Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/scHcnv6TrwaRFnxyoieAy0wdLy0.roa
File: scHcnv6TrwaRFnxyoieAy0wdLy0.roa (raw, json)
Hash identifier: KW0/f/Bc0ZybPczgbDkkTfSw75mnRXJrQAuIsFRlAcY=
Subject key identifier: B1:C1:DC:9E:FE:93:AF:06:91:16:7C:72:A2:27:80:CB:4C:1D:2F:2D
Certificate issuer: /CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Certificate serial: 0194266C3A512FF1F230256B8233F66A5AB3
Authority key identifier: 7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/scHcnv6TrwaRFnxyoieAy0wdLy0.roa
Signing time: Thu 02 Jan 2025 09:50:14 +0000
ROA not before: Thu 02 Jan 2025 09:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211381
IP address blocks: 5.8.248.0/24 maxlen: 24
62.233.53.0/24 maxlen: 24
77.220.212.0/24 maxlen: 24
77.220.213.0/24 maxlen: 24
109.107.157.0/24 maxlen: 24
178.159.43.0/24 maxlen: 24
185.93.6.0/24 maxlen: 24
185.201.252.0/24 maxlen: 24
185.229.251.0/24 maxlen: 24
185.235.128.0/24 maxlen: 24
185.237.165.0/24 maxlen: 24
185.241.61.0/24 maxlen: 24
185.244.218.0/24 maxlen: 24
185.244.219.0/24 maxlen: 24
185.250.207.0/24 maxlen: 24
185.251.25.0/24 maxlen: 24
193.3.168.0/24 maxlen: 24
193.169.105.0/24 maxlen: 24
194.15.46.0/24 maxlen: 24
194.26.232.0/24 maxlen: 24
194.62.105.0/24 maxlen: 24
212.86.114.0/24 maxlen: 24
212.86.115.0/24 maxlen: 24
212.162.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/f8rYnfG_maNvKQzD7w8ee00CdTM.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/f8rYnfG_maNvKQzD7w8ee00CdTM.mft
rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:3a:51:2f:f1:f2:30:25:6b:82:33:f6:6a:5a:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Validity
Not Before: Jan 2 09:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1c1dc9efe93af0691167c72a22780cb4c1d2f2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c2:31:92:2d:d2:3a:08:30:ad:97:ff:35:d4:
da:cf:96:40:aa:ff:9e:aa:28:f1:e2:08:76:f2:57:
1d:bc:fe:74:64:e9:fa:4b:6d:5f:86:ec:ea:70:86:
8e:4e:8d:75:09:5c:a9:24:bd:cb:75:0d:2c:7a:3f:
bc:2d:ff:fd:e4:08:a6:0f:75:8c:12:11:04:78:28:
dd:74:00:3a:d3:bc:c9:93:26:58:06:45:e3:83:c6:
fa:81:6c:4d:bf:5b:f5:35:a5:75:46:cd:14:6a:f4:
c9:ee:86:02:e8:40:b9:6c:38:7e:57:2c:30:3d:2e:
81:73:9c:54:49:fb:76:55:f9:12:f8:f7:8f:ee:8a:
83:c2:02:3b:0b:ab:a7:4b:90:c8:52:36:8f:4b:81:
4f:fc:c3:7e:55:1d:45:57:b7:44:dc:ff:27:ac:37:
a5:f0:0d:49:c0:3c:2b:47:75:fc:4f:db:56:0a:ca:
5c:2f:d2:b8:7f:42:f8:fd:94:88:83:fb:12:2c:5c:
24:04:39:5e:3c:11:b9:b5:e9:13:55:61:6d:b1:3e:
31:89:1c:59:68:98:62:47:51:42:28:3b:02:a9:c7:
af:a4:ea:c5:35:08:df:e5:f9:8d:80:6c:40:d8:72:
da:75:00:b1:e2:89:97:f5:f7:8c:b0:c0:f5:c9:3b:
82:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:C1:DC:9E:FE:93:AF:06:91:16:7C:72:A2:27:80:CB:4C:1D:2F:2D
X509v3 Authority Key Identifier:
keyid:7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/scHcnv6TrwaRFnxyoieAy0wdLy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/f8rYnfG_maNvKQzD7w8ee00CdTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.248.0/24
62.233.53.0/24
77.220.212.0/23
109.107.157.0/24
178.159.43.0/24
185.93.6.0/24
185.201.252.0/24
185.229.251.0/24
185.235.128.0/24
185.237.165.0/24
185.241.61.0/24
185.244.218.0/23
185.250.207.0/24
185.251.25.0/24
193.3.168.0/24
193.169.105.0/24
194.15.46.0/24
194.26.232.0/24
194.62.105.0/24
212.86.114.0/23
212.162.154.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:86:5c:84:30:33:a8:6d:e6:80:bb:60:07:70:39:21:d7:ff:
65:26:d4:76:5f:aa:c4:6b:ce:07:a2:db:83:75:c8:a7:19:b5:
c6:11:77:ca:70:fb:0d:27:1d:94:27:a2:e6:72:4d:ef:ac:a8:
3b:09:bd:23:ef:b8:89:11:83:95:d3:1f:34:21:b9:90:c8:ac:
52:25:5f:8c:bf:4f:ec:9f:57:51:50:17:08:82:fd:ce:c9:92:
97:a4:5a:60:b1:33:db:b2:93:f6:33:4e:25:0b:5f:c5:eb:1e:
c1:25:54:5e:08:43:2e:5b:ab:35:8a:58:31:c5:5b:80:fc:8f:
ae:de:5a:48:b0:5d:ff:e9:2c:87:d7:98:24:a2:11:de:53:05:
4b:1b:6c:1c:1e:f4:53:24:31:98:cb:8f:e8:c7:53:09:b7:8b:
46:8c:9f:50:85:5e:b9:e4:44:fd:08:81:8b:02:3b:32:e3:aa:
9e:ed:44:c9:58:39:5b:18:41:c3:4a:da:1d:89:4b:76:d2:1d:
10:c6:26:0d:81:a5:7a:0d:9f:a9:38:21:8a:ff:d5:45:ab:7b:
42:79:10:b3:42:15:a1:8c:a3:d0:05:05:cc:f7:9d:f9:72:b5:
3a:1e:ef:c2:60:10:fc:ed:dd:82:b4:13:85:c0:68:9e:6d:28:
e7:a8:87:0f
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZQmbDpRL/HyMCVrgjP2alqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmY2FkODlkZjFiZjk5YTM2ZjI5MGNjM2VmMGYxZTdiNGQw
Mjc1MzMwHhcNMjUwMTAyMDk1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWMxZGM5ZWZlOTNhZjA2OTExNjdjNzJhMjI3ODBjYjRjMWQyZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8Ixki3SOggwrZf/NdTaz5ZAqv+e
qijx4gh28lcdvP50ZOn6S21fhuzqcIaOTo11CVypJL3LdQ0sej+8Lf/95AimD3WM
EhEEeCjddAA607zJkyZYBkXjg8b6gWxNv1v1NaV1Rs0UavTJ7oYC6EC5bDh+Vyww
PS6Bc5xUSft2VfkS+PeP7oqDwgI7C6unS5DIUjaPS4FP/MN+VR1FV7dE3P8nrDel
8A1JwDwrR3X8T9tWCspcL9K4f0L4/ZSIg/sSLFwkBDlePBG5tekTVWFtsT4xiRxZ
aJhiR1FCKDsCqcevpOrFNQjf5fmNgGxA2HLadQCx4omX9feMsMD1yTuCrQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFLHB3J7+k68GkRZ8cqIngMtMHS8tMB8GA1UdIwQY
MBaAFH/K2J3xv5mjbykMw+8PHntNAnUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMt
MDE1ZDlmMWI0YjUwLzEvc2NIY252NlRyd2FSRm54eW9pZUF5MHdkTHkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMtMDE1ZDlmMWI0YjUw
LzEvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAAUI
+AMEAD7pNQMEAU3c1AMEAG1rnQMEALKfKwMEALldBgMEALnJ/AMEALnl+wMEALnr
gAMEALntpQMEALnxPQMEAbn02gMEALn6zwMEALn7GQMEAMEDqAMEAMGpaQMEAMIP
LgMEAMIa6AMEAMI+aQMEAdRWcgMEANSimjANBgkqhkiG9w0BAQsFAAOCAQEAjYZc
hDAzqG3mgLtgB3A5Idf/ZSbUdl+qxGvOB6Lbg3XIpxm1xhF3ynD7DScdlCei5nJN
76yoOwm9I++4iRGDldMfNCG5kMisUiVfjL9P7J9XUVAXCIL9zsmSl6RaYLEz27KT
9jNOJQtfxesewSVUXghDLlurNYpYMcVbgPyPrt5aSLBd/+ksh9eYJKIR3lMFSxts
HB70UyQxmMuP6MdTCbeLRoyfUIVeueRE/QiBiwI7MuOqnu1EyVg5WxhBw0raHYlL
dtIdEMYmDYGleg2fqTghiv/VRat7QnkQs0IVoYyj0AUFzPed+XK1Oh7vwmAQ/O3d
grQThcBonm0o56iHDw==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:53 2025 by rpki-client