Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/AP1cWs0NW6ONhMUXQGp-Ssl97F4.roa
File: AP1cWs0NW6ONhMUXQGp-Ssl97F4.roa (raw, json)
Hash identifier: qtHrqLvi7BlsuklQuW1UprTel3AyT9jBzPrBIo+8No4=
Subject key identifier: 00:FD:5C:5A:CD:0D:5B:A3:8D:84:C5:17:40:6A:7E:4A:C9:7D:EC:5E
Certificate issuer: /CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Certificate serial: 018E8618A1B256A1370C9C44406D725065A6
Authority key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/AP1cWs0NW6ONhMUXQGp-Ssl97F4.roa
Signing time: Thu 28 Mar 2024 17:25:44 +0000
ROA not before: Thu 28 Mar 2024 17:25:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59711
IP address blocks: 5.149.248.0/23 maxlen: 23
5.149.254.0/23 maxlen: 23
77.83.196.0/24 maxlen: 24
77.83.197.0/24 maxlen: 24
77.83.198.0/24 maxlen: 24
79.141.164.0/23 maxlen: 23
79.141.172.0/24 maxlen: 24
79.141.174.0/23 maxlen: 23
89.150.57.0/24 maxlen: 24
91.193.18.0/24 maxlen: 24
185.40.86.0/24 maxlen: 24
185.80.52.0/23 maxlen: 23
185.80.54.0/23 maxlen: 23
185.81.114.0/23 maxlen: 23
185.81.114.0/24 maxlen: 24
185.81.115.0/24 maxlen: 24
185.104.192.0/24 maxlen: 24
185.104.193.0/24 maxlen: 24
185.104.194.0/24 maxlen: 24
185.117.88.0/23 maxlen: 23
185.117.90.0/23 maxlen: 23
185.123.102.0/24 maxlen: 24
185.174.133.0/24 maxlen: 24
185.174.135.0/24 maxlen: 24
185.235.137.0/24 maxlen: 24
185.235.138.0/24 maxlen: 24
193.42.36.0/24 maxlen: 24
193.42.39.0/24 maxlen: 24
195.95.155.0/24 maxlen: 24
2a01:8640::/48 maxlen: 48
2a01:8640:2::/48 maxlen: 48
2a01:8640:6::/48 maxlen: 48
2a01:8640:9::/48 maxlen: 48
2a01:8640:a::/48 maxlen: 48
2a01:8640:f::/48 maxlen: 48
2a01:8640:11::/48 maxlen: 48
2a01:8640:12::/48 maxlen: 48
2a01:8640:13::/48 maxlen: 48
2a01:8640:14::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:86:18:a1:b2:56:a1:37:0c:9c:44:40:6d:72:50:65:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Validity
Not Before: Mar 28 17:25:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00fd5c5acd0d5ba38d84c517406a7e4ac97dec5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fe:f2:69:40:34:7e:e6:4b:b7:7e:a6:07:d1:
59:43:44:42:c7:ee:88:b1:64:77:5a:7f:e6:5b:6b:
eb:37:a6:69:e1:d9:0a:63:06:a6:b9:4c:b8:c1:57:
b7:37:b1:f9:d8:71:2f:48:78:21:c1:79:17:e3:b0:
e1:e0:fd:80:29:75:b9:61:14:c4:e5:99:8a:20:dc:
fd:05:18:51:bb:f3:e9:7a:e2:5e:e1:ef:5f:5b:e4:
46:04:8b:a3:d8:60:a8:0a:49:3d:27:6e:21:21:91:
5b:de:85:f6:0c:60:e8:4e:c3:36:ba:70:e8:17:80:
f5:63:08:17:91:33:1b:21:20:b8:6a:0a:e3:1b:2e:
db:e2:76:86:90:0d:fa:b5:7c:9e:ab:9d:1b:d3:1f:
d8:c1:aa:a9:8b:87:bd:21:5a:61:8f:fa:e7:c9:01:
86:90:ed:d2:4e:ff:93:7b:43:5d:89:19:27:e1:ca:
3b:8e:08:83:2f:93:d9:c8:6a:a9:dd:6f:85:22:84:
97:ec:9e:50:b7:b2:a7:77:dd:2e:b9:5b:95:13:cb:
48:09:a1:a0:17:22:2e:58:c0:41:a7:02:2d:e7:79:
3d:96:87:b9:d9:a0:63:a2:e4:ef:20:d1:af:41:77:
26:c7:2c:fe:e8:2b:00:50:27:40:75:37:51:65:f4:
be:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:FD:5C:5A:CD:0D:5B:A3:8D:84:C5:17:40:6A:7E:4A:C9:7D:EC:5E
X509v3 Authority Key Identifier:
keyid:69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/AP1cWs0NW6ONhMUXQGp-Ssl97F4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.248.0/23
5.149.254.0/23
77.83.196.0-77.83.198.255
79.141.164.0/23
79.141.172.0/24
79.141.174.0/23
89.150.57.0/24
91.193.18.0/24
185.40.86.0/24
185.80.52.0/22
185.81.114.0/23
185.104.192.0-185.104.194.255
185.117.88.0/22
185.123.102.0/24
185.174.133.0/24
185.174.135.0/24
185.235.137.0-185.235.138.255
193.42.36.0/24
193.42.39.0/24
195.95.155.0/24
IPv6:
2a01:8640::/48
2a01:8640:2::/48
2a01:8640:6::/48
2a01:8640:9::-2a01:8640:a:ffff:ffff:ffff:ffff:ffff
2a01:8640:f::/48
2a01:8640:11::-2a01:8640:14:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9d:fe:c4:29:26:db:98:83:fa:f6:29:aa:c2:76:99:d7:5f:81:
0c:9f:d1:30:de:b5:61:9e:67:a6:09:0f:87:c7:0d:37:42:1a:
7d:09:1d:1a:0e:7b:3f:e2:48:62:19:ad:26:06:f7:f4:1a:68:
c6:df:f1:e7:d5:62:6b:9f:0e:f1:40:68:b9:b7:e3:75:08:f0:
e1:7a:cd:4c:e3:08:b4:3a:ac:70:44:03:20:3b:61:22:10:35:
06:7b:41:7c:bc:2d:09:96:e7:61:82:87:76:22:15:63:8a:1f:
f4:3d:75:d0:76:34:43:a8:74:93:c1:b1:bf:9a:bc:2a:ee:91:
2c:35:6d:35:ac:0b:21:fa:1f:d5:a3:b1:f9:a5:9a:e0:29:13:
11:68:40:1f:f3:0e:bb:92:47:65:e2:e9:a8:f6:91:0b:76:3b:
a7:fc:a6:33:c5:69:a0:d3:92:7b:1f:d3:c1:92:2c:78:59:e5:
62:5d:50:e8:57:b5:55:da:ff:67:76:1a:4b:1b:65:d6:6d:a5:
bf:cb:67:c3:4c:7b:9d:d5:b9:63:af:f9:e1:48:98:67:3f:4b:
87:a9:4c:3d:8d:21:72:c6:c5:26:e4:31:6a:64:7a:a7:2d:a5:
6d:70:78:19:27:b7:15:2c:fe:b2:ef:0f:dd:44:5e:bd:0d:4b:
9f:03:1b:fe
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAY6GGKGyVqE3DJxEQG1yUGWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTI0MmMzM2JjMmUyZTllNDU4NTBhMGZjNjRhYjJjNzUw
NmE0YjgwHhcNMjQwMzI4MTcyNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGZkNWM1YWNkMGQ1YmEzOGQ4NGM1MTc0MDZhN2U0YWM5N2RlYzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP7yaUA0fuZLt36mB9FZQ0RCx+6I
sWR3Wn/mW2vrN6Zp4dkKYwamuUy4wVe3N7H52HEvSHghwXkX47Dh4P2AKXW5YRTE
5ZmKINz9BRhRu/PpeuJe4e9fW+RGBIuj2GCoCkk9J24hIZFb3oX2DGDoTsM2unDo
F4D1YwgXkTMbISC4agrjGy7b4naGkA36tXyeq50b0x/Ywaqpi4e9IVphj/rnyQGG
kO3STv+Te0NdiRkn4co7jgiDL5PZyGqp3W+FIoSX7J5Qt7Knd90uuVuVE8tICaGg
FyIuWMBBpwIt53k9loe52aBjouTvINGvQXcmxyz+6CsAUCdAdTdRZfS+cQIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFAD9XFrNDVujjYTFF0BqfkrJfexeMB8GA1UdIwQY
MBaAFGkSQsM7wuLp5FhQoPxkqyx1BqS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjkt
MzYyZmZlOGVlMjcwLzEvQVAxY1dzME5XNk9OaE1VWFFHcC1Tc2w5N0Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjktMzYyZmZlOGVlMjcw
LzEvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgZcEAgABMIGQAwQB
BZX4AwQBBZX+MAwDBAJNU8QDBABNU8YDBAFPjaQDBABPjawDBAFPja4DBABZljkD
BABbwRIDBAC5KFYDBAK5UDQDBAG5UXIwDAMEBrlowAMEALlowgMEArl1WAMEALl7
ZgMEALmuhQMEALmuhzAMAwQAueuJAwQAueuKAwQAwSokAwQAwSonAwQAw1+bMFIE
AgACMEwDBwAqAYZAAAADBwAqAYZAAAIDBwAqAYZAAAYwEgMHACoBhkAACQMHACoB
hkAACgMHACoBhkAADzASAwcAKgGGQAARAwcAKgGGQAAUMA0GCSqGSIb3DQEBCwUA
A4IBAQCd/sQpJtuYg/r2KarCdpnXX4EMn9Ew3rVhnmemCQ+Hxw03Qhp9CR0aDns/
4khiGa0mBvf0GmjG3/Hn1WJrnw7xQGi5t+N1CPDhes1M4wi0OqxwRAMgO2EiEDUG
e0F8vC0Jludhgod2IhVjih/0PXXQdjRDqHSTwbG/mrwq7pEsNW01rAsh+h/Vo7H5
pZrgKRMRaEAf8w67kkdl4umo9pELdjun/KYzxWmg05J7H9PBkix4WeViXVDoV7VV
2v9ndhpLG2XWbaW/y2fDTHud1bljr/nhSJhnP0uHqUw9jSFyxsUm5DFqZHqnLaVt
cHgZJ7cVLP6y7w/dRF69DUufAxv+
-----END CERTIFICATE-----
Generated at Sun Jun 2 08:37:56 2024 by rpki-client on console-fra.rpki-client.org