Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/7w3n7jSIfnbkXSnBx6eOaAKpv18.roa
File: 7w3n7jSIfnbkXSnBx6eOaAKpv18.roa (raw, json)
Hash identifier: i81ht2xA0FNkaBJV6QEvUldChrlNo4A2ajl6erPnj4s=
Subject key identifier: EF:0D:E7:EE:34:88:7E:76:E4:5D:29:C1:C7:A7:8E:68:02:A9:BF:5F
Certificate issuer: /CN=0526b03c717184c3680817e55e2455f85d73a413
Certificate serial: 019355A0030561C78C40C111211820E22B14
Authority key identifier: 05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/7w3n7jSIfnbkXSnBx6eOaAKpv18.roa
Signing time: Fri 22 Nov 2024 20:46:10 +0000
ROA not before: Fri 22 Nov 2024 20:46:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49453
IP address blocks: 37.123.208.0/24 maxlen: 24
37.123.210.0/24 maxlen: 24
45.133.250.0/24 maxlen: 24
109.202.97.0/24 maxlen: 24
109.202.98.0/24 maxlen: 24
109.202.99.0/24 maxlen: 24
109.202.100.0/24 maxlen: 24
109.202.101.0/24 maxlen: 24
109.202.102.0/24 maxlen: 24
109.202.103.0/24 maxlen: 24
109.202.104.0/24 maxlen: 24
109.202.106.0/24 maxlen: 24
109.202.107.0/24 maxlen: 24
109.202.108.0/24 maxlen: 24
109.202.109.0/24 maxlen: 24
109.202.110.0/24 maxlen: 24
109.202.111.0/24 maxlen: 24
109.232.224.0/24 maxlen: 24
109.232.225.0/24 maxlen: 24
109.232.226.0/24 maxlen: 24
109.232.227.0/24 maxlen: 24
109.232.228.0/24 maxlen: 24
109.232.229.0/24 maxlen: 24
109.232.230.0/24 maxlen: 24
109.232.231.0/24 maxlen: 24
134.19.176.0/24 maxlen: 24
134.19.177.0/24 maxlen: 24
134.19.178.0/24 maxlen: 24
134.19.179.0/24 maxlen: 24
134.19.180.0/24 maxlen: 24
134.19.181.0/24 maxlen: 24
134.19.182.0/24 maxlen: 24
134.19.183.0/24 maxlen: 24
134.19.184.0/24 maxlen: 24
134.19.185.0/24 maxlen: 24
134.19.186.0/24 maxlen: 24
134.19.187.0/24 maxlen: 24
134.19.188.0/24 maxlen: 24
134.19.189.0/24 maxlen: 24
134.19.190.0/23 maxlen: 23
185.23.212.0/22 maxlen: 22
185.23.214.0/24 maxlen: 24
188.95.49.0/24 maxlen: 24
188.95.50.0/24 maxlen: 24
188.95.51.0/24 maxlen: 24
188.95.52.0/24 maxlen: 24
188.95.53.0/24 maxlen: 24
213.152.160.0/24 maxlen: 24
213.152.161.0/24 maxlen: 24
213.152.162.0/24 maxlen: 24
213.152.163.0/24 maxlen: 24
213.152.164.0/24 maxlen: 24
213.152.165.0/24 maxlen: 24
213.152.166.0/24 maxlen: 24
213.152.167.0/24 maxlen: 24
213.152.168.0/24 maxlen: 24
213.152.169.0/24 maxlen: 24
213.152.170.0/24 maxlen: 24
213.152.171.0/24 maxlen: 24
213.152.172.0/24 maxlen: 24
213.152.173.0/24 maxlen: 24
213.152.174.0/24 maxlen: 24
213.152.176.0/24 maxlen: 24
213.152.177.0/24 maxlen: 24
213.152.180.0/24 maxlen: 24
213.152.181.0/24 maxlen: 24
213.152.182.0/24 maxlen: 24
213.152.183.0/24 maxlen: 24
213.152.184.0/24 maxlen: 24
213.152.185.0/24 maxlen: 24
213.152.186.0/24 maxlen: 24
213.152.187.0/24 maxlen: 24
213.152.188.0/22 maxlen: 22
213.152.188.0/24 maxlen: 24
213.152.189.0/24 maxlen: 24
2a00:1678:127::/48 maxlen: 48
2a00:1678:1337::/48 maxlen: 48
2a00:1678:2470::/48 maxlen: 48
2a00:1678:3cc0::/48 maxlen: 48
2a00:1678:5524::/48 maxlen: 48
2a00:1678:5afe::/48 maxlen: 48
2a00:1678:b00b::/48 maxlen: 48
2a00:1678:baba::/48 maxlen: 48
2a00:1678:da7a::/48 maxlen: 48
2a00:1678:dea1::/48 maxlen: 48
2a00:1678:efa5::/48 maxlen: 48
2a00:1678:f113::/48 maxlen: 48
2a00:1678:fa11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/BSawPHFxhMNoCBflXiRV-F1zpBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/BSawPHFxhMNoCBflXiRV-F1zpBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:55:a0:03:05:61:c7:8c:40:c1:11:21:18:20:e2:2b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0526b03c717184c3680817e55e2455f85d73a413
Validity
Not Before: Nov 22 20:46:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef0de7ee34887e76e45d29c1c7a78e6802a9bf5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d0:27:00:df:49:ec:7d:58:16:44:80:74:e0:
89:5a:dc:69:f2:0c:ce:12:cd:5e:47:14:2c:03:03:
79:a8:27:f4:f3:bc:97:d4:f1:47:93:02:b7:84:4f:
fb:e1:ba:b3:30:c4:a4:a0:38:95:45:3e:83:55:b4:
47:d1:d7:08:1c:01:1d:93:66:b7:06:6a:f9:03:78:
70:e0:c9:d9:f3:b3:49:33:15:1e:31:bd:04:a3:ac:
74:dd:63:eb:ee:a2:e4:d1:61:4b:06:22:74:01:ad:
30:f1:2d:67:41:4b:cf:71:b8:19:1c:26:d4:77:4e:
d6:b3:54:08:a0:07:cd:c2:3b:10:0c:82:5f:62:65:
37:f7:a1:0a:9f:0f:c1:e8:01:13:4f:c7:ef:a9:2b:
9b:d1:52:98:18:34:c7:08:ad:57:e9:16:d4:69:4f:
be:2f:0e:69:b7:22:fd:d2:ea:ff:0e:11:d1:a8:29:
6e:4c:21:fb:82:1d:18:e1:3d:8a:3b:e7:a0:38:10:
6c:81:4c:63:1f:3c:69:e9:70:cf:f8:6f:ef:4c:8e:
42:2b:d0:b2:d1:ac:64:1e:98:0f:51:a8:dc:25:74:
54:6e:db:08:03:74:a7:a7:eb:7f:cd:9a:a9:67:9e:
c5:5a:5d:7d:14:35:82:3f:52:4c:43:07:4b:63:75:
d0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:0D:E7:EE:34:88:7E:76:E4:5D:29:C1:C7:A7:8E:68:02:A9:BF:5F
X509v3 Authority Key Identifier:
keyid:05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/7w3n7jSIfnbkXSnBx6eOaAKpv18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/BSawPHFxhMNoCBflXiRV-F1zpBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.208.0/24
37.123.210.0/24
45.133.250.0/24
109.202.97.0-109.202.104.255
109.202.106.0-109.202.111.255
109.232.224.0/21
134.19.176.0/20
185.23.212.0/22
188.95.49.0-188.95.53.255
213.152.160.0-213.152.174.255
213.152.176.0/23
213.152.180.0-213.152.191.255
IPv6:
2a00:1678:127::/48
2a00:1678:1337::/48
2a00:1678:2470::/48
2a00:1678:3cc0::/48
2a00:1678:5524::/48
2a00:1678:5afe::/48
2a00:1678:b00b::/48
2a00:1678:baba::/48
2a00:1678:da7a::/48
2a00:1678:dea1::/48
2a00:1678:efa5::/48
2a00:1678:f113::/48
2a00:1678:fa11::/48
Signature Algorithm: sha256WithRSAEncryption
52:d5:5b:9d:4a:13:84:1d:36:e9:1f:82:c3:4a:7e:02:2d:d9:
27:51:aa:e6:6b:ac:63:f8:1d:40:df:d6:f4:6f:1d:a3:5a:d3:
3f:f7:eb:15:de:e5:36:de:ab:66:4c:4a:cc:fe:82:bb:ff:96:
9b:2c:dc:79:b1:7a:0a:73:46:97:f2:79:91:93:47:25:76:e4:
bb:fb:9b:ae:50:b7:8d:14:27:9d:1b:00:b6:a0:f1:8b:f6:4e:
34:d8:a0:e8:ed:2d:64:98:9f:d0:bf:c7:bb:1e:82:eb:4d:e9:
91:5d:77:95:1c:af:62:6d:bc:48:fe:14:12:20:bf:cc:88:a5:
bb:b8:1a:1d:93:30:93:fa:43:84:bb:4e:a0:49:a7:27:68:c1:
18:06:1e:31:de:b8:7e:38:46:d4:9c:ee:95:f3:8c:6e:d7:23:
7d:1a:d4:fe:5f:34:2e:63:f2:70:2e:84:2b:f0:d8:22:eb:c6:
b7:a0:99:0c:bc:4a:70:98:d9:b3:f9:c6:25:8e:01:36:b8:a3:
44:10:03:ec:e5:22:8d:37:9e:a4:9f:a0:d5:54:de:5b:f4:58:
39:27:a3:ef:49:6b:25:6f:7f:6c:07:fb:fc:ff:49:e8:d5:10:
c0:9d:88:cb:da:4e:fc:22:da:0f:d7:04:88:34:f7:71:d9:19:
e7:4e:5e:a1
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgISAZNVoAMFYceMQMERIRgg4isUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MjZiMDNjNzE3MTg0YzM2ODA4MTdlNTVlMjQ1NWY4NWQ3
M2E0MTMwHhcNMjQxMTIyMjA0NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjBkZTdlZTM0ODg3ZTc2ZTQ1ZDI5YzFjN2E3OGU2ODAyYTliZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdAnAN9J7H1YFkSAdOCJWtxp8gzO
Es1eRxQsAwN5qCf087yX1PFHkwK3hE/74bqzMMSkoDiVRT6DVbRH0dcIHAEdk2a3
Bmr5A3hw4MnZ87NJMxUeMb0Eo6x03WPr7qLk0WFLBiJ0Aa0w8S1nQUvPcbgZHCbU
d07Ws1QIoAfNwjsQDIJfYmU396EKnw/B6AETT8fvqSub0VKYGDTHCK1X6RbUaU++
Lw5ptyL90ur/DhHRqCluTCH7gh0Y4T2KO+egOBBsgUxjHzxp6XDP+G/vTI5CK9Cy
0axkHpgPUajcJXRUbtsIA3Snp+t/zZqpZ57FWl19FDWCP1JMQwdLY3XQ5QIDAQAB
o4IC9DCCAvAwHQYDVR0OBBYEFO8N5+40iH525F0pwcenjmgCqb9fMB8GA1UdIwQY
MBaAFAUmsDxxcYTDaAgX5V4kVfhdc6QTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMt
M2JmMDRhMmE5M2Q4LzEvN3czbjdqU0lmbmJrWFNuQng2ZU9hQUtwdjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMtM2JmMDRhMmE5M2Q4
LzEvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCAYIKwYBBQUHAQcBAf8EgfgwgfUwdgQCAAEwcAMEACV7
0AMEACV70gMEAC2F+jAMAwQAbcphAwQAbcpoMAwDBAFtymoDBARtymADBANt6OAD
BASGE7ADBAK5F9QwDAMEALxfMQMEAbxfNDAMAwQF1ZigAwQA1ZiuAwQB1ZiwMAwD
BALVmLQDBAbVmIAwewQCAAIwdQMHACoAFngBJwMHACoAFngTNwMHACoAFngkcAMH
ACoAFng8wAMHACoAFnhVJAMHACoAFnha/gMHACoAFniwCwMHACoAFni6ugMHACoA
FnjaegMHACoAFnjeoQMHACoAFnjvpQMHACoAFnjxEwMHACoAFnj6ETANBgkqhkiG
9w0BAQsFAAOCAQEAUtVbnUoThB026R+Cw0p+Ai3ZJ1Gq5musY/gdQN/W9G8do1rT
P/frFd7lNt6rZkxKzP6Cu/+WmyzcebF6CnNGl/J5kZNHJXbku/ubrlC3jRQnnRsA
tqDxi/ZONNig6O0tZJif0L/Hux6C603pkV13lRyvYm28SP4UEiC/zIilu7gaHZMw
k/pDhLtOoEmnJ2jBGAYeMd64fjhG1JzulfOMbtcjfRrU/l80LmPycC6EK/DYIuvG
t6CZDLxKcJjZs/nGJY4BNrijRBAD7OUijTeepJ+g1VTeW/RYOSej70lrJW9/bAf7
/P9J6NUQwJ2Iy9pO/CLaD9cEiDT3cdkZ505eoQ==
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:55:06 2024 by rpki-client on console-fra.rpki-client.org