Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/d7HTsYK2OtiX_-E2vPfQEdfCpHo.roa
File: d7HTsYK2OtiX_-E2vPfQEdfCpHo.roa (raw, json)
Hash identifier: IvQkWpA6pzR0gZpKMTSb7xo19hVPJUnI3DPugO6wwFM=
Subject key identifier: 77:B1:D3:B1:82:B6:3A:D8:97:FF:E1:36:BC:F7:D0:11:D7:C2:A4:7A
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0191D659DF61F6A717E9E9FCB811867135E6
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/d7HTsYK2OtiX_-E2vPfQEdfCpHo.roa
Signing time: Mon 09 Sep 2024 10:34:59 +0000
ROA not before: Mon 09 Sep 2024 10:34:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 5.172.179.0/24 maxlen: 24
31.41.253.0/24 maxlen: 24
45.10.248.0/22 maxlen: 22
45.87.255.0/24 maxlen: 24
45.93.12.0/24 maxlen: 24
45.93.14.0/24 maxlen: 24
45.93.15.0/24 maxlen: 24
45.94.228.0/22 maxlen: 22
45.95.28.0/24 maxlen: 24
45.95.148.0/22 maxlen: 22
45.128.129.0/24 maxlen: 24
45.129.4.0/22 maxlen: 22
45.142.254.0/24 maxlen: 24
88.151.11.0/24 maxlen: 24
91.190.158.0/24 maxlen: 24
93.190.123.0/24 maxlen: 24
94.154.188.0/24 maxlen: 24
94.154.189.0/24 maxlen: 24
94.154.191.0/24 maxlen: 24
176.116.17.0/24 maxlen: 24
176.126.98.0/24 maxlen: 24
176.126.102.0/24 maxlen: 24
185.222.214.0/24 maxlen: 24
193.187.106.0/24 maxlen: 24
193.201.9.0/24 maxlen: 24
194.50.73.0/24 maxlen: 24
194.104.232.0/24 maxlen: 24
212.60.7.0/24 maxlen: 24
217.8.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:59:df:61:f6:a7:17:e9:e9:fc:b8:11:86:71:35:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Sep 9 10:34:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77b1d3b182b63ad897ffe136bcf7d011d7c2a47a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c4:77:20:4a:ce:79:13:08:ef:5b:c8:de:5d:
43:b1:b5:bd:e8:3f:c8:26:65:35:4f:47:8e:40:c1:
8d:13:e3:64:f8:93:7d:85:7c:83:03:c0:fe:eb:7a:
68:6f:7c:4c:da:9b:86:a8:36:b9:1d:bc:05:2d:b6:
8a:e4:dd:05:f7:a1:34:cb:bd:d1:a7:71:08:ff:f1:
a2:22:66:0e:d4:71:c3:4d:0b:8a:b8:96:a7:1a:37:
66:a8:6c:dd:bb:80:49:f3:72:0b:f0:b3:18:d2:cc:
1e:d8:f6:17:f9:4e:8f:6b:ee:be:60:e6:ca:3a:4d:
d1:b8:4f:fe:3c:3e:90:19:a1:39:56:4d:6d:a7:d3:
62:0b:a2:16:ff:ab:20:bb:6a:3d:c2:9a:b2:6c:d2:
9a:f4:05:92:0a:de:45:a2:02:b8:80:ac:95:1e:1a:
1a:c3:76:83:2f:c5:19:59:c4:66:af:4b:3e:11:57:
69:25:a9:c3:bd:f1:29:05:82:c3:ef:5c:b6:76:de:
21:8d:b8:e1:e7:fb:17:4e:65:7f:60:b8:56:cc:c0:
dd:57:6e:e6:bc:9b:ee:68:cb:88:ee:f7:36:b5:40:
c3:0b:22:c8:35:16:95:f7:00:83:66:f1:9b:4d:c4:
36:96:e1:06:3d:1e:1d:17:db:d1:82:a2:b9:68:59:
dc:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:B1:D3:B1:82:B6:3A:D8:97:FF:E1:36:BC:F7:D0:11:D7:C2:A4:7A
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/d7HTsYK2OtiX_-E2vPfQEdfCpHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.179.0/24
31.41.253.0/24
45.10.248.0/22
45.87.255.0/24
45.93.12.0/24
45.93.14.0/23
45.94.228.0/22
45.95.28.0/24
45.95.148.0/22
45.128.129.0/24
45.129.4.0/22
45.142.254.0/24
88.151.11.0/24
91.190.158.0/24
93.190.123.0/24
94.154.188.0/23
94.154.191.0/24
176.116.17.0/24
176.126.98.0/24
176.126.102.0/24
185.222.214.0/24
193.187.106.0/24
193.201.9.0/24
194.50.73.0/24
194.104.232.0/24
212.60.7.0/24
217.8.117.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:e6:85:17:84:db:7d:e9:84:ab:b2:bf:2d:87:af:82:06:4f:
3f:d5:1a:57:61:98:65:7e:d4:65:e4:b9:5b:ac:12:13:0c:f1:
b8:0b:bb:be:5f:0c:0e:c2:3a:21:2e:8a:cd:1c:da:37:fc:f0:
be:10:46:f9:bf:5d:b5:e3:bf:1d:2e:32:af:9d:ab:38:3e:dc:
e1:e5:90:85:14:9b:84:b4:5f:9d:70:dc:03:aa:0a:e7:dd:05:
c4:f0:83:be:fa:8e:50:80:22:d6:ea:ad:4a:b3:c5:c4:b5:f0:
33:4d:96:7c:7c:a1:9d:9e:c0:d2:a4:eb:58:ec:ff:09:5b:d5:
44:df:4c:3f:76:8e:9d:37:a2:a3:a0:43:43:75:b9:b8:cf:4f:
a6:db:90:57:e5:94:5a:7c:17:a2:c9:dd:d0:fa:eb:bb:aa:e3:
9b:23:54:ac:b7:80:18:a4:c0:be:e9:f2:02:b7:d8:db:cc:68:
6b:8b:47:2b:d2:84:5c:86:b6:a1:09:e9:fd:c9:b0:89:ef:05:
68:f0:b7:b2:b2:b0:7a:59:0e:4e:d5:64:f8:36:fd:c4:55:59:
b1:fa:88:2d:d0:97:28:4a:5f:0a:11:da:f0:3f:f6:b2:fe:2b:
37:00:2d:ed:b5:07:9a:43:00:2f:aa:7b:34:81:33:00:ff:d5:
60:f2:bb:78
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAZHWWd9h9qcX6en8uBGGcTXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwOTA5MTAzNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2IxZDNiMTgyYjYzYWQ4OTdmZmUxMzZiY2Y3ZDAxMWQ3YzJhNDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMR3IErOeRMI71vI3l1DsbW96D/I
JmU1T0eOQMGNE+Nk+JN9hXyDA8D+63pob3xM2puGqDa5HbwFLbaK5N0F96E0y73R
p3EI//GiImYO1HHDTQuKuJanGjdmqGzdu4BJ83IL8LMY0swe2PYX+U6Pa+6+YObK
Ok3RuE/+PD6QGaE5Vk1tp9NiC6IW/6sgu2o9wpqybNKa9AWSCt5FogK4gKyVHhoa
w3aDL8UZWcRmr0s+EVdpJanDvfEpBYLD71y2dt4hjbjh5/sXTmV/YLhWzMDdV27m
vJvuaMuI7vc2tUDDCyLINRaV9wCDZvGbTcQ2luEGPR4dF9vRgqK5aFnceQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFHex07GCtjrYl//hNrz30BHXwqR6MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvZDdIVHNZSzJPdGlYXy1FMnZQZlFFZGZDcEhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAAF
rLMDBAAfKf0DBAItCvgDBAAtV/8DBAAtXQwDBAEtXQ4DBAItXuQDBAAtXxwDBAIt
X5QDBAAtgIEDBAItgQQDBAAtjv4DBABYlwsDBABbvp4DBABdvnsDBAFemrwDBABe
mr8DBACwdBEDBACwfmIDBACwfmYDBAC53tYDBADBu2oDBADByQkDBADCMkkDBADC
aOgDBADUPAcDBADZCHUwDQYJKoZIhvcNAQELBQADggEBAF3mhReE233phKuyvy2H
r4IGTz/VGldhmGV+1GXkuVusEhMM8bgLu75fDA7COiEuis0c2jf88L4QRvm/XbXj
vx0uMq+dqzg+3OHlkIUUm4S0X51w3AOqCufdBcTwg776jlCAItbqrUqzxcS18DNN
lnx8oZ2ewNKk61js/wlb1UTfTD92jp03oqOgQ0N1ubjPT6bbkFfllFp8F6LJ3dD6
67uq45sjVKy3gBikwL7p8gK32NvMaGuLRyvShFyGtqEJ6f3JsInvBWjwt7KysHpZ
Dk7VZPg2/cRVWbH6iC3QlyhKXwoR2vA/9rL+KzcALe21B5pDAC+qezSBMwD/1WDy
u3g=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:45:48 2024 by rpki-client on console-ams.rpki-client.org