Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/OfmwTDFzRg6pjZvS6Gqcp6c5SHo.roa
File: OfmwTDFzRg6pjZvS6Gqcp6c5SHo.roa (raw, json)
Hash identifier: jGTBhNnmDNrZNtfHucGMqQRBba89Ac9p7fG8W9eEREw=
Subject key identifier: 39:F9:B0:4C:31:73:46:0E:A9:8D:9B:D2:E8:6A:9C:A7:A7:39:48:7A
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019355798F558DBDE1017CF2FDFC11A08BCD
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/OfmwTDFzRg6pjZvS6Gqcp6c5SHo.roa
Signing time: Fri 22 Nov 2024 20:04:10 +0000
ROA not before: Fri 22 Nov 2024 20:04:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29278
IP address blocks: 79.172.192.0/18 maxlen: 18
79.172.211.0/24 maxlen: 24
79.172.213.0/24 maxlen: 24
84.21.0.0/19 maxlen: 19
84.21.7.0/24 maxlen: 24
84.21.8.0/24 maxlen: 24
84.21.11.0/24 maxlen: 24
84.21.15.0/24 maxlen: 24
84.21.16.0/24 maxlen: 24
84.21.18.0/24 maxlen: 24
84.21.19.0/24 maxlen: 24
87.229.15.0/24 maxlen: 24
87.229.26.0/24 maxlen: 24
87.229.32.0/24 maxlen: 24
87.229.33.0/24 maxlen: 24
87.229.45.0/24 maxlen: 24
87.229.53.0/24 maxlen: 24
87.229.54.0/24 maxlen: 24
87.229.55.0/24 maxlen: 24
87.229.58.0/24 maxlen: 24
87.229.59.0/24 maxlen: 24
87.229.65.0/24 maxlen: 24
87.229.66.0/24 maxlen: 24
87.229.73.0/24 maxlen: 24
87.229.74.0/23 maxlen: 23
87.229.78.0/24 maxlen: 24
87.229.83.0/24 maxlen: 24
87.229.93.0/24 maxlen: 24
87.229.94.0/24 maxlen: 24
87.229.96.0/24 maxlen: 24
87.229.105.0/24 maxlen: 24
87.229.113.0/24 maxlen: 24
87.229.114.0/24 maxlen: 24
87.229.116.0/24 maxlen: 24
87.229.118.0/24 maxlen: 24
87.229.121.0/24 maxlen: 24
95.138.192.0/21 maxlen: 21
178.238.208.0/20 maxlen: 20
178.238.208.0/21 maxlen: 21
178.238.216.0/21 maxlen: 21
213.181.200.0/24 maxlen: 24
213.181.204.0/24 maxlen: 24
213.181.207.0/24 maxlen: 24
213.181.210.0/24 maxlen: 24
213.181.219.0/24 maxlen: 24
213.181.221.0/24 maxlen: 24
217.113.50.0/24 maxlen: 24
217.113.51.0/24 maxlen: 24
217.113.52.0/24 maxlen: 24
217.113.53.0/24 maxlen: 24
217.113.61.0/24 maxlen: 24
217.113.63.0/24 maxlen: 24
217.144.48.0/23 maxlen: 23
217.144.50.0/24 maxlen: 24
217.144.56.0/21 maxlen: 21
2a02:730::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:55:79:8f:55:8d:bd:e1:01:7c:f2:fd:fc:11:a0:8b:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Nov 22 20:04:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39f9b04c3173460ea98d9bd2e86a9ca7a739487a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:35:9e:57:77:a0:4a:21:6f:78:08:4f:81:7a:
6f:5f:f6:77:c7:0a:00:8c:93:68:fa:b0:ff:eb:74:
35:30:f9:49:d9:f5:39:2b:11:68:b0:3c:05:d9:4b:
77:a6:59:03:39:62:89:7a:a1:de:ca:64:e5:fa:ca:
f9:f3:52:8e:88:c8:a4:73:7d:f9:a0:36:f9:8a:cc:
6a:79:5f:34:e2:1a:b4:97:78:44:b1:89:12:ba:c4:
d3:33:de:7b:fc:2a:3e:1d:b1:2f:50:78:4e:18:98:
28:4b:1f:92:ac:3e:3a:a6:33:94:4a:96:64:a3:bd:
9f:27:6f:b9:d6:f2:5d:7f:08:67:09:f8:fe:68:54:
16:49:8f:1e:8d:32:bd:d6:dd:e1:e6:cd:9d:39:3d:
44:fc:93:22:d6:94:01:30:34:93:91:07:fb:2e:30:
5e:3f:4a:3c:0c:8a:4b:e9:1c:7a:29:4e:ce:54:ce:
ac:7b:d0:94:eb:5f:57:f5:f4:9f:94:9d:1c:09:c4:
26:14:43:cc:0d:81:49:fb:7b:94:1d:c9:5a:93:f8:
38:c6:7b:bc:30:70:ff:9b:5d:6f:76:06:5f:69:b5:
c6:e4:43:d0:4d:c2:f5:c3:3a:66:98:9e:49:93:19:
35:f8:f9:73:96:4b:2e:38:6f:04:0a:a1:fa:dc:43:
7f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:F9:B0:4C:31:73:46:0E:A9:8D:9B:D2:E8:6A:9C:A7:A7:39:48:7A
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/OfmwTDFzRg6pjZvS6Gqcp6c5SHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.192.0/18
84.21.0.0/19
87.229.15.0/24
87.229.26.0/24
87.229.32.0/23
87.229.45.0/24
87.229.53.0-87.229.55.255
87.229.58.0/23
87.229.65.0-87.229.66.255
87.229.73.0-87.229.75.255
87.229.78.0/24
87.229.83.0/24
87.229.93.0-87.229.94.255
87.229.96.0/24
87.229.105.0/24
87.229.113.0-87.229.114.255
87.229.116.0/24
87.229.118.0/24
87.229.121.0/24
95.138.192.0/21
178.238.208.0/20
213.181.200.0/24
213.181.204.0/24
213.181.207.0/24
213.181.210.0/24
213.181.219.0/24
213.181.221.0/24
217.113.50.0-217.113.53.255
217.113.61.0/24
217.113.63.0/24
217.144.48.0-217.144.50.255
217.144.56.0/21
IPv6:
2a02:730::/32
Signature Algorithm: sha256WithRSAEncryption
8a:98:ed:61:48:7e:a2:43:75:b6:0f:3c:c2:01:41:9a:6e:da:
52:2d:0f:b1:40:c6:d3:57:4a:c1:29:ac:db:e3:53:1b:6b:84:
46:4d:a1:57:e6:32:49:e5:e6:52:c3:bd:3e:89:5f:a0:5d:36:
38:af:7a:25:f5:f9:64:f9:80:ea:57:55:30:75:96:c7:5d:23:
a0:5f:4d:4e:4c:ca:f9:96:da:f1:bd:d9:86:90:f5:f0:db:32:
3b:b6:53:f6:27:03:39:a9:21:99:7f:2e:cb:84:6b:2a:1c:da:
ca:6c:e7:97:14:1a:a2:cc:c0:d8:4c:5d:ea:4c:94:17:af:12:
7c:7d:0b:a3:bb:c7:a3:7d:72:43:b8:85:61:c2:b3:ff:cb:52:
b3:42:55:51:16:20:78:f9:31:a1:31:5e:56:50:dc:b8:7c:a7:
a5:43:7c:86:78:ef:2b:4f:0d:0a:30:1f:bb:f4:4c:b3:1e:21:
af:af:14:f9:11:50:b6:cc:6d:73:b5:c3:cc:4a:b9:44:99:26:
0f:79:83:a9:ea:fd:a6:16:30:ee:5c:68:f2:4b:4a:06:9d:dd:
f8:2a:4e:a4:e4:e9:fc:69:8e:d6:05:13:ae:42:07:21:f4:ae:
82:ae:21:c0:f3:58:6b:ed:cf:d9:36:35:fe:bc:e9:3b:e1:21:
c5:7b:8b:c1
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgISAZNVeY9Vjb3hAXzy/fwRoIvNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQxMTIyMjAwNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWY5YjA0YzMxNzM0NjBlYTk4ZDliZDJlODZhOWNhN2E3Mzk0ODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTWeV3egSiFveAhPgXpvX/Z3xwoA
jJNo+rD/63Q1MPlJ2fU5KxFosDwF2Ut3plkDOWKJeqHeymTl+sr581KOiMikc335
oDb5isxqeV804hq0l3hEsYkSusTTM957/Co+HbEvUHhOGJgoSx+SrD46pjOUSpZk
o72fJ2+51vJdfwhnCfj+aFQWSY8ejTK91t3h5s2dOT1E/JMi1pQBMDSTkQf7LjBe
P0o8DIpL6Rx6KU7OVM6se9CU619X9fSflJ0cCcQmFEPMDYFJ+3uUHclak/g4xnu8
MHD/m11vdgZfabXG5EPQTcL1wzpmmJ5Jkxk1+PlzlksuOG8ECqH63EN/qwIDAQAB
o4IDEjCCAw4wHQYDVR0OBBYEFDn5sEwxc0YOqY2b0uhqnKenOUh6MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvT2Ztd1RERnpSZzZwalp2UzZHcWNwNmM1U0hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJgYIKwYBBQUHAQcBAf8EggEVMIIBETCB/wQCAAEwgfgD
BAZPrMADBAVUFQADBABX5Q8DBABX5RoDBAFX5SADBABX5S0wDAMEAFflNQMEA1fl
MAMEAVflOjAMAwQAV+VBAwQAV+VCMAwDBABX5UkDBAJX5UgDBABX5U4DBABX5VMw
DAMEAFflXQMEAFflXgMEAFflYAMEAFflaTAMAwQAV+VxAwQAV+VyAwQAV+V0AwQA
V+V2AwQAV+V5AwQDX4rAAwQEsu7QAwQA1bXIAwQA1bXMAwQA1bXPAwQA1bXSAwQA
1bXbAwQA1bXdMAwDBAHZcTIDBAHZcTQDBADZcT0DBADZcT8wDAMEBNmQMAMEANmQ
MgMEA9mQODANBAIAAjAHAwUAKgIHMDANBgkqhkiG9w0BAQsFAAOCAQEAipjtYUh+
okN1tg88wgFBmm7aUi0PsUDG01dKwSms2+NTG2uERk2hV+YySeXmUsO9PolfoF02
OK96JfX5ZPmA6ldVMHWWx10joF9NTkzK+Zba8b3ZhpD18NsyO7ZT9icDOakhmX8u
y4RrKhzaymznlxQaoszA2Exd6kyUF68SfH0Lo7vHo31yQ7iFYcKz/8tSs0JVURYg
ePkxoTFeVlDcuHynpUN8hnjvK08NCjAfu/RMsx4hr68U+RFQtsxtc7XDzEq5RJkm
D3mDqer9phYw7lxo8ktKBp3d+CpOpOTp/GmO1gUTrkIHIfSugq4hwPNYa+3P2TY1
/rzpO+EhxXuLwQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 16:19:00 2024 by rpki-client on console-fra.rpki-client.org