Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/K9EHDvfwhm1lmrm-XIUA5Mq5CTI.roa
File: K9EHDvfwhm1lmrm-XIUA5Mq5CTI.roa (raw, json)
Hash identifier: Ao8eyF04D5EXWh3sKrUgQUNXeOF5U1M2+kupRIfLxGY=
Subject key identifier: 2B:D1:07:0E:F7:F0:86:6D:65:9A:B9:BE:5C:85:00:E4:CA:B9:09:32
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01922EED7E8EBC389838FD055C88D762EC32
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/K9EHDvfwhm1lmrm-XIUA5Mq5CTI.roa
Signing time: Thu 26 Sep 2024 15:22:49 +0000
ROA not before: Thu 26 Sep 2024 15:22:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 5.252.118.0/24 maxlen: 24
45.138.74.0/24 maxlen: 24
45.142.122.0/24 maxlen: 24
91.103.252.0/23 maxlen: 23
94.142.138.0/24 maxlen: 24
185.17.0.0/24 maxlen: 24
185.106.93.0/24 maxlen: 24
185.106.94.0/24 maxlen: 24
185.112.83.0/24 maxlen: 24
185.125.230.0/24 maxlen: 24
185.128.104.0/24 maxlen: 24
185.174.136.0/24 maxlen: 24
185.174.137.0/24 maxlen: 24
185.217.197.0/24 maxlen: 24
185.229.65.0/24 maxlen: 24
185.229.66.0/24 maxlen: 24
194.67.201.0/24 maxlen: 24
2a0e:d602::/48 maxlen: 48
2a0e:d602:1::/48 maxlen: 48
2a0e:d602:2::/48 maxlen: 48
2a0e:d602:3::/48 maxlen: 48
2a0e:d606::/48 maxlen: 48
2a0e:d607::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2e:ed:7e:8e:bc:38:98:38:fd:05:5c:88:d7:62:ec:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 26 15:22:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bd1070ef7f0866d659ab9be5c8500e4cab90932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c6:68:47:f5:4a:36:56:d4:c9:97:ff:8e:da:
b1:c9:06:ed:18:06:3d:c8:7b:91:51:e4:1b:ae:a8:
4d:ff:5b:6f:3c:55:24:6b:ad:3f:38:c0:8e:78:fa:
3e:8a:32:33:4c:43:f8:cd:5b:c4:0d:cb:40:38:97:
e7:81:86:2d:7b:a6:d9:ba:2d:f8:dc:e6:79:55:a2:
2c:53:5c:71:4c:e5:d9:68:d4:02:a0:7b:fc:be:cb:
6b:ec:41:c0:d9:de:ce:ee:1a:bb:12:6e:dd:81:90:
2e:f4:57:94:1a:cc:02:9e:2d:c0:e7:4c:4f:50:73:
f9:2f:bd:10:d4:07:a8:19:38:2e:4e:6a:8e:03:f4:
40:ff:59:3f:c3:a1:c4:9b:9c:7e:3d:01:89:6b:f0:
f9:97:8c:ef:ca:1e:fb:b6:b9:7d:47:ce:ae:1b:67:
2f:67:95:f7:1b:c6:1e:5f:d6:6e:fd:d3:6f:8b:74:
6c:7a:1b:df:d1:ce:65:a3:91:c6:7e:ce:7f:58:ee:
40:d0:0e:82:ff:0d:61:19:ba:fd:6c:a4:94:4c:11:
7c:14:d2:b9:2f:d0:14:d9:a5:a5:ff:6d:1b:07:76:
9a:18:9a:05:68:98:dd:e7:f3:8a:cf:de:c9:79:a6:
af:ec:90:95:e7:8d:e6:a7:65:94:ba:8e:ce:7b:b5:
6d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D1:07:0E:F7:F0:86:6D:65:9A:B9:BE:5C:85:00:E4:CA:B9:09:32
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/K9EHDvfwhm1lmrm-XIUA5Mq5CTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.118.0/24
45.138.74.0/24
45.142.122.0/24
91.103.252.0/23
94.142.138.0/24
185.17.0.0/24
185.106.93.0-185.106.94.255
185.112.83.0/24
185.125.230.0/24
185.128.104.0/24
185.174.136.0/23
185.217.197.0/24
185.229.65.0-185.229.66.255
194.67.201.0/24
IPv6:
2a0e:d602::/46
2a0e:d606::/48
2a0e:d607::/48
Signature Algorithm: sha256WithRSAEncryption
17:b7:1f:b8:b3:90:59:d3:c8:14:b4:1e:4e:86:05:27:cc:98:
f6:c9:5d:51:de:34:82:86:37:11:ca:78:81:ac:cd:50:49:22:
e9:cc:dc:d4:8f:c3:e2:82:27:9a:61:88:ca:e8:cf:c9:93:c9:
bd:93:19:ea:5b:1f:82:6d:ce:8a:59:19:c8:79:a8:c8:7c:d8:
c5:ff:92:dc:59:36:da:61:dd:81:45:52:3d:ff:e2:81:63:e0:
be:49:aa:9e:73:5a:08:69:c6:0e:8c:0d:80:11:9d:98:b8:f7:
36:1e:f3:e3:b4:d2:cf:c9:87:38:90:50:54:d3:39:e7:b1:78:
50:6d:7c:f8:3a:79:a3:0b:c9:33:7a:90:ac:4f:70:51:7a:15:
4a:26:63:8d:83:16:1d:37:66:4c:ce:29:78:11:e2:12:fb:10:
87:81:6f:80:a0:28:89:1a:d0:07:de:75:d0:3f:a2:9e:c8:a6:
4b:ba:6d:97:50:e5:6f:f8:d1:55:a5:7e:0d:17:a8:ab:64:2c:
96:12:82:bc:53:52:33:f8:7b:db:bb:8f:4d:7f:f4:55:81:c3:
2b:14:7a:de:d9:5d:a6:84:6b:4a:59:4a:d7:a9:41:2d:5a:5d:
0c:a0:dc:82:db:02:a9:5c:a1:43:a5:eb:59:68:47:81:52:f2:
53:c6:51:7f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAZIu7X6OvDiYOP0FXIjXYuwyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwOTI2MTUyMjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQxMDcwZWY3ZjA4NjZkNjU5YWI5YmU1Yzg1MDBlNGNhYjkwOTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcZoR/VKNlbUyZf/jtqxyQbtGAY9
yHuRUeQbrqhN/1tvPFUka60/OMCOePo+ijIzTEP4zVvEDctAOJfngYYte6bZui34
3OZ5VaIsU1xxTOXZaNQCoHv8vstr7EHA2d7O7hq7Em7dgZAu9FeUGswCni3A50xP
UHP5L70Q1AeoGTguTmqOA/RA/1k/w6HEm5x+PQGJa/D5l4zvyh77trl9R86uG2cv
Z5X3G8YeX9Zu/dNvi3Rsehvf0c5lo5HGfs5/WO5A0A6C/w1hGbr9bKSUTBF8FNK5
L9AU2aWl/20bB3aaGJoFaJjd5/OKz97Jeaav7JCV543mp2WUuo7Oe7VtHwIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFCvRBw738IZtZZq5vlyFAOTKuQkyMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvSzlFSER2ZndobTFsbXJtLVhJVUE1TXE1Q1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzBqBAIAATBkAwQABfx2
AwQALYpKAwQALY56AwQBW2f8AwQAXo6KAwQAuREAMAwDBAC5al0DBAC5al4DBAC5
cFMDBAC5feYDBAC5gGgDBAG5rogDBAC52cUwDAMEALnlQQMEALnlQgMEAMJDyTAh
BAIAAjAbAwcCKg7WAgAAAwcAKg7WBgAAAwcAKg7WBwAAMA0GCSqGSIb3DQEBCwUA
A4IBAQAXtx+4s5BZ08gUtB5OhgUnzJj2yV1R3jSChjcRyniBrM1QSSLpzNzUj8Pi
gieaYYjK6M/Jk8m9kxnqWx+Cbc6KWRnIeajIfNjF/5LcWTbaYd2BRVI9/+KBY+C+
Saqec1oIacYOjA2AEZ2YuPc2HvPjtNLPyYc4kFBU0znnsXhQbXz4OnmjC8kzepCs
T3BRehVKJmONgxYdN2ZMzil4EeIS+xCHgW+AoCiJGtAH3nXQP6KeyKZLum2XUOVv
+NFVpX4NF6irZCyWEoK8U1Iz+Hvbu49Nf/RVgcMrFHre2V2mhGtKWUrXqUEtWl0M
oNyC2wKpXKFDpetZaEeBUvJTxlF/
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:30:11 2024 by rpki-client on console-ams.rpki-client.org