Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ehjVmxHb1b9MCCwoupvOP5MUk0g.roa
File: ehjVmxHb1b9MCCwoupvOP5MUk0g.roa (raw, json)
Hash identifier: /5cGLg6GeyaWYmTySaSm00Q5BvI3RUH9sJjH1zvGA2g=
Subject key identifier: 7A:18:D5:9B:11:DB:D5:BF:4C:08:2C:28:BA:9B:CE:3F:93:14:93:48
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019306AA1D9DE4C7EC1A27FC97F2A350A793
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ehjVmxHb1b9MCCwoupvOP5MUk0g.roa
Signing time: Thu 07 Nov 2024 12:47:12 +0000
ROA not before: Thu 07 Nov 2024 12:47:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33922
IP address blocks: 84.32.0.0/22 maxlen: 22
84.32.2.0/23 maxlen: 23
84.32.3.0/24 maxlen: 24
84.32.36.0/24 maxlen: 24
84.32.37.0/24 maxlen: 24
84.32.38.0/24 maxlen: 24
84.32.80.0/23 maxlen: 23
84.32.114.0/23 maxlen: 24
84.32.116.0/23 maxlen: 24
84.32.120.0/22 maxlen: 22
84.32.124.0/24 maxlen: 24
84.32.125.0/24 maxlen: 24
84.32.132.0/24 maxlen: 24
84.32.134.0/24 maxlen: 24
84.32.140.0/22 maxlen: 22
84.32.140.0/24 maxlen: 24
84.32.142.0/24 maxlen: 24
84.32.165.0/24 maxlen: 24
84.32.166.0/24 maxlen: 24
84.32.167.0/24 maxlen: 24
84.32.171.0/24 maxlen: 24
84.32.180.0/24 maxlen: 24
84.32.181.0/24 maxlen: 24
84.32.182.0/24 maxlen: 24
84.32.183.0/24 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
88.216.24.0/23 maxlen: 24
88.216.26.0/23 maxlen: 24
88.216.28.0/22 maxlen: 24
88.216.68.0/22 maxlen: 24
88.216.76.0/22 maxlen: 24
88.216.82.0/23 maxlen: 23
88.216.84.0/24 maxlen: 24
88.216.85.0/24 maxlen: 24
88.216.86.0/24 maxlen: 24
88.216.104.0/24 maxlen: 24
88.216.106.0/24 maxlen: 24
88.216.107.0/24 maxlen: 24
88.216.112.0/21 maxlen: 21
88.216.112.0/24 maxlen: 24
88.216.113.0/24 maxlen: 24
88.216.114.0/24 maxlen: 24
88.216.115.0/24 maxlen: 24
88.216.116.0/24 maxlen: 24
88.216.117.0/24 maxlen: 24
88.216.118.0/24 maxlen: 24
88.216.119.0/24 maxlen: 24
88.216.120.0/22 maxlen: 22
88.216.120.0/24 maxlen: 24
88.216.121.0/24 maxlen: 24
88.216.122.0/24 maxlen: 24
88.216.123.0/24 maxlen: 24
88.216.124.0/24 maxlen: 24
88.216.125.0/24 maxlen: 24
88.216.126.0/23 maxlen: 23
88.216.136.0/21 maxlen: 21
88.216.136.0/24 maxlen: 24
88.216.137.0/24 maxlen: 24
88.216.147.0/24 maxlen: 24
88.216.148.0/24 maxlen: 24
88.216.150.0/24 maxlen: 24
88.216.153.0/24 maxlen: 24
88.216.154.0/24 maxlen: 24
88.216.155.0/24 maxlen: 24
88.216.156.0/24 maxlen: 24
88.216.157.0/24 maxlen: 24
88.216.158.0/24 maxlen: 24
88.216.159.0/24 maxlen: 24
88.216.160.0/23 maxlen: 23
88.216.162.0/24 maxlen: 24
88.216.164.0/22 maxlen: 22
88.216.164.0/24 maxlen: 24
88.216.165.0/24 maxlen: 24
88.216.166.0/24 maxlen: 24
88.216.167.0/24 maxlen: 24
88.216.168.0/23 maxlen: 23
88.216.170.0/23 maxlen: 23
88.216.170.0/24 maxlen: 24
88.216.171.0/24 maxlen: 24
88.216.173.0/24 maxlen: 24
88.216.174.0/24 maxlen: 24
88.216.175.0/24 maxlen: 24
88.216.176.0/24 maxlen: 24
88.216.177.0/24 maxlen: 24
88.216.178.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:06:aa:1d:9d:e4:c7:ec:1a:27:fc:97:f2:a3:50:a7:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 7 12:47:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a18d59b11dbd5bf4c082c28ba9bce3f93149348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1b:1a:96:4a:72:69:73:db:f8:4f:08:b0:ae:
7a:a9:0a:2c:dc:6c:17:3a:7a:f8:84:09:4e:89:6f:
c3:a4:e0:2a:c1:b1:63:74:b7:a9:46:45:97:07:98:
b2:89:c6:f8:10:39:e4:e8:81:8e:94:eb:6f:78:07:
c1:85:ee:42:9e:a9:a6:d8:7e:6a:d9:6f:09:e4:5a:
7f:f0:44:89:3b:df:80:4a:1e:56:9d:c5:5e:7e:9a:
2c:cf:29:b3:60:2e:c7:d7:aa:43:1c:a4:62:b3:88:
33:ca:f1:ac:cc:3e:54:2d:75:74:40:8d:ca:cc:39:
01:43:a6:17:20:0f:09:25:da:66:b2:e4:d0:32:73:
15:29:aa:8c:00:58:0e:c9:52:e0:d9:96:1e:c1:ba:
1e:55:a6:31:12:6e:da:4c:de:3f:07:c1:e2:96:d8:
7b:b6:9b:ab:1e:d7:7a:8e:bc:92:74:a1:f2:1d:91:
cc:df:b3:da:62:d4:1c:e2:8d:aa:9e:bf:f5:2d:75:
9e:15:1f:ac:48:92:82:6c:1a:fd:17:4f:e2:d1:f7:
4d:3b:4e:49:b4:c9:f2:15:fc:4c:48:e9:16:f5:52:
2c:bd:b4:ac:b7:f9:c2:6f:fe:b3:d4:d9:8f:4a:c8:
ba:43:b2:bf:71:a3:49:3a:c2:77:08:00:95:1a:8b:
ed:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:18:D5:9B:11:DB:D5:BF:4C:08:2C:28:BA:9B:CE:3F:93:14:93:48
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ehjVmxHb1b9MCCwoupvOP5MUk0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.0.0/22
84.32.36.0-84.32.38.255
84.32.80.0/23
84.32.114.0-84.32.117.255
84.32.120.0-84.32.125.255
84.32.132.0/24
84.32.134.0/24
84.32.140.0/22
84.32.165.0-84.32.167.255
84.32.171.0/24
84.32.180.0/22
84.32.250.0/23
88.216.24.0/21
88.216.68.0/22
88.216.76.0/22
88.216.82.0-88.216.86.255
88.216.104.0/24
88.216.106.0/23
88.216.112.0/20
88.216.136.0/21
88.216.147.0-88.216.148.255
88.216.150.0/24
88.216.153.0-88.216.162.255
88.216.164.0-88.216.171.255
88.216.173.0-88.216.179.255
Signature Algorithm: sha256WithRSAEncryption
9c:b8:91:44:10:66:a3:e8:83:94:99:04:2b:01:26:73:3a:e0:
30:d5:e1:61:2c:ce:88:97:1d:f8:3c:e1:4c:12:3e:46:cc:1e:
f2:67:8d:96:1d:bf:58:49:e1:07:85:32:a7:1a:af:59:e6:0a:
e2:30:fc:37:4a:80:94:95:da:89:e0:f9:06:88:a7:e6:5a:fd:
3c:9a:80:36:7d:35:d0:59:f0:52:9c:98:70:b8:ed:ac:9d:5d:
2c:35:22:31:ff:04:bc:d9:a4:9e:13:15:43:e6:4a:68:a3:fc:
fb:6a:b7:78:43:38:6f:89:09:8c:02:8c:ab:92:a3:27:a2:99:
f7:0b:6b:a5:11:6e:13:52:fa:2c:63:d2:0e:e7:59:e0:31:0d:
45:52:4c:3f:d9:a1:fd:6b:2f:90:64:0f:9a:bb:c5:dd:a4:7f:
0b:92:c8:12:b3:be:fc:ff:69:fc:37:d4:7f:e7:01:4d:6c:ee:
bc:ba:93:f5:2a:fd:df:2e:a0:17:db:55:1c:38:a5:71:22:82:
39:97:72:0d:54:78:49:2b:3f:a6:9f:69:97:18:84:b5:78:e6:
18:2c:45:e4:df:1d:75:ea:4c:fa:bd:4e:e2:9a:b0:0f:9f:71:
6c:06:6b:e5:1f:23:2f:0e:3f:c9:58:a3:9a:20:ba:3f:5f:af:
0d:f4:82:9b
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZMGqh2d5MfsGif8l/KjUKeTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQxMTA3MTI0NzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTE4ZDU5YjExZGJkNWJmNGMwODJjMjhiYTliY2UzZjkzMTQ5MzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBsalkpyaXPb+E8IsK56qQos3GwX
Onr4hAlOiW/DpOAqwbFjdLepRkWXB5iyicb4EDnk6IGOlOtveAfBhe5Cnqmm2H5q
2W8J5Fp/8ESJO9+ASh5WncVefposzymzYC7H16pDHKRis4gzyvGszD5ULXV0QI3K
zDkBQ6YXIA8JJdpmsuTQMnMVKaqMAFgOyVLg2ZYewboeVaYxEm7aTN4/B8Hilth7
tpurHtd6jrySdKHyHZHM37PaYtQc4o2qnr/1LXWeFR+sSJKCbBr9F0/i0fdNO05J
tMnyFfxMSOkW9VIsvbSst/nCb/6z1NmPSsi6Q7K/caNJOsJ3CACVGovtuQIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFHoY1ZsR29W/TAgsKLqbzj+TFJNIMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZWhqVm14SGIxYjlNQ0N3b3Vwdk9QNU1VazBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4DBAJU
IAAwDAMEAlQgJAMEAFQgJgMEAVQgUDAMAwQBVCByAwQBVCB0MAwDBANUIHgDBAFU
IHwDBABUIIQDBABUIIYDBAJUIIwwDAMEAFQgpQMEA1QgoAMEAFQgqwMEAlQgtAME
AVQg+gMEA1jYGAMEAljYRAMEAljYTDAMAwQBWNhSAwQAWNhWAwQAWNhoAwQBWNhq
AwQEWNhwAwQDWNiIMAwDBABY2JMDBABY2JQDBABY2JYwDAMEAFjYmQMEAFjYojAM
AwQCWNikAwQCWNioMAwDBABY2K0DBAJY2LAwDQYJKoZIhvcNAQELBQADggEBAJy4
kUQQZqPog5SZBCsBJnM64DDV4WEszoiXHfg84UwSPkbMHvJnjZYdv1hJ4QeFMqca
r1nmCuIw/DdKgJSV2ong+QaIp+Za/TyagDZ9NdBZ8FKcmHC47aydXSw1IjH/BLzZ
pJ4TFUPmSmij/Ptqt3hDOG+JCYwCjKuSoyeimfcLa6URbhNS+ixj0g7nWeAxDUVS
TD/Zof1rL5BkD5q7xd2kfwuSyBKzvvz/afw31H/nAU1s7ry6k/Uq/d8uoBfbVRw4
pXEigjmXcg1UeEkrP6afaZcYhLV45hgsReTfHXXqTPq9TuKasA+fcWwGa+UfIy8O
P8lYo5oguj9frw30gps=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:24:26 2024 by rpki-client on console-ams.rpki-client.org