Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/s5NnVnYyNyHs-1Lc9ijvqd2nKLQ.roa
File: s5NnVnYyNyHs-1Lc9ijvqd2nKLQ.roa (raw, json)
Hash identifier: roZFuPfDxWL1CW0mCcr3TtYvj9ntUSj2G+FEqVbeXjE=
Subject key identifier: B3:93:67:56:76:32:37:21:EC:FB:52:DC:F6:28:EF:A9:DD:A7:28:B4
Certificate issuer: /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial: 01924EB6B1D7541045A2B55AD6A63F077099
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/s5NnVnYyNyHs-1Lc9ijvqd2nKLQ.roa
Signing time: Wed 02 Oct 2024 19:30:48 +0000
ROA not before: Wed 02 Oct 2024 19:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50304
IP address blocks: 31.169.48.0/21 maxlen: 32
37.202.56.0/21 maxlen: 24
45.152.48.0/22 maxlen: 22
91.90.40.0/21 maxlen: 24
91.199.193.0/24 maxlen: 24
91.205.184.0/22 maxlen: 22
91.227.248.0/22 maxlen: 24
94.124.74.0/24 maxlen: 24
134.90.144.0/21 maxlen: 32
134.90.148.0/24 maxlen: 24
176.125.232.0/22 maxlen: 22
178.255.144.0/21 maxlen: 32
185.12.56.0/22 maxlen: 24
185.35.200.0/22 maxlen: 24
185.35.200.0/24 maxlen: 24
185.41.240.0/22 maxlen: 24
185.152.32.0/22 maxlen: 24
185.152.32.0/23 maxlen: 23
193.27.45.0/24 maxlen: 24
193.28.1.0/24 maxlen: 24
193.28.4.0/24 maxlen: 24
193.28.7.0/24 maxlen: 24
193.138.6.0/23 maxlen: 24
194.35.228.0/22 maxlen: 24
194.99.40.0/22 maxlen: 24
194.127.198.0/23 maxlen: 23
194.127.199.0/24 maxlen: 24
195.64.118.0/24 maxlen: 24
213.163.240.0/23 maxlen: 23
217.197.164.0/22 maxlen: 24
2a02:20c8::/32 maxlen: 48
2a02:ed00::/29 maxlen: 32
2a02:ed00::/32 maxlen: 32
2a02:ed01::/32 maxlen: 32
2a02:ed03::/32 maxlen: 32
2a02:ed04:100::/44 maxlen: 44
2a02:ed04:3400::/44 maxlen: 44
2a02:ed04:3580::/44 maxlen: 44
2a02:ed04:4400::/44 maxlen: 44
2a02:ed04:4500::/44 maxlen: 44
2a02:ed04:4600::/44 maxlen: 44
2a02:ed04:4700::/44 maxlen: 44
2a02:ed05::/32 maxlen: 32
2a02:ed06::/32 maxlen: 32
2a04:8d40::/29 maxlen: 32
2a07:7d80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4e:b6:b1:d7:54:10:45:a2:b5:5a:d6:a6:3f:07:70:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Validity
Not Before: Oct 2 19:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b393675676323721ecfb52dcf628efa9dda728b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:da:f4:e5:e2:eb:90:6f:12:0d:84:29:8c:78:
37:18:9d:d6:8a:15:60:d7:b1:96:02:cb:22:91:11:
60:15:fd:5b:15:c5:89:34:87:c3:71:61:58:5c:d3:
59:4b:61:88:bc:4e:f9:61:01:e8:91:0a:d5:a2:85:
e0:4e:db:bc:92:f2:a6:72:46:4d:50:6d:ac:bc:d2:
0b:f5:7a:48:78:54:1c:bb:43:f1:a8:3c:44:83:a8:
4c:be:07:4a:f2:29:c8:5e:42:9a:bf:fe:6b:af:1a:
28:d8:05:29:ce:5a:11:8b:e3:85:8f:b9:d1:df:5e:
1c:5b:20:b3:3f:be:42:25:76:a7:86:44:c3:a0:29:
6c:ba:27:e6:47:ff:49:63:7f:ea:a9:d6:dc:6e:96:
1f:b5:c6:08:ce:91:9f:fe:7a:96:41:d6:2c:07:c5:
2a:a8:ef:ee:0f:32:20:41:a8:5a:2e:30:41:f5:dc:
60:ca:eb:62:88:8a:78:c1:bb:b1:e0:bb:f8:30:79:
c2:b8:b2:c9:a2:d5:32:3e:3e:ab:cf:dd:51:a2:b6:
66:2e:b9:9b:ab:d4:ce:58:7c:40:2c:2b:f6:cf:11:
24:80:4f:9a:ca:46:54:d2:2c:a2:a0:b8:6a:5b:2e:
ac:a9:ca:5a:e5:38:f3:a6:43:0b:68:c7:d2:e5:94:
b0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:93:67:56:76:32:37:21:EC:FB:52:DC:F6:28:EF:A9:DD:A7:28:B4
X509v3 Authority Key Identifier:
keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/s5NnVnYyNyHs-1Lc9ijvqd2nKLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.48.0/21
37.202.56.0/21
45.152.48.0/22
91.90.40.0/21
91.199.193.0/24
91.205.184.0/22
91.227.248.0/22
94.124.74.0/24
134.90.144.0/21
176.125.232.0/22
178.255.144.0/21
185.12.56.0/22
185.35.200.0/22
185.41.240.0/22
185.152.32.0/22
193.27.45.0/24
193.28.1.0/24
193.28.4.0/24
193.28.7.0/24
193.138.6.0/23
194.35.228.0/22
194.99.40.0/22
194.127.198.0/23
195.64.118.0/24
213.163.240.0/23
217.197.164.0/22
IPv6:
2a02:20c8::/32
2a02:ed00::/29
2a04:8d40::/29
2a07:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
24:ec:a4:c7:a9:a3:60:a9:4f:35:2f:3f:d2:5c:01:a6:c7:3c:
4c:36:e3:ba:09:26:83:ca:45:d2:e0:d7:11:c7:ee:54:0c:8e:
0d:05:f6:5d:ac:7d:4b:75:7a:6a:e2:03:db:7a:7b:fa:a6:0e:
c9:20:a5:b4:56:0d:96:5e:25:bb:bd:c6:8c:81:74:66:3d:0d:
4f:43:99:d7:1c:06:14:1e:2a:84:e6:7f:44:d6:f4:a8:f8:b0:
62:10:4d:2e:42:93:fc:86:dd:06:bd:d8:f3:8b:eb:dd:15:bf:
76:c1:7e:af:07:05:1c:47:eb:7f:9e:de:dc:0b:53:b2:11:a7:
22:5c:cf:11:59:26:35:01:e9:ef:cf:d3:e5:8a:dc:35:f3:49:
ba:b8:97:5a:76:bc:0d:a0:3e:32:e8:ba:8a:bb:f7:9c:a9:5e:
29:33:6e:fa:1e:05:28:59:39:fb:41:99:c9:e4:d0:a3:22:74:
28:87:f4:84:27:bf:16:83:57:9a:46:68:d2:9c:b4:0c:e7:0c:
25:91:5d:79:b6:93:aa:22:ed:df:bd:02:c9:c5:78:56:b7:af:
f2:7b:fb:f2:1c:a9:cc:c4:17:07:e4:ef:2f:39:84:6c:b2:ed:
1c:c5:83:e4:5e:89:62:60:3f:b6:11:da:35:6f:17:33:06:41:
f0:ff:d2:51
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZJOtrHXVBBForVa1qY/B3CZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmRjZmY3N2JmMDYwZDVkYTEyZGU0NWUyMDcyZTFjZmY0
NTYwYTcwHhcNMjQxMDAyMTkzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzkzNjc1Njc2MzIzNzIxZWNmYjUyZGNmNjI4ZWZhOWRkYTcyOGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztr05eLrkG8SDYQpjHg3GJ3WihVg
17GWAssikRFgFf1bFcWJNIfDcWFYXNNZS2GIvE75YQHokQrVooXgTtu8kvKmckZN
UG2svNIL9XpIeFQcu0PxqDxEg6hMvgdK8inIXkKav/5rrxoo2AUpzloRi+OFj7nR
314cWyCzP75CJXanhkTDoClsuifmR/9JY3/qqdbcbpYftcYIzpGf/nqWQdYsB8Uq
qO/uDzIgQahaLjBB9dxgyutiiIp4wbux4Lv4MHnCuLLJotUyPj6rz91RorZmLrmb
q9TOWHxALCv2zxEkgE+aykZU0iyioLhqWy6sqcpa5TjzpkMLaMfS5ZSwPQIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFLOTZ1Z2Mjch7PtS3PYo76ndpyi0MB8GA1UdIwQY
MBaAFGW9z/d78GDV2hLeReIHLhz/RWCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYt
ZDcwY2Q5N2Y0ODU3LzEvczVOblZuWXlOeUhzLTFMYzlpanZxZDJuS0xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYtZDcwY2Q5N2Y0ODU3
LzEvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBowQCAAEwgZwDBAMf
qTADBAMlyjgDBAItmDADBANbWigDBABbx8EDBAJbzbgDBAJb4/gDBABefEoDBAOG
WpADBAKwfegDBAOy/5ADBAK5DDgDBAK5I8gDBAK5KfADBAK5mCADBADBGy0DBADB
HAEDBADBHAQDBADBHAcDBAHBigYDBALCI+QDBALCYygDBAHCf8YDBADDQHYDBAHV
o/ADBALZxaQwIgQCAAIwHAMFACoCIMgDBQMqAu0AAwUDKgSNQAMFAyoHfYAwDQYJ
KoZIhvcNAQELBQADggEBACTspMepo2CpTzUvP9JcAabHPEw247oJJoPKRdLg1xHH
7lQMjg0F9l2sfUt1emriA9t6e/qmDskgpbRWDZZeJbu9xoyBdGY9DU9DmdccBhQe
KoTmf0TW9Kj4sGIQTS5Ck/yG3Qa92POL690Vv3bBfq8HBRxH63+e3twLU7IRpyJc
zxFZJjUB6e/P0+WK3DXzSbq4l1p2vA2gPjLouoq795ypXikzbvoeBShZOftBmcnk
0KMidCiH9IQnvxaDV5pGaNKctAznDCWRXXm2k6oi7d+9AsnFeFa3r/J7+/IcqczE
Fwfk7y85hGyy7RzFg+ReiWJgP7YR2jVvFzMGQfD/0lE=
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:53:39 2024 by rpki-client on console-fra.rpki-client.org