Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/BDFq1ZoI0OO_2C0lGIQK5UEldwY.roa
File: BDFq1ZoI0OO_2C0lGIQK5UEldwY.roa (raw, json)
Hash identifier: wBH93507FbWombvAu7O000ywFtVawxreBbjiLZ+DjkE=
Subject key identifier: 04:31:6A:D5:9A:08:D0:E3:BF:D8:2D:25:18:84:0A:E5:41:25:77:06
Certificate issuer: /CN=598fa4201344d4107f792eee2566c62d65714e2d
Certificate serial: 01924E8541127DC0B37F9A358F0E88A5AE54
Authority key identifier: 59:8F:A4:20:13:44:D4:10:7F:79:2E:EE:25:66:C6:2D:65:71:4E:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/BDFq1ZoI0OO_2C0lGIQK5UEldwY.roa
Signing time: Wed 02 Oct 2024 18:36:48 +0000
ROA not before: Wed 02 Oct 2024 18:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39020
IP address blocks: 5.145.168.0/24 maxlen: 24
5.145.169.0/24 maxlen: 24
5.145.170.0/24 maxlen: 24
5.145.171.0/24 maxlen: 24
5.145.172.0/24 maxlen: 24
5.145.173.0/24 maxlen: 24
5.145.174.0/24 maxlen: 24
5.145.175.0/24 maxlen: 24
45.80.12.0/24 maxlen: 24
45.80.14.0/24 maxlen: 24
77.81.112.0/24 maxlen: 24
77.81.113.0/24 maxlen: 24
77.81.114.0/24 maxlen: 24
77.81.115.0/24 maxlen: 24
77.81.116.0/24 maxlen: 24
77.81.117.0/24 maxlen: 24
77.81.118.0/24 maxlen: 24
77.81.119.0/24 maxlen: 24
91.192.108.0/24 maxlen: 24
91.192.109.0/24 maxlen: 24
91.192.110.0/24 maxlen: 24
91.192.111.0/24 maxlen: 24
93.93.64.0/24 maxlen: 24
93.93.65.0/24 maxlen: 24
93.93.66.0/24 maxlen: 24
93.93.67.0/24 maxlen: 24
93.93.68.0/24 maxlen: 24
93.93.69.0/24 maxlen: 24
93.93.70.0/24 maxlen: 24
93.93.71.0/24 maxlen: 24
93.113.160.0/24 maxlen: 24
93.113.161.0/24 maxlen: 24
93.113.162.0/24 maxlen: 24
93.113.163.0/24 maxlen: 24
185.50.196.0/22 maxlen: 22
185.50.196.0/24 maxlen: 24
185.50.197.0/24 maxlen: 24
185.50.198.0/24 maxlen: 24
185.50.199.0/24 maxlen: 24
195.78.228.0/24 maxlen: 24
195.78.229.0/24 maxlen: 24
195.78.230.0/24 maxlen: 24
195.78.231.0/24 maxlen: 24
217.61.128.0/24 maxlen: 24
217.61.129.0/24 maxlen: 24
217.61.130.0/24 maxlen: 24
217.61.131.0/24 maxlen: 24
217.61.133.0/24 maxlen: 24
217.61.134.0/24 maxlen: 24
217.61.135.0/24 maxlen: 24
217.61.136.0/24 maxlen: 24
217.61.137.0/24 maxlen: 24
217.61.138.0/24 maxlen: 24
217.61.139.0/24 maxlen: 24
217.61.140.0/24 maxlen: 24
217.61.141.0/24 maxlen: 24
217.61.142.0/24 maxlen: 24
217.61.143.0/24 maxlen: 24
2a00:1d70::/33 maxlen: 33
2a00:1d70:1ac1::/48 maxlen: 48
2a00:1d70:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.mft
rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4e:85:41:12:7d:c0:b3:7f:9a:35:8f:0e:88:a5:ae:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=598fa4201344d4107f792eee2566c62d65714e2d
Validity
Not Before: Oct 2 18:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04316ad59a08d0e3bfd82d2518840ae541257706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:64:e0:2c:ef:2e:3d:34:00:d0:c7:df:cd:6b:
81:88:98:6e:6a:d3:8e:71:bc:ff:d7:89:d9:6c:80:
8f:4c:eb:6d:18:c1:7d:92:6c:a6:28:f8:c6:51:c3:
06:83:61:f3:c5:c8:79:ed:7f:ba:99:1b:28:54:c9:
bf:ec:c5:e8:4c:d5:a4:15:8a:f6:a1:45:03:34:25:
4e:e3:6a:1c:57:29:80:bb:a7:15:69:b1:07:69:ce:
a4:59:86:22:44:27:6a:72:cd:3d:8e:99:cc:07:9d:
3e:2b:85:ef:14:54:43:e3:5a:22:9e:c8:71:06:16:
d1:79:5c:10:52:46:d8:25:0c:b2:fb:31:2b:f1:27:
64:c1:fc:c6:d4:c5:db:a4:1c:05:48:60:20:91:a4:
aa:fd:46:0d:18:c3:91:dd:be:74:34:83:7a:69:c2:
6c:8d:db:64:40:12:35:11:71:ee:97:f7:cc:c8:81:
a4:4d:42:9c:29:1e:7e:94:bb:78:52:0c:2f:30:c8:
5f:b8:6e:e8:a3:3e:5d:9a:aa:e1:5c:67:38:3c:05:
e3:59:0d:ba:cb:dc:61:ab:08:39:d8:27:94:95:84:
95:a9:82:75:38:6d:30:16:81:8d:35:ae:03:78:e1:
82:ea:18:b2:ab:f9:bb:da:91:45:27:07:7e:9f:66:
0f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:31:6A:D5:9A:08:D0:E3:BF:D8:2D:25:18:84:0A:E5:41:25:77:06
X509v3 Authority Key Identifier:
keyid:59:8F:A4:20:13:44:D4:10:7F:79:2E:EE:25:66:C6:2D:65:71:4E:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/BDFq1ZoI0OO_2C0lGIQK5UEldwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.168.0/21
45.80.12.0/24
45.80.14.0/24
77.81.112.0/21
91.192.108.0/22
93.93.64.0/21
93.113.160.0/22
185.50.196.0/22
195.78.228.0/22
217.61.128.0/22
217.61.133.0-217.61.143.255
IPv6:
2a00:1d70::/32
Signature Algorithm: sha256WithRSAEncryption
80:40:3a:b5:41:b1:84:f0:fc:b1:da:dc:51:b1:e3:d0:0e:3c:
d9:93:44:5e:e8:94:54:42:77:40:91:0f:04:6b:87:a1:d1:de:
b5:c3:d7:fe:ae:11:4e:65:fc:e5:68:4b:4e:96:dc:62:c0:0f:
1e:84:31:c2:7c:75:82:9b:bf:a1:cd:d7:9d:d7:6e:f6:61:80:
17:4f:15:db:51:a9:87:4e:65:92:22:13:ce:46:19:e7:43:a8:
8e:00:ed:88:e6:37:e1:3b:c1:9e:82:3f:cf:38:6a:5c:35:3a:
e0:8e:7b:59:f2:a2:86:34:3c:3a:21:e8:35:38:36:b9:ec:50:
7e:e7:89:82:4e:5b:ea:39:ab:ab:02:fb:39:22:c4:85:92:10:
97:01:78:d8:08:a7:d6:5e:07:1e:fa:32:70:24:ac:0b:bb:b5:
f4:5b:c0:22:c1:83:0f:3f:c7:7d:0e:6a:75:c5:88:6c:8f:0c:
ce:ce:25:b1:8d:9c:96:23:05:a9:18:c3:8c:33:8a:b8:2b:b2:
49:8e:7d:6c:52:c5:cd:37:0e:56:97:92:e0:c8:ad:85:31:46:
7e:fc:80:bc:81:f0:66:be:fb:3d:44:62:65:75:ed:16:cd:84:
40:7e:57:66:f1:cf:9f:7b:b5:c2:98:55:8b:b7:e6:f3:ac:66:
de:9c:d3:52
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZJOhUESfcCzf5o1jw6Ipa5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5OGZhNDIwMTM0NGQ0MTA3Zjc5MmVlZTI1NjZjNjJkNjU3
MTRlMmQwHhcNMjQxMDAyMTgzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDMxNmFkNTlhMDhkMGUzYmZkODJkMjUxODg0MGFlNTQxMjU3NzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmTgLO8uPTQA0MffzWuBiJhuatOO
cbz/14nZbICPTOttGMF9kmymKPjGUcMGg2Hzxch57X+6mRsoVMm/7MXoTNWkFYr2
oUUDNCVO42ocVymAu6cVabEHac6kWYYiRCdqcs09jpnMB50+K4XvFFRD41oinshx
BhbReVwQUkbYJQyy+zEr8SdkwfzG1MXbpBwFSGAgkaSq/UYNGMOR3b50NIN6acJs
jdtkQBI1EXHul/fMyIGkTUKcKR5+lLt4UgwvMMhfuG7ooz5dmqrhXGc4PAXjWQ26
y9xhqwg52CeUlYSVqYJ1OG0wFoGNNa4DeOGC6hiyq/m72pFFJwd+n2YPXQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFAQxatWaCNDjv9gtJRiECuVBJXcGMB8GA1UdIwQY
MBaAFFmPpCATRNQQf3ku7iVmxi1lcU4tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1kta0lCTkUxQkJfZVM3dUpXYkdMV1Z4VGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84MzhlZjEtNzM5My00ZmJkLWI2N2It
NjY0YjhmMDNkMTgwLzEvQkRGcTFab0kwT09fMkMwbEdJUUs1VUVsZHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84MzhlZjEtNzM5My00ZmJkLWI2N2ItNjY0YjhmMDNkMTgw
LzEvV1kta0lCTkUxQkJfZVM3dUpXYkdMV1Z4VGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQDBZGoAwQA
LVAMAwQALVAOAwQDTVFwAwQCW8BsAwQDXV1AAwQCXXGgAwQCuTLEAwQCw07kAwQC
2T2AMAwDBADZPYUDBATZPYAwDQQCAAIwBwMFACoAHXAwDQYJKoZIhvcNAQELBQAD
ggEBAIBAOrVBsYTw/LHa3FGx49AOPNmTRF7olFRCd0CRDwRrh6HR3rXD1/6uEU5l
/OVoS06W3GLADx6EMcJ8dYKbv6HN153XbvZhgBdPFdtRqYdOZZIiE85GGedDqI4A
7YjmN+E7wZ6CP884alw1OuCOe1nyooY0PDoh6DU4NrnsUH7niYJOW+o5q6sC+zki
xIWSEJcBeNgIp9ZeBx76MnAkrAu7tfRbwCLBgw8/x30OanXFiGyPDM7OJbGNnJYj
BakYw4wzirgrskmOfWxSxc03DlaXkuDIrYUxRn78gLyB8Ga++z1EYmV17RbNhEB+
V2bxz597tcKYVYu35vOsZt6c01I=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:12 2024 by rpki-client on console-fra.rpki-client.org