Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/el2p8J7rZUQJ0uZf3-aEUmfvPcA.roa
File: el2p8J7rZUQJ0uZf3-aEUmfvPcA.roa (raw, json)
Hash identifier: YRTnkW/Swovs76pVk83c6gfWCyN3O97Ihe4ZCx2Gi+Y=
Subject key identifier: 7A:5D:A9:F0:9E:EB:65:44:09:D2:E6:5F:DF:E6:84:52:67:EF:3D:C0
Certificate issuer: /CN=ca37843f0752224459e6034569a217c8b611564b
Certificate serial: 018CC56E673202AE761B0DA405D819D88AB9
Authority key identifier: CA:37:84:3F:07:52:22:44:59:E6:03:45:69:A2:17:C8:B6:11:56:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjeEPwdSIkRZ5gNFaaIXyLYRVks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/el2p8J7rZUQJ0uZf3-aEUmfvPcA.roa
Signing time: Mon 01 Jan 2024 14:29:56 +0000
ROA not before: Mon 01 Jan 2024 14:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 195.137.228.0/24 maxlen: 24
195.137.229.0/24 maxlen: 24
87.254.96.0/24 maxlen: 24
87.254.97.0/24 maxlen: 24
87.254.98.0/24 maxlen: 24
87.254.102.0/24 maxlen: 24
87.254.103.0/24 maxlen: 24
87.254.104.0/24 maxlen: 24
87.254.105.0/24 maxlen: 24
87.254.99.0/24 maxlen: 24
87.254.100.0/24 maxlen: 24
87.254.101.0/24 maxlen: 24
87.254.109.0/24 maxlen: 24
87.254.110.0/24 maxlen: 24
87.254.111.0/24 maxlen: 24
87.254.112.0/24 maxlen: 24
87.254.106.0/24 maxlen: 24
87.254.107.0/24 maxlen: 24
87.254.108.0/24 maxlen: 24
87.254.116.0/24 maxlen: 24
87.254.117.0/24 maxlen: 24
87.254.118.0/24 maxlen: 24
87.254.113.0/24 maxlen: 24
87.254.114.0/24 maxlen: 24
87.254.115.0/24 maxlen: 24
87.254.119.0/24 maxlen: 24
87.254.123.0/24 maxlen: 24
87.254.124.0/24 maxlen: 24
87.254.125.0/24 maxlen: 24
87.254.120.0/24 maxlen: 24
87.254.121.0/24 maxlen: 24
87.254.122.0/24 maxlen: 24
87.254.126.0/24 maxlen: 24
87.254.127.0/24 maxlen: 24
185.69.216.0/24 maxlen: 24
185.69.217.0/24 maxlen: 24
185.69.218.0/24 maxlen: 24
185.69.219.0/24 maxlen: 24
212.24.192.0/24 maxlen: 24
212.24.193.0/24 maxlen: 24
212.24.194.0/24 maxlen: 24
212.24.199.0/24 maxlen: 24
212.24.195.0/24 maxlen: 24
212.24.196.0/24 maxlen: 24
212.24.197.0/24 maxlen: 24
212.24.198.0/24 maxlen: 24
212.24.200.0/24 maxlen: 24
212.24.201.0/24 maxlen: 24
212.24.206.0/24 maxlen: 24
212.24.202.0/24 maxlen: 24
212.24.203.0/24 maxlen: 24
212.24.204.0/24 maxlen: 24
212.24.205.0/24 maxlen: 24
212.24.207.0/24 maxlen: 24
212.24.208.0/24 maxlen: 24
212.24.213.0/24 maxlen: 24
212.24.209.0/24 maxlen: 24
212.24.210.0/24 maxlen: 24
212.24.211.0/24 maxlen: 24
212.24.212.0/24 maxlen: 24
212.24.216.0/24 maxlen: 24
212.24.217.0/24 maxlen: 24
212.24.218.0/24 maxlen: 24
212.24.219.0/24 maxlen: 24
212.24.214.0/24 maxlen: 24
212.24.215.0/24 maxlen: 24
212.24.220.0/24 maxlen: 24
212.24.221.0/24 maxlen: 24
212.24.222.0/24 maxlen: 24
212.24.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/yjeEPwdSIkRZ5gNFaaIXyLYRVks.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/yjeEPwdSIkRZ5gNFaaIXyLYRVks.mft
rsync://rpki.ripe.net/repository/DEFAULT/yjeEPwdSIkRZ5gNFaaIXyLYRVks.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:67:32:02:ae:76:1b:0d:a4:05:d8:19:d8:8a:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca37843f0752224459e6034569a217c8b611564b
Validity
Not Before: Jan 1 14:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a5da9f09eeb654409d2e65fdfe6845267ef3dc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a2:b4:b6:78:59:d9:0d:e4:07:be:50:a7:f4:
a7:a2:a8:2b:74:63:b6:de:ff:02:eb:9e:3b:fa:d4:
f8:9b:18:ae:d0:49:b7:b5:15:ca:58:67:f1:00:3f:
20:4f:3f:f3:8b:78:f0:85:cf:8d:46:e9:8b:11:3c:
87:5f:e7:b2:19:ce:a9:d2:d1:cb:45:25:40:72:55:
fd:5a:a7:bb:91:c4:b0:86:d3:1c:59:eb:40:2d:18:
be:09:95:73:67:51:4f:ca:db:20:cb:c6:d6:2b:d7:
c7:f8:95:ee:22:74:3a:24:7b:66:bd:2a:02:23:d9:
11:83:59:f6:c3:11:2e:28:6a:72:14:5d:14:00:c6:
91:f9:70:eb:15:27:73:34:16:dd:66:23:d1:0f:5d:
d0:66:cc:87:09:cd:9c:b0:e1:20:49:7f:8c:55:76:
1f:0d:86:9e:91:6f:e5:0f:c7:c6:79:13:8b:55:36:
2b:d2:50:71:85:d9:6e:bf:13:a6:ea:20:57:cd:c1:
6a:ff:2f:62:b3:df:1f:b0:12:d6:f6:9b:46:71:b3:
33:8c:7b:b1:10:4d:e9:a7:11:48:72:85:7a:d0:2b:
e4:d1:00:72:1b:1c:29:95:35:f3:56:60:81:eb:36:
53:93:98:3c:a1:4d:ad:53:fa:ba:34:60:c5:72:0c:
b2:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:5D:A9:F0:9E:EB:65:44:09:D2:E6:5F:DF:E6:84:52:67:EF:3D:C0
X509v3 Authority Key Identifier:
keyid:CA:37:84:3F:07:52:22:44:59:E6:03:45:69:A2:17:C8:B6:11:56:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjeEPwdSIkRZ5gNFaaIXyLYRVks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/el2p8J7rZUQJ0uZf3-aEUmfvPcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/d716cd-d79f-4484-9685-8fe784e31e5d/1/yjeEPwdSIkRZ5gNFaaIXyLYRVks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.96.0/19
185.69.216.0/22
195.137.228.0/23
212.24.192.0/19
Signature Algorithm: sha256WithRSAEncryption
3b:63:ce:bc:03:35:bb:c3:95:5d:95:2c:3d:9c:d6:65:c9:a8:
2e:3d:d5:88:01:79:1e:89:60:04:33:3b:a6:bb:1e:a4:65:e8:
80:d0:6b:78:f8:95:5e:80:af:c0:f8:c2:dd:43:39:cf:3d:4b:
1f:62:2d:5f:8b:0d:a5:08:15:de:54:eb:97:75:e4:13:2a:85:
2e:9a:48:b4:d9:7f:85:99:a1:bd:7e:a8:cf:96:0a:20:7c:41:
be:c1:7a:61:45:45:a6:fe:e2:d1:30:3c:54:84:6b:1b:3f:09:
c3:87:11:f9:06:07:8c:82:da:76:d6:4b:fb:0d:f5:54:a4:29:
2b:78:d5:92:b1:83:bf:06:02:57:10:dc:4a:92:88:a0:72:c8:
bc:07:a2:4f:73:e9:7f:24:a1:50:02:07:d8:f6:7d:6d:c1:e0:
4a:da:40:ce:44:52:57:3a:e6:a8:53:a4:bb:33:3d:f6:89:93:
38:49:e0:4b:1b:e6:49:b4:fd:21:37:22:f5:61:3c:08:ae:78:
c4:db:fa:6f:54:6a:b0:ac:a2:84:c2:37:27:9f:fb:cb:90:23:
c0:e6:0c:f9:02:06:83:16:a2:f8:18:be:d3:2f:64:cd:50:b8:
6a:c9:ee:1c:1d:4a:b4:ec:c5:e0:15:52:80:15:e1:c7:5d:04:
85:b6:a9:1c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFbmcyAq52Gw2kBdgZ2Iq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMzc4NDNmMDc1MjIyNDQ1OWU2MDM0NTY5YTIxN2M4YjYx
MTU2NGIwHhcNMjQwMTAxMTQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTVkYTlmMDllZWI2NTQ0MDlkMmU2NWZkZmU2ODQ1MjY3ZWYzZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqK0tnhZ2Q3kB75Qp/SnoqgrdGO2
3v8C6547+tT4mxiu0Em3tRXKWGfxAD8gTz/zi3jwhc+NRumLETyHX+eyGc6p0tHL
RSVAclX9Wqe7kcSwhtMcWetALRi+CZVzZ1FPytsgy8bWK9fH+JXuInQ6JHtmvSoC
I9kRg1n2wxEuKGpyFF0UAMaR+XDrFSdzNBbdZiPRD13QZsyHCc2csOEgSX+MVXYf
DYaekW/lD8fGeROLVTYr0lBxhdluvxOm6iBXzcFq/y9is98fsBLW9ptGcbMzjHux
EE3ppxFIcoV60Cvk0QByGxwplTXzVmCB6zZTk5g8oU2tU/q6NGDFcgyy4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHpdqfCe62VECdLmX9/mhFJn7z3AMB8GA1UdIwQY
MBaAFMo3hD8HUiJEWeYDRWmiF8i2EVZLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWplRVB3ZFNJa1JaNWdORmFhSVh5TFlSVmtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9kNzE2Y2QtZDc5Zi00NDg0LTk2ODUt
OGZlNzg0ZTMxZTVkLzEvZWwycDhKN3JaVVFKMHVaZjMtYUVVbWZ2UGNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9kNzE2Y2QtZDc5Zi00NDg0LTk2ODUtOGZlNzg0ZTMxZTVk
LzEveWplRVB3ZFNJa1JaNWdORmFhSVh5TFlSVmtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFV/5gAwQC
uUXYAwQBw4nkAwQF1BjAMA0GCSqGSIb3DQEBCwUAA4IBAQA7Y868AzW7w5VdlSw9
nNZlyaguPdWIAXkeiWAEMzumux6kZeiA0Gt4+JVegK/A+MLdQznPPUsfYi1fiw2l
CBXeVOuXdeQTKoUumki02X+FmaG9fqjPlgogfEG+wXphRUWm/uLRMDxUhGsbPwnD
hxH5BgeMgtp21kv7DfVUpCkreNWSsYO/BgJXENxKkoigcsi8B6JPc+l/JKFQAgfY
9n1tweBK2kDORFJXOuaoU6S7Mz32iZM4SeBLG+ZJtP0hNyL1YTwIrnjE2/pvVGqw
rKKEwjcnn/vLkCPA5gz5AgaDFqL4GL7TL2TNULhqye4cHUq07MXgFVKAFeHHXQSF
tqkc
-----END CERTIFICATE-----
Generated at Fri May 3 02:31:08 2024 by rpki-client on console-fra.rpki-client.org