Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/7ZyPMbBb2bERf8s9ZhCTBapSjiA.roa
File: 7ZyPMbBb2bERf8s9ZhCTBapSjiA.roa (raw, json)
Hash identifier: IagmJrkKCbbks3mpooguDEVJ/lrmiw99hV8dORMDsBc=
Subject key identifier: ED:9C:8F:31:B0:5B:D9:B1:11:7F:CB:3D:66:10:93:05:AA:52:8E:20
Certificate issuer: /CN=42c4c90ed16aa20e49178420bfc84a883c12ac68
Certificate serial: 018CC94BD6D179D180B2916446A64C15038C
Authority key identifier: 42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/7ZyPMbBb2bERf8s9ZhCTBapSjiA.roa
Signing time: Tue 02 Jan 2024 08:30:39 +0000
ROA not before: Tue 02 Jan 2024 08:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202254
IP address blocks: 194.146.159.0/24 maxlen: 24
194.146.158.0/24 maxlen: 24
194.146.157.0/24 maxlen: 24
194.146.156.0/24 maxlen: 24
212.108.132.0/24 maxlen: 24
212.108.131.0/24 maxlen: 24
212.108.130.0/24 maxlen: 24
212.108.129.0/24 maxlen: 24
212.108.128.0/19 maxlen: 24
212.108.128.0/24 maxlen: 24
212.108.139.0/24 maxlen: 24
212.108.138.0/24 maxlen: 24
212.108.137.0/24 maxlen: 24
212.108.136.0/24 maxlen: 24
212.108.135.0/24 maxlen: 24
212.108.134.0/24 maxlen: 24
212.108.133.0/24 maxlen: 24
212.108.140.0/24 maxlen: 24
212.108.145.0/24 maxlen: 24
212.108.144.0/24 maxlen: 24
212.108.143.0/24 maxlen: 24
212.108.142.0/24 maxlen: 24
212.108.141.0/24 maxlen: 24
212.108.147.0/24 maxlen: 24
212.108.146.0/24 maxlen: 24
212.108.152.0/24 maxlen: 24
185.206.71.0/24 maxlen: 24
212.108.151.0/24 maxlen: 24
212.108.150.0/24 maxlen: 24
212.108.149.0/24 maxlen: 24
212.108.148.0/24 maxlen: 24
212.108.154.0/24 maxlen: 24
212.108.153.0/24 maxlen: 24
212.108.159.0/24 maxlen: 24
212.108.158.0/24 maxlen: 24
212.108.157.0/24 maxlen: 24
212.108.156.0/24 maxlen: 24
212.108.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/QsTJDtFqog5JF4Qgv8hKiDwSrGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/QsTJDtFqog5JF4Qgv8hKiDwSrGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 30 Jun 2024 02:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4b:d6:d1:79:d1:80:b2:91:64:46:a6:4c:15:03:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42c4c90ed16aa20e49178420bfc84a883c12ac68
Validity
Not Before: Jan 2 08:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed9c8f31b05bd9b1117fcb3d66109305aa528e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bf:bc:d5:e9:a0:f7:6e:5c:a0:9f:13:eb:2d:
9d:d3:06:c3:b2:c7:5a:ab:ce:81:4d:f4:fa:bf:72:
a5:73:7f:dc:02:f0:51:f5:01:83:45:7e:f0:86:a8:
2d:ab:2c:37:57:15:15:03:51:d9:0b:1d:22:54:2f:
5c:90:5b:89:ce:1f:3b:a5:03:05:2a:c8:f6:63:59:
d1:2e:8e:98:13:07:72:c3:06:d1:fc:1c:09:aa:06:
3e:cb:dd:d6:2f:00:15:d5:04:f2:99:c0:a2:e2:d4:
b3:2d:b5:fe:d3:7a:33:5d:84:23:11:bf:30:47:07:
d7:83:c9:73:02:49:7f:36:e0:7d:b2:33:bd:da:b7:
b0:92:72:17:7c:ae:2b:a1:b0:36:58:15:14:7e:3a:
ed:83:2e:3f:91:17:d8:b6:10:de:3c:8d:ff:a9:86:
6d:0e:79:c9:20:b7:a6:f1:db:bc:8f:6f:a7:6b:15:
a8:e9:a6:74:26:2b:ad:70:6b:cd:03:b9:09:f7:44:
98:f1:f9:a9:20:44:e7:ff:03:1a:e0:09:a0:7e:0f:
b9:9d:1f:8f:64:da:49:3e:a9:e7:f3:a7:eb:03:b4:
75:b7:fa:77:c6:98:19:84:03:b2:7e:0c:7d:6e:0d:
87:29:a9:15:6b:2d:36:bf:25:2e:85:f8:20:e5:96:
bb:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:9C:8F:31:B0:5B:D9:B1:11:7F:CB:3D:66:10:93:05:AA:52:8E:20
X509v3 Authority Key Identifier:
keyid:42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/7ZyPMbBb2bERf8s9ZhCTBapSjiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/QsTJDtFqog5JF4Qgv8hKiDwSrGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.71.0/24
194.146.156.0/22
212.108.128.0/19
Signature Algorithm: sha256WithRSAEncryption
91:04:75:ac:60:e1:1e:28:68:e3:bd:ce:9b:4c:fe:9b:95:06:
23:b9:72:e8:a7:6a:37:42:f7:00:59:c0:10:60:bb:fa:a1:e5:
69:09:02:0a:a4:c1:19:ba:18:31:81:1a:56:7c:29:22:80:9e:
57:4a:69:e2:45:1f:62:00:25:10:a4:28:bc:ae:f5:13:46:f3:
73:79:16:51:de:8a:a0:25:70:52:77:a3:34:b6:7f:0e:c1:e6:
fb:f1:e2:06:29:95:33:08:88:38:f8:df:1d:59:63:5d:27:6b:
a0:23:d3:40:71:65:07:d2:65:53:7b:1d:2d:ad:51:7f:a0:24:
0a:d1:37:e2:fd:ab:63:48:3d:a9:31:46:b5:40:4c:fa:4f:4d:
12:11:14:1b:b7:1b:fa:a2:cb:95:07:5c:00:91:69:65:b9:7e:
e2:ad:de:36:e0:a7:ab:9c:15:ee:d5:a7:02:60:2c:54:c1:50:
b8:e2:42:f9:f6:e6:13:d0:1c:d8:0a:c6:04:e2:b8:08:56:23:
be:3e:8e:e2:c9:aa:f9:32:b3:8c:b3:5d:40:2d:0d:9c:0e:82:
5a:90:da:cc:42:47:04:9e:bf:ec:4e:2f:66:9f:1c:97:ee:2e:
0b:ad:f2:2d:6f:d8:4b:38:89:cc:52:ce:9f:68:56:93:bc:cd:
9f:fa:ad:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJS9bRedGAspFkRqZMFQOMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYzRjOTBlZDE2YWEyMGU0OTE3ODQyMGJmYzg0YTg4M2Mx
MmFjNjgwHhcNMjQwMTAyMDgzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDljOGYzMWIwNWJkOWIxMTE3ZmNiM2Q2NjEwOTMwNWFhNTI4ZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqL+81emg925coJ8T6y2d0wbDssda
q86BTfT6v3Klc3/cAvBR9QGDRX7whqgtqyw3VxUVA1HZCx0iVC9ckFuJzh87pQMF
Ksj2Y1nRLo6YEwdywwbR/BwJqgY+y93WLwAV1QTymcCi4tSzLbX+03ozXYQjEb8w
RwfXg8lzAkl/NuB9sjO92rewknIXfK4robA2WBUUfjrtgy4/kRfYthDePI3/qYZt
DnnJILem8du8j2+naxWo6aZ0JiutcGvNA7kJ90SY8fmpIETn/wMa4Amgfg+5nR+P
ZNpJPqnn86frA7R1t/p3xpgZhAOyfgx9bg2HKakVay02vyUuhfgg5Za7nwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO2cjzGwW9mxEX/LPWYQkwWqUo4gMB8GA1UdIwQY
MBaAFELEyQ7RaqIOSReEIL/ISog8EqxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXNUSkR0RnFvZzVKRjRRZ3Y4aEtpRHdTckdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80ODdjMTUtNmY2Zi00MDdmLTk0OWYt
YThlNGU3MWJlZTUxLzEvN1p5UE1iQmIyYkVSZjhzOVpoQ1RCYXBTamlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80ODdjMTUtNmY2Zi00MDdmLTk0OWYtYThlNGU3MWJlZTUx
LzEvUXNUSkR0RnFvZzVKRjRRZ3Y4aEtpRHdTckdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuc5HAwQC
wpKcAwQF1GyAMA0GCSqGSIb3DQEBCwUAA4IBAQCRBHWsYOEeKGjjvc6bTP6blQYj
uXLop2o3QvcAWcAQYLv6oeVpCQIKpMEZuhgxgRpWfCkigJ5XSmniRR9iACUQpCi8
rvUTRvNzeRZR3oqgJXBSd6M0tn8Oweb78eIGKZUzCIg4+N8dWWNdJ2ugI9NAcWUH
0mVTex0trVF/oCQK0Tfi/atjSD2pMUa1QEz6T00SERQbtxv6osuVB1wAkWlluX7i
rd424KernBXu1acCYCxUwVC44kL59uYT0BzYCsYE4rgIViO+Po7iyar5MrOMs11A
LQ2cDoJakNrMQkcEnr/sTi9mnxyX7i4LrfItb9hLOInMUs6faFaTvM2f+q0a
-----END CERTIFICATE-----
Generated at Sat Jun 29 08:52:38 2024 by rpki-client on console-ams.rpki-client.org