Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/eiE0xaGTo24qOd9xM-RTt6aakrU.roa
File: eiE0xaGTo24qOd9xM-RTt6aakrU.roa (raw, json)
Hash identifier: locW64IpRkSqrPAy3f/imeaV2lKnR98MpFKQ/RXPDPY=
Subject key identifier: 7A:21:34:C5:A1:93:A3:6E:2A:39:DF:71:33:E4:53:B7:A6:9A:92:B5
Certificate issuer: /CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Certificate serial: 019295ABB7F8E69E74D385E428B7106BDAB5
Authority key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/eiE0xaGTo24qOd9xM-RTt6aakrU.roa
Signing time: Wed 16 Oct 2024 14:11:51 +0000
ROA not before: Wed 16 Oct 2024 14:11:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59711
IP address blocks: 5.149.248.0/23 maxlen: 23
5.149.254.0/23 maxlen: 23
77.83.196.0/24 maxlen: 24
77.83.197.0/24 maxlen: 24
77.83.198.0/24 maxlen: 24
79.141.164.0/23 maxlen: 23
79.141.174.0/23 maxlen: 23
85.158.108.0/24 maxlen: 24
89.150.40.0/24 maxlen: 24
89.150.48.0/24 maxlen: 24
89.150.57.0/24 maxlen: 24
91.193.18.0/24 maxlen: 24
185.40.86.0/24 maxlen: 24
185.80.52.0/23 maxlen: 23
185.80.54.0/23 maxlen: 23
185.81.114.0/23 maxlen: 23
185.81.114.0/24 maxlen: 24
185.81.115.0/24 maxlen: 24
185.104.192.0/24 maxlen: 24
185.104.193.0/24 maxlen: 24
185.104.194.0/24 maxlen: 24
185.117.88.0/23 maxlen: 23
185.117.90.0/23 maxlen: 23
185.123.102.0/24 maxlen: 24
185.174.133.0/24 maxlen: 24
185.174.135.0/24 maxlen: 24
185.235.137.0/24 maxlen: 24
185.235.138.0/24 maxlen: 24
193.42.36.0/24 maxlen: 24
193.42.39.0/24 maxlen: 24
195.95.155.0/24 maxlen: 24
2a01:8640::/48 maxlen: 48
2a01:8640:2::/48 maxlen: 48
2a01:8640:6::/48 maxlen: 48
2a01:8640:9::/48 maxlen: 48
2a01:8640:a::/48 maxlen: 48
2a01:8640:f::/48 maxlen: 48
2a01:8640:11::/48 maxlen: 48
2a01:8640:12::/48 maxlen: 48
2a01:8640:13::/48 maxlen: 48
2a01:8640:14::/48 maxlen: 48
2a01:8640:15::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:95:ab:b7:f8:e6:9e:74:d3:85:e4:28:b7:10:6b:da:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Validity
Not Before: Oct 16 14:11:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a2134c5a193a36e2a39df7133e453b7a69a92b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:51:e9:1f:56:71:dd:c4:4c:14:85:e7:93:91:
49:91:1f:bf:7d:bf:bd:08:71:a3:44:1a:55:28:ba:
0f:9d:00:de:4b:e4:3a:03:47:ba:83:c6:fe:74:bc:
52:da:ed:f9:64:46:78:4d:99:85:97:37:02:f6:10:
1f:af:ab:1e:e5:e6:5a:ef:c2:4e:a0:9c:32:35:94:
a5:08:58:b1:5c:4f:85:3c:31:42:41:05:68:93:df:
00:81:67:25:52:a6:4c:c8:43:35:7f:7c:57:5d:11:
eb:f4:87:7c:1c:43:2c:7c:72:08:de:58:fb:31:a6:
ef:6b:d4:09:8b:90:a1:ac:ff:26:51:50:8a:0f:4d:
39:9b:32:f1:1c:dc:84:e8:3b:c7:22:49:dd:bc:fc:
03:83:31:dd:e5:9b:de:a4:d5:c4:1b:c1:e6:52:99:
da:81:b3:b8:a8:21:1b:ad:6b:c2:75:e9:d0:12:de:
f7:80:10:06:e8:f8:b0:6c:4b:c2:a4:e0:7c:27:20:
80:3f:71:b8:7f:99:7c:1a:b8:5b:eb:fe:f6:be:35:
7d:90:ec:c9:a4:62:e6:2b:b0:b7:de:4f:16:c4:1c:
0d:7e:74:91:c1:94:0b:74:e1:a2:d1:70:7a:f8:77:
2d:1d:4d:02:fb:58:e6:06:6d:86:b9:0e:0c:89:0b:
ee:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:21:34:C5:A1:93:A3:6E:2A:39:DF:71:33:E4:53:B7:A6:9A:92:B5
X509v3 Authority Key Identifier:
keyid:69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/eiE0xaGTo24qOd9xM-RTt6aakrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.248.0/23
5.149.254.0/23
77.83.196.0-77.83.198.255
79.141.164.0/23
79.141.174.0/23
85.158.108.0/24
89.150.40.0/24
89.150.48.0/24
89.150.57.0/24
91.193.18.0/24
185.40.86.0/24
185.80.52.0/22
185.81.114.0/23
185.104.192.0-185.104.194.255
185.117.88.0/22
185.123.102.0/24
185.174.133.0/24
185.174.135.0/24
185.235.137.0-185.235.138.255
193.42.36.0/24
193.42.39.0/24
195.95.155.0/24
IPv6:
2a01:8640::/48
2a01:8640:2::/48
2a01:8640:6::/48
2a01:8640:9::-2a01:8640:a:ffff:ffff:ffff:ffff:ffff
2a01:8640:f::/48
2a01:8640:11::-2a01:8640:15:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2f:e8:54:28:bc:e9:69:90:0c:87:07:98:a2:69:0d:9e:d1:be:
5e:03:21:d2:14:fe:99:b2:5b:c5:3f:1f:41:66:3d:43:6e:c8:
fb:7d:66:21:bb:1b:e0:17:1e:7e:4f:61:4b:0a:37:8e:39:57:
0b:36:6b:7c:ac:65:5d:f4:b4:68:aa:9e:1b:1f:fb:e6:29:06:
a3:be:8a:c8:13:3a:08:bf:fb:9b:71:79:3a:9c:1c:dd:7f:86:
42:ca:62:7b:8f:0b:b6:10:c0:1d:9a:e4:09:f0:99:cc:b2:4f:
87:41:70:1b:aa:d5:03:df:d9:6c:8b:6c:84:97:f7:24:63:c9:
b4:f3:50:3b:7f:49:65:04:e6:34:99:06:d0:9b:44:ac:d3:36:
1f:4f:a9:81:ba:3d:3c:51:b0:38:83:4b:2c:02:df:f7:52:00:
a2:0a:30:9e:68:04:03:63:ad:59:46:06:ed:20:31:bc:3e:f6:
a2:2c:af:fc:6e:48:49:1c:f2:56:17:3e:39:65:10:ed:82:cd:
e2:1f:7e:34:38:5b:f8:c7:d8:2c:9f:66:50:46:65:52:d0:a2:
60:c9:7a:9a:5f:00:bf:f9:95:5a:ce:6b:92:34:13:60:32:53:
93:5b:e1:a6:ff:48:8b:ed:ba:6d:8b:d6:55:2a:6d:55:25:af:
77:af:c3:66
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAZKVq7f45p5004XkKLcQa9q1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTI0MmMzM2JjMmUyZTllNDU4NTBhMGZjNjRhYjJjNzUw
NmE0YjgwHhcNMjQxMDE2MTQxMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTIxMzRjNWExOTNhMzZlMmEzOWRmNzEzM2U0NTNiN2E2OWE5MmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FHpH1Zx3cRMFIXnk5FJkR+/fb+9
CHGjRBpVKLoPnQDeS+Q6A0e6g8b+dLxS2u35ZEZ4TZmFlzcC9hAfr6se5eZa78JO
oJwyNZSlCFixXE+FPDFCQQVok98AgWclUqZMyEM1f3xXXRHr9Id8HEMsfHII3lj7
Mabva9QJi5ChrP8mUVCKD005mzLxHNyE6DvHIkndvPwDgzHd5ZvepNXEG8HmUpna
gbO4qCEbrWvCdenQEt73gBAG6PiwbEvCpOB8JyCAP3G4f5l8Grhb6/72vjV9kOzJ
pGLmK7C33k8WxBwNfnSRwZQLdOGi0XB6+HctHU0C+1jmBm2GuQ4MiQvuaQIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFHohNMWhk6NuKjnfcTPkU7emmpK1MB8GA1UdIwQY
MBaAFGkSQsM7wuLp5FhQoPxkqyx1BqS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjkt
MzYyZmZlOGVlMjcwLzEvZWlFMHhhR1RvMjRxT2Q5eE0tUlR0NmFha3JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjktMzYyZmZlOGVlMjcw
LzEvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgaMEAgABMIGcAwQB
BZX4AwQBBZX+MAwDBAJNU8QDBABNU8YDBAFPjaQDBAFPja4DBABVnmwDBABZligD
BABZljADBABZljkDBABbwRIDBAC5KFYDBAK5UDQDBAG5UXIwDAMEBrlowAMEALlo
wgMEArl1WAMEALl7ZgMEALmuhQMEALmuhzAMAwQAueuJAwQAueuKAwQAwSokAwQA
wSonAwQAw1+bMFIEAgACMEwDBwAqAYZAAAADBwAqAYZAAAIDBwAqAYZAAAYwEgMH
ACoBhkAACQMHACoBhkAACgMHACoBhkAADzASAwcAKgGGQAARAwcBKgGGQAAUMA0G
CSqGSIb3DQEBCwUAA4IBAQAv6FQovOlpkAyHB5iiaQ2e0b5eAyHSFP6ZslvFPx9B
Zj1Dbsj7fWYhuxvgFx5+T2FLCjeOOVcLNmt8rGVd9LRoqp4bH/vmKQajvorIEzoI
v/ubcXk6nBzdf4ZCymJ7jwu2EMAdmuQJ8JnMsk+HQXAbqtUD39lsi2yEl/ckY8m0
81A7f0llBOY0mQbQm0Ss0zYfT6mBuj08UbA4g0ssAt/3UgCiCjCeaAQDY61ZRgbt
IDG8PvaiLK/8bkhJHPJWFz45ZRDtgs3iH340OFv4x9gsn2ZQRmVS0KJgyXqaXwC/
+ZVazmuSNBNgMlOTW+Gm/0iL7bpti9ZVKm1VJa93r8Nm
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:44:00 2024 by rpki-client on console-fra.rpki-client.org