Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/cf24bd-c15b-484c-9732-04b3813f3b3d/1/0nylaM8J0QXK7fTNEdfUPXMzj8A.roa
File: 0nylaM8J0QXK7fTNEdfUPXMzj8A.roa (raw, json)
Hash identifier: PotN2190EGqk08V9dhrk3XEkdwN9VxNSbk56eNew23A=
Subject key identifier: D2:7C:A5:68:CF:09:D1:05:CA:ED:F4:CD:11:D7:D4:3D:73:33:8F:C0
Certificate issuer: /CN=7a05ea59805f94be185282039bbae2fa8a9253f5
Certificate serial: 018CC6B7D58AB19B5FED1875D90FB0754FDE
Authority key identifier: 7A:05:EA:59:80:5F:94:BE:18:52:82:03:9B:BA:E2:FA:8A:92:53:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/egXqWYBflL4YUoIDm7ri-oqSU_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/cf24bd-c15b-484c-9732-04b3813f3b3d/1/0nylaM8J0QXK7fTNEdfUPXMzj8A.roa
Signing time: Mon 01 Jan 2024 20:29:45 +0000
ROA not before: Mon 01 Jan 2024 20:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50316
IP address blocks: 185.142.122.0/23 maxlen: 24
185.43.164.0/22 maxlen: 24
185.121.32.0/22 maxlen: 24
46.234.198.240/30 maxlen: 30
185.245.120.0/22 maxlen: 24
45.147.236.0/22 maxlen: 24
193.38.132.0/22 maxlen: 24
185.219.44.0/22 maxlen: 24
185.158.140.0/22 maxlen: 24
185.193.252.0/22 maxlen: 24
45.135.24.0/22 maxlen: 24
185.219.45.64/30 maxlen: 30
185.96.96.0/22 maxlen: 24
193.5.31.0/24 maxlen: 24
213.187.0.0/19 maxlen: 24
193.47.52.0/22 maxlen: 24
193.5.41.0/24 maxlen: 24
193.5.39.0/24 maxlen: 24
185.74.188.0/22 maxlen: 24
185.10.188.0/22 maxlen: 24
46.234.192.0/19 maxlen: 24
195.184.74.0/24 maxlen: 24
193.5.120.0/24 maxlen: 24
185.157.24.0/22 maxlen: 24
193.3.245.0/24 maxlen: 24
2a01:6d60::/29 maxlen: 56
2a06:9c80::/29 maxlen: 56
2a0a:c180::/29 maxlen: 56
2a05:4a00::/29 maxlen: 56
2a0b:e040::/29 maxlen: 56
2a0a:41c0::/29 maxlen: 56
2a0d:5780::/29 maxlen: 56
2a07:a2c0::/29 maxlen: 56
2a07:adc0::/29 maxlen: 56
2a00:1f48::/29 maxlen: 56
2a0d:e540::/29 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/cf24bd-c15b-484c-9732-04b3813f3b3d/1/egXqWYBflL4YUoIDm7ri-oqSU_U.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/cf24bd-c15b-484c-9732-04b3813f3b3d/1/egXqWYBflL4YUoIDm7ri-oqSU_U.mft
rsync://rpki.ripe.net/repository/DEFAULT/egXqWYBflL4YUoIDm7ri-oqSU_U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:d5:8a:b1:9b:5f:ed:18:75:d9:0f:b0:75:4f:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a05ea59805f94be185282039bbae2fa8a9253f5
Validity
Not Before: Jan 1 20:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d27ca568cf09d105caedf4cd11d7d43d73338fc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:52:76:67:0b:21:2b:e6:10:76:9f:c1:ab:45:
02:ea:0a:e2:64:ce:c5:a4:cd:09:82:4a:83:c5:03:
c4:41:cf:9d:40:a3:4c:0e:59:f7:1f:91:bb:6e:88:
0d:65:c2:af:e9:83:80:96:d7:ff:fd:e5:ea:c2:92:
dc:07:6a:2e:c6:9a:fe:bd:3d:21:5e:d2:35:35:6f:
ab:08:b7:3f:a6:f8:af:3e:85:1b:2a:f9:b5:f5:fe:
e3:e0:29:42:0b:5f:d5:db:cf:19:ef:8b:b5:06:46:
80:91:20:34:8c:67:fa:e4:58:9d:d3:fd:4f:9c:0c:
a1:b6:5c:7a:75:9a:12:e1:0f:76:30:cc:52:30:14:
8b:38:6d:e8:39:a2:d7:a0:19:8a:8c:4c:bc:73:3a:
af:e3:07:7c:ba:0b:f2:18:2e:77:8b:54:82:67:07:
62:2d:5d:dc:c3:ef:d8:59:ab:fd:b9:69:1c:6c:af:
db:5e:36:7b:f4:59:d7:c7:64:25:2c:5f:10:b6:ce:
68:5d:b2:2d:fa:6b:08:b4:fa:d0:ce:14:b7:d3:b3:
1e:93:3b:3c:15:4c:c3:09:64:c1:55:70:6a:48:30:
b2:88:c8:8a:5d:e8:9c:3e:5b:d4:2f:9f:20:a1:ac:
e4:24:50:34:78:96:77:bb:0c:55:1c:99:64:8f:0c:
77:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:7C:A5:68:CF:09:D1:05:CA:ED:F4:CD:11:D7:D4:3D:73:33:8F:C0
X509v3 Authority Key Identifier:
keyid:7A:05:EA:59:80:5F:94:BE:18:52:82:03:9B:BA:E2:FA:8A:92:53:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egXqWYBflL4YUoIDm7ri-oqSU_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/cf24bd-c15b-484c-9732-04b3813f3b3d/1/0nylaM8J0QXK7fTNEdfUPXMzj8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/cf24bd-c15b-484c-9732-04b3813f3b3d/1/egXqWYBflL4YUoIDm7ri-oqSU_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.24.0/22
45.147.236.0/22
46.234.192.0/19
185.10.188.0/22
185.43.164.0/22
185.74.188.0/22
185.96.96.0/22
185.121.32.0/22
185.142.122.0/23
185.157.24.0/22
185.158.140.0/22
185.193.252.0/22
185.219.44.0/22
185.245.120.0/22
193.3.245.0/24
193.5.31.0/24
193.5.39.0/24
193.5.41.0/24
193.5.120.0/24
193.38.132.0/22
193.47.52.0/22
195.184.74.0/24
213.187.0.0/19
IPv6:
2a00:1f48::/29
2a01:6d60::/29
2a05:4a00::/29
2a06:9c80::/29
2a07:a2c0::/29
2a07:adc0::/29
2a0a:41c0::/29
2a0a:c180::/29
2a0b:e040::/29
2a0d:5780::/29
2a0d:e540::/29
Signature Algorithm: sha256WithRSAEncryption
7c:63:c3:15:1b:75:30:f3:37:a5:76:f0:fc:1b:13:b9:d8:32:
3e:82:13:ee:27:3d:ea:69:7d:e5:3a:94:b7:36:c8:bd:03:44:
40:d8:21:d5:36:13:c1:b6:60:c4:c1:5f:bd:cc:35:45:64:7a:
80:53:eb:ca:8f:a2:1e:b0:aa:ff:2a:81:e2:e7:03:ef:dd:4a:
a7:27:52:4b:b0:2d:7f:10:14:d1:46:66:f9:9e:36:6d:c1:1f:
bc:b1:b0:2e:b4:94:7e:a9:50:36:39:8f:0f:f8:40:a9:56:c3:
47:e0:59:0d:58:cd:d8:d3:7c:b5:ad:56:23:da:3a:4b:3b:5a:
f3:da:ab:ff:6b:a2:b9:22:91:9b:ed:43:78:ba:7d:da:1c:d7:
5b:f5:3d:7e:92:9f:1f:7f:1e:8e:f4:22:11:bd:b6:38:cc:5c:
ef:5e:60:7c:f7:51:6b:2d:04:29:84:7b:b5:72:9a:b4:24:19:
c4:9a:c8:48:8e:2e:dd:51:9d:50:7e:4f:a2:1f:b2:03:09:fa:
12:03:24:10:26:f3:7c:c3:ff:e9:ee:ad:af:76:e6:c3:62:2b:
71:c1:67:dd:23:4a:dc:69:8e:77:0d:e5:78:8f:e4:35:be:ba:
89:c8:ab:4f:a5:8e:2c:19:b8:c4:6a:d1:9d:9f:df:37:22:1a:
25:9f:99:54
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAYzGt9WKsZtf7Rh12Q+wdU/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMDVlYTU5ODA1Zjk0YmUxODUyODIwMzliYmFlMmZhOGE5
MjUzZjUwHhcNMjQwMTAxMjAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjdjYTU2OGNmMDlkMTA1Y2FlZGY0Y2QxMWQ3ZDQzZDczMzM4ZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVJ2ZwshK+YQdp/Bq0UC6griZM7F
pM0JgkqDxQPEQc+dQKNMDln3H5G7bogNZcKv6YOAltf//eXqwpLcB2ouxpr+vT0h
XtI1NW+rCLc/pvivPoUbKvm19f7j4ClCC1/V288Z74u1BkaAkSA0jGf65Fid0/1P
nAyhtlx6dZoS4Q92MMxSMBSLOG3oOaLXoBmKjEy8czqv4wd8ugvyGC53i1SCZwdi
LV3cw+/YWav9uWkcbK/bXjZ79FnXx2QlLF8Qts5oXbIt+msItPrQzhS307Mekzs8
FUzDCWTBVXBqSDCyiMiKXeicPlvUL58goazkJFA0eJZ3uwxVHJlkjwx3fwIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFNJ8pWjPCdEFyu30zRHX1D1zM4/AMB8GA1UdIwQY
MBaAFHoF6lmAX5S+GFKCA5u64vqKklP1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWdYcVdZQmZsTDRZVW9JRG03cmktb3FTVV9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9jZjI0YmQtYzE1Yi00ODRjLTk3MzIt
MDRiMzgxM2YzYjNkLzEvMG55bGFNOEowUVhLN2ZUTkVkZlVQWE16ajhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9jZjI0YmQtYzE1Yi00ODRjLTk3MzItMDRiMzgxM2YzYjNk
LzEvZWdYcVdZQmZsTDRZVW9JRG03cmktb3FTVV9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH8BggrBgEFBQcBBwEB/wSB7DCB6TCBkQQCAAEwgYoDBAIt
hxgDBAItk+wDBAUu6sADBAK5CrwDBAK5K6QDBAK5SrwDBAK5YGADBAK5eSADBAG5
jnoDBAK5nRgDBAK5nowDBAK5wfwDBAK52ywDBAK59XgDBADBA/UDBADBBR8DBADB
BScDBADBBSkDBADBBXgDBALBJoQDBALBLzQDBADDuEoDBAXVuwAwUwQCAAIwTQMF
AyoAH0gDBQMqAW1gAwUDKgVKAAMFAyoGnIADBQMqB6LAAwUDKgetwAMFAyoKQcAD
BQMqCsGAAwUDKgvgQAMFAyoNV4ADBQMqDeVAMA0GCSqGSIb3DQEBCwUAA4IBAQB8
Y8MVG3Uw8zeldvD8GxO52DI+ghPuJz3qaX3lOpS3Nsi9A0RA2CHVNhPBtmDEwV+9
zDVFZHqAU+vKj6IesKr/KoHi5wPv3UqnJ1JLsC1/EBTRRmb5njZtwR+8sbAutJR+
qVA2OY8P+ECpVsNH4FkNWM3Y03y1rVYj2jpLO1rz2qv/a6K5IpGb7UN4un3aHNdb
9T1+kp8ffx6O9CIRvbY4zFzvXmB891FrLQQphHu1cpq0JBnEmshIji7dUZ1Qfk+i
H7IDCfoSAyQQJvN8w//p7q2vdubDYitxwWfdI0rcaY53DeV4j+Q1vrqJyKtPpY4s
GbjEatGdn983Iholn5lU
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:04:52 2024 by rpki-client on console-fra.rpki-client.org