Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/1-2jkE-S8YOQXqBVGOy0fxv8cxGk.roa
File: 1-2jkE-S8YOQXqBVGOy0fxv8cxGk.roa (raw, json)
Hash identifier: ZFy1OZoKPm5Ku/oPbhSJZWF6h7dqeZ+El4uzIbU5fZQ=
Subject key identifier: FB:68:E4:13:E4:BC:60:E4:17:A8:15:46:3B:2D:1F:C6:FF:1C:C4:69
Certificate issuer: /CN=a4cb50e78a3a31e3375cf2aab865e845ff2e99c1
Certificate serial: 0191BD8875CF3C079CFD34D8C7FAF8CB218E
Authority key identifier: A4:CB:50:E7:8A:3A:31:E3:37:5C:F2:AA:B8:65:E8:45:FF:2E:99:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/1-2jkE-S8YOQXqBVGOy0fxv8cxGk.roa
Signing time: Wed 04 Sep 2024 14:55:22 +0000
ROA not before: Wed 04 Sep 2024 14:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5394
IP address blocks: 77.39.160.0/19 maxlen: 19
77.39.160.0/20 maxlen: 20
77.39.176.0/20 maxlen: 20
77.39.224.0/19 maxlen: 19
77.39.224.0/20 maxlen: 20
77.39.240.0/20 maxlen: 20
81.29.180.0/22 maxlen: 22
81.29.184.0/21 maxlen: 21
82.145.96.0/23 maxlen: 24
82.145.102.0/23 maxlen: 24
82.145.104.0/21 maxlen: 24
82.145.112.0/20 maxlen: 24
194.79.192.0/19 maxlen: 19
194.79.192.0/20 maxlen: 20
194.79.207.0/24 maxlen: 24
194.79.208.0/20 maxlen: 20
194.183.0.0/19 maxlen: 19
194.183.16.0/24 maxlen: 24
195.94.128.0/18 maxlen: 18
195.94.152.0/24 maxlen: 24
195.94.160.0/24 maxlen: 24
195.250.224.0/19 maxlen: 19
195.250.224.0/24 maxlen: 24
195.250.232.0/24 maxlen: 24
213.233.0.0/18 maxlen: 18
213.233.0.0/19 maxlen: 19
213.233.27.0/24 maxlen: 24
213.233.32.0/19 maxlen: 19
213.233.36.0/24 maxlen: 24
217.72.96.0/20 maxlen: 20
2a02:688::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/pMtQ54o6MeM3XPKquGXoRf8umcE.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/pMtQ54o6MeM3XPKquGXoRf8umcE.mft
rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 08:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:88:75:cf:3c:07:9c:fd:34:d8:c7:fa:f8:cb:21:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4cb50e78a3a31e3375cf2aab865e845ff2e99c1
Validity
Not Before: Sep 4 14:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb68e413e4bc60e417a815463b2d1fc6ff1cc469
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3f:ac:5d:53:d5:b3:f5:a9:7f:55:9d:04:bf:
85:e1:07:1e:31:27:79:11:32:6f:40:74:27:77:99:
1f:1e:2f:00:94:ca:2a:f0:82:38:5c:fa:f3:2e:9a:
66:12:c5:c4:c2:4c:5c:66:55:73:62:ba:07:79:9c:
72:54:21:a5:ec:6d:4d:3a:a8:4e:3e:63:25:aa:08:
59:87:8c:ea:5e:8d:58:13:45:83:c0:6b:c5:44:77:
37:a4:c2:bc:94:ef:5b:62:0c:71:1b:14:fe:36:5a:
1b:2d:57:03:0b:13:71:45:4a:b4:24:5f:b8:6d:e7:
ca:f4:f4:b5:ed:19:57:46:d7:0c:b3:ea:fc:75:3e:
c8:38:15:18:8d:27:92:65:09:45:39:27:f1:67:e2:
dc:99:50:b0:bd:8f:ab:01:cb:68:68:55:f7:18:68:
78:c4:dc:04:7b:f7:a9:c0:12:93:41:16:48:b5:23:
6f:89:41:ef:79:05:72:b7:ee:53:ba:a8:7e:d9:2f:
ce:d8:d5:3f:dc:71:1b:92:99:9d:37:82:50:c0:fc:
50:bf:b4:fe:91:10:c5:2f:5f:79:92:aa:73:8a:cb:
a1:b3:dd:57:24:10:09:f4:d6:3d:8d:07:28:cc:bf:
6f:05:46:a4:7c:10:d6:9b:55:47:49:81:2b:46:89:
0c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:68:E4:13:E4:BC:60:E4:17:A8:15:46:3B:2D:1F:C6:FF:1C:C4:69
X509v3 Authority Key Identifier:
keyid:A4:CB:50:E7:8A:3A:31:E3:37:5C:F2:AA:B8:65:E8:45:FF:2E:99:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/1-2jkE-S8YOQXqBVGOy0fxv8cxGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/pMtQ54o6MeM3XPKquGXoRf8umcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.39.160.0/19
77.39.224.0/19
81.29.180.0-81.29.191.255
82.145.96.0/23
82.145.102.0-82.145.127.255
194.79.192.0/19
194.183.0.0/19
195.94.128.0/18
195.250.224.0/19
213.233.0.0/18
217.72.96.0/20
IPv6:
2a02:688::/32
Signature Algorithm: sha256WithRSAEncryption
23:48:96:10:ce:fe:33:9d:94:11:0f:af:72:b8:09:c4:86:0f:
e7:cf:ff:04:4c:4a:f6:ff:37:b6:09:c9:60:27:37:60:77:ab:
fc:26:c2:fc:92:8c:e3:98:82:5b:9f:9e:3e:3a:5b:09:24:50:
c0:12:32:f8:7d:aa:25:c7:85:ee:81:bf:dc:e5:df:ae:59:32:
d9:3a:99:76:48:b8:86:19:48:16:e7:f7:71:51:5e:4c:5b:f5:
78:e0:db:cb:0b:08:c9:42:18:6c:33:04:58:e0:c5:cd:38:bd:
a3:36:8f:27:24:b2:ac:d0:d6:00:2f:1b:2e:0f:60:70:46:80:
0a:86:1e:3b:38:c0:0e:bb:96:83:e0:41:b8:02:9f:e1:b5:f6:
e0:48:0d:f4:ea:f7:ac:85:01:fa:4a:fb:d6:57:ae:0e:3e:44:
ed:0d:53:52:55:40:c2:69:40:91:ad:c6:e7:ed:00:b0:b3:74:
44:11:0f:28:92:10:61:1d:a0:e7:b5:09:57:33:23:51:42:88:
57:e4:3c:75:fc:13:8d:59:a0:89:0f:62:d6:9c:fe:b1:1d:ae:
58:ea:51:e8:f3:80:47:a7:e6:7d:ae:43:53:d5:77:88:16:b3:
86:1c:11:da:f8:c6:ae:ab:99:76:35:63:61:c2:c4:ae:17:3f:
c7:20:64:ac
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZG9iHXPPAec/TTYx/r4yyGOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2I1MGU3OGEzYTMxZTMzNzVjZjJhYWI4NjVlODQ1ZmYy
ZTk5YzEwHhcNMjQwOTA0MTQ1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjY4ZTQxM2U0YmM2MGU0MTdhODE1NDYzYjJkMWZjNmZmMWNjNDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz+sXVPVs/Wpf1WdBL+F4QceMSd5
ETJvQHQnd5kfHi8AlMoq8II4XPrzLppmEsXEwkxcZlVzYroHeZxyVCGl7G1NOqhO
PmMlqghZh4zqXo1YE0WDwGvFRHc3pMK8lO9bYgxxGxT+NlobLVcDCxNxRUq0JF+4
befK9PS17RlXRtcMs+r8dT7IOBUYjSeSZQlFOSfxZ+LcmVCwvY+rActoaFX3GGh4
xNwEe/epwBKTQRZItSNviUHveQVyt+5Tuqh+2S/O2NU/3HEbkpmdN4JQwPxQv7T+
kRDFL195kqpzisuhs91XJBAJ9NY9jQcozL9vBUakfBDWm1VHSYErRokMbwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFPto5BPkvGDkF6gVRjstH8b/HMRpMB8GA1UdIwQY
MBaAFKTLUOeKOjHjN1zyqrhl6EX/LpnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE10UTU0bzZNZU0zWFBLcXVHWG9SZjh1bWNFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9iMWYyZTAtOGE2MC00YzhhLTkwZGMt
NGJlNzk0ZDY0MDZkLzEvMS0yamtFLVM4WU9RWHFCVkdPeTBmeHY4Y3hHay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTcvYjFmMmUwLThhNjAtNGM4YS05MGRjLTRiZTc5NGQ2NDA2
ZC8xL3BNdFE1NG82TWVNM1hQS3F1R1hvUmY4dW1jRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB6BggrBgEFBQcBBwEB/wRrMGkwWAQCAAEwUgMEBU0noAME
BU0n4DAMAwQCUR20AwQGUR2AAwQBUpFgMAwDBAFSkWYDBAdSkQADBAXCT8ADBAXC
twADBAbDXoADBAXD+uADBAbV6QADBATZSGAwDQQCAAIwBwMFACoCBogwDQYJKoZI
hvcNAQELBQADggEBACNIlhDO/jOdlBEPr3K4CcSGD+fP/wRMSvb/N7YJyWAnN2B3
q/wmwvySjOOYglufnj46WwkkUMASMvh9qiXHhe6Bv9zl365ZMtk6mXZIuIYZSBbn
93FRXkxb9Xjg28sLCMlCGGwzBFjgxc04vaM2jycksqzQ1gAvGy4PYHBGgAqGHjs4
wA67loPgQbgCn+G19uBIDfTq96yFAfpK+9ZXrg4+RO0NU1JVQMJpQJGtxuftALCz
dEQRDyiSEGEdoOe1CVczI1FCiFfkPHX8E41ZoIkPYtac/rEdrljqUejzgEen5n2u
Q1PVd4gWs4YcEdr4xq6rmXY1Y2HCxK4XP8cgZKw=
-----END CERTIFICATE-----
Generated at Mon Nov 25 14:04:13 2024 by rpki-client on console-ams.rpki-client.org