Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/ejL3GLdFPCgZiNdm2WLsLrD2G2Y.roa
File: ejL3GLdFPCgZiNdm2WLsLrD2G2Y.roa (raw, json)
Hash identifier: B8rkXFoEm4rmeZl4NkqczehdyOnQX0fxmZCtnqyGH7M=
Subject key identifier: 7A:32:F7:18:B7:45:3C:28:19:88:D7:66:D9:62:EC:2E:B0:F6:1B:66
Certificate issuer: /CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Certificate serial: 018CC5001B44C9492D763FE032A06BB75F43
Authority key identifier: E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/ejL3GLdFPCgZiNdm2WLsLrD2G2Y.roa
Signing time: Mon 01 Jan 2024 12:29:27 +0000
ROA not before: Mon 01 Jan 2024 12:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41937
IP address blocks: 87.250.32.0/19 maxlen: 24
185.112.20.0/22 maxlen: 24
62.240.24.0/21 maxlen: 24
109.198.0.0/19 maxlen: 24
109.122.64.0/18 maxlen: 24
185.179.136.0/22 maxlen: 24
178.79.0.0/18 maxlen: 24
178.250.136.0/21 maxlen: 24
46.235.96.0/21 maxlen: 24
5.134.104.0/21 maxlen: 24
185.26.172.0/22 maxlen: 24
109.72.48.0/20 maxlen: 24
92.244.128.0/19 maxlen: 24
178.237.208.0/20 maxlen: 24
91.185.96.0/19 maxlen: 24
185.34.92.0/22 maxlen: 24
185.103.136.0/22 maxlen: 24
91.204.52.0/22 maxlen: 24
185.10.140.0/22 maxlen: 24
109.94.232.0/21 maxlen: 24
109.94.228.0/22 maxlen: 24
2a06:63c0::/29 maxlen: 48
2a02:61a0::/32 maxlen: 48
2a00:cf00::/32 maxlen: 48
2a00:8720::/32 maxlen: 48
2a03:fc40::/32 maxlen: 48
2a06:5b00::/29 maxlen: 48
2a04:1dc0::/29 maxlen: 48
2a01:b800::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 03:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:1b:44:c9:49:2d:76:3f:e0:32:a0:6b:b7:5f:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Validity
Not Before: Jan 1 12:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a32f718b7453c281988d766d962ec2eb0f61b66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:81:68:dc:7e:ed:79:c4:da:75:e8:4c:12:f8:
f1:6a:9d:5f:51:79:c5:3e:25:16:59:e0:76:bf:11:
01:07:ab:f4:ec:80:90:58:84:a9:8d:b0:64:93:95:
1d:2a:ca:83:d9:7e:92:a8:a7:3f:9c:99:09:1f:ab:
54:70:9b:d8:c9:7c:81:7c:66:bc:8c:09:e4:ec:c7:
a2:4d:c7:72:39:91:c5:09:8b:d9:53:d7:d6:8e:b9:
31:51:aa:05:07:ff:47:99:e5:86:95:7f:a6:ac:49:
d0:83:3d:84:bf:d6:4a:dc:2e:98:98:e4:1a:bc:ab:
12:05:5b:d0:a5:72:3c:96:59:13:5b:74:45:8f:ba:
ff:92:9e:35:fa:64:1b:0d:c2:73:37:a1:b6:68:ce:
96:27:ac:a3:e8:13:b2:a1:af:91:18:28:65:f4:14:
77:fd:00:6f:36:75:dc:06:c7:0f:76:03:91:1f:0a:
98:fc:9e:7e:98:8d:ef:42:66:23:b1:6a:de:08:aa:
9c:0a:40:f5:1c:a6:08:69:da:4d:ea:8b:eb:df:30:
46:40:85:32:ef:cc:de:f6:5c:d6:22:5f:0e:49:b3:
42:40:aa:c6:7e:ad:fe:54:ba:f4:06:5d:ac:b1:5c:
78:38:f0:86:13:70:29:7d:14:9c:4c:d4:17:f0:59:
4b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:32:F7:18:B7:45:3C:28:19:88:D7:66:D9:62:EC:2E:B0:F6:1B:66
X509v3 Authority Key Identifier:
keyid:E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/ejL3GLdFPCgZiNdm2WLsLrD2G2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.104.0/21
46.235.96.0/21
62.240.24.0/21
87.250.32.0/19
91.185.96.0/19
91.204.52.0/22
92.244.128.0/19
109.72.48.0/20
109.94.228.0-109.94.239.255
109.122.64.0/18
109.198.0.0/19
178.79.0.0/18
178.237.208.0/20
178.250.136.0/21
185.10.140.0/22
185.26.172.0/22
185.34.92.0/22
185.103.136.0/22
185.112.20.0/22
185.179.136.0/22
IPv6:
2a00:8720::/32
2a00:cf00::/32
2a01:b800::/32
2a02:61a0::/32
2a03:fc40::/32
2a04:1dc0::/29
2a06:5b00::/29
2a06:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
39:d7:2b:60:7f:d8:d3:2b:0f:99:59:1d:61:da:d7:32:d7:2e:
83:f1:d8:83:a6:c6:6e:fa:ec:96:4e:79:eb:15:f4:e2:f5:81:
62:c8:e7:d0:db:fe:58:a8:4b:ba:13:7c:35:ec:e6:ed:98:a3:
5c:f1:6c:23:97:20:a2:e9:ae:75:c1:25:44:ec:ff:89:c9:87:
55:35:6a:3a:58:a5:c9:1c:6b:40:3a:07:6e:1f:22:2c:47:e1:
33:f3:32:a6:54:2a:7c:23:2c:93:d8:36:c1:c5:54:e8:a4:99:
1c:40:bb:e8:06:76:de:29:2f:74:8b:79:94:6d:28:b2:a1:32:
0a:36:e6:cc:40:82:19:32:9e:81:5e:16:a2:cf:e4:c6:f5:64:
bc:08:61:44:48:c0:10:f3:3c:72:f1:c0:65:31:ee:14:e2:b2:
83:13:39:64:12:d9:f2:74:0d:1a:a2:ce:40:b6:d0:0d:b6:f8:
5c:0a:7a:bc:6b:36:14:ad:6e:7c:15:e3:f9:17:7e:4c:2b:2b:
cf:43:75:b5:b5:ca:8b:9c:b4:fe:72:80:8d:b8:4a:79:67:dc:
3a:c2:b0:ca:8d:12:51:81:37:61:35:a2:e3:af:36:1f:f4:da:
97:15:ed:a9:1e:a1:c0:4f:fd:b1:1c:f9:30:a4:6e:bc:ee:26:
a3:79:a3:13
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAYzFABtEyUktdj/gMqBrt19DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YjEzMjBmYmMyNGQ2ZjQzNjZjYjY0ZmNmNWVkMmQ3YjFi
NmJkZjcwHhcNMjQwMTAxMTIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTMyZjcxOGI3NDUzYzI4MTk4OGQ3NjZkOTYyZWMyZWIwZjYxYjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYFo3H7tecTadehMEvjxap1fUXnF
PiUWWeB2vxEBB6v07ICQWISpjbBkk5UdKsqD2X6SqKc/nJkJH6tUcJvYyXyBfGa8
jAnk7MeiTcdyOZHFCYvZU9fWjrkxUaoFB/9HmeWGlX+mrEnQgz2Ev9ZK3C6YmOQa
vKsSBVvQpXI8llkTW3RFj7r/kp41+mQbDcJzN6G2aM6WJ6yj6BOyoa+RGChl9BR3
/QBvNnXcBscPdgORHwqY/J5+mI3vQmYjsWreCKqcCkD1HKYIadpN6ovr3zBGQIUy
78ze9lzWIl8OSbNCQKrGfq3+VLr0Bl2ssVx4OPCGE3ApfRScTNQX8FlLgwIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFHoy9xi3RTwoGYjXZtli7C6w9htmMB8GA1UdIwQY
MBaAFOmxMg+8JNb0Nmy2T89e0textr33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUt
ZDNlMjgwMGJkNjQwLzEvZWpMM0dMZEZQQ2daaU5kbTJXTHNMckQyRzJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUtZDNlMjgwMGJkNjQw
LzEvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBhwQCAAEwgYADBAMF
hmgDBAMu62ADBAM+8BgDBAVX+iADBAVbuWADBAJbzDQDBAVc9IADBARtSDAwDAME
Am1e5AMEBG1e4AMEBm16QAMEBW3GAAMEBrJPAAMEBLLt0AMEA7L6iAMEArkKjAME
ArkarAMEArkiXAMEArlniAMEArlwFAMEArmziDA+BAIAAjA4AwUAKgCHIAMFACoA
zwADBQAqAbgAAwUAKgJhoAMFACoD/EADBQMqBB3AAwUDKgZbAAMFAyoGY8AwDQYJ
KoZIhvcNAQELBQADggEBADnXK2B/2NMrD5lZHWHa1zLXLoPx2IOmxm767JZOeesV
9OL1gWLI59Db/lioS7oTfDXs5u2Yo1zxbCOXIKLprnXBJUTs/4nJh1U1ajpYpckc
a0A6B24fIixH4TPzMqZUKnwjLJPYNsHFVOikmRxAu+gGdt4pL3SLeZRtKLKhMgo2
5sxAghkynoFeFqLP5Mb1ZLwIYURIwBDzPHLxwGUx7hTisoMTOWQS2fJ0DRqizkC2
0A22+FwKerxrNhStbnwV4/kXfkwrK89DdbW1youctP5ygI24Snln3DrCsMqNElGB
N2E1ouOvNh/02pcV7akeocBP/bEc+TCkbrzuJqN5oxM=
-----END CERTIFICATE-----
Generated at Mon Jul 1 09:03:51 2024 by rpki-client on console-fra.rpki-client.org