Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ftsEGjDgWD9p7xIpRtlTcN7u5t0.roa
File: ftsEGjDgWD9p7xIpRtlTcN7u5t0.roa (raw, json)
Hash identifier: hX+H4XhR6wDcwostY6CKLrGA41pyCO6OLJGnOCxVT2M=
Subject key identifier: 7E:DB:04:1A:30:E0:58:3F:69:EF:12:29:46:D9:53:70:DE:EE:E6:DD
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019175F9AECCF808BAF52B4A094F0F4AD168
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ftsEGjDgWD9p7xIpRtlTcN7u5t0.roa
Signing time: Wed 21 Aug 2024 17:26:22 +0000
ROA not before: Wed 21 Aug 2024 17:26:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 45.83.188.0/22 maxlen: 24
45.85.224.0/22 maxlen: 24
45.86.248.0/22 maxlen: 24
45.87.22.0/24 maxlen: 24
45.88.120.0/24 maxlen: 24
45.88.122.0/24 maxlen: 24
45.129.232.0/22 maxlen: 24
45.133.252.0/24 maxlen: 24
45.133.254.0/24 maxlen: 24
45.136.72.0/22 maxlen: 24
45.143.192.0/24 maxlen: 24
45.143.194.0/24 maxlen: 24
45.144.216.0/22 maxlen: 24
45.146.52.0/24 maxlen: 24
45.146.56.0/22 maxlen: 24
45.148.24.0/24 maxlen: 24
45.149.0.0/24 maxlen: 24
45.150.92.0/24 maxlen: 24
45.150.94.0/24 maxlen: 24
45.154.136.0/24 maxlen: 24
45.154.139.0/24 maxlen: 24
45.157.96.0/23 maxlen: 24
45.157.113.0/24 maxlen: 24
45.157.114.0/23 maxlen: 24
45.159.244.0/23 maxlen: 24
45.159.247.0/24 maxlen: 24
89.36.36.0/24 maxlen: 24
89.38.38.0/24 maxlen: 24
89.46.46.0/24 maxlen: 24
89.251.1.0/24 maxlen: 24
89.251.3.0/24 maxlen: 24
136.144.16.0/24 maxlen: 24
136.144.18.0/24 maxlen: 24
136.144.24.0/24 maxlen: 24
136.144.32.0/24 maxlen: 24
136.144.34.0/24 maxlen: 24
185.51.193.0/24 maxlen: 24
185.51.194.0/23 maxlen: 23
185.114.60.0/22 maxlen: 22
185.227.32.0/24 maxlen: 24
185.243.244.0/24 maxlen: 24
185.243.246.0/24 maxlen: 24
188.208.38.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:75:f9:ae:cc:f8:08:ba:f5:2b:4a:09:4f:0f:4a:d1:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Aug 21 17:26:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7edb041a30e0583f69ef122946d95370deeee6dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:55:41:63:93:fb:30:00:23:4c:9b:d9:5b:2a:
2e:d8:bd:34:f4:77:39:55:c5:af:ee:f4:69:11:1d:
2f:0b:11:73:b3:38:60:a3:f5:08:97:86:27:3a:7b:
ea:80:ee:62:b6:3f:99:75:ef:2e:f3:a6:69:bc:b0:
0a:6d:54:53:cb:47:d4:b6:4a:30:23:bb:77:29:b0:
b1:68:d6:8c:9a:49:8c:f6:e7:bf:ef:2b:8c:6a:34:
c9:14:0e:cf:9c:37:37:03:fa:4a:e9:7b:15:99:c4:
a8:56:80:a2:eb:9f:4c:05:22:1f:d1:2c:0b:d5:6e:
7a:5a:bc:c0:5e:f7:55:56:bb:af:56:90:64:19:49:
f8:e1:33:ed:57:bd:5d:8d:c2:d4:65:c0:f3:48:5b:
b1:fd:12:18:94:73:f6:a0:b7:e3:a7:a4:49:26:98:
99:0b:69:a9:bf:13:ac:0c:63:b5:8f:34:db:67:2c:
8d:28:d5:6b:74:c8:7c:60:41:ce:bb:26:12:c2:50:
28:31:75:4b:a6:05:64:33:35:2d:87:1d:81:1d:49:
2e:c8:a4:b3:6a:b4:93:75:bd:95:dd:a0:6c:d7:4b:
aa:5d:44:b2:9b:c0:09:a0:b4:87:c9:c9:ec:c5:9e:
69:ad:be:b7:57:f8:d9:ec:4e:ed:5e:c5:43:db:e4:
08:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:DB:04:1A:30:E0:58:3F:69:EF:12:29:46:D9:53:70:DE:EE:E6:DD
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ftsEGjDgWD9p7xIpRtlTcN7u5t0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.188.0/22
45.85.224.0/22
45.86.248.0/22
45.87.22.0/24
45.88.120.0/24
45.88.122.0/24
45.129.232.0/22
45.133.252.0/24
45.133.254.0/24
45.136.72.0/22
45.143.192.0/24
45.143.194.0/24
45.144.216.0/22
45.146.52.0/24
45.146.56.0/22
45.148.24.0/24
45.149.0.0/24
45.150.92.0/24
45.150.94.0/24
45.154.136.0/24
45.154.139.0/24
45.157.96.0/23
45.157.113.0-45.157.115.255
45.159.244.0/23
45.159.247.0/24
89.36.36.0/24
89.38.38.0/24
89.46.46.0/24
89.251.1.0/24
89.251.3.0/24
136.144.16.0/24
136.144.18.0/24
136.144.24.0/24
136.144.32.0/24
136.144.34.0/24
185.51.193.0-185.51.195.255
185.114.60.0/22
185.227.32.0/24
185.243.244.0/24
185.243.246.0/24
188.208.38.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:12:47:16:50:83:20:a8:3e:51:10:0f:6b:5f:e7:57:99:14:
68:c3:4f:b7:d1:e7:b8:aa:25:87:8b:c3:ae:ee:a9:8f:a7:1b:
d4:3e:f0:1d:f7:69:1e:26:25:6a:c9:22:76:6f:6b:a7:77:31:
1d:b4:8f:09:e7:fd:8c:8b:e3:45:f8:32:b8:86:53:0b:13:9a:
74:06:15:98:3f:b1:2c:2e:7e:d7:69:51:4d:c9:d1:e4:f9:cc:
74:fb:40:8e:6f:e0:2e:62:72:57:8c:d2:9c:ed:df:0f:15:33:
fd:21:4a:b7:42:09:f3:59:d8:fc:27:f7:b9:75:b7:97:f2:62:
be:46:8b:65:7c:6a:5c:fa:f7:47:98:c1:df:7e:1d:4c:5a:6c:
69:bb:8f:f5:9a:84:63:9c:75:ed:70:60:79:d0:9a:f2:8d:9b:
54:93:05:3d:7d:c8:08:b6:5c:f8:a2:0c:3b:e5:fd:29:2e:13:
50:24:d4:70:fd:f3:2e:77:f3:ce:b0:42:73:c5:86:1f:5d:a4:
3c:0c:ef:49:ca:8b:10:18:1a:fc:a7:b3:7f:f5:15:3d:bd:ed:
5f:42:27:aa:b2:ba:49:e8:f9:13:c7:c2:1e:f6:be:4f:59:c3:
42:6d:fe:a6:ed:2a:75:a9:6c:10:c6:ba:09:8f:d1:be:31:77:
35:da:80:ba
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAZF1+a7M+Ai69StKCU8PStFoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwODIxMTcyNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWRiMDQxYTMwZTA1ODNmNjllZjEyMjk0NmQ5NTM3MGRlZWVlNmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31VBY5P7MAAjTJvZWyou2L009Hc5
VcWv7vRpER0vCxFzszhgo/UIl4YnOnvqgO5itj+Zde8u86ZpvLAKbVRTy0fUtkow
I7t3KbCxaNaMmkmM9ue/7yuMajTJFA7PnDc3A/pK6XsVmcSoVoCi659MBSIf0SwL
1W56WrzAXvdVVruvVpBkGUn44TPtV71djcLUZcDzSFux/RIYlHP2oLfjp6RJJpiZ
C2mpvxOsDGO1jzTbZyyNKNVrdMh8YEHOuyYSwlAoMXVLpgVkMzUthx2BHUkuyKSz
arSTdb2V3aBs10uqXUSym8AJoLSHycnsxZ5prb63V/jZ7E7tXsVD2+QIFQIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFH7bBBow4Fg/ae8SKUbZU3De7ubdMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvZnRzRUdqRGdXRDlwN3hJcFJ0bFRjTjd1NXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCCAQ4EAgABMIIB
BgMEAi1TvAMEAi1V4AMEAi1W+AMEAC1XFgMEAC1YeAMEAC1YegMEAi2B6AMEAC2F
/AMEAC2F/gMEAi2ISAMEAC2PwAMEAC2PwgMEAi2Q2AMEAC2SNAMEAi2SOAMEAC2U
GAMEAC2VAAMEAC2WXAMEAC2WXgMEAC2aiAMEAC2aiwMEAS2dYDAMAwQALZ1xAwQC
LZ1wAwQBLZ/0AwQALZ/3AwQAWSQkAwQAWSYmAwQAWS4uAwQAWfsBAwQAWfsDAwQA
iJAQAwQAiJASAwQAiJAYAwQAiJAgAwQAiJAiMAwDBAC5M8EDBAK5M8ADBAK5cjwD
BAC54yADBAC58/QDBAC58/YDBAG80CYwDQYJKoZIhvcNAQELBQADggEBAJsSRxZQ
gyCoPlEQD2tf51eZFGjDT7fR57iqJYeLw67uqY+nG9Q+8B33aR4mJWrJInZva6d3
MR20jwnn/YyL40X4MriGUwsTmnQGFZg/sSwuftdpUU3J0eT5zHT7QI5v4C5icleM
0pzt3w8VM/0hSrdCCfNZ2Pwn97l1t5fyYr5Gi2V8alz690eYwd9+HUxabGm7j/Wa
hGOcde1wYHnQmvKNm1STBT19yAi2XPiiDDvl/SkuE1Ak1HD98y53886wQnPFhh9d
pDwM70nKixAYGvyns3/1FT297V9CJ6qyukno+RPHwh72vk9Zw0Jt/qbtKnWpbBDG
ugmP0b4xdzXagLo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:05:48 2024 by rpki-client on console-fra.rpki-client.org