Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/KUIGCtiPbKWqTJt9HaEeDr9KLa4.roa
File: KUIGCtiPbKWqTJt9HaEeDr9KLa4.roa (raw, json)
Hash identifier: J1ot2Gr0BySXQpk2HWZnrKNBnl9NFLfKHqd3MHI5m9Y=
Subject key identifier: 29:42:06:0A:D8:8F:6C:A5:AA:4C:9B:7D:1D:A1:1E:0E:BF:4A:2D:AE
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018F85CD2334E28952E87E29F932A15A6AAD
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/KUIGCtiPbKWqTJt9HaEeDr9KLa4.roa
Signing time: Fri 17 May 2024 09:06:04 +0000
ROA not before: Fri 17 May 2024 09:06:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29278
IP address blocks: 79.172.192.0/18 maxlen: 18
84.21.0.0/19 maxlen: 19
84.21.7.0/24 maxlen: 24
84.21.8.0/24 maxlen: 24
84.21.11.0/24 maxlen: 24
84.21.15.0/24 maxlen: 24
84.21.16.0/24 maxlen: 24
84.21.18.0/24 maxlen: 24
84.21.19.0/24 maxlen: 24
87.229.0.0/17 maxlen: 17
87.229.26.0/24 maxlen: 24
87.229.32.0/24 maxlen: 24
87.229.33.0/24 maxlen: 24
87.229.40.0/23 maxlen: 23
87.229.45.0/24 maxlen: 24
87.229.53.0/24 maxlen: 24
87.229.54.0/24 maxlen: 24
87.229.55.0/24 maxlen: 24
87.229.58.0/24 maxlen: 24
87.229.64.0/19 maxlen: 24
87.229.96.0/24 maxlen: 24
87.229.105.0/24 maxlen: 24
87.229.112.0/20 maxlen: 24
95.138.192.0/21 maxlen: 21
178.238.208.0/20 maxlen: 20
178.238.208.0/21 maxlen: 21
178.238.216.0/21 maxlen: 21
213.181.200.0/24 maxlen: 24
213.181.204.0/24 maxlen: 24
213.181.205.0/24 maxlen: 24
213.181.207.0/24 maxlen: 24
213.181.210.0/24 maxlen: 24
213.181.211.0/24 maxlen: 24
213.181.219.0/24 maxlen: 24
213.181.221.0/24 maxlen: 24
217.113.50.0/24 maxlen: 24
217.113.51.0/24 maxlen: 24
217.113.53.0/24 maxlen: 24
217.113.61.0/24 maxlen: 24
217.113.63.0/24 maxlen: 24
217.144.48.0/23 maxlen: 23
217.144.50.0/24 maxlen: 24
217.144.56.0/21 maxlen: 21
2a02:730::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 05:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:85:cd:23:34:e2:89:52:e8:7e:29:f9:32:a1:5a:6a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: May 17 09:06:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2942060ad88f6ca5aa4c9b7d1da11e0ebf4a2dae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d6:22:08:bf:62:2d:c9:59:b6:c3:55:52:33:
f0:88:90:e1:04:7b:90:f7:38:a3:ea:82:38:a8:87:
02:69:c4:d5:42:d7:42:6a:50:14:d8:ab:64:d4:8e:
9b:07:3d:64:9f:e4:24:ae:bb:7d:8c:62:8d:37:0b:
93:04:7e:71:1d:51:5b:ef:e7:21:7c:5a:d1:49:27:
f6:91:23:a1:28:a0:85:57:5c:46:72:ea:da:22:00:
68:0b:6d:f6:40:00:cf:82:bf:00:8e:35:c7:72:8c:
bf:a6:5f:ff:f2:6b:1f:9e:f2:af:a8:08:0a:e6:ea:
73:8b:9b:d7:59:d1:ae:46:2f:09:31:3d:8d:f4:6c:
e3:83:7e:88:a9:4c:56:99:1c:a8:ee:1f:4e:1b:d4:
63:17:43:9c:49:26:a1:55:ac:7d:1f:85:ec:7e:8a:
ff:b2:71:9a:45:b1:15:b3:c5:80:25:53:0b:f2:9a:
a8:36:9c:9d:38:78:d7:11:c8:77:40:32:65:21:61:
0a:57:cd:82:46:31:63:76:53:e8:a5:1b:1c:3b:85:
24:30:9f:d9:86:a0:a3:58:c7:33:14:ea:68:3a:61:
03:5a:e2:4d:8d:2c:84:f3:f9:e8:b0:62:f5:29:3e:
5f:b3:bc:fa:95:07:b3:c1:fe:89:d9:1d:64:51:2d:
4e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:42:06:0A:D8:8F:6C:A5:AA:4C:9B:7D:1D:A1:1E:0E:BF:4A:2D:AE
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/KUIGCtiPbKWqTJt9HaEeDr9KLa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.192.0/18
84.21.0.0/19
87.229.0.0/17
95.138.192.0/21
178.238.208.0/20
213.181.200.0/24
213.181.204.0/23
213.181.207.0/24
213.181.210.0/23
213.181.219.0/24
213.181.221.0/24
217.113.50.0/23
217.113.53.0/24
217.113.61.0/24
217.113.63.0/24
217.144.48.0-217.144.50.255
217.144.56.0/21
IPv6:
2a02:730::/32
Signature Algorithm: sha256WithRSAEncryption
4c:a6:9b:65:33:e4:ad:71:37:af:92:ee:af:3d:58:9f:ad:48:
35:e6:86:27:60:bd:57:9a:dc:a8:0f:bd:78:28:c4:a0:5d:be:
31:b4:4a:14:91:74:0c:c5:45:80:7b:bb:cb:0f:77:2e:ed:53:
92:dc:be:64:6f:9e:4b:41:00:39:f7:f9:4b:f6:ef:dc:07:84:
b6:f3:6e:d2:ed:86:ce:df:e5:01:b3:e1:fc:32:ca:ef:94:08:
8a:97:29:e3:67:fc:29:67:e4:6f:d0:26:c2:84:49:d1:f6:57:
34:dc:79:6e:df:47:d4:fe:44:34:fc:da:fa:3f:12:0a:9a:9d:
7e:3f:bd:6d:6c:f0:14:c3:63:46:5f:63:13:3f:7f:1b:9e:3e:
10:f3:08:a4:5b:5a:5f:7a:90:0b:d4:d1:47:a3:d1:04:7b:83:
ca:8a:21:89:2b:23:12:fc:15:6a:b7:7a:31:38:f5:58:61:02:
1c:be:74:de:47:04:a6:84:44:33:a8:b5:fd:67:8b:92:0f:18:
6b:d1:3f:4b:03:de:1e:25:41:bc:95:21:c4:b1:25:60:fe:ac:
f4:74:29:cb:f7:3a:25:b7:23:96:c1:39:41:6c:ce:45:f4:6f:
65:37:9c:69:d2:25:f7:1b:a0:15:57:12:35:d3:ee:13:33:a0:
ef:4e:a0:cd
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAY+FzSM04olS6H4p+TKhWmqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwNTE3MDkwNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTQyMDYwYWQ4OGY2Y2E1YWE0YzliN2QxZGExMWUwZWJmNGEyZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudYiCL9iLclZtsNVUjPwiJDhBHuQ
9zij6oI4qIcCacTVQtdCalAU2Ktk1I6bBz1kn+Qkrrt9jGKNNwuTBH5xHVFb7+ch
fFrRSSf2kSOhKKCFV1xGcuraIgBoC232QADPgr8AjjXHcoy/pl//8msfnvKvqAgK
5upzi5vXWdGuRi8JMT2N9Gzjg36IqUxWmRyo7h9OG9RjF0OcSSahVax9H4Xsfor/
snGaRbEVs8WAJVML8pqoNpydOHjXEch3QDJlIWEKV82CRjFjdlPopRscO4UkMJ/Z
hqCjWMczFOpoOmEDWuJNjSyE8/nosGL1KT5fs7z6lQezwf6J2R1kUS1OiwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFClCBgrYj2ylqkybfR2hHg6/Si2uMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvS1VJR0N0aVBiS1dxVEp0OUhhRWVEcjlLTGE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQGT6zA
AwQFVBUAAwQHV+UAAwQDX4rAAwQEsu7QAwQA1bXIAwQB1bXMAwQA1bXPAwQB1bXS
AwQA1bXbAwQA1bXdAwQB2XEyAwQA2XE1AwQA2XE9AwQA2XE/MAwDBATZkDADBADZ
kDIDBAPZkDgwDQQCAAIwBwMFACoCBzAwDQYJKoZIhvcNAQELBQADggEBAEymm2Uz
5K1xN6+S7q89WJ+tSDXmhidgvVea3KgPvXgoxKBdvjG0ShSRdAzFRYB7u8sPdy7t
U5LcvmRvnktBADn3+Uv279wHhLbzbtLths7f5QGz4fwyyu+UCIqXKeNn/Cln5G/Q
JsKESdH2VzTceW7fR9T+RDT82vo/EgqanX4/vW1s8BTDY0ZfYxM/fxuePhDzCKRb
Wl96kAvU0Uej0QR7g8qKIYkrIxL8FWq3ejE49VhhAhy+dN5HBKaERDOotf1ni5IP
GGvRP0sD3h4lQbyVIcSxJWD+rPR0Kcv3OiW3I5bBOUFszkX0b2U3nGnSJfcboBVX
EjXT7hMzoO9OoM0=
-----END CERTIFICATE-----
Generated at Sun Jun 2 14:51:45 2024 by rpki-client on console-fra.rpki-client.org