Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/834e82-f863-4ca8-8061-f616d9318087/1/eeNQ_4uDZ0GXRjkt167uuTve-_Q.roa
File: eeNQ_4uDZ0GXRjkt167uuTve-_Q.roa (raw, json)
Hash identifier: orRDFf1rZivJFxg9sL9xwzISoMYvnmCFiokSvooj3nE=
Subject key identifier: 79:E3:50:FF:8B:83:67:41:97:46:39:2D:D7:AE:EE:B9:3B:DE:FB:F4
Certificate issuer: /CN=f69c7eb86224adb38408847dee4cfc4c4003ad5d
Certificate serial: 018EF6A13D8EA2705F04BDE7753A9346ADC2
Authority key identifier: F6:9C:7E:B8:62:24:AD:B3:84:08:84:7D:EE:4C:FC:4C:40:03:AD:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9px-uGIkrbOECIR97kz8TEADrV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/834e82-f863-4ca8-8061-f616d9318087/1/eeNQ_4uDZ0GXRjkt167uuTve-_Q.roa
Signing time: Fri 19 Apr 2024 13:52:25 +0000
ROA not before: Fri 19 Apr 2024 13:52:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199478
IP address blocks: 37.130.144.0/24 maxlen: 24
37.130.145.0/24 maxlen: 24
37.130.146.0/24 maxlen: 24
37.130.147.0/24 maxlen: 24
37.130.148.0/24 maxlen: 24
37.130.149.0/24 maxlen: 24
37.130.150.0/24 maxlen: 24
37.130.151.0/24 maxlen: 24
91.193.152.0/24 maxlen: 24
91.193.153.0/24 maxlen: 24
91.193.154.0/24 maxlen: 24
91.193.155.0/24 maxlen: 24
144.2.164.0/24 maxlen: 24
144.2.165.0/24 maxlen: 24
144.2.166.0/24 maxlen: 24
144.2.167.0/24 maxlen: 24
185.16.208.0/24 maxlen: 24
185.16.209.0/24 maxlen: 24
185.16.210.0/24 maxlen: 24
185.16.211.0/24 maxlen: 24
185.157.152.0/24 maxlen: 24
185.157.153.0/24 maxlen: 24
185.157.154.0/24 maxlen: 24
185.157.155.0/24 maxlen: 24
185.251.104.0/24 maxlen: 24
185.251.105.0/24 maxlen: 24
185.251.106.0/24 maxlen: 24
185.251.107.0/24 maxlen: 24
193.84.19.0/24 maxlen: 24
193.84.30.0/24 maxlen: 24
193.84.70.0/24 maxlen: 24
193.84.74.0/24 maxlen: 24
194.62.158.0/24 maxlen: 24
194.62.159.0/24 maxlen: 24
194.62.190.0/24 maxlen: 24
194.62.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/834e82-f863-4ca8-8061-f616d9318087/1/9px-uGIkrbOECIR97kz8TEADrV0.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/834e82-f863-4ca8-8061-f616d9318087/1/9px-uGIkrbOECIR97kz8TEADrV0.mft
rsync://rpki.ripe.net/repository/DEFAULT/9px-uGIkrbOECIR97kz8TEADrV0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 10:02:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f6:a1:3d:8e:a2:70:5f:04:bd:e7:75:3a:93:46:ad:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f69c7eb86224adb38408847dee4cfc4c4003ad5d
Validity
Not Before: Apr 19 13:52:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79e350ff8b8367419746392dd7aeeeb93bdefbf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:9e:13:ba:87:a9:17:e7:b6:64:4f:09:cd:61:
e3:5d:07:f5:bc:9a:13:14:05:f7:92:6e:89:63:db:
b4:20:ef:9f:98:99:f1:22:1a:c4:6b:ef:31:d8:12:
8c:75:99:eb:d5:3a:54:3a:dd:6b:a7:e9:8e:36:47:
df:5f:fa:86:bd:fb:dc:2c:01:bf:6f:c2:d5:52:b5:
c7:82:69:41:fd:b1:ee:be:44:b8:3f:0c:48:d0:a9:
95:6e:8b:05:eb:7b:70:ed:39:3b:88:15:05:df:be:
1d:cc:2a:58:77:ca:44:f9:e4:87:e2:68:70:0c:3c:
fc:b2:10:b8:0a:ad:05:92:7b:8c:90:91:29:1e:c3:
d2:a2:65:39:88:9b:47:02:7f:48:2f:49:f9:5b:4a:
98:8d:de:51:1a:42:55:fa:80:a4:a9:78:2d:8b:38:
45:41:42:41:a3:0a:c7:7c:a4:68:b5:69:a1:10:8f:
08:93:ed:0f:0e:b8:77:22:a9:77:13:9b:31:ae:f7:
9a:c7:61:d4:48:94:50:88:8a:11:60:f9:05:ef:e0:
bf:c5:83:61:5a:a2:d7:f5:06:67:85:a2:49:35:6d:
54:fb:b5:e7:03:f8:df:ac:7b:1f:59:3f:db:d2:b9:
72:f1:33:ae:13:24:61:47:52:f8:b2:ea:97:4c:40:
e3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:E3:50:FF:8B:83:67:41:97:46:39:2D:D7:AE:EE:B9:3B:DE:FB:F4
X509v3 Authority Key Identifier:
keyid:F6:9C:7E:B8:62:24:AD:B3:84:08:84:7D:EE:4C:FC:4C:40:03:AD:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9px-uGIkrbOECIR97kz8TEADrV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/834e82-f863-4ca8-8061-f616d9318087/1/eeNQ_4uDZ0GXRjkt167uuTve-_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/834e82-f863-4ca8-8061-f616d9318087/1/9px-uGIkrbOECIR97kz8TEADrV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.144.0/21
91.193.152.0/22
144.2.164.0/22
185.16.208.0/22
185.157.152.0/22
185.251.104.0/22
193.84.19.0/24
193.84.30.0/24
193.84.70.0/24
193.84.74.0/24
194.62.158.0/23
194.62.190.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:29:43:b1:60:4d:c7:98:7c:b6:53:8b:e5:09:ab:45:c5:25:
1c:64:4e:23:ad:70:d0:3a:82:29:70:90:29:1e:2a:61:fc:b6:
c6:95:64:b3:7f:69:55:1b:45:7a:fb:8f:31:bc:bc:8e:dd:fd:
2e:ac:5e:56:8f:3e:5d:04:56:b9:cc:52:8c:5a:ee:32:5d:d7:
90:72:e5:37:77:db:fa:1e:1a:84:08:3f:fe:d0:bf:98:86:81:
a3:e8:2f:09:a8:b7:0d:53:2a:9b:8e:15:f3:50:c5:d3:e3:a0:
24:e8:cb:d4:ae:9e:b3:99:63:ca:43:31:5f:cf:01:f9:fa:fc:
f3:e5:a8:9c:1b:6d:ab:80:77:f9:ab:b7:20:a6:34:66:e6:b2:
29:44:b4:35:fc:41:38:97:a4:47:59:e1:ee:12:ec:d1:50:f4:
c4:30:12:06:d0:2c:6e:89:1e:74:69:6c:1e:2f:03:ad:0b:63:
b1:6b:f4:14:62:2e:44:98:95:b5:3a:c2:cf:1b:fd:6a:ce:d1:
8c:fb:ba:b8:8c:87:a7:f1:e7:f4:ab:0d:e4:96:e2:a3:2b:1f:
9d:15:00:0f:1f:b7:cb:a8:1f:f8:90:d7:27:c9:90:7f:de:5a:
51:e7:7b:88:09:07:40:91:c0:f8:5f:2f:d5:ad:5a:36:5c:cc:
76:77:20:1c
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY72oT2OonBfBL3ndTqTRq3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2OWM3ZWI4NjIyNGFkYjM4NDA4ODQ3ZGVlNGNmYzRjNDAw
M2FkNWQwHhcNMjQwNDE5MTM1MjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWUzNTBmZjhiODM2NzQxOTc0NjM5MmRkN2FlZWViOTNiZGVmYmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjp4TuoepF+e2ZE8JzWHjXQf1vJoT
FAX3km6JY9u0IO+fmJnxIhrEa+8x2BKMdZnr1TpUOt1rp+mONkffX/qGvfvcLAG/
b8LVUrXHgmlB/bHuvkS4PwxI0KmVbosF63tw7Tk7iBUF374dzCpYd8pE+eSH4mhw
DDz8shC4Cq0FknuMkJEpHsPSomU5iJtHAn9IL0n5W0qYjd5RGkJV+oCkqXgtizhF
QUJBowrHfKRotWmhEI8Ik+0PDrh3Iql3E5sxrveax2HUSJRQiIoRYPkF7+C/xYNh
WqLX9QZnhaJJNW1U+7XnA/jfrHsfWT/b0rly8TOuEyRhR1L4suqXTEDjvQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHnjUP+Lg2dBl0Y5Ldeu7rk73vv0MB8GA1UdIwQY
MBaAFPacfrhiJK2zhAiEfe5M/ExAA61dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXB4LXVHSWtyYk9FQ0lSOTdrejhURUFEclYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy84MzRlODItZjg2My00Y2E4LTgwNjEt
ZjYxNmQ5MzE4MDg3LzEvZWVOUV80dURaMEdYUmprdDE2N3V1VHZlLV9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy84MzRlODItZjg2My00Y2E4LTgwNjEtZjYxNmQ5MzE4MDg3
LzEvOXB4LXVHSWtyYk9FQ0lSOTdrejhURUFEclYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQDJYKQAwQC
W8GYAwQCkAKkAwQCuRDQAwQCuZ2YAwQCuftoAwQAwVQTAwQAwVQeAwQAwVRGAwQA
wVRKAwQBwj6eAwQBwj6+MA0GCSqGSIb3DQEBCwUAA4IBAQC9KUOxYE3HmHy2U4vl
CatFxSUcZE4jrXDQOoIpcJApHiph/LbGlWSzf2lVG0V6+48xvLyO3f0urF5Wjz5d
BFa5zFKMWu4yXdeQcuU3d9v6HhqECD/+0L+YhoGj6C8JqLcNUyqbjhXzUMXT46Ak
6MvUrp6zmWPKQzFfzwH5+vzz5aicG22rgHf5q7cgpjRm5rIpRLQ1/EE4l6RHWeHu
EuzRUPTEMBIG0CxuiR50aWweLwOtC2Oxa/QUYi5EmJW1OsLPG/1qztGM+7q4jIen
8ef0qw3kluKjKx+dFQAPH7fLqB/4kNcnyZB/3lpR53uICQdAkcD4Xy/VrVo2XMx2
dyAc
-----END CERTIFICATE-----
Generated at Wed May 15 19:56:41 2024 by rpki-client on console-ams.rpki-client.org