Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/E1AA5wsyyXbus7X0Ft2PunWAAq0.roa
File: E1AA5wsyyXbus7X0Ft2PunWAAq0.roa (raw, json)
Hash identifier: 04bplHphn9AKJ942980VFz6Kft0zjBNhkRGsxlvrJbg=
Subject key identifier: 13:50:00:E7:0B:32:C9:76:EE:B3:B5:F4:16:DD:8F:BA:75:80:02:AD
Certificate issuer: /CN=3a6e2e7ff2c702c8ab5149feea7175991c73409c
Certificate serial: 0194214429A0972482C69283E35B5780600B
Authority key identifier: 3A:6E:2E:7F:F2:C7:02:C8:AB:51:49:FE:EA:71:75:99:1C:73:40:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Om4uf_LHAsirUUn-6nF1mRxzQJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/E1AA5wsyyXbus7X0Ft2PunWAAq0.roa
Signing time: Wed 01 Jan 2025 09:48:22 +0000
ROA not before: Wed 01 Jan 2025 09:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203877
IP address blocks: 37.35.8.0/21 maxlen: 21
62.240.0.0/24 maxlen: 24
62.240.1.0/24 maxlen: 24
62.240.2.0/24 maxlen: 24
62.240.3.0/24 maxlen: 24
62.240.5.0/24 maxlen: 24
62.240.6.0/24 maxlen: 24
62.240.7.0/24 maxlen: 24
62.240.8.0/22 maxlen: 22
62.240.12.0/24 maxlen: 24
62.240.13.0/24 maxlen: 24
62.240.14.0/24 maxlen: 24
62.240.15.0/24 maxlen: 24
62.240.16.0/24 maxlen: 24
62.240.17.0/24 maxlen: 24
62.240.18.0/24 maxlen: 24
62.240.19.0/24 maxlen: 24
62.240.20.0/24 maxlen: 24
85.202.112.0/24 maxlen: 24
85.202.113.0/24 maxlen: 24
85.202.114.0/24 maxlen: 24
85.202.115.0/24 maxlen: 24
85.202.116.0/24 maxlen: 24
85.202.118.0/24 maxlen: 24
85.202.120.0/24 maxlen: 24
85.202.121.0/24 maxlen: 24
85.202.122.0/24 maxlen: 24
85.202.126.0/24 maxlen: 24
85.202.127.0/24 maxlen: 24
91.226.240.0/24 maxlen: 24
91.226.241.0/24 maxlen: 24
91.226.242.0/24 maxlen: 24
91.226.243.0/24 maxlen: 24
93.92.248.0/21 maxlen: 21
109.94.119.0/24 maxlen: 24
109.94.120.0/22 maxlen: 22
109.94.224.0/22 maxlen: 22
178.22.216.0/24 maxlen: 24
178.22.217.0/24 maxlen: 24
178.22.218.0/24 maxlen: 24
178.22.219.0/24 maxlen: 24
178.22.220.0/24 maxlen: 24
178.22.221.0/24 maxlen: 24
178.22.222.0/24 maxlen: 24
178.22.223.0/24 maxlen: 24
185.102.236.0/22 maxlen: 22
185.118.168.0/24 maxlen: 24
185.118.169.0/24 maxlen: 24
185.118.170.0/24 maxlen: 24
185.118.171.0/24 maxlen: 24
212.57.40.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/Om4uf_LHAsirUUn-6nF1mRxzQJw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/Om4uf_LHAsirUUn-6nF1mRxzQJw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Om4uf_LHAsirUUn-6nF1mRxzQJw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:29:a0:97:24:82:c6:92:83:e3:5b:57:80:60:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a6e2e7ff2c702c8ab5149feea7175991c73409c
Validity
Not Before: Jan 1 09:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=135000e70b32c976eeb3b5f416dd8fba758002ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2e:a9:75:d3:aa:7f:93:95:8a:c5:6f:c3:fb:
57:4f:61:58:47:ed:68:c9:ef:49:f1:f8:dd:0f:3b:
80:b5:d0:16:bd:47:36:e6:e9:b6:c0:f4:94:b5:a2:
ce:31:d3:1c:65:ca:bd:79:c1:67:fa:55:5a:09:69:
54:e3:41:46:48:73:f1:df:5e:81:c2:c1:4b:eb:ea:
27:1c:05:b2:c6:2f:02:2e:31:fa:1c:36:ae:84:40:
7d:b1:14:f7:b7:74:dd:cd:54:e1:69:b6:91:11:f4:
80:7f:3a:50:30:2b:63:22:36:6f:d1:60:4a:7c:50:
55:17:97:d1:c2:e3:08:8c:f1:fa:72:2f:c4:d3:98:
84:58:86:dc:3c:ab:45:84:57:3e:d7:54:cc:bf:c2:
1c:a1:d2:16:7a:7f:04:8f:41:02:d4:55:b9:9a:77:
43:8e:7e:f0:1a:22:48:61:e4:80:d6:11:d6:24:9f:
42:fb:90:4f:cc:e1:2c:da:ef:ba:61:a6:45:37:f4:
38:f9:b0:67:37:a5:b9:ea:54:e5:03:07:1c:f9:8a:
31:52:e4:08:96:73:c5:87:a2:74:5e:7c:ff:01:2d:
ea:8f:c6:db:ad:3a:7b:0f:2b:4e:15:45:a4:bb:49:
0d:bd:67:c0:f8:95:a5:b6:7f:06:3a:38:37:3e:b7:
07:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:50:00:E7:0B:32:C9:76:EE:B3:B5:F4:16:DD:8F:BA:75:80:02:AD
X509v3 Authority Key Identifier:
keyid:3A:6E:2E:7F:F2:C7:02:C8:AB:51:49:FE:EA:71:75:99:1C:73:40:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Om4uf_LHAsirUUn-6nF1mRxzQJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/E1AA5wsyyXbus7X0Ft2PunWAAq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/Om4uf_LHAsirUUn-6nF1mRxzQJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.8.0/21
62.240.0.0/22
62.240.5.0-62.240.20.255
85.202.112.0-85.202.116.255
85.202.118.0/24
85.202.120.0-85.202.122.255
85.202.126.0/23
91.226.240.0/22
93.92.248.0/21
109.94.119.0-109.94.123.255
109.94.224.0/22
178.22.216.0/21
185.102.236.0/22
185.118.168.0/22
212.57.40.0/21
Signature Algorithm: sha256WithRSAEncryption
8d:6b:ac:d6:1c:d3:3e:65:5d:87:01:cc:53:c1:fe:ec:d0:e3:
2b:4a:bb:37:fd:0d:1f:98:f7:d7:fa:ff:9a:80:a5:d6:15:48:
64:c4:37:53:f4:c9:8e:8b:db:a8:0e:b0:e9:48:f3:dd:4e:c6:
78:ba:8c:7e:9d:85:bb:b9:0f:77:9b:99:88:0b:b2:49:44:71:
8f:6e:ce:8c:91:a5:65:c3:5d:e6:78:b2:54:69:d2:39:30:e7:
85:96:34:b9:10:62:fa:27:2d:f1:84:82:7b:dd:54:6a:5c:98:
98:01:83:58:7b:fd:0e:c1:76:8f:72:b0:2b:c1:60:78:00:58:
90:4b:43:bd:71:09:e2:c1:36:b8:27:df:3e:fc:14:5d:04:53:
53:e7:8d:da:ff:f7:23:5c:45:10:2b:91:3e:78:cd:1c:a4:61:
72:3f:6d:4f:55:44:79:2e:61:50:5e:1d:b4:7d:98:fa:3c:51:
a4:3a:57:f8:4c:83:18:db:f7:91:8e:a6:8b:07:35:1e:20:9e:
09:c0:ea:aa:84:7f:a3:67:bd:6d:96:d1:50:77:41:09:67:84:
1e:7f:5c:24:13:08:04:cc:c8:ce:1a:6c:04:e6:9e:59:95:b9:
fb:5b:39:e9:46:73:80:15:d6:ef:05:d6:ca:cf:d4:19:fe:90:
27:fe:4d:1c
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZQhRCmglySCxpKD41tXgGALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNmUyZTdmZjJjNzAyYzhhYjUxNDlmZWVhNzE3NTk5MWM3
MzQwOWMwHhcNMjUwMTAxMDk0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzUwMDBlNzBiMzJjOTc2ZWViM2I1ZjQxNmRkOGZiYTc1ODAwMmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuy6pddOqf5OVisVvw/tXT2FYR+1o
ye9J8fjdDzuAtdAWvUc25um2wPSUtaLOMdMcZcq9ecFn+lVaCWlU40FGSHPx316B
wsFL6+onHAWyxi8CLjH6HDauhEB9sRT3t3TdzVThabaREfSAfzpQMCtjIjZv0WBK
fFBVF5fRwuMIjPH6ci/E05iEWIbcPKtFhFc+11TMv8IcodIWen8Ej0EC1FW5mndD
jn7wGiJIYeSA1hHWJJ9C+5BPzOEs2u+6YaZFN/Q4+bBnN6W56lTlAwcc+YoxUuQI
lnPFh6J0Xnz/AS3qj8bbrTp7DytOFUWku0kNvWfA+JWltn8GOjg3PrcHNQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFBNQAOcLMsl27rO19Bbdj7p1gAKtMB8GA1UdIwQY
MBaAFDpuLn/yxwLIq1FJ/upxdZkcc0CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT200dWZfTEhBc2lyVVVuLTZuRjFtUnh6UUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xODg1NDItZDRmNy00YWEyLWFkYzct
Nzc1YTA1Nzg4Y2Y1LzEvRTFBQTV3c3l5WGJ1czdYMEZ0MlB1bldBQXEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xODg1NDItZDRmNy00YWEyLWFkYzctNzc1YTA1Nzg4Y2Y1
LzEvT200dWZfTEhBc2lyVVVuLTZuRjFtUnh6UUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAyUj
CAMEAj7wADAMAwQAPvAFAwQAPvAUMAwDBARVynADBABVynQDBABVynYwDAMEA1XK
eAMEAFXKegMEAVXKfgMEAlvi8AMEA11c+DAMAwQAbV53AwQCbV54AwQCbV7gAwQD
shbYAwQCuWbsAwQCuXaoAwQD1DkoMA0GCSqGSIb3DQEBCwUAA4IBAQCNa6zWHNM+
ZV2HAcxTwf7s0OMrSrs3/Q0fmPfX+v+agKXWFUhkxDdT9MmOi9uoDrDpSPPdTsZ4
uox+nYW7uQ93m5mIC7JJRHGPbs6MkaVlw13meLJUadI5MOeFljS5EGL6Jy3xhIJ7
3VRqXJiYAYNYe/0OwXaPcrArwWB4AFiQS0O9cQniwTa4J98+/BRdBFNT543a//cj
XEUQK5E+eM0cpGFyP21PVUR5LmFQXh20fZj6PFGkOlf4TIMY2/eRjqaLBzUeIJ4J
wOqqhH+jZ71tltFQd0EJZ4Qef1wkEwgEzMjOGmwE5p5Zlbn7WznpRnOAFdbvBdbK
z9QZ/pAn/k0c
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:33 2025 by rpki-client