Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/7HE3EX_m0mIGZl9Hbioc3wI43NY.roa
File: 7HE3EX_m0mIGZl9Hbioc3wI43NY.roa (raw, json)
Hash identifier: zqL8TZvN2DNxyV4hDafLJbd/yG0AgLHe5mJ4nRoA4kw=
Subject key identifier: EC:71:37:11:7F:E6:D2:62:06:66:5F:47:6E:2A:1C:DF:02:38:DC:D6
Certificate issuer: /CN=e4a9308742e7eb66506219d829d86185899a1e34
Certificate serial: 0193445E9766A1AAC318F9F703E79A4F0CB6
Authority key identifier: E4:A9:30:87:42:E7:EB:66:50:62:19:D8:29:D8:61:85:89:9A:1E:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Kkwh0Ln62ZQYhnYKdhhhYmaHjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/7HE3EX_m0mIGZl9Hbioc3wI43NY.roa
Signing time: Tue 19 Nov 2024 12:21:10 +0000
ROA not before: Tue 19 Nov 2024 12:21:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211559
IP address blocks: 31.11.48.0/21 maxlen: 21
31.11.55.0/24 maxlen: 24
37.186.38.0/24 maxlen: 24
37.186.56.0/24 maxlen: 24
37.186.57.0/24 maxlen: 24
37.186.60.0/22 maxlen: 22
37.186.60.0/24 maxlen: 24
80.76.165.0/24 maxlen: 24
80.76.166.0/23 maxlen: 23
80.76.166.0/24 maxlen: 24
80.76.167.0/24 maxlen: 24
80.76.168.0/23 maxlen: 23
80.76.168.0/24 maxlen: 24
80.76.169.0/24 maxlen: 24
103.14.208.0/22 maxlen: 22
103.14.208.0/24 maxlen: 24
103.14.211.0/24 maxlen: 24
103.23.126.0/24 maxlen: 24
103.23.127.0/24 maxlen: 24
103.225.72.0/24 maxlen: 24
103.225.73.0/24 maxlen: 24
103.225.74.0/24 maxlen: 24
185.247.88.0/22 maxlen: 22
185.247.89.0/24 maxlen: 24
212.70.100.0/24 maxlen: 24
212.70.101.0/24 maxlen: 24
212.70.102.0/24 maxlen: 24
212.70.103.0/24 maxlen: 24
212.70.104.0/24 maxlen: 24
212.70.105.0/24 maxlen: 24
212.70.109.0/24 maxlen: 24
212.70.120.0/24 maxlen: 24
212.70.121.0/24 maxlen: 24
212.70.122.0/24 maxlen: 24
212.70.123.0/24 maxlen: 24
212.70.124.0/24 maxlen: 24
2a04:7f80:84::/48 maxlen: 48
2a04:7f80:85::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/5Kkwh0Ln62ZQYhnYKdhhhYmaHjQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/5Kkwh0Ln62ZQYhnYKdhhhYmaHjQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/5Kkwh0Ln62ZQYhnYKdhhhYmaHjQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:5e:97:66:a1:aa:c3:18:f9:f7:03:e7:9a:4f:0c:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a9308742e7eb66506219d829d86185899a1e34
Validity
Not Before: Nov 19 12:21:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec7137117fe6d26206665f476e2a1cdf0238dcd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:8f:9d:ac:64:88:bb:32:1a:41:ca:5b:76:5e:
3d:2d:63:6c:f1:5a:17:8d:55:5e:92:1d:6b:21:2c:
5a:23:27:1d:e4:bf:dd:43:dd:11:b0:35:52:86:d9:
c8:ad:fb:fc:d6:a7:d1:0b:c8:b0:0c:0f:3e:ff:8d:
5a:0a:62:94:e2:10:fb:9f:1a:2e:3d:7d:b7:30:5f:
6f:a5:81:ad:91:62:65:3b:10:9f:ff:ee:b7:58:fb:
12:eb:f2:30:af:6a:f4:a1:a5:f2:48:50:b0:e9:d2:
28:4c:5a:05:4e:7a:52:c7:dc:29:b7:d5:33:60:43:
af:76:eb:c8:76:b9:d7:af:9d:f7:e1:7c:1c:d3:12:
d5:d0:08:ff:41:35:6c:1a:c1:29:c0:0e:17:33:84:
c2:0e:36:a2:ad:5f:e4:31:90:d4:00:69:3b:54:36:
da:f3:69:ee:6b:97:d3:ae:b4:1e:02:14:73:a7:6d:
2d:89:4b:01:fb:10:83:d2:32:01:d7:72:7b:c1:34:
9b:31:86:88:ee:6a:a1:49:a8:e1:25:45:1d:66:16:
eb:dd:11:61:5a:d3:20:1d:5b:8f:a0:84:70:02:01:
f3:a5:d8:b5:95:70:6d:12:e0:d3:93:16:d5:44:e7:
d4:57:c2:27:be:3e:3f:84:8e:15:8f:5c:10:25:95:
ae:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:71:37:11:7F:E6:D2:62:06:66:5F:47:6E:2A:1C:DF:02:38:DC:D6
X509v3 Authority Key Identifier:
keyid:E4:A9:30:87:42:E7:EB:66:50:62:19:D8:29:D8:61:85:89:9A:1E:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Kkwh0Ln62ZQYhnYKdhhhYmaHjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/7HE3EX_m0mIGZl9Hbioc3wI43NY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/5Kkwh0Ln62ZQYhnYKdhhhYmaHjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.11.48.0/21
37.186.38.0/24
37.186.56.0/23
37.186.60.0/22
80.76.165.0-80.76.169.255
103.14.208.0/22
103.23.126.0/23
103.225.72.0-103.225.74.255
185.247.88.0/22
212.70.100.0-212.70.105.255
212.70.109.0/24
212.70.120.0-212.70.124.255
IPv6:
2a04:7f80:84::/47
Signature Algorithm: sha256WithRSAEncryption
21:0c:f5:a0:ad:e1:fe:5e:27:73:02:db:d5:45:2a:42:5c:96:
c6:92:a1:5e:70:e0:e1:31:26:4c:04:c4:3d:d8:eb:c1:03:86:
50:07:4b:4c:4b:00:c1:83:c6:0d:ec:a6:38:ad:68:f9:8b:0d:
34:9f:90:da:7d:a2:25:08:2b:16:14:69:f6:bd:1a:68:04:3a:
f9:cf:b9:22:42:d0:f2:8d:3f:3c:1e:9b:9b:f2:4e:86:e5:28:
a9:7f:93:4e:40:df:d6:03:be:bc:a1:ed:82:aa:e5:e8:99:04:
bb:b4:a3:23:c5:32:7a:7a:0e:6e:c7:e6:35:ae:cc:5f:90:f7:
68:ba:bf:96:b4:71:f0:11:25:75:ec:fc:e8:d8:3d:0d:24:07:
e4:74:79:c5:2a:29:e9:3d:8b:1a:9d:d5:4c:a6:2b:52:e1:66:
07:ab:ea:a6:10:a4:99:46:2c:82:9b:27:1d:25:de:1d:4e:3c:
03:33:5c:85:a6:83:eb:da:c5:fb:43:6b:61:9c:ae:b3:0f:1a:
e2:d8:f6:55:e4:88:2e:6c:eb:3c:73:64:49:f8:1b:a4:a9:94:
f2:73:63:06:ff:44:db:0e:a5:4c:67:b4:5f:54:ca:e4:42:37:
4d:3a:e3:4d:e8:ae:94:74:17:10:d0:75:c0:9b:00:cb:a6:c5:
c3:58:c9:33
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZNEXpdmoarDGPn3A+eaTwy2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTkzMDg3NDJlN2ViNjY1MDYyMTlkODI5ZDg2MTg1ODk5
YTFlMzQwHhcNMjQxMTE5MTIyMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzcxMzcxMTdmZTZkMjYyMDY2NjVmNDc2ZTJhMWNkZjAyMzhkY2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04+drGSIuzIaQcpbdl49LWNs8VoX
jVVekh1rISxaIycd5L/dQ90RsDVShtnIrfv81qfRC8iwDA8+/41aCmKU4hD7nxou
PX23MF9vpYGtkWJlOxCf/+63WPsS6/Iwr2r0oaXySFCw6dIoTFoFTnpSx9wpt9Uz
YEOvduvIdrnXr5334Xwc0xLV0Aj/QTVsGsEpwA4XM4TCDjairV/kMZDUAGk7VDba
82nua5fTrrQeAhRzp20tiUsB+xCD0jIB13J7wTSbMYaI7mqhSajhJUUdZhbr3RFh
WtMgHVuPoIRwAgHzpdi1lXBtEuDTkxbVROfUV8Invj4/hI4Vj1wQJZWuaQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFOxxNxF/5tJiBmZfR24qHN8CONzWMB8GA1UdIwQY
MBaAFOSpMIdC5+tmUGIZ2CnYYYWJmh40MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtrd2gwTG42MlpRWWhuWUtkaGhoWW1hSGpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8xYzlkYmItMDUyYy00ZWVhLWFkZTYt
ZWM1Yjg4ZDAxMzhhLzEvN0hFM0VYX20wbUlHWmw5SGJpb2Mzd0k0M05ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8xYzlkYmItMDUyYy00ZWVhLWFkZTYtZWM1Yjg4ZDAxMzhh
LzEvNUtrd2gwTG42MlpRWWhuWUtkaGhoWW1hSGpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBuBAIAATBoAwQDHwsw
AwQAJbomAwQBJbo4AwQCJbo8MAwDBABQTKUDBAFQTKgDBAJnDtADBAFnF34wDAME
A2fhSAMEAGfhSgMEArn3WDAMAwQC1EZkAwQB1EZoAwQA1EZtMAwDBAPURngDBADU
RnwwDwQCAAIwCQMHASoEf4AAhDANBgkqhkiG9w0BAQsFAAOCAQEAIQz1oK3h/l4n
cwLb1UUqQlyWxpKhXnDg4TEmTATEPdjrwQOGUAdLTEsAwYPGDeymOK1o+YsNNJ+Q
2n2iJQgrFhRp9r0aaAQ6+c+5IkLQ8o0/PB6bm/JOhuUoqX+TTkDf1gO+vKHtgqrl
6JkEu7SjI8UyenoObsfmNa7MX5D3aLq/lrRx8BEldez86Ng9DSQH5HR5xSop6T2L
Gp3VTKYrUuFmB6vqphCkmUYsgpsnHSXeHU48AzNchaaD69rF+0NrYZyusw8a4tj2
VeSILmzrPHNkSfgbpKmU8nNjBv9E2w6lTGe0X1TK5EI3TTrjTeiulHQXENB1wJsA
y6bFw1jJMw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:45:34 2024 by rpki-client on console-ams.rpki-client.org