqbY5e
XTbtxoDtCmtUmxalPnPKrrp9t9dn1B4TlFZdklFz3fvPsIv56uBBzUl1z5qdXd75
lB5D15ibcigSoutF4OQ1ooc/GNOrX4/RjnsnZw1VsOGKCpiZ4yh/DLf3zgI6IeFP
0AlMF3AQaHWUI7E4ncKIXKWKq/IKnMYvKnIduw5nCVsbNyBHNxO3ckTURwIDAQAB
o4IDfTCCA3kwHQYDVR0OBBYEFHuwsCsqPE4t1og+WPlH7w8lcm6vMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZTdDd0t5bzhUaTNXaUQ1WS1VZnZEeVZ5YnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBkQYIKwYBBQUHAQcBAf8EggGAMIIBfDCCAXgEAgABMIIB
cAMEAFQgBAMEAFQgCwMEAFQgDjAMAwQAVCAbAwQFVCAAAwQBVCAqAwQAVCA+AwQA
VCBBAwQAVCBEAwQBVCBMAwQAVCBPAwQAVCBVMAwDBANUIFgDBABUIFowDAMEAlQg
XAMEAFQgXgMEAFQgaQMEAFQglgMEAFQgmQMEAFQgmzAMAwQAVCCdAwQFVCCAAwQA
VCCsAwQBVCCuMAwDBABUINMDBAFUINQDBABUINswDAMEAFQg3QMEAFQg3gMEAFQg
4AMEAFQg4gMEAVQg5AMEAlQg6DAMAwQAVCDtAwQCVCDwMAwDBABUIPUDBANUIPAD
BAJUIPwDBAFY2AADBABY2AMDBABY2BADBABY2BIDBAFY2BYDBAFY2CADBABY2CMD
BABY2CYDBABY2CgDBABY2CoDBABY2C8DBABY2DoDBAFY2EADBAFY2F4DBABY2GEw
DAMEAFjYZQMEAFjYZjAMAwQAWNhtAwQEWNhgAwQAWNiAMA0GCSqGSIb3DQEBCwUA
A4IBAQBbR6X94YFbaS3yyz4qcSZJqMPW938zHYjdDy7ZZSTmyPvmORzQyIfmPmBN
v+wp7DzLoq5yAhqaxfu+8uZh2Iuq/DeK1vHAFdvMJPDdY9xIKs62aGpBiCOfbz4T
Uxbf/HnEJbwDJ7XqCOQUAjyJQYd/ywmUupOhzNlRxalPpM/6P39UF6eUymYlLeNW
nvmJB16GfP/LljpWL1APsok6hx1hohNWoq6iJEdNSDQQDaOSR+aTThv8mWMPqi5w
OmHgD+30rVXzdls3vZInSCXXwAloI6W5+il/36hE0IS1QD+M9kufe997kkZo38+h
cELFef1AWqNZb70HAF2KesowizOz
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:50:09 2024 by rpki-client on console-ams.rpki-client.org