Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/hXsDiMJarKRuuZwHYC5DCR50M6c.roa
File: hXsDiMJarKRuuZwHYC5DCR50M6c.roa (raw, json)
Hash identifier: 7PL1fLBFzvqnu4tcL1fD66tnRi5fqJohBgQamARqgMs=
Subject key identifier: 85:7B:03:88:C2:5A:AC:A4:6E:B9:9C:07:60:2E:43:09:1E:74:33:A7
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019156A290187BFB87F517EF35AC69595872
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/hXsDiMJarKRuuZwHYC5DCR50M6c.roa
Signing time: Thu 15 Aug 2024 15:22:59 +0000
ROA not before: Thu 15 Aug 2024 15:22:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50113
IP address blocks: 5.180.136.0/24 maxlen: 24
5.180.136.76/32 maxlen: 32
5.180.136.221/32 maxlen: 32
5.180.137.0/24 maxlen: 24
5.252.116.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
45.89.64.0/24 maxlen: 24
91.217.77.0/24 maxlen: 24
147.78.66.7/32 maxlen: 32
185.17.3.102/32 maxlen: 32
185.104.248.0/24 maxlen: 24
185.139.68.28/32 maxlen: 32
185.139.70.116/32 maxlen: 32
185.172.130.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
185.174.139.0/24 maxlen: 24
185.180.230.0/24 maxlen: 24
185.180.231.87/32 maxlen: 32
185.188.180.0/24 maxlen: 24
185.189.12.0/22 maxlen: 22
185.189.12.0/24 maxlen: 24
185.189.13.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
185.244.174.0/24 maxlen: 24
192.162.100.0/22 maxlen: 22
192.162.100.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
192.162.102.0/24 maxlen: 24
192.162.103.0/24 maxlen: 24
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
193.0.203.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
194.53.52.0/24 maxlen: 24
194.63.140.0/22 maxlen: 22
194.63.140.0/23 maxlen: 23
194.63.140.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.142.0/23 maxlen: 23
194.63.142.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.67.196.127/32 maxlen: 32
194.67.198.7/32 maxlen: 32
194.67.198.108/32 maxlen: 32
194.67.203.54/32 maxlen: 32
194.67.208.6/32 maxlen: 32
194.67.208.12/32 maxlen: 32
194.67.208.48/32 maxlen: 32
213.108.197.0/24 maxlen: 24
2a04:5200::/29 maxlen: 29
2a04:5200::/32 maxlen: 32
2a04:5200::/48 maxlen: 48
2a04:5200:1::/48 maxlen: 48
2a04:5200:a::/48 maxlen: 48
2a04:5200:ff00::/48 maxlen: 48
2a04:5200:ff10::/48 maxlen: 48
2a04:5200:fff1::/48 maxlen: 48
2a04:5200:fff2::/48 maxlen: 48
2a04:5200:fff3::/48 maxlen: 48
2a04:5200:fff4::/48 maxlen: 48
2a04:5200:fff5::/48 maxlen: 48
2a04:5200:fff6::/48 maxlen: 48
2a04:5200:fff7::/48 maxlen: 48
2a04:5200:fff8::/48 maxlen: 48
2a04:5200:fff9::/48 maxlen: 48
2a04:5200:ffff::/48 maxlen: 48
2a04:5202::/32 maxlen: 32
2a04:5203::/32 maxlen: 32
2a04:5204::/32 maxlen: 32
2a04:5205::/32 maxlen: 32
2a04:5206::/32 maxlen: 32
2a04:5207::/32 maxlen: 32
2a09:5303::/32 maxlen: 32
2a0a:9300::/32 maxlen: 32
2a0a:9300::/48 maxlen: 48
2a0a:9300:aaaa::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:56:a2:90:18:7b:fb:87:f5:17:ef:35:ac:69:59:58:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Aug 15 15:22:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=857b0388c25aaca46eb99c07602e43091e7433a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:50:06:57:de:32:b4:15:9c:b6:a5:7c:19:38:
e3:17:57:e9:c1:b6:26:d2:63:a5:e2:bc:26:49:42:
d9:3c:a1:32:9a:6c:27:a8:a3:f3:44:09:78:04:b5:
2a:c6:fb:b4:08:cd:22:56:5d:a8:4a:8c:cb:85:d3:
23:23:53:d6:d6:a1:24:e0:dd:71:e5:37:f3:ad:22:
94:8d:5e:04:55:ca:fa:d7:dd:9f:de:5c:75:b2:75:
2a:2b:2f:9a:74:8d:92:01:8c:19:35:b8:5e:5d:c7:
f4:0e:c9:c4:a1:a8:f6:50:b4:cf:d8:74:da:7c:2e:
2d:08:1d:04:b5:d5:63:55:a6:05:c5:8c:c2:7c:12:
b8:ae:47:ea:58:6d:56:7a:c8:a7:7d:74:3b:2c:27:
70:b2:f5:59:30:1e:0f:2e:eb:6a:d4:dd:53:4f:ed:
58:87:c1:1d:4b:be:4e:f2:6d:bd:3b:9b:b7:3f:0c:
7c:19:e2:11:1c:d5:cd:ff:79:4e:9f:dd:d5:69:4e:
78:e8:7e:59:81:f1:3c:c0:7d:b0:ff:b0:a6:77:18:
17:1b:7c:90:97:8b:fe:b8:9e:a3:36:9b:ad:20:5a:
3c:d9:b7:48:06:83:59:7a:95:6e:ac:7f:7b:f6:27:
0e:e5:28:62:bc:fc:c9:74:14:3b:61:80:99:a2:f8:
0d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:7B:03:88:C2:5A:AC:A4:6E:B9:9C:07:60:2E:43:09:1E:74:33:A7
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/hXsDiMJarKRuuZwHYC5DCR50M6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/23
5.252.116.0/24
45.8.211.0/24
45.89.64.0/24
91.217.77.0/24
147.78.66.7/32
185.17.3.102/32
185.104.248.0/24
185.139.68.28/32
185.139.70.116/32
185.172.130.0/23
185.174.139.0/24
185.180.230.0/24
185.180.231.87/32
185.188.180.0/24
185.189.12.0/22
185.244.174.0/24
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.53.52.0/24
194.63.140.0/22
194.67.196.127/32
194.67.198.7/32
194.67.198.108/32
194.67.203.54/32
194.67.208.6/32
194.67.208.12/32
194.67.208.48/32
213.108.197.0/24
IPv6:
2a04:5200::/29
2a09:5303::/32
2a0a:9300::/32
Signature Algorithm: sha256WithRSAEncryption
4f:21:53:fc:25:c6:49:54:48:48:fb:bf:74:ca:75:e4:b0:04:
17:5c:2d:a2:e2:5d:fc:9d:a2:35:40:25:24:cf:f4:87:3f:fe:
a8:1e:d2:f8:2a:e7:48:0e:cb:f3:18:6f:bc:51:37:f7:e5:86:
45:69:d1:3c:35:ff:f1:42:92:d5:7a:18:e6:59:a1:5d:f3:68:
2b:28:97:b9:b5:49:46:64:40:00:35:e1:7d:36:a0:57:76:d2:
bf:90:a2:45:97:de:c0:82:ad:07:2e:e1:aa:4d:1f:05:0d:02:
8c:b6:6c:ab:04:0f:3f:c9:f4:32:72:f1:f4:b7:50:f4:bd:eb:
32:b5:3b:be:8d:32:06:a8:a6:79:57:3e:82:ed:6a:49:a8:0f:
4b:e2:6b:f5:d9:56:ce:e4:79:90:a5:27:f1:1e:6a:50:6e:27:
0f:61:94:b4:29:82:a7:01:9d:f6:a8:9b:b9:4d:25:74:e6:f1:
76:d5:56:ab:82:3d:d4:bd:39:55:f8:fe:2e:48:e1:02:34:af:
97:06:98:ac:3e:b6:6f:52:7b:0b:01:77:65:c3:73:45:8d:00:
95:d1:70:de:30:bf:19:e4:96:8b:f9:07:73:65:86:43:0b:d0:
63:3e:34:d9:5e:39:b5:6a:54:4a:45:e9:b4:6e:8a:14:95:12:
aa:2a:68:b4
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgISAZFWopAYe/uH9RfvNaxpWVhyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwODE1MTUyMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTdiMDM4OGMyNWFhY2E0NmViOTljMDc2MDJlNDMwOTFlNzQzM2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01AGV94ytBWctqV8GTjjF1fpwbYm
0mOl4rwmSULZPKEymmwnqKPzRAl4BLUqxvu0CM0iVl2oSozLhdMjI1PW1qEk4N1x
5TfzrSKUjV4EVcr6192f3lx1snUqKy+adI2SAYwZNbheXcf0DsnEoaj2ULTP2HTa
fC4tCB0EtdVjVaYFxYzCfBK4rkfqWG1WesinfXQ7LCdwsvVZMB4PLutq1N1TT+1Y
h8EdS75O8m29O5u3Pwx8GeIRHNXN/3lOn93VaU546H5ZgfE8wH2w/7CmdxgXG3yQ
l4v+uJ6jNputIFo82bdIBoNZepVurH979icO5ShivPzJdBQ7YYCZovgNzwIDAQAB
o4IC7DCCAugwHQYDVR0OBBYEFIV7A4jCWqykbrmcB2AuQwkedDOnMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvaFhzRGlNSmFyS1J1dVp3SFlDNURDUjUwTTZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAAYIKwYBBQUHAQcBAf8EgfAwge0wgc0EAgABMIHGAwQB
BbSIAwQABfx0AwQALQjTAwQALVlAAwQAW9lNAwUAk05CBwMFALkRA2YDBAC5aPgD
BQC5i0QcAwUAuYtGdAMEAbmsggMEALmuiwMEALm05gMFALm051cDBAC5vLQDBAK5
vQwDBAC59K4DBALAomQDBADBAMgDBAHBAMoDBADBqOIDBADCNTQDBALCP4wDBQDC
Q8R/AwUAwkPGBwMFAMJDxmwDBQDCQ8s2AwUAwkPQBgMFAMJD0AwDBQDCQ9AwAwQA
1WzFMBsEAgACMBUDBQMqBFIAAwUAKglTAwMFACoKkwAwDQYJKoZIhvcNAQELBQAD
ggEBAE8hU/wlxklUSEj7v3TKdeSwBBdcLaLiXfydojVAJSTP9Ic//qge0vgq50gO
y/MYb7xRN/flhkVp0Tw1//FCktV6GOZZoV3zaCsol7m1SUZkQAA14X02oFd20r+Q
okWX3sCCrQcu4apNHwUNAoy2bKsEDz/J9DJy8fS3UPS96zK1O76NMgaopnlXPoLt
akmoD0via/XZVs7keZClJ/EealBuJw9hlLQpgqcBnfaom7lNJXTm8XbVVquCPdS9
OVX4/i5I4QI0r5cGmKw+tm9SewsBd2XDc0WNAJXRcN4wvxnklov5B3NlhkML0GM+
NNleObVqVEpF6bRuihSVEqoqaLQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:08:52 2024 by rpki-client on console-fra.rpki-client.org