Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/7N2xVI-MiMZXTn6yrjfjRtU4T98.roa
File: 7N2xVI-MiMZXTn6yrjfjRtU4T98.roa (raw, json)
Hash identifier: eYJ7EkTiZxddUX/Gdk+mNm44br6ff8VMVtdrOgtDvD4=
Subject key identifier: EC:DD:B1:54:8F:8C:88:C6:57:4E:7E:B2:AE:37:E3:46:D5:38:4F:DF
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 01932F833BCB3E07C70F1ACDD4FBE2218051
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/7N2xVI-MiMZXTn6yrjfjRtU4T98.roa
Signing time: Fri 15 Nov 2024 11:09:09 +0000
ROA not before: Fri 15 Nov 2024 11:09:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 5.45.64.0/21 maxlen: 21
5.45.72.0/22 maxlen: 22
5.45.76.0/22 maxlen: 22
5.45.84.0/22 maxlen: 22
5.45.88.0/22 maxlen: 22
5.45.92.0/22 maxlen: 22
5.61.48.0/22 maxlen: 22
5.61.52.0/22 maxlen: 22
5.61.56.0/22 maxlen: 22
37.1.200.0/21 maxlen: 21
37.1.216.0/21 maxlen: 21
37.252.3.0/24 maxlen: 24
37.252.13.0/24 maxlen: 24
37.252.14.0/23 maxlen: 23
45.136.48.0/22 maxlen: 22
45.137.212.0/24 maxlen: 24
45.137.213.0/24 maxlen: 24
45.137.214.0/24 maxlen: 24
46.102.106.0/24 maxlen: 24
62.197.45.0/24 maxlen: 24
62.197.48.0/23 maxlen: 23
82.117.242.0/23 maxlen: 23
89.187.73.0/24 maxlen: 24
176.97.79.0/24 maxlen: 24
176.98.40.0/24 maxlen: 24
185.109.48.0/24 maxlen: 24
185.238.168.0/23 maxlen: 23
185.238.170.0/23 maxlen: 23
188.116.21.0/24 maxlen: 24
188.116.23.0/24 maxlen: 24
188.116.24.0/24 maxlen: 24
188.116.25.0/24 maxlen: 24
188.116.26.0/24 maxlen: 24
188.116.27.0/24 maxlen: 24
195.54.174.0/23 maxlen: 23
213.142.146.0/23 maxlen: 23
2a02:c6c1:2::/48 maxlen: 48
2a02:c6c1:3::/48 maxlen: 48
2a02:c6c1:10::/48 maxlen: 48
2a02:c6c1:151::/48 maxlen: 48
2a02:c6c1:152::/48 maxlen: 48
2a02:c6c1:153::/48 maxlen: 48
2a02:c6c1:154::/48 maxlen: 48
2a02:c6c1:155::/48 maxlen: 48
2a02:c6c1:156::/48 maxlen: 48
2a02:c6c2::/32 maxlen: 32
2a02:c6c3::/32 maxlen: 32
2a02:c6c7::/32 maxlen: 32
2a0c:6740::/29 maxlen: 29
2a0c:6741::/32 maxlen: 32
2a0e:92c0::/29 maxlen: 29
2a0e:9a40::/29 maxlen: 29
2a0e:a7c0::/29 maxlen: 29
2a0f:4b40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2f:83:3b:cb:3e:07:c7:0f:1a:cd:d4:fb:e2:21:80:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Nov 15 11:09:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ecddb1548f8c88c6574e7eb2ae37e346d5384fdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:fc:a9:10:ed:93:ff:cc:f4:1e:05:59:0b:f1:
50:79:bf:fb:73:c5:16:c8:4d:0c:5a:00:81:6b:1b:
df:9c:fb:ca:c6:2b:2c:36:a4:63:6f:37:c0:a7:2c:
36:a3:16:87:67:df:6f:12:94:dd:6c:8c:09:ab:1b:
a4:f6:08:e5:7e:08:09:e4:fe:15:e0:a0:29:9f:a5:
c4:88:55:79:39:8a:8d:f0:0a:8e:fd:b5:94:9e:3f:
df:fc:8c:62:39:0b:11:5b:e6:3e:9e:63:84:5e:8e:
c0:fa:4e:e6:b4:2f:b8:81:02:cf:2d:0f:79:a0:25:
f8:e8:64:f3:a2:0b:a4:99:48:70:68:d3:66:4a:d3:
96:68:c8:4d:08:76:7e:7b:81:d3:65:2a:92:e4:71:
c9:55:ef:9d:77:ce:9a:1a:17:50:5d:0c:62:c6:28:
b9:cb:8f:1c:5e:62:45:ce:36:a8:17:84:8a:d5:f7:
8b:46:9e:40:51:ee:ba:6a:c6:d9:4f:39:e9:83:e2:
6e:37:63:da:84:60:69:a0:85:e2:96:b9:6a:ba:8e:
ce:10:94:2e:92:94:6e:7b:e5:2e:c3:6a:3d:25:b4:
47:a9:19:2a:a6:71:d2:fb:3f:85:87:57:a5:a1:78:
ac:34:68:4f:08:a5:50:1a:9a:eb:f3:52:d8:b3:50:
e1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:DD:B1:54:8F:8C:88:C6:57:4E:7E:B2:AE:37:E3:46:D5:38:4F:DF
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/7N2xVI-MiMZXTn6yrjfjRtU4T98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.64.0/20
5.45.84.0-5.45.95.255
5.61.48.0-5.61.59.255
37.1.200.0/21
37.1.216.0/21
37.252.3.0/24
37.252.13.0-37.252.15.255
45.136.48.0/22
45.137.212.0-45.137.214.255
46.102.106.0/24
62.197.45.0/24
62.197.48.0/23
82.117.242.0/23
89.187.73.0/24
176.97.79.0/24
176.98.40.0/24
185.109.48.0/24
185.238.168.0/22
188.116.21.0/24
188.116.23.0-188.116.27.255
195.54.174.0/23
213.142.146.0/23
IPv6:
2a02:c6c1:2::/47
2a02:c6c1:10::/48
2a02:c6c1:151::-2a02:c6c1:156:ffff:ffff:ffff:ffff:ffff
2a02:c6c2::/31
2a02:c6c7::/32
2a0c:6740::/29
2a0e:92c0::/29
2a0e:9a40::/29
2a0e:a7c0::/29
2a0f:4b40::/29
Signature Algorithm: sha256WithRSAEncryption
93:63:13:75:e5:76:bc:96:a0:2a:12:d5:fe:27:84:d0:0c:9f:
6a:8b:2a:83:e2:3c:85:de:fe:d3:1f:c2:07:02:57:db:1c:66:
3b:d9:43:54:a2:6c:a6:1a:fb:44:c5:6a:70:df:80:5c:93:83:
1c:1e:03:c1:f6:f6:d6:64:6f:3f:c8:77:31:b5:54:e4:3c:f0:
57:89:69:43:b4:9f:05:7a:d9:91:42:5e:b5:31:40:d5:bd:99:
ef:a6:a3:d0:83:64:b3:da:5d:25:85:b7:3a:d2:57:85:91:f8:
b1:11:56:60:36:21:37:44:fe:69:21:44:e3:69:7a:03:a0:31:
4b:37:74:b8:e5:b4:67:f3:77:5b:fa:66:d0:5c:10:f7:63:f2:
c3:3e:0b:9e:58:2a:bf:cf:6f:af:6a:c8:77:29:29:05:ab:3f:
06:61:56:ea:8f:57:54:db:5d:a2:f8:cb:02:29:b0:29:8e:7c:
61:b2:dc:6c:2f:d5:ba:ed:15:54:3e:e6:b0:8c:e8:00:ed:a8:
ee:1d:5b:ec:e7:44:87:28:bb:e1:09:84:a4:6f:c2:5d:86:3c:
f3:27:cd:1d:c2:7e:89:e0:ab:74:ec:a4:e5:04:7c:e6:0d:7d:
5d:28:98:f6:01:7f:a6:42:7f:8d:f7:ff:e9:1a:71:8c:93:16:
ea:7e:7a:42
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgISAZMvgzvLPgfHDxrN1PviIYBRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjQxMTE1MTEwOTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2RkYjE1NDhmOGM4OGM2NTc0ZTdlYjJhZTM3ZTM0NmQ1Mzg0ZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PypEO2T/8z0HgVZC/FQeb/7c8UW
yE0MWgCBaxvfnPvKxissNqRjbzfApyw2oxaHZ99vEpTdbIwJqxuk9gjlfggJ5P4V
4KApn6XEiFV5OYqN8AqO/bWUnj/f/IxiOQsRW+Y+nmOEXo7A+k7mtC+4gQLPLQ95
oCX46GTzogukmUhwaNNmStOWaMhNCHZ+e4HTZSqS5HHJVe+dd86aGhdQXQxixii5
y48cXmJFzjaoF4SK1feLRp5AUe66asbZTznpg+JuN2PahGBpoIXilrlquo7OEJQu
kpRue+Uuw2o9JbRHqRkqpnHS+z+Fh1eloXisNGhPCKVQGprr81LYs1DhGwIDAQAB
o4IDFjCCAxIwHQYDVR0OBBYEFOzdsVSPjIjGV05+sq4340bVOE/fMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvN04yeFZJLU1pTVpYVG42eXJqZmpSdFU0VDk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKgYIKwYBBQUHAQcBAf8EggEZMIIBFTCBswQCAAEwgawD
BAQFLUAwDAMEAgUtVAMEBQUtQDAMAwQEBT0wAwQCBT04AwQDJQHIAwQDJQHYAwQA
JfwDMAwDBAAl/A0DBAQl/AADBAItiDAwDAMEAi2J1AMEAC2J1gMEAC5magMEAD7F
LQMEAT7FMAMEAVJ18gMEAFm7SQMEALBhTwMEALBiKAMEALltMAMEArnuqAMEALx0
FTAMAwQAvHQXAwQCvHQYAwQBwzauAwQB1Y6SMF0EAgACMFcDBwEqAsbBAAIDBwAq
AsbBABAwEgMHACoCxsEBUQMHACoCxsEBVgMFASoCxsIDBQAqAsbHAwUDKgxnQAMF
AyoOksADBQMqDppAAwUDKg6nwAMFAyoPS0AwDQYJKoZIhvcNAQELBQADggEBAJNj
E3XldryWoCoS1f4nhNAMn2qLKoPiPIXe/tMfwgcCV9scZjvZQ1SibKYa+0TFanDf
gFyTgxweA8H29tZkbz/IdzG1VOQ88FeJaUO0nwV62ZFCXrUxQNW9me+mo9CDZLPa
XSWFtzrSV4WR+LERVmA2ITdE/mkhRONpegOgMUs3dLjltGfzd1v6ZtBcEPdj8sM+
C55YKr/Pb69qyHcpKQWrPwZhVuqPV1TbXaL4ywIpsCmOfGGy3Gwv1brtFVQ+5rCM
6ADtqO4dW+znRIcou+EJhKRvwl2GPPMnzR3Cfongq3TspOUEfOYNfV0omPYBf6ZC
f433/+kacYyTFup+ekI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:56:56 2024 by rpki-client on console-fra.rpki-client.org