Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/5evKXW6sd8cqzKWAmLnYjfbqJdg.roa
File: 5evKXW6sd8cqzKWAmLnYjfbqJdg.roa (raw, json)
Hash identifier: EgOoYyhLNbfrs2dJDUGokAzSyoq0tl7YN9sHp4CwDlw=
Subject key identifier: E5:EB:CA:5D:6E:AC:77:C7:2A:CC:A5:80:98:B9:D8:8D:F6:EA:25:D8
Certificate issuer: /CN=ef4f78947341ce55888b7ebf3690143b0cbff3d6
Certificate serial: 018CC26D05CAB6B0CE3AA52BE676EE58E554
Authority key identifier: EF:4F:78:94:73:41:CE:55:88:8B:7E:BF:36:90:14:3B:0C:BF:F3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7094lHNBzlWIi36_NpAUOwy_89Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/5evKXW6sd8cqzKWAmLnYjfbqJdg.roa
Signing time: Mon 01 Jan 2024 00:29:33 +0000
ROA not before: Mon 01 Jan 2024 00:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15954
IP address blocks: 185.49.184.0/22 maxlen: 22
31.24.120.0/21 maxlen: 21
185.203.224.0/22 maxlen: 22
31.47.72.0/21 maxlen: 21
193.247.194.0/24 maxlen: 24
37.247.120.0/21 maxlen: 21
91.216.219.0/24 maxlen: 24
217.18.32.0/20 maxlen: 20
194.176.119.0/24 maxlen: 24
185.57.196.0/22 maxlen: 22
185.66.73.0/24 maxlen: 24
185.66.74.0/24 maxlen: 24
2a01:a941::/32 maxlen: 32
2a01:a942::/32 maxlen: 32
2a02:2810::/32 maxlen: 32
2a01:a940::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/7094lHNBzlWIi36_NpAUOwy_89Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/7094lHNBzlWIi36_NpAUOwy_89Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/7094lHNBzlWIi36_NpAUOwy_89Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 10:03:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:05:ca:b6:b0:ce:3a:a5:2b:e6:76:ee:58:e5:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef4f78947341ce55888b7ebf3690143b0cbff3d6
Validity
Not Before: Jan 1 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5ebca5d6eac77c72acca58098b9d88df6ea25d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:72:47:eb:10:4b:f2:b8:b5:fd:8c:25:64:16:
98:d2:48:b9:30:79:3d:78:4b:12:be:e1:52:2a:32:
13:64:80:53:92:ba:f6:23:5f:93:28:a0:fc:5e:fe:
01:51:db:c0:04:f6:d6:f3:70:cb:c9:09:af:8f:ff:
a2:4b:38:c0:25:94:f1:4a:98:0d:ed:1e:b7:54:d0:
a2:a3:1a:95:7a:cb:ed:03:7f:24:2c:fc:d7:ca:bc:
46:9a:8a:18:f0:ba:be:ec:e4:55:1f:34:0e:0d:9e:
df:dc:e5:78:78:19:e5:a1:f3:29:f6:bf:c6:9a:77:
7e:89:61:65:da:d9:5f:e1:71:9e:8a:ae:f5:2e:61:
86:1f:aa:3d:5d:97:e8:ff:f4:12:d6:20:c9:38:60:
f0:1a:7e:1b:a8:8f:77:e4:40:6d:9a:c4:40:c0:df:
05:11:16:17:6b:fe:91:9f:a4:b0:ad:30:6c:41:7a:
38:2f:34:ac:84:0b:3b:3f:5f:7b:01:40:96:27:4c:
f2:1a:e9:20:e5:dd:c7:ab:95:b1:9f:e6:d2:26:6b:
a7:04:b4:fe:da:f0:c9:df:47:c4:08:79:2f:e3:7c:
64:ba:2b:fb:2b:0c:2a:83:8e:e9:b5:b0:ca:70:86:
db:e8:01:aa:8e:fa:44:4d:97:08:3b:a3:34:93:6c:
b4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:EB:CA:5D:6E:AC:77:C7:2A:CC:A5:80:98:B9:D8:8D:F6:EA:25:D8
X509v3 Authority Key Identifier:
keyid:EF:4F:78:94:73:41:CE:55:88:8B:7E:BF:36:90:14:3B:0C:BF:F3:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7094lHNBzlWIi36_NpAUOwy_89Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/5evKXW6sd8cqzKWAmLnYjfbqJdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/7094lHNBzlWIi36_NpAUOwy_89Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.120.0/21
31.47.72.0/21
37.247.120.0/21
91.216.219.0/24
185.49.184.0/22
185.57.196.0/22
185.66.73.0-185.66.74.255
185.203.224.0/22
193.247.194.0/24
194.176.119.0/24
217.18.32.0/20
IPv6:
2a01:a940::-2a01:a942:ffff:ffff:ffff:ffff:ffff:ffff
2a02:2810::/32
Signature Algorithm: sha256WithRSAEncryption
74:69:2f:9b:5d:5c:87:e1:01:87:ad:d1:d5:d1:bb:cd:66:bc:
4f:f2:d2:c7:55:96:35:67:2c:2f:ce:ad:25:c1:87:cf:61:e5:
58:ec:e6:02:69:fe:89:fb:cb:e4:d5:5b:62:41:fc:5e:74:61:
98:55:e0:0a:93:e7:ad:02:2b:be:02:8b:1d:6e:0e:2c:43:65:
3e:48:29:40:c4:ab:a0:9e:ef:23:83:c8:b6:c7:e2:09:19:97:
bd:8d:8f:28:7b:a1:d8:e7:f7:b4:0f:54:cc:2e:ce:ef:f8:26:
18:c9:3b:f9:6b:55:c7:0d:cf:9b:08:1c:95:76:a4:ae:21:ba:
6f:c0:41:87:cd:73:b8:d1:40:95:be:d8:37:4a:46:cc:4e:29:
66:dc:fb:ee:19:69:20:4e:d2:1a:fb:c7:36:dd:f0:b6:67:63:
a7:89:d9:67:8d:1e:f7:2a:79:81:90:6a:62:7c:96:49:07:fe:
43:a1:5d:36:3c:64:9d:67:7d:cf:49:e6:ec:1c:20:21:06:76:
6e:75:e4:e9:1e:61:6a:7c:79:11:0f:b4:77:36:69:07:07:93:
c8:af:96:42:48:59:ed:f2:16:8e:d1:92:3a:76:8c:e8:df:b9:
28:9b:9f:69:b1:b3:97:f1:ee:2b:0f:b1:3a:ff:35:fc:7a:27:
f1:02:9b:a2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYzCbQXKtrDOOqUr5nbuWOVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNGY3ODk0NzM0MWNlNTU4ODhiN2ViZjM2OTAxNDNiMGNi
ZmYzZDYwHhcNMjQwMTAxMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWViY2E1ZDZlYWM3N2M3MmFjY2E1ODA5OGI5ZDg4ZGY2ZWEyNWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHJH6xBL8ri1/YwlZBaY0ki5MHk9
eEsSvuFSKjITZIBTkrr2I1+TKKD8Xv4BUdvABPbW83DLyQmvj/+iSzjAJZTxSpgN
7R63VNCioxqVesvtA38kLPzXyrxGmooY8Lq+7ORVHzQODZ7f3OV4eBnlofMp9r/G
mnd+iWFl2tlf4XGeiq71LmGGH6o9XZfo//QS1iDJOGDwGn4bqI935EBtmsRAwN8F
ERYXa/6Rn6SwrTBsQXo4LzSshAs7P197AUCWJ0zyGukg5d3Hq5Wxn+bSJmunBLT+
2vDJ30fECHkv43xkuiv7Kwwqg47ptbDKcIbb6AGqjvpETZcIO6M0k2y0kwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFOXryl1urHfHKsylgJi52I326iXYMB8GA1UdIwQY
MBaAFO9PeJRzQc5ViIt+vzaQFDsMv/PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzA5NGxITkJ6bFdJaTM2X05wQVVPd3lfODlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wMDVjOWUtZmU3Yy00NjlhLWI2ZjAt
OWJhYTY2Y2ExNDA0LzEvNWV2S1hXNnNkOGNxektXQW1MbllqZmJxSmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wMDVjOWUtZmU3Yy00NjlhLWI2ZjAtOWJhYTY2Y2ExNDA0
LzEvNzA5NGxITkJ6bFdJaTM2X05wQVVPd3lfODlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwUAQCAAEwSgMEAx8YeAME
Ax8vSAMEAyX3eAMEAFvY2wMEArkxuAMEArk5xDAMAwQAuUJJAwQAuUJKAwQCucvg
AwQAwffCAwQAwrB3AwQE2RIgMB0EAgACMBcwDgMFBioBqUADBQAqAalCAwUAKgIo
EDANBgkqhkiG9w0BAQsFAAOCAQEAdGkvm11ch+EBh63R1dG7zWa8T/LSx1WWNWcs
L86tJcGHz2HlWOzmAmn+ifvL5NVbYkH8XnRhmFXgCpPnrQIrvgKLHW4OLENlPkgp
QMSroJ7vI4PItsfiCRmXvY2PKHuh2Of3tA9UzC7O7/gmGMk7+WtVxw3PmwgclXak
riG6b8BBh81zuNFAlb7YN0pGzE4pZtz77hlpIE7SGvvHNt3wtmdjp4nZZ40e9yp5
gZBqYnyWSQf+Q6FdNjxknWd9z0nm7BwgIQZ2bnXk6R5hanx5EQ+0dzZpBweTyK+W
QkhZ7fIWjtGSOnaM6N+5KJufabGzl/HuKw+xOv81/Hon8QKbog==
-----END CERTIFICATE-----
Generated at Wed May 15 18:27:44 2024 by rpki-client on console-fra.rpki-client.org