Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/31f27a-b57b-4780-84d0-271bd72cdf69/1/8EhGcTfXWQgTceAEtNuwb_wcUGU.roa
File: 8EhGcTfXWQgTceAEtNuwb_wcUGU.roa (raw, json)
Hash identifier: JwQnvTvMpmDEa9TgidjWmlgEZj9x8t2NAQeAv0j5nOY=
Subject key identifier: F0:48:46:71:37:D7:59:08:13:71:E0:04:B4:DB:B0:6F:FC:1C:50:65
Certificate issuer: /CN=7ae62148b30b66bd0a3da3897ecfbfd9af4f431e
Certificate serial: 018CC8013A54E132491B1FEDD649FEF1107D
Authority key identifier: 7A:E6:21:48:B3:0B:66:BD:0A:3D:A3:89:7E:CF:BF:D9:AF:4F:43:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/euYhSLMLZr0KPaOJfs-_2a9PQx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/31f27a-b57b-4780-84d0-271bd72cdf69/1/8EhGcTfXWQgTceAEtNuwb_wcUGU.roa
Signing time: Tue 02 Jan 2024 02:29:32 +0000
ROA not before: Tue 02 Jan 2024 02:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24592
IP address blocks: 217.13.112.0/24 maxlen: 24
217.13.116.0/24 maxlen: 24
217.13.115.0/24 maxlen: 24
217.13.114.0/24 maxlen: 24
217.13.112.0/20 maxlen: 20
217.13.113.0/24 maxlen: 24
217.13.118.0/24 maxlen: 24
217.13.117.0/24 maxlen: 24
185.86.35.0/24 maxlen: 24
185.86.34.0/24 maxlen: 24
185.86.33.0/24 maxlen: 24
185.86.32.0/24 maxlen: 24
185.86.32.0/22 maxlen: 22
212.92.38.0/24 maxlen: 24
212.92.32.0/24 maxlen: 24
212.92.37.0/24 maxlen: 24
212.92.36.0/24 maxlen: 24
212.92.35.0/24 maxlen: 24
212.92.34.0/24 maxlen: 24
212.92.32.0/19 maxlen: 19
212.92.32.0/20 maxlen: 20
212.92.33.0/24 maxlen: 24
212.92.44.0/24 maxlen: 24
212.92.43.0/24 maxlen: 24
212.92.42.0/24 maxlen: 24
212.92.41.0/24 maxlen: 24
212.92.40.0/24 maxlen: 24
212.92.39.0/24 maxlen: 24
212.92.46.0/24 maxlen: 24
212.92.45.0/24 maxlen: 24
212.92.51.0/24 maxlen: 24
212.92.50.0/24 maxlen: 24
212.92.49.0/24 maxlen: 24
212.92.48.0/21 maxlen: 21
212.92.48.0/24 maxlen: 24
212.92.47.0/24 maxlen: 24
212.92.52.0/24 maxlen: 24
212.92.58.0/24 maxlen: 24
212.92.57.0/24 maxlen: 24
212.92.56.0/24 maxlen: 24
212.92.56.0/22 maxlen: 22
212.92.55.0/24 maxlen: 24
212.92.54.0/24 maxlen: 24
212.92.53.0/24 maxlen: 24
212.92.59.0/24 maxlen: 24
212.92.63.0/24 maxlen: 24
212.92.62.0/24 maxlen: 24
212.92.61.0/24 maxlen: 24
212.92.60.0/22 maxlen: 22
212.92.60.0/24 maxlen: 24
89.45.38.0/24 maxlen: 24
89.45.37.0/24 maxlen: 24
89.45.36.0/22 maxlen: 22
89.45.36.0/24 maxlen: 24
89.45.39.0/24 maxlen: 24
217.13.125.0/24 maxlen: 24
217.13.124.0/24 maxlen: 24
217.13.123.0/24 maxlen: 24
217.13.122.0/24 maxlen: 24
217.13.121.0/24 maxlen: 24
217.13.120.0/24 maxlen: 24
217.13.119.0/24 maxlen: 24
217.13.127.0/24 maxlen: 24
217.13.126.0/24 maxlen: 24
2a02:23c8:ff00::/40 maxlen: 40
2a02:23c8::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/31f27a-b57b-4780-84d0-271bd72cdf69/1/euYhSLMLZr0KPaOJfs-_2a9PQx4.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/31f27a-b57b-4780-84d0-271bd72cdf69/1/euYhSLMLZr0KPaOJfs-_2a9PQx4.mft
rsync://rpki.ripe.net/repository/DEFAULT/euYhSLMLZr0KPaOJfs-_2a9PQx4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:3a:54:e1:32:49:1b:1f:ed:d6:49:fe:f1:10:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ae62148b30b66bd0a3da3897ecfbfd9af4f431e
Validity
Not Before: Jan 2 02:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f048467137d759081371e004b4dbb06ffc1c5065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8c:54:02:dc:54:9e:bb:39:e5:56:8e:0b:78:
9d:31:af:d5:0b:e1:de:6d:05:13:10:fe:50:a8:29:
fc:79:9b:13:b9:f5:c7:cc:75:60:54:a1:2e:5a:ec:
b6:07:80:56:8c:62:bf:79:c5:83:f3:93:0b:ed:4c:
dd:12:13:0e:22:92:2e:fd:76:e6:2f:09:51:0a:02:
93:2e:c1:ed:a2:ea:d4:ac:b5:7c:50:de:d3:a3:b4:
d4:6b:95:eb:56:0f:d8:84:3b:09:be:9c:59:d7:95:
60:d3:1d:47:c6:8b:fa:da:f1:07:75:e2:38:1a:5c:
41:06:e9:dc:bb:f6:6f:e4:a0:44:2d:2e:cd:5e:2f:
a6:e2:a8:af:4d:ea:a1:7e:1d:32:ea:9d:db:dc:a1:
42:60:7c:d4:82:8f:13:a6:55:cc:d8:da:0b:f2:47:
2d:a3:d4:52:d8:f6:2a:5e:5f:76:33:10:56:f6:59:
90:b0:05:b4:07:61:0b:06:27:40:2d:7c:84:7a:85:
57:93:ed:1d:d2:72:56:32:65:c8:7a:66:7c:40:f3:
27:b2:df:67:55:ce:7b:83:65:20:46:df:71:47:d4:
68:22:9e:30:cd:d1:4b:bf:76:e7:48:7e:0b:7b:81:
d8:30:8b:56:fb:c2:62:07:7e:a8:46:b3:78:1c:c3:
dc:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:48:46:71:37:D7:59:08:13:71:E0:04:B4:DB:B0:6F:FC:1C:50:65
X509v3 Authority Key Identifier:
keyid:7A:E6:21:48:B3:0B:66:BD:0A:3D:A3:89:7E:CF:BF:D9:AF:4F:43:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/euYhSLMLZr0KPaOJfs-_2a9PQx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/31f27a-b57b-4780-84d0-271bd72cdf69/1/8EhGcTfXWQgTceAEtNuwb_wcUGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/31f27a-b57b-4780-84d0-271bd72cdf69/1/euYhSLMLZr0KPaOJfs-_2a9PQx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.36.0/22
185.86.32.0/22
212.92.32.0/19
217.13.112.0/20
IPv6:
2a02:23c8::/40
2a02:23c8:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
46:83:7f:d5:fd:f5:78:68:fe:78:24:44:78:6f:dc:7d:da:cb:
13:57:d3:9d:46:d4:1e:86:93:3e:26:2c:52:7a:74:1d:e2:f5:
f3:d7:e7:2f:6a:db:3f:d9:1f:16:14:b6:86:5e:e8:f6:c7:19:
66:a8:db:86:6c:9b:bd:a4:7c:ba:9e:15:b5:dd:91:18:22:b0:
2d:c2:09:4b:96:ba:03:08:b6:d5:ea:30:0f:c4:fa:5c:3b:28:
ee:44:af:c2:56:51:b6:07:8a:44:82:33:1d:03:49:24:e4:55:
0e:16:22:bc:79:d7:d4:e1:a3:99:f7:b4:03:4d:ec:73:4e:b6:
de:c8:c0:ca:e4:24:ef:fe:e2:69:17:6f:28:8a:18:3b:ef:25:
06:f4:64:c0:c2:39:a9:3a:18:fd:a9:ae:07:2a:53:ba:97:08:
d0:af:73:90:8b:5f:17:d8:ea:ce:d7:50:cb:b0:10:f7:9e:d2:
46:df:98:b7:32:6a:09:a6:5a:81:4e:db:33:0e:e9:d9:97:34:
36:a8:78:ea:48:ee:18:76:b4:f1:e9:32:b2:78:7a:3b:04:1f:
39:db:ee:b5:21:43:d1:97:e4:1a:c5:38:38:e8:10:ad:e8:67:
c5:93:e7:ae:00:12:90:52:e8:98:ba:02:05:a3:4b:5a:41:21:
a3:a0:99:a6
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzIATpU4TJJGx/t1kn+8RB9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZTYyMTQ4YjMwYjY2YmQwYTNkYTM4OTdlY2ZiZmQ5YWY0
ZjQzMWUwHhcNMjQwMTAyMDIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDQ4NDY3MTM3ZDc1OTA4MTM3MWUwMDRiNGRiYjA2ZmZjMWM1MDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4xUAtxUnrs55VaOC3idMa/VC+He
bQUTEP5QqCn8eZsTufXHzHVgVKEuWuy2B4BWjGK/ecWD85ML7UzdEhMOIpIu/Xbm
LwlRCgKTLsHtourUrLV8UN7To7TUa5XrVg/YhDsJvpxZ15Vg0x1Hxov62vEHdeI4
GlxBBuncu/Zv5KBELS7NXi+m4qivTeqhfh0y6p3b3KFCYHzUgo8TplXM2NoL8kct
o9RS2PYqXl92MxBW9lmQsAW0B2ELBidALXyEeoVXk+0d0nJWMmXIemZ8QPMnst9n
Vc57g2UgRt9xR9RoIp4wzdFLv3bnSH4Le4HYMItW+8JiB36oRrN4HMPc8QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPBIRnE311kIE3HgBLTbsG/8HFBlMB8GA1UdIwQY
MBaAFHrmIUizC2a9Cj2jiX7Pv9mvT0MeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXVZaFNMTUxacjBLUGFPSmZzLV8yYTlQUXg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8zMWYyN2EtYjU3Yi00NzgwLTg0ZDAt
MjcxYmQ3MmNkZjY5LzEvOEVoR2NUZlhXUWdUY2VBRXROdXdiX3djVUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8zMWYyN2EtYjU3Yi00NzgwLTg0ZDAtMjcxYmQ3MmNkZjY5
LzEvZXVZaFNMTUxacjBLUGFPSmZzLV8yYTlQUXg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQCWS0kAwQC
uVYgAwQF1FwgAwQE2Q1wMBYEAgACMBADBgAqAiPIAAMGACoCI8j/MA0GCSqGSIb3
DQEBCwUAA4IBAQBGg3/V/fV4aP54JER4b9x92ssTV9OdRtQehpM+JixSenQd4vXz
1+cvats/2R8WFLaGXuj2xxlmqNuGbJu9pHy6nhW13ZEYIrAtwglLlroDCLbV6jAP
xPpcOyjuRK/CVlG2B4pEgjMdA0kk5FUOFiK8edfU4aOZ97QDTexzTrbeyMDK5CTv
/uJpF28oihg77yUG9GTAwjmpOhj9qa4HKlO6lwjQr3OQi18X2OrO11DLsBD3ntJG
35i3MmoJplqBTtszDunZlzQ2qHjqSO4YdrTx6TKyeHo7BB852+61IUPRl+QaxTg4
6BCt6GfFk+euABKQUuiYugIFo0taQSGjoJmm
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:18:12 2024 by rpki-client on console-fra.rpki-client.org