Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/exb-9vyfpS78VwmocNJ6DJgrEcg.roa
File: exb-9vyfpS78VwmocNJ6DJgrEcg.roa (raw, json)
Hash identifier: cHIY4RtkUYGGP/0SoMSIh/bMHIW+rwtKCtApzHNFgDQ=
Subject key identifier: 7B:16:FE:F6:FC:9F:A5:2E:FC:57:09:A8:70:D2:7A:0C:98:2B:11:C8
Certificate issuer: /CN=297ae7592ca52491dc166a30fe1477d712bd465d
Certificate serial: 0192A04B383747F549A83B88778086D699F0
Authority key identifier: 29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/exb-9vyfpS78VwmocNJ6DJgrEcg.roa
Signing time: Fri 18 Oct 2024 15:42:16 +0000
ROA not before: Fri 18 Oct 2024 15:42:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49531
IP address blocks: 91.214.204.0/22 maxlen: 22
93.92.32.0/21 maxlen: 21
93.92.32.0/24 maxlen: 24
93.92.33.0/24 maxlen: 24
93.92.34.0/23 maxlen: 23
93.92.36.0/23 maxlen: 23
93.92.38.0/23 maxlen: 23
93.186.48.0/20 maxlen: 20
93.186.48.0/23 maxlen: 23
93.186.50.0/23 maxlen: 23
93.186.52.0/23 maxlen: 23
93.186.54.0/23 maxlen: 23
93.186.56.0/23 maxlen: 23
93.186.58.0/23 maxlen: 23
93.186.60.0/23 maxlen: 23
93.186.62.0/23 maxlen: 23
94.159.0.0/17 maxlen: 17
94.159.0.0/18 maxlen: 18
94.159.0.0/23 maxlen: 23
94.159.2.0/23 maxlen: 23
94.159.4.0/23 maxlen: 23
94.159.6.0/23 maxlen: 23
94.159.8.0/23 maxlen: 23
94.159.10.0/23 maxlen: 23
94.159.12.0/23 maxlen: 23
94.159.14.0/23 maxlen: 23
94.159.16.0/23 maxlen: 23
94.159.18.0/23 maxlen: 23
94.159.20.0/23 maxlen: 23
94.159.22.0/23 maxlen: 23
94.159.24.0/23 maxlen: 23
94.159.26.0/23 maxlen: 23
94.159.28.0/23 maxlen: 23
94.159.30.0/23 maxlen: 23
94.159.32.0/23 maxlen: 23
94.159.34.0/23 maxlen: 23
94.159.36.0/23 maxlen: 23
94.159.38.0/23 maxlen: 23
94.159.40.0/23 maxlen: 23
94.159.42.0/23 maxlen: 23
94.159.44.0/23 maxlen: 23
94.159.46.0/23 maxlen: 23
94.159.48.0/23 maxlen: 23
94.159.50.0/23 maxlen: 23
94.159.52.0/23 maxlen: 23
94.159.54.0/23 maxlen: 23
94.159.56.0/23 maxlen: 23
94.159.58.0/23 maxlen: 23
94.159.60.0/23 maxlen: 23
94.159.62.0/23 maxlen: 23
94.159.64.0/19 maxlen: 19
94.159.64.0/23 maxlen: 23
94.159.66.0/23 maxlen: 23
94.159.68.0/23 maxlen: 23
94.159.70.0/23 maxlen: 23
94.159.70.0/24 maxlen: 24
94.159.72.0/23 maxlen: 23
94.159.74.0/23 maxlen: 23
94.159.76.0/23 maxlen: 23
94.159.78.0/23 maxlen: 23
94.159.80.0/23 maxlen: 23
94.159.82.0/23 maxlen: 23
94.159.84.0/23 maxlen: 23
94.159.85.0/24 maxlen: 24
94.159.88.0/21 maxlen: 21
94.159.88.0/22 maxlen: 22
94.159.92.0/24 maxlen: 24
94.159.107.0/24 maxlen: 24
94.159.108.0/22 maxlen: 22
94.159.112.0/21 maxlen: 21
94.159.120.0/22 maxlen: 22
94.159.124.0/22 maxlen: 22
185.42.108.0/22 maxlen: 22
2a04:8f00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a0:4b:38:37:47:f5:49:a8:3b:88:77:80:86:d6:99:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ae7592ca52491dc166a30fe1477d712bd465d
Validity
Not Before: Oct 18 15:42:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b16fef6fc9fa52efc5709a870d27a0c982b11c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:05:60:f7:b3:64:b0:35:40:14:10:3c:1e:e5:
c5:11:77:0b:66:ba:56:e2:be:e8:23:6e:df:01:3e:
44:59:d7:11:33:42:77:55:a5:f8:5f:bd:f4:a1:a1:
db:58:f3:61:5f:86:af:d6:41:df:4a:c1:b6:8a:3d:
c2:7b:94:75:35:cd:63:db:65:cd:49:42:f0:98:6d:
50:73:eb:01:db:01:0d:73:ad:02:2c:9e:17:d4:4c:
1a:7a:1e:00:15:18:8c:d0:a3:03:5a:31:e0:61:a1:
51:fa:58:2d:4f:7b:19:41:72:88:9c:22:bc:3b:67:
db:11:01:31:f1:31:72:54:2f:30:da:01:b2:a3:e6:
24:20:53:bf:e5:e8:4e:64:be:87:21:11:84:85:4f:
fe:ef:b3:7e:a3:e3:b0:6d:fd:ea:55:2f:ae:4d:a2:
01:fc:8d:69:74:b3:30:99:b3:4b:b6:13:51:3c:83:
20:3f:da:b3:5d:3e:c1:a6:22:1b:fa:e6:ac:16:14:
59:bd:21:7f:49:9f:56:0f:4a:bb:dd:27:df:fc:84:
51:56:6c:40:46:79:1b:21:92:92:cc:70:1e:2f:a8:
d9:ba:0c:df:1d:f0:4d:a3:d2:d7:0d:d7:d1:b7:04:
b4:0e:17:8e:37:5f:65:57:0b:3a:f4:34:0b:2b:9e:
b1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:16:FE:F6:FC:9F:A5:2E:FC:57:09:A8:70:D2:7A:0C:98:2B:11:C8
X509v3 Authority Key Identifier:
keyid:29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/exb-9vyfpS78VwmocNJ6DJgrEcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.204.0/22
93.92.32.0/21
93.186.48.0/20
94.159.0.0/17
185.42.108.0/22
IPv6:
2a04:8f00::/29
Signature Algorithm: sha256WithRSAEncryption
aa:4f:c4:99:7d:e1:c6:c4:9f:2f:ac:5c:77:d7:2c:aa:2e:bd:
a1:57:1d:2f:3c:b2:52:62:4f:38:1d:e3:b2:f7:1f:2b:d3:46:
03:b6:de:5f:0b:1a:c5:c6:9a:7f:1c:df:f8:89:17:bb:09:5f:
15:3b:c0:1e:d6:e5:7a:e9:66:a6:3d:b3:6c:f2:fb:a3:28:ae:
dc:96:55:97:be:af:97:c7:23:64:5e:6a:fd:f3:22:99:31:40:
fb:84:61:e1:63:52:04:04:b1:d3:52:3d:86:53:f7:54:3c:da:
c8:95:c9:18:6e:59:80:21:0e:df:0f:66:21:5a:43:e5:d3:2d:
89:bf:1d:87:47:98:2e:a7:8a:80:10:33:a1:3e:60:e8:c3:84:
fb:b6:45:a6:44:42:50:d9:76:c4:d3:84:1b:97:28:07:21:21:
92:21:36:2a:5c:22:90:fb:67:21:92:18:94:92:e2:77:92:20:
3f:32:4b:e4:3e:bf:93:04:6f:72:a8:04:d1:a9:d9:78:13:41:
75:91:c8:3a:aa:36:a5:5a:86:04:8c:8f:73:a5:cf:12:34:fb:
bd:b0:ac:9e:39:0f:c1:a5:ee:3e:75:94:59:11:e2:0c:0c:9f:
7e:78:f2:b0:72:49:d2:bd:8c:67:bf:8a:7b:4d:3f:5a:08:44:
55:a9:14:03
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZKgSzg3R/VJqDuId4CG1pnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2FlNzU5MmNhNTI0OTFkYzE2NmEzMGZlMTQ3N2Q3MTJi
ZDQ2NWQwHhcNMjQxMDE4MTU0MjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjE2ZmVmNmZjOWZhNTJlZmM1NzA5YTg3MGQyN2EwYzk4MmIxMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwVg97NksDVAFBA8HuXFEXcLZrpW
4r7oI27fAT5EWdcRM0J3VaX4X730oaHbWPNhX4av1kHfSsG2ij3Ce5R1Nc1j22XN
SULwmG1Qc+sB2wENc60CLJ4X1Ewaeh4AFRiM0KMDWjHgYaFR+lgtT3sZQXKInCK8
O2fbEQEx8TFyVC8w2gGyo+YkIFO/5ehOZL6HIRGEhU/+77N+o+Owbf3qVS+uTaIB
/I1pdLMwmbNLthNRPIMgP9qzXT7BpiIb+uasFhRZvSF/SZ9WD0q73Sff/IRRVmxA
RnkbIZKSzHAeL6jZugzfHfBNo9LXDdfRtwS0DheON19lVws69DQLK56xkwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHsW/vb8n6Uu/FcJqHDSegyYKxHIMB8GA1UdIwQY
MBaAFCl651kspSSR3BZqMP4Ud9cSvUZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgt
MzkxMGE1OWExMTIxLzEvZXhiLTl2eWZwUzc4Vndtb2NOSjZESmdyRWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgtMzkxMGE1OWExMTIx
LzEvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCW9bMAwQD
XVwgAwQEXbowAwQHXp8AAwQCuSpsMA0EAgACMAcDBQMqBI8AMA0GCSqGSIb3DQEB
CwUAA4IBAQCqT8SZfeHGxJ8vrFx31yyqLr2hVx0vPLJSYk84HeOy9x8r00YDtt5f
CxrFxpp/HN/4iRe7CV8VO8Ae1uV66WamPbNs8vujKK7cllWXvq+XxyNkXmr98yKZ
MUD7hGHhY1IEBLHTUj2GU/dUPNrIlckYblmAIQ7fD2YhWkPl0y2Jvx2HR5gup4qA
EDOhPmDow4T7tkWmREJQ2XbE04QblygHISGSITYqXCKQ+2chkhiUkuJ3kiA/Mkvk
Pr+TBG9yqATRqdl4E0F1kcg6qjalWoYEjI9zpc8SNPu9sKyeOQ/Bpe4+dZRZEeIM
DJ9+ePKwcknSvYxnv4p7TT9aCERVqRQD
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:23:48 2024 by rpki-client on console-ams.rpki-client.org