Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/blE2J5BPpcnCJfdf2zx_iEapxtQ.roa
File: blE2J5BPpcnCJfdf2zx_iEapxtQ.roa (raw, json)
Hash identifier: w2d9Ivd5jpDLLQ31eAMEt0y3ygok9j+hSpDyW4NVU5M=
Subject key identifier: 6E:51:36:27:90:4F:A5:C9:C2:25:F7:5F:DB:3C:7F:88:46:A9:C6:D4
Certificate issuer: /CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Certificate serial: 018F1A57F4FCF29B835EBFBD7EBE13225E35
Authority key identifier: E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/blE2J5BPpcnCJfdf2zx_iEapxtQ.roa
Signing time: Fri 26 Apr 2024 12:18:42 +0000
ROA not before: Fri 26 Apr 2024 12:18:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8400
IP address blocks: 5.154.225.0/24 maxlen: 24
62.101.128.0/20 maxlen: 20
77.46.128.0/17 maxlen: 17
79.101.0.0/16 maxlen: 16
79.101.21.0/24 maxlen: 24
89.39.144.0/23 maxlen: 23
89.46.126.0/23 maxlen: 23
89.47.40.0/23 maxlen: 23
91.150.64.0/18 maxlen: 18
91.150.64.0/23 maxlen: 23
91.150.66.0/24 maxlen: 24
91.150.91.0/24 maxlen: 24
93.86.0.0/15 maxlen: 15
93.86.0.0/16 maxlen: 16
93.87.0.0/16 maxlen: 16
93.87.38.0/24 maxlen: 24
93.87.39.0/24 maxlen: 24
93.87.50.0/24 maxlen: 24
93.87.58.0/24 maxlen: 24
109.92.0.0/15 maxlen: 15
109.122.77.0/24 maxlen: 24
178.220.0.0/15 maxlen: 15
178.222.0.0/16 maxlen: 16
178.223.0.0/17 maxlen: 17
178.223.128.0/18 maxlen: 18
178.223.192.0/19 maxlen: 19
185.71.88.0/22 maxlen: 22
185.190.152.0/22 maxlen: 22
195.178.32.0/19 maxlen: 19
212.200.0.0/16 maxlen: 16
212.200.0.0/17 maxlen: 17
212.200.0.0/21 maxlen: 21
212.200.8.0/22 maxlen: 22
212.200.12.0/23 maxlen: 23
212.200.45.0/24 maxlen: 24
212.200.50.0/24 maxlen: 24
212.200.51.0/24 maxlen: 24
212.200.52.0/24 maxlen: 24
212.200.123.0/24 maxlen: 24
212.200.128.0/17 maxlen: 17
212.200.128.0/18 maxlen: 18
212.200.132.0/24 maxlen: 24
212.200.192.0/19 maxlen: 19
212.200.224.0/24 maxlen: 24
212.200.225.0/24 maxlen: 24
212.200.226.0/23 maxlen: 23
212.200.228.0/22 maxlen: 22
212.200.232.0/21 maxlen: 21
212.200.240.0/20 maxlen: 20
213.196.96.0/20 maxlen: 20
2a00:e90::/32 maxlen: 32
2a06:63c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 23:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1a:57:f4:fc:f2:9b:83:5e:bf:bd:7e:be:13:22:5e:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Validity
Not Before: Apr 26 12:18:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e513627904fa5c9c225f75fdb3c7f8846a9c6d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ab:21:70:e5:25:5b:9b:09:c0:2b:9a:28:27:
34:23:5e:48:44:04:1c:23:d5:56:64:f0:1b:5e:73:
f3:57:4d:0c:58:6c:72:1b:fb:90:98:72:3c:ff:8a:
39:9b:c5:ee:02:6c:0b:96:0d:e0:21:29:de:4c:39:
3c:f9:e0:f3:7a:cb:ee:fc:6f:fc:cb:78:b9:af:9b:
c3:45:58:78:13:43:4f:d0:b6:28:ea:69:45:0b:98:
7b:ce:6c:4d:ff:15:4d:65:5c:7c:f3:f3:c9:ea:41:
df:1d:56:27:95:21:6d:53:ac:d9:82:25:b6:91:7a:
d1:ae:ae:c2:8f:aa:33:1a:22:03:95:31:87:3c:a1:
ae:8f:0c:7b:54:73:49:af:b9:a4:73:35:6c:68:66:
34:d4:fc:c8:20:1e:19:77:a2:b5:0b:60:aa:39:c8:
2e:86:9a:e1:8b:50:5b:36:03:4c:76:41:c0:f7:80:
fe:e7:b2:8d:cb:05:08:12:b8:6d:b3:35:e2:a1:09:
19:92:6c:70:10:da:fd:48:b6:d1:18:87:44:ee:9b:
22:92:1c:31:eb:b8:b7:35:c8:ac:44:a2:d3:47:03:
fb:10:65:46:02:e5:50:3d:b2:14:78:f7:b9:0d:2f:
51:01:66:4d:36:11:b5:28:96:57:76:a8:f5:15:68:
cd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:51:36:27:90:4F:A5:C9:C2:25:F7:5F:DB:3C:7F:88:46:A9:C6:D4
X509v3 Authority Key Identifier:
keyid:E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/blE2J5BPpcnCJfdf2zx_iEapxtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.225.0/24
62.101.128.0/20
77.46.128.0/17
79.101.0.0/16
89.39.144.0/23
89.46.126.0/23
89.47.40.0/23
91.150.64.0/18
93.86.0.0/15
109.92.0.0/15
109.122.77.0/24
178.220.0.0-178.223.223.255
185.71.88.0/22
185.190.152.0/22
195.178.32.0/19
212.200.0.0/16
213.196.96.0/20
IPv6:
2a00:e90::/32
2a06:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
1d:2d:34:66:e7:e7:70:c3:92:05:2e:b9:88:35:a2:c4:a9:b7:
d3:cc:58:95:a3:1b:e2:31:92:4b:03:61:d9:55:e0:09:da:5b:
53:d1:30:d4:55:fd:42:bc:10:ab:43:1b:1d:79:38:2c:84:23:
0b:e5:71:31:17:38:44:4a:53:a9:1a:fb:dc:ef:4f:ef:30:05:
a9:a0:eb:aa:de:cd:8a:12:86:be:78:26:e0:10:43:08:fd:fc:
ba:a7:57:00:b2:0b:88:e4:6c:f0:5c:ad:e6:30:21:b0:63:a2:
f0:1e:62:fd:06:f0:9b:98:fa:6b:dd:e7:19:a6:c7:ee:56:f4:
37:52:2b:d7:12:ed:bd:fd:20:28:c4:53:c3:a6:fe:41:75:83:
aa:b6:4c:45:e9:ee:ac:1c:b6:59:96:9b:a0:7b:ec:9f:bd:bd:
ce:52:28:2c:75:8c:fb:70:67:6d:c1:e1:6b:2c:ff:f8:d2:02:
e0:49:d1:4c:87:e8:3e:1f:3f:c9:f4:43:37:2f:1b:ee:08:68:
ee:ba:a9:b0:0b:ec:61:b9:fd:10:35:dd:1f:9f:5b:67:b4:70:
0a:20:76:3b:eb:07:2e:e9:3d:07:38:99:e3:bd:00:3e:23:56:
19:66:41:f0:9e:1e:99:7e:79:d3:de:de:5a:ec:b2:7e:24:57:
e7:61:76:15
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY8aV/T88puDXr+9fr4TIl41MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YjEzMjBmYmMyNGQ2ZjQzNjZjYjY0ZmNmNWVkMmQ3YjFi
NmJkZjcwHhcNMjQwNDI2MTIxODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTUxMzYyNzkwNGZhNWM5YzIyNWY3NWZkYjNjN2Y4ODQ2YTljNmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26shcOUlW5sJwCuaKCc0I15IRAQc
I9VWZPAbXnPzV00MWGxyG/uQmHI8/4o5m8XuAmwLlg3gISneTDk8+eDzesvu/G/8
y3i5r5vDRVh4E0NP0LYo6mlFC5h7zmxN/xVNZVx88/PJ6kHfHVYnlSFtU6zZgiW2
kXrRrq7Cj6ozGiIDlTGHPKGujwx7VHNJr7mkczVsaGY01PzIIB4Zd6K1C2CqOcgu
hprhi1BbNgNMdkHA94D+57KNywUIErhtszXioQkZkmxwENr9SLbRGIdE7psikhwx
67i3NcisRKLTRwP7EGVGAuVQPbIUePe5DS9RAWZNNhG1KJZXdqj1FWjNjwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFG5RNieQT6XJwiX3X9s8f4hGqcbUMB8GA1UdIwQY
MBaAFOmxMg+8JNb0Nmy2T89e0textr33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUt
ZDNlMjgwMGJkNjQwLzEvYmxFMko1QlBwY25DSmZkZjJ6eF9pRWFweHRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUtZDNlMjgwMGJkNjQw
LzEvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzBvBAIAATBpAwQABZrh
AwQEPmWAAwQHTS6AAwMAT2UDBAFZJ5ADBAFZLn4DBAFZLygDBAZblkADAwFdVgMD
AW1cAwQAbXpNMAsDAwKy3AMEBbLfwAMEArlHWAMEArm+mAMEBcOyIAMDANTIAwQE
1cRgMBQEAgACMA4DBQAqAA6QAwUDKgZjwDANBgkqhkiG9w0BAQsFAAOCAQEAHS00
ZufncMOSBS65iDWixKm308xYlaMb4jGSSwNh2VXgCdpbU9Ew1FX9QrwQq0MbHXk4
LIQjC+VxMRc4REpTqRr73O9P7zAFqaDrqt7NihKGvngm4BBDCP38uqdXALILiORs
8Fyt5jAhsGOi8B5i/Qbwm5j6a93nGabH7lb0N1Ir1xLtvf0gKMRTw6b+QXWDqrZM
RenurBy2WZaboHvsn729zlIoLHWM+3BnbcHhayz/+NIC4EnRTIfoPh8/yfRDNy8b
7gho7rqpsAvsYbn9EDXdH59bZ7RwCiB2O+sHLuk9BziZ470APiNWGWZB8J4emX55
097eWuyyfiRX52F2FQ==
-----END CERTIFICATE-----
Generated at Mon Jul 1 07:41:05 2024 by rpki-client on console-ams.rpki-client.org