Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/DkeMSDy2StvHvHCuZ0eCxEyQsmQ.roa
File: DkeMSDy2StvHvHCuZ0eCxEyQsmQ.roa (raw, json)
Hash identifier: Q0RASJQAH4WwtR6VVujgb5tKRjAR2MY8kJtJq9ucX6w=
Subject key identifier: 0E:47:8C:48:3C:B6:4A:DB:C7:BC:70:AE:67:47:82:C4:4C:90:B2:64
Certificate issuer: /CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Certificate serial: 018F2D80200C28BDCC6D7447B5A16974C29E
Authority key identifier: 1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/DkeMSDy2StvHvHCuZ0eCxEyQsmQ.roa
Signing time: Tue 30 Apr 2024 05:35:22 +0000
ROA not before: Tue 30 Apr 2024 05:35:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9119
IP address blocks: 2.58.48.0/22 maxlen: 22
45.8.0.0/22 maxlen: 22
45.15.44.0/22 maxlen: 22
45.156.140.0/23 maxlen: 23
45.156.140.0/24 maxlen: 24
45.156.143.0/24 maxlen: 24
46.163.0.0/19 maxlen: 19
46.163.32.0/20 maxlen: 20
46.163.48.0/21 maxlen: 21
46.163.56.0/23 maxlen: 23
46.163.56.0/24 maxlen: 24
46.163.58.0/23 maxlen: 23
46.163.58.0/24 maxlen: 24
46.163.59.0/24 maxlen: 24
46.163.60.0/22 maxlen: 22
80.65.160.0/20 maxlen: 20
80.65.160.0/24 maxlen: 24
80.65.161.0/24 maxlen: 24
80.65.162.0/24 maxlen: 24
80.65.163.0/24 maxlen: 24
80.65.164.0/24 maxlen: 24
80.65.165.0/24 maxlen: 24
80.65.166.0/24 maxlen: 24
80.65.167.0/24 maxlen: 24
80.65.168.0/24 maxlen: 24
80.65.169.0/24 maxlen: 24
80.65.170.0/24 maxlen: 24
80.65.171.0/24 maxlen: 24
80.65.172.0/22 maxlen: 22
80.65.172.0/24 maxlen: 24
80.65.173.0/24 maxlen: 24
80.65.174.0/24 maxlen: 24
80.65.175.0/24 maxlen: 24
84.41.0.0/18 maxlen: 18
84.41.0.0/19 maxlen: 19
84.41.0.0/21 maxlen: 21
84.41.32.0/19 maxlen: 19
84.41.64.0/19 maxlen: 19
84.41.96.0/21 maxlen: 21
84.41.104.0/22 maxlen: 22
84.41.108.0/23 maxlen: 23
84.41.110.0/24 maxlen: 24
84.41.111.0/24 maxlen: 24
84.41.112.0/23 maxlen: 23
84.41.114.0/24 maxlen: 24
84.41.115.0/24 maxlen: 24
84.41.116.0/22 maxlen: 22
84.41.120.0/23 maxlen: 23
84.41.122.0/23 maxlen: 23
84.41.124.0/22 maxlen: 22
85.208.172.0/24 maxlen: 24
91.132.74.0/23 maxlen: 23
147.78.216.0/22 maxlen: 22
147.78.216.0/24 maxlen: 24
147.78.217.0/24 maxlen: 24
147.78.218.0/24 maxlen: 24
147.78.219.0/24 maxlen: 24
185.54.128.0/23 maxlen: 23
185.54.128.0/24 maxlen: 24
185.54.130.0/24 maxlen: 24
185.54.131.0/24 maxlen: 24
185.175.0.0/22 maxlen: 22
212.13.224.0/19 maxlen: 19
212.103.128.0/19 maxlen: 19
213.253.64.0/19 maxlen: 19
213.253.96.0/20 maxlen: 20
213.253.96.0/21 maxlen: 21
213.253.104.0/22 maxlen: 22
213.253.108.0/22 maxlen: 22
213.253.108.0/24 maxlen: 24
213.253.109.0/24 maxlen: 24
213.253.110.0/24 maxlen: 24
213.253.111.0/24 maxlen: 24
213.253.112.0/22 maxlen: 22
213.253.116.0/22 maxlen: 22
213.253.120.0/22 maxlen: 22
213.253.124.0/22 maxlen: 22
217.199.128.0/20 maxlen: 24
217.199.128.0/24 maxlen: 24
217.199.129.0/24 maxlen: 24
217.199.130.0/24 maxlen: 24
217.199.131.0/24 maxlen: 24
217.199.132.0/24 maxlen: 24
217.199.133.0/24 maxlen: 24
217.199.134.0/24 maxlen: 24
217.199.135.0/24 maxlen: 24
217.199.136.0/24 maxlen: 24
217.199.137.0/24 maxlen: 24
217.199.138.0/24 maxlen: 24
217.199.139.0/24 maxlen: 24
217.199.140.0/24 maxlen: 24
217.199.141.0/24 maxlen: 24
217.199.142.0/24 maxlen: 24
217.199.143.0/24 maxlen: 24
2a02:800::/32 maxlen: 32
2a02:801::/32 maxlen: 32
2a02:801::/33 maxlen: 33
2a02:805::/33 maxlen: 33
2a09:e140::/29 maxlen: 29
2a0b:c300::/29 maxlen: 29
2a0b:c306::/32 maxlen: 32
2a0b:c307::/32 maxlen: 32
2a0e:1e80::/29 maxlen: 29
2a0e:2e00::/29 maxlen: 29
2a0f:2180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.mft
rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 08:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2d:80:20:0c:28:bd:cc:6d:74:47:b5:a1:69:74:c2:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Validity
Not Before: Apr 30 05:35:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e478c483cb64adbc7bc70ae674782c44c90b264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ba:09:d2:0e:05:20:33:87:07:36:2c:d1:f0:
2f:4a:fc:df:f4:0c:86:54:62:dc:8d:a8:05:9e:d1:
2f:8c:01:3c:3f:95:ef:37:62:85:62:20:e8:99:bd:
90:b5:89:44:20:56:a3:6a:07:93:dc:1d:bc:30:d4:
77:3e:a3:a3:01:01:89:3b:fe:56:8e:d3:33:52:db:
aa:20:d3:d5:67:e9:63:e5:4b:00:ea:cc:fa:42:cb:
1e:98:7b:5c:a9:aa:de:95:c3:c9:98:ae:22:6d:15:
7a:83:89:d1:af:a9:44:4a:ce:12:03:8e:47:3b:02:
3a:e2:ec:2f:f3:28:3d:fd:d8:be:e9:14:96:64:d0:
49:32:ca:70:c2:28:ab:f7:45:ef:a5:12:46:24:25:
3b:a5:5e:c1:a4:87:2d:43:5f:ff:a8:c7:af:96:c7:
65:de:f9:7f:f9:c1:3a:78:44:6b:cf:31:47:3c:00:
18:d2:47:30:7d:74:fd:22:b7:27:7d:08:c6:4f:0a:
6d:47:0b:2b:de:e1:7c:44:7c:56:31:14:ac:e0:2e:
c9:e0:6f:ae:25:ee:c8:e3:f5:68:30:7c:fb:fe:e2:
d9:cb:40:51:02:4b:0d:a6:98:e1:21:79:fa:8b:68:
ae:86:59:9c:e9:dd:02:de:b3:b0:c5:93:57:91:fe:
8e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:47:8C:48:3C:B6:4A:DB:C7:BC:70:AE:67:47:82:C4:4C:90:B2:64
X509v3 Authority Key Identifier:
keyid:1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/DkeMSDy2StvHvHCuZ0eCxEyQsmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.48.0/22
45.8.0.0/22
45.15.44.0/22
45.156.140.0/23
45.156.143.0/24
46.163.0.0/18
80.65.160.0/20
84.41.0.0/17
85.208.172.0/24
91.132.74.0/23
147.78.216.0/22
185.54.128.0/22
185.175.0.0/22
212.13.224.0/19
212.103.128.0/19
213.253.64.0/18
217.199.128.0/20
IPv6:
2a02:800::/31
2a02:805::/33
2a09:e140::/29
2a0b:c300::/29
2a0e:1e80::/29
2a0e:2e00::/29
2a0f:2180::/29
Signature Algorithm: sha256WithRSAEncryption
6f:ca:b3:b0:a3:85:98:3a:22:90:99:d2:38:76:e4:3d:c2:0b:
75:17:be:7a:ae:b3:e0:7a:2e:61:c6:78:d0:c4:b3:cc:57:35:
2a:cf:5c:0f:73:99:fb:6c:f8:de:5b:34:4b:36:ef:b0:f5:be:
6c:ca:c4:72:f5:bc:e3:8b:ad:97:7d:aa:ff:c7:42:b2:e7:38:
32:b5:9c:f5:03:64:4b:23:82:c1:ee:ef:43:a9:85:f3:6f:5c:
45:62:d9:55:29:53:8b:e0:b0:39:3d:9b:e2:4a:21:36:14:62:
5b:bc:57:81:3d:a4:af:17:91:31:f4:70:72:53:b2:c2:9c:ae:
66:1b:43:88:b5:de:cf:74:c5:4e:ec:39:da:43:fc:c6:a3:79:
96:0c:eb:3e:3c:a9:7b:2d:07:29:71:fd:1d:43:22:61:73:7b:
a4:34:da:de:d0:da:83:9d:c6:e7:60:f3:dd:17:6e:8d:8d:b0:
18:c9:a3:ec:49:7c:c0:e0:ce:1a:d3:7e:f1:3e:dc:6c:f7:b6:
c2:ac:5d:e6:f5:be:d8:c3:e7:91:3b:8e:5a:d5:29:0f:82:9b:
4f:94:8e:ed:0d:a8:ff:e7:b8:e5:89:23:47:52:d5:fb:2f:ba:
c5:3e:c7:de:1e:15:8f:e8:a0:49:cb:a2:7f:87:f7:88:cc:33:
1e:4d:97:41
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAY8tgCAMKL3MbXRHtaFpdMKeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2IwNmJmNDEzMDBkYzRkMzBmM2QwZTE4MGM5Yjk1ZDJi
Y2RkZmYwHhcNMjQwNDMwMDUzNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTQ3OGM0ODNjYjY0YWRiYzdiYzcwYWU2NzQ3ODJjNDRjOTBiMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLoJ0g4FIDOHBzYs0fAvSvzf9AyG
VGLcjagFntEvjAE8P5XvN2KFYiDomb2QtYlEIFajageT3B28MNR3PqOjAQGJO/5W
jtMzUtuqINPVZ+lj5UsA6sz6QssemHtcqarelcPJmK4ibRV6g4nRr6lESs4SA45H
OwI64uwv8yg9/di+6RSWZNBJMspwwiir90XvpRJGJCU7pV7BpIctQ1//qMevlsdl
3vl/+cE6eERrzzFHPAAY0kcwfXT9IrcnfQjGTwptRwsr3uF8RHxWMRSs4C7J4G+u
Je7I4/VoMHz7/uLZy0BRAksNppjhIXn6i2iuhlmc6d0C3rOwxZNXkf6OqQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFA5HjEg8tkrbx7xwrmdHgsRMkLJkMB8GA1UdIwQY
MBaAFBx7Br9BMA3E0w89DhgMm5XSvN3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAt
MjRmZGRjNmQxNDdiLzEvRGtlTVNEeTJTdHZIdkhDdVowZUN4RXlRc21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAtMjRmZGRjNmQxNDdi
LzEvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDBsBAIAATBmAwQCAjow
AwQCLQgAAwQCLQ8sAwQBLZyMAwQALZyPAwQGLqMAAwQEUEGgAwQHVCkAAwQAVdCs
AwQBW4RKAwQCk07YAwQCuTaAAwQCua8AAwQF1A3gAwQF1GeAAwQG1f1AAwQE2ceA
MDgEAgACMDIDBQEqAggAAwYHKgIIBQADBQMqCeFAAwUDKgvDAAMFAyoOHoADBQMq
Di4AAwUDKg8hgDANBgkqhkiG9w0BAQsFAAOCAQEAb8qzsKOFmDoikJnSOHbkPcIL
dRe+eq6z4HouYcZ40MSzzFc1Ks9cD3OZ+2z43ls0SzbvsPW+bMrEcvW844utl32q
/8dCsuc4MrWc9QNkSyOCwe7vQ6mF829cRWLZVSlTi+CwOT2b4kohNhRiW7xXgT2k
rxeRMfRwclOywpyuZhtDiLXez3TFTuw52kP8xqN5lgzrPjypey0HKXH9HUMiYXN7
pDTa3tDag53G52Dz3RdujY2wGMmj7El8wODOGtN+8T7cbPe2wqxd5vW+2MPnkTuO
WtUpD4KbT5SO7Q2o/+e45YkjR1LV+y+6xT7H3h4Vj+igScuif4f3iMwzHk2XQQ==
-----END CERTIFICATE-----
Generated at Fri Jun 28 13:09:38 2024 by rpki-client on console-fra.rpki-client.org