Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/EinaYUKdL9Pfswka9B_vt5rcZPo.roa
File: EinaYUKdL9Pfswka9B_vt5rcZPo.roa (raw, json)
Hash identifier: cIzqSPwD+RaXxLmQDlYnukjZZNN6P/pymXkxHSth8Kg=
Subject key identifier: 12:29:DA:61:42:9D:2F:D3:DF:B3:09:1A:F4:1F:EF:B7:9A:DC:64:FA
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 018CCA2B4DBBA63F70C28F997A018414171D
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/EinaYUKdL9Pfswka9B_vt5rcZPo.roa
Signing time: Tue 02 Jan 2024 12:34:44 +0000
ROA not before: Tue 02 Jan 2024 12:34:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41689
IP address blocks: 188.0.240.0/23 maxlen: 32
185.112.36.0/22 maxlen: 32
185.112.32.0/22 maxlen: 32
77.238.120.0/22 maxlen: 32
93.115.144.0/21 maxlen: 32
46.143.0.0/17 maxlen: 32
37.156.144.0/22 maxlen: 32
89.235.96.0/22 maxlen: 32
185.120.220.0/22 maxlen: 32
185.120.248.0/22 maxlen: 32
176.65.240.0/22 maxlen: 32
31.25.128.0/21 maxlen: 32
176.65.252.0/23 maxlen: 32
176.65.254.0/23 maxlen: 32
128.65.176.0/20 maxlen: 32
79.127.0.0/17 maxlen: 32
185.98.112.0/22 maxlen: 32
89.41.40.0/22 maxlen: 32
93.118.180.0/22 maxlen: 32
185.99.212.0/22 maxlen: 32
185.109.244.0/22 maxlen: 32
185.49.84.0/22 maxlen: 32
185.109.248.0/22 maxlen: 32
31.7.64.0/20 maxlen: 32
178.22.120.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:4d:bb:a6:3f:70:c2:8f:99:7a:01:84:14:17:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Jan 2 12:34:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1229da61429d2fd3dfb3091af41fefb79adc64fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:4e:09:44:cc:5e:fb:49:95:de:39:d7:d4:cd:
e7:a4:70:31:0a:6a:ae:8d:28:26:94:5c:90:4f:dc:
a2:62:91:0c:96:13:c3:5a:37:2d:23:99:a5:88:93:
cf:dd:97:19:4a:f0:d6:f5:10:8c:fe:6b:af:6b:0f:
df:a4:be:03:ef:e2:63:e5:35:5a:7e:1f:71:44:d7:
d3:c2:20:22:f1:80:75:a6:4f:36:d5:2c:4c:88:03:
1f:18:bb:39:a3:7b:62:ce:a1:c9:42:d6:b1:c4:f5:
88:9b:7c:76:2e:f1:83:e4:5b:05:2e:3c:bd:97:a2:
e2:43:75:a1:a6:61:77:68:cc:90:0d:51:6e:08:f0:
a4:35:00:a3:6a:da:1e:4e:f8:3d:0d:dc:d0:1b:3f:
80:ed:51:1e:73:7b:27:4e:fd:da:27:4d:36:52:4c:
c6:da:dd:61:b9:b5:16:91:4b:85:31:12:f4:95:3c:
50:9d:c9:70:78:cb:1b:2b:0b:c4:38:26:3b:1e:57:
6d:55:c6:ab:45:da:fc:3d:54:b2:79:5c:57:b8:cd:
ae:56:aa:73:5b:85:8b:e8:3b:03:bc:65:56:17:90:
7c:db:99:d8:20:0f:95:df:7d:a2:9c:a7:1a:4d:9f:
3d:bd:16:7a:ab:75:3b:e7:fc:90:fb:76:a7:50:47:
eb:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:29:DA:61:42:9D:2F:D3:DF:B3:09:1A:F4:1F:EF:B7:9A:DC:64:FA
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/EinaYUKdL9Pfswka9B_vt5rcZPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.64.0/20
31.25.128.0/21
37.156.144.0/22
46.143.0.0/17
77.238.120.0/22
79.127.0.0/17
89.41.40.0/22
89.235.96.0/22
93.115.144.0/21
93.118.180.0/22
128.65.176.0/20
176.65.240.0/22
176.65.252.0/22
178.22.120.0/21
185.49.84.0/22
185.98.112.0/22
185.99.212.0/22
185.109.244.0-185.109.251.255
185.112.32.0/21
185.120.220.0/22
185.120.248.0/22
188.0.240.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:c2:e3:e5:b2:4f:50:cb:b4:32:5e:2b:f2:f1:e1:76:83:4c:
90:23:ff:c4:19:09:0a:7b:57:ed:88:ac:62:84:18:0f:f6:66:
c3:cd:42:16:df:40:32:39:74:e7:cd:39:9f:fc:e2:c6:63:2f:
da:bc:a4:b3:04:8f:c4:2b:24:69:9e:c4:0b:c6:24:9c:3d:64:
68:4d:b0:ec:0a:84:d4:5b:0d:f6:77:d8:17:be:72:98:db:1f:
09:f9:ac:7d:5d:b3:28:e1:48:fe:83:d9:d2:a3:3c:83:8d:c6:
6b:29:f4:aa:93:64:fa:71:c1:eb:89:0b:be:1c:a6:70:4b:07:
61:69:6e:04:a2:46:e0:c0:c8:b3:0a:aa:28:94:49:c4:26:98:
41:2d:45:e3:ba:24:fa:a8:6a:54:c6:47:c8:2e:ac:c7:f3:55:
b4:e1:06:e8:05:ff:75:f0:a7:b8:72:c5:41:24:44:07:d8:95:
4d:a9:b1:61:6e:b6:9c:09:34:75:7c:8c:4f:de:85:ea:ba:44:
4f:e5:04:cf:f8:39:ac:d4:db:ec:56:3d:3f:ca:ab:29:9c:48:
4b:c0:7b:41:c6:07:de:3c:a7:88:72:d2:a8:4e:e5:83:22:ba:
3c:95:94:0d:11:97:2a:77:ec:03:3b:81:03:1d:76:71:50:50:
bd:79:a0:04
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYzKK027pj9wwo+ZegGEFBcdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjQwMTAyMTIzNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjI5ZGE2MTQyOWQyZmQzZGZiMzA5MWFmNDFmZWZiNzlhZGM2NGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA004JRMxe+0mV3jnX1M3npHAxCmqu
jSgmlFyQT9yiYpEMlhPDWjctI5mliJPP3ZcZSvDW9RCM/muvaw/fpL4D7+Jj5TVa
fh9xRNfTwiAi8YB1pk821SxMiAMfGLs5o3tizqHJQtaxxPWIm3x2LvGD5FsFLjy9
l6LiQ3WhpmF3aMyQDVFuCPCkNQCjatoeTvg9DdzQGz+A7VEec3snTv3aJ002UkzG
2t1hubUWkUuFMRL0lTxQnclweMsbKwvEOCY7HldtVcarRdr8PVSyeVxXuM2uVqpz
W4WL6DsDvGVWF5B825nYIA+V332inKcaTZ89vRZ6q3U75/yQ+3anUEfrbwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFBIp2mFCnS/T37MJGvQf77ea3GT6MB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvRWluYVlVS2RMOVBmc3drYTlCX3Z0NXJjWlBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAQf
B0ADBAMfGYADBAIlnJADBAcujwADBAJN7ngDBAdPfwADBAJZKSgDBAJZ62ADBANd
c5ADBAJddrQDBASAQbADBAKwQfADBAKwQfwDBAOyFngDBAK5MVQDBAK5YnADBAK5
Y9QwDAMEArlt9AMEArlt+AMEA7lwIAMEArl43AMEArl4+AMEAbwA8DANBgkqhkiG
9w0BAQsFAAOCAQEArsLj5bJPUMu0Ml4r8vHhdoNMkCP/xBkJCntX7YisYoQYD/Zm
w81CFt9AMjl05805n/zixmMv2rykswSPxCskaZ7EC8YknD1kaE2w7AqE1FsN9nfY
F75ymNsfCfmsfV2zKOFI/oPZ0qM8g43Gayn0qpNk+nHB64kLvhymcEsHYWluBKJG
4MDIswqqKJRJxCaYQS1F47ok+qhqVMZHyC6sx/NVtOEG6AX/dfCnuHLFQSREB9iV
TamxYW62nAk0dXyMT96F6rpET+UEz/g5rNTb7FY9P8qrKZxIS8B7QcYH3jyniHLS
qE7lgyK6PJWUDRGXKnfsAzuBAx12cVBQvXmgBA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 13:48:15 2024 by rpki-client on console-fra.rpki-client.org