Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/qIsC2abDdsDJujCjtBYvpNu7MOk.roa
File: qIsC2abDdsDJujCjtBYvpNu7MOk.roa (raw, json)
Hash identifier: 7RBnrCasl6MVmdOLVRilw1U7vL6sGuVbWCZJmvLrYW8=
Subject key identifier: A8:8B:02:D9:A6:C3:76:C0:C9:BA:30:A3:B4:16:2F:A4:DB:BB:30:E9
Certificate issuer: /CN=02bbd4f865a12d79a09a034486ce61ba023882c7
Certificate serial: 018CF2CAB79DC303AE8A3264D0B758DA1957
Authority key identifier: 02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/qIsC2abDdsDJujCjtBYvpNu7MOk.roa
Signing time: Wed 10 Jan 2024 09:53:40 +0000
ROA not before: Wed 10 Jan 2024 09:53:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.69.4.0/24 maxlen: 24
185.69.7.0/24 maxlen: 24
185.69.5.0/24 maxlen: 24
185.69.6.0/24 maxlen: 24
37.77.48.0/24 maxlen: 24
37.77.49.0/24 maxlen: 24
37.77.50.0/24 maxlen: 24
37.77.51.0/24 maxlen: 24
37.77.52.0/24 maxlen: 24
37.77.53.0/24 maxlen: 24
37.77.54.0/24 maxlen: 24
37.77.55.0/24 maxlen: 24
5.62.133.0/24 maxlen: 24
5.62.137.0/24 maxlen: 24
5.62.138.0/24 maxlen: 24
5.62.139.0/24 maxlen: 24
5.62.134.0/24 maxlen: 24
5.62.135.0/24 maxlen: 24
5.62.136.0/24 maxlen: 24
5.62.144.0/24 maxlen: 24
5.62.145.0/24 maxlen: 24
5.62.141.0/24 maxlen: 24
5.62.142.0/24 maxlen: 24
5.62.143.0/24 maxlen: 24
5.62.140.0/24 maxlen: 24
5.62.146.0/24 maxlen: 24
5.62.147.0/24 maxlen: 24
5.62.151.0/24 maxlen: 24
5.62.148.0/24 maxlen: 24
5.62.149.0/24 maxlen: 24
5.62.150.0/24 maxlen: 24
5.62.130.0/24 maxlen: 24
5.62.131.0/24 maxlen: 24
5.62.132.0/24 maxlen: 24
5.62.128.0/24 maxlen: 24
5.62.129.0/24 maxlen: 24
31.7.80.0/24 maxlen: 24
31.7.81.0/24 maxlen: 24
31.7.82.0/24 maxlen: 24
31.7.83.0/24 maxlen: 24
31.7.84.0/24 maxlen: 24
31.7.85.0/24 maxlen: 24
31.7.86.0/24 maxlen: 24
31.7.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/ArvU-GWhLXmgmgNEhs5hugI4gsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/ArvU-GWhLXmgmgNEhs5hugI4gsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:ca:b7:9d:c3:03:ae:8a:32:64:d0:b7:58:da:19:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02bbd4f865a12d79a09a034486ce61ba023882c7
Validity
Not Before: Jan 10 09:53:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a88b02d9a6c376c0c9ba30a3b4162fa4dbbb30e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:37:bd:ed:4a:09:92:6e:13:de:06:9d:56:30:
80:31:c5:f3:e8:bb:b2:ba:02:e4:fe:18:88:24:67:
0f:99:d8:ff:86:50:47:69:f9:22:b9:5f:2a:f7:20:
10:d4:43:36:c7:62:31:a9:87:55:0c:72:14:9e:31:
e8:1a:cb:7e:0c:aa:47:49:b2:32:d4:ba:36:47:1a:
66:f3:a1:e9:6a:39:4a:27:b1:88:68:6f:51:8c:a0:
a0:e8:9d:32:91:b2:89:91:b5:3e:c2:ea:ac:03:fd:
4e:59:f6:98:87:d6:3d:c8:6e:a5:99:11:9b:01:29:
74:33:4f:61:02:bc:b7:a1:b6:89:2f:0a:60:e4:c6:
63:6b:19:9e:58:88:99:18:49:ae:5a:8d:cb:5d:9a:
85:7d:13:71:06:eb:78:a0:99:72:10:88:89:f6:c8:
91:20:9e:b9:5a:53:7a:5d:a7:86:cd:81:8c:61:1c:
6b:09:30:32:8e:af:b0:1d:5a:5c:c8:94:6a:1f:34:
a7:ad:9e:2a:65:d5:09:aa:84:d9:38:31:7b:e6:f1:
34:7c:3f:07:d6:18:3a:0e:ff:f7:7c:08:a9:15:8e:
17:8d:93:be:22:4b:4a:ae:2d:39:d2:07:8c:e2:a5:
72:6b:ef:52:49:63:4f:0e:5c:00:b8:41:ab:5f:b9:
1a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:8B:02:D9:A6:C3:76:C0:C9:BA:30:A3:B4:16:2F:A4:DB:BB:30:E9
X509v3 Authority Key Identifier:
keyid:02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/qIsC2abDdsDJujCjtBYvpNu7MOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/ArvU-GWhLXmgmgNEhs5hugI4gsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.128.0-5.62.151.255
31.7.80.0/21
37.77.48.0/21
185.69.4.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:7e:20:30:58:c6:fa:ef:d3:f2:21:4b:9b:26:08:3b:4f:7b:
8e:f2:4f:4d:62:3d:c4:b7:01:8e:2e:6a:38:ab:ba:a9:e0:39:
1d:29:44:81:f6:46:d3:50:e5:88:a8:9f:46:ea:fc:4b:f9:a2:
3f:5c:21:bc:ee:3b:c3:f6:d1:ee:15:9a:ab:d9:e8:3c:98:ba:
33:a9:ae:76:fe:d8:52:31:c3:d0:bd:9f:96:19:76:96:cb:2b:
b8:31:e5:5e:6f:73:4f:8a:a9:21:0e:05:b8:7b:aa:0f:1b:a4:
15:b0:35:22:52:20:9d:bc:b4:dc:62:0c:6c:b6:62:83:c7:a2:
23:68:9e:ae:bc:51:c9:6b:97:7e:80:6a:14:44:38:a9:5c:7c:
cd:b0:25:4a:19:30:11:b5:49:16:53:e7:8a:46:07:76:1b:ff:
98:4c:73:f2:6b:8b:4f:04:9d:92:83:18:75:b4:71:44:20:ec:
8c:b5:0a:72:72:53:57:59:ff:77:b2:68:80:e8:8e:07:83:04:
69:34:53:bf:48:4d:1b:8f:e5:6c:22:97:aa:a4:29:bd:49:08:
df:b9:08:80:13:e3:c6:7a:ef:8a:8f:bb:f8:dc:9b:72:3c:96:
a3:28:06:bd:b9:df:c9:9a:2a:77:f0:dd:bf:57:c6:29:7a:70:
73:5a:d0:3c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzyyredwwOuijJk0LdY2hlXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYmJkNGY4NjVhMTJkNzlhMDlhMDM0NDg2Y2U2MWJhMDIz
ODgyYzcwHhcNMjQwMTEwMDk1MzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODhiMDJkOWE2YzM3NmMwYzliYTMwYTNiNDE2MmZhNGRiYmIzMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDe97UoJkm4T3gadVjCAMcXz6Luy
ugLk/hiIJGcPmdj/hlBHafkiuV8q9yAQ1EM2x2IxqYdVDHIUnjHoGst+DKpHSbIy
1Lo2Rxpm86HpajlKJ7GIaG9RjKCg6J0ykbKJkbU+wuqsA/1OWfaYh9Y9yG6lmRGb
ASl0M09hAry3obaJLwpg5MZjaxmeWIiZGEmuWo3LXZqFfRNxBut4oJlyEIiJ9siR
IJ65WlN6XaeGzYGMYRxrCTAyjq+wHVpcyJRqHzSnrZ4qZdUJqoTZODF75vE0fD8H
1hg6Dv/3fAipFY4XjZO+IktKri050geM4qVya+9SSWNPDlwAuEGrX7kaLQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKiLAtmmw3bAybowo7QWL6TbuzDpMB8GA1UdIwQY
MBaAFAK71PhloS15oJoDRIbOYboCOILHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUt
MGE5ODA0OGNkZjcyLzEvcUlzQzJhYkRkc0RKdWpDanRCWXZwTnU3TU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUtMGE5ODA0OGNkZjcy
LzEvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAcFPoAD
BAMFPpADBAMfB1ADBAMlTTADBAK5RQQwDQYJKoZIhvcNAQELBQADggEBAAx+IDBY
xvrv0/IhS5smCDtPe47yT01iPcS3AY4uajiruqngOR0pRIH2RtNQ5Yion0bq/Ev5
oj9cIbzuO8P20e4VmqvZ6DyYujOprnb+2FIxw9C9n5YZdpbLK7gx5V5vc0+KqSEO
Bbh7qg8bpBWwNSJSIJ28tNxiDGy2YoPHoiNonq68Uclrl36AahREOKlcfM2wJUoZ
MBG1SRZT54pGB3Yb/5hMc/Jri08EnZKDGHW0cUQg7Iy1CnJyU1dZ/3eyaIDojgeD
BGk0U79ITRuP5Wwil6qkKb1JCN+5CIAT48Z674qPu/jcm3I8lqMoBr2538maKnfw
3b9Xxil6cHNa0Dw=
-----END CERTIFICATE-----
Generated at Thu May 2 21:23:07 2024 by rpki-client on console-fra.rpki-client.org