Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/jeW7mQgdoBOIQK4IRpcMDvNH0qk.roa
File: jeW7mQgdoBOIQK4IRpcMDvNH0qk.roa (raw, json)
Hash identifier: gm89BEQQrvBc/aGFPLIwtZzHYczRF2aTFNXtEbG3XPY=
Subject key identifier: 8D:E5:BB:99:08:1D:A0:13:88:40:AE:08:46:97:0C:0E:F3:47:D2:A9
Certificate issuer: /CN=ed6da82dbc7d7e2818f96680b66efcedb1087947
Certificate serial: 01914865865D0C9EC134C5F071611C700031
Authority key identifier: ED:6D:A8:2D:BC:7D:7E:28:18:F9:66:80:B6:6E:FC:ED:B1:08:79:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W2oLbx9figY-WaAtm787bEIeUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/jeW7mQgdoBOIQK4IRpcMDvNH0qk.roa
Signing time: Mon 12 Aug 2024 21:01:38 +0000
ROA not before: Mon 12 Aug 2024 21:01:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29551
IP address blocks: 46.253.112.0/20 maxlen: 20
80.66.204.0/22 maxlen: 22
82.149.224.0/19 maxlen: 19
82.149.232.0/24 maxlen: 24
82.149.233.0/24 maxlen: 24
82.149.234.0/24 maxlen: 24
82.149.235.0/24 maxlen: 24
83.141.0.0/18 maxlen: 18
83.141.10.0/24 maxlen: 24
83.141.15.0/24 maxlen: 24
83.141.16.0/24 maxlen: 24
83.141.26.0/24 maxlen: 24
83.141.27.0/24 maxlen: 24
83.141.28.0/24 maxlen: 24
83.141.29.0/24 maxlen: 24
83.141.57.0/24 maxlen: 24
83.141.60.0/22 maxlen: 22
83.141.60.0/24 maxlen: 24
83.141.62.0/24 maxlen: 24
83.141.63.0/24 maxlen: 24
109.71.24.0/21 maxlen: 21
109.71.31.0/24 maxlen: 24
178.19.64.0/20 maxlen: 20
195.225.196.0/22 maxlen: 22
2a01:440::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/7W2oLbx9figY-WaAtm787bEIeUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/7W2oLbx9figY-WaAtm787bEIeUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/7W2oLbx9figY-WaAtm787bEIeUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:48:65:86:5d:0c:9e:c1:34:c5:f0:71:61:1c:70:00:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6da82dbc7d7e2818f96680b66efcedb1087947
Validity
Not Before: Aug 12 21:01:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8de5bb99081da0138840ae0846970c0ef347d2a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:59:76:aa:29:8a:59:ec:6e:df:b1:94:95:00:
a7:16:82:3e:73:21:e9:a4:65:cf:37:c5:86:19:20:
20:44:f1:9e:07:cb:e4:9e:ff:b3:da:62:2a:f2:e0:
0e:92:66:ff:c2:53:11:e7:5e:42:45:e3:48:39:10:
75:2f:43:98:79:92:cf:9f:9c:f3:42:9b:73:6b:3a:
cb:2f:ec:5e:b9:49:80:e1:b4:04:c5:bf:ca:9d:7b:
72:cb:48:46:1a:78:05:89:e7:86:42:d0:38:7d:8f:
b5:4e:3d:de:4e:e6:7b:b5:07:00:8e:17:7d:dc:d0:
b9:97:d4:0f:ab:f3:ac:89:fa:c6:f7:fb:01:05:11:
38:fc:37:e4:27:ef:4b:c9:4b:60:05:31:66:70:87:
b9:b0:a1:ab:cc:4c:48:a2:58:09:22:c3:73:d0:ed:
be:36:e4:5b:6f:da:99:80:98:d3:ea:88:b4:4a:2f:
36:c3:e8:79:e5:99:fa:3a:46:26:50:07:4b:3d:f7:
9f:ed:75:32:90:b2:67:9b:15:10:21:47:93:38:d8:
37:25:16:05:6d:0d:57:56:04:76:47:b0:c8:19:9f:
2c:58:d8:63:d9:2a:7c:13:0f:18:f0:fa:08:82:6a:
2b:a6:db:5b:cc:4c:f1:c9:62:0d:f7:ba:ea:84:d4:
04:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:E5:BB:99:08:1D:A0:13:88:40:AE:08:46:97:0C:0E:F3:47:D2:A9
X509v3 Authority Key Identifier:
keyid:ED:6D:A8:2D:BC:7D:7E:28:18:F9:66:80:B6:6E:FC:ED:B1:08:79:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2oLbx9figY-WaAtm787bEIeUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/jeW7mQgdoBOIQK4IRpcMDvNH0qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/7W2oLbx9figY-WaAtm787bEIeUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.112.0/20
80.66.204.0/22
82.149.224.0/19
83.141.0.0/18
109.71.24.0/21
178.19.64.0/20
195.225.196.0/22
IPv6:
2a01:440::/29
Signature Algorithm: sha256WithRSAEncryption
32:ac:7b:22:99:46:58:48:fd:97:66:bc:d8:26:e8:cd:e0:b8:
53:4b:39:3c:3d:5f:eb:79:b4:de:ff:e0:ba:46:bd:c3:31:30:
dd:38:48:f0:b8:e0:77:66:63:37:46:5f:22:df:10:ed:97:2a:
c3:1a:7c:ca:25:da:1a:da:b0:d3:32:11:0a:27:b6:1a:6c:66:
75:2c:87:14:34:40:4e:99:fc:4c:66:26:be:16:63:d9:fd:19:
1c:c3:7b:98:22:71:76:4b:48:8f:9b:19:f9:ff:40:06:66:3d:
50:c6:6e:20:74:1c:17:ad:5b:bf:2d:8a:3c:fc:7a:3f:05:8d:
98:4a:1c:f4:dc:0b:58:f8:47:ab:be:9d:cb:bd:7a:b9:46:06:
67:83:39:fa:77:c6:fd:ab:ea:54:19:11:f6:d9:97:e2:77:f1:
2a:5e:56:5f:f4:05:d7:13:a1:1a:9e:51:08:d7:5f:cf:05:c6:
75:87:f5:f9:15:a2:ee:a8:a7:49:f7:02:8b:71:4e:77:67:cf:
47:30:c3:5b:cb:6a:bb:7e:7b:f2:b9:73:83:c1:51:68:88:fe:
c4:30:84:0d:28:38:e4:28:7b:23:7a:7d:19:f1:66:0a:ba:6f:
65:42:25:ad:ca:55:ef:24:83:b8:ba:a4:03:d9:a1:86:e6:ea:
52:c4:c3:6d
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZFIZYZdDJ7BNMXwcWEccAAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhODJkYmM3ZDdlMjgxOGY5NjY4MGI2NmVmY2VkYjEw
ODc5NDcwHhcNMjQwODEyMjEwMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGU1YmI5OTA4MWRhMDEzODg0MGFlMDg0Njk3MGMwZWYzNDdkMmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqll2qimKWexu37GUlQCnFoI+cyHp
pGXPN8WGGSAgRPGeB8vknv+z2mIq8uAOkmb/wlMR515CReNIORB1L0OYeZLPn5zz
QptzazrLL+xeuUmA4bQExb/KnXtyy0hGGngFieeGQtA4fY+1Tj3eTuZ7tQcAjhd9
3NC5l9QPq/OsifrG9/sBBRE4/DfkJ+9LyUtgBTFmcIe5sKGrzExIolgJIsNz0O2+
NuRbb9qZgJjT6oi0Si82w+h55Zn6OkYmUAdLPfef7XUykLJnmxUQIUeTONg3JRYF
bQ1XVgR2R7DIGZ8sWNhj2Sp8Ew8Y8PoIgmorpttbzEzxyWIN97rqhNQEYQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFI3lu5kIHaATiECuCEaXDA7zR9KpMB8GA1UdIwQY
MBaAFO1tqC28fX4oGPlmgLZu/O2xCHlHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cyb0xieDlmaWdZLVdhQXRtNzg3YkVJZVVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zNTQ5ZmItZTNhMy00MTI0LWIzYjAt
NTk5NTc3ODdiMDE1LzEvamVXN21RZ2RvQk9JUUs0SVJwY01Edk5IMHFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8zNTQ5ZmItZTNhMy00MTI0LWIzYjAtNTk5NTc3ODdiMDE1
LzEvN1cyb0xieDlmaWdZLVdhQXRtNzg3YkVJZVVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQELv1wAwQC
UELMAwQFUpXgAwQGU40AAwQDbUcYAwQEshNAAwQCw+HEMA0EAgACMAcDBQMqAQRA
MA0GCSqGSIb3DQEBCwUAA4IBAQAyrHsimUZYSP2XZrzYJujN4LhTSzk8PV/rebTe
/+C6Rr3DMTDdOEjwuOB3ZmM3Rl8i3xDtlyrDGnzKJdoa2rDTMhEKJ7YabGZ1LIcU
NEBOmfxMZia+FmPZ/Rkcw3uYInF2S0iPmxn5/0AGZj1Qxm4gdBwXrVu/LYo8/Ho/
BY2YShz03AtY+Eervp3LvXq5RgZngzn6d8b9q+pUGRH22Zfid/EqXlZf9AXXE6Ea
nlEI11/PBcZ1h/X5FaLuqKdJ9wKLcU53Z89HMMNby2q7fnvyuXODwVFoiP7EMIQN
KDjkKHsjen0Z8WYKum9lQiWtylXvJIO4uqQD2aGG5upSxMNt
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:45:35 2024 by rpki-client on console-fra.rpki-client.org