Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/H8T7ti_k86lO5pwWwiVKpOyyaXE.roa
File: H8T7ti_k86lO5pwWwiVKpOyyaXE.roa (raw, json)
Hash identifier: HUOGJ6BnZxVBWo6XVN0RcLbhzH24cNQecnVsRnVJUo0=
Subject key identifier: 1F:C4:FB:B6:2F:E4:F3:A9:4E:E6:9C:16:C2:25:4A:A4:EC:B2:69:71
Certificate issuer: /CN=07a6a589ee848a8052238191b98035e775122725
Certificate serial: 018EE68F7D663B71942759415EC2B468D77A
Authority key identifier: 07:A6:A5:89:EE:84:8A:80:52:23:81:91:B9:80:35:E7:75:12:27:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B6alie6EioBSI4GRuYA153USJyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/H8T7ti_k86lO5pwWwiVKpOyyaXE.roa
Signing time: Tue 16 Apr 2024 10:59:06 +0000
ROA not before: Tue 16 Apr 2024 10:59:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210218
IP address blocks: 2.58.94.0/24 maxlen: 24
2.58.136.0/23 maxlen: 23
2.58.138.0/23 maxlen: 23
2.59.248.0/22 maxlen: 22
31.13.194.0/24 maxlen: 24
31.13.249.0/24 maxlen: 24
31.13.250.0/23 maxlen: 23
31.13.252.0/22 maxlen: 22
45.8.74.0/23 maxlen: 23
45.12.248.0/22 maxlen: 22
45.139.100.0/22 maxlen: 22
45.149.232.0/24 maxlen: 24
77.75.56.0/23 maxlen: 23
77.75.58.0/23 maxlen: 23
78.40.160.0/22 maxlen: 22
78.40.164.0/22 maxlen: 22
80.249.124.0/22 maxlen: 22
87.120.46.0/23 maxlen: 23
87.120.63.0/24 maxlen: 24
87.120.85.0/24 maxlen: 24
87.120.86.0/24 maxlen: 24
87.120.96.0/23 maxlen: 23
87.120.111.0/24 maxlen: 24
87.120.177.0/24 maxlen: 24
87.120.218.0/24 maxlen: 24
87.120.224.0/24 maxlen: 24
87.120.226.0/24 maxlen: 24
87.120.232.0/22 maxlen: 22
87.121.19.0/24 maxlen: 24
87.121.36.0/23 maxlen: 23
87.121.66.0/23 maxlen: 23
87.121.68.0/24 maxlen: 24
87.121.116.0/24 maxlen: 24
87.121.148.0/23 maxlen: 23
91.92.3.0/24 maxlen: 24
91.197.196.0/22 maxlen: 22
91.243.184.0/22 maxlen: 22
92.249.51.0/24 maxlen: 24
93.123.68.0/22 maxlen: 22
93.123.86.0/23 maxlen: 23
93.123.108.0/24 maxlen: 24
94.154.174.0/23 maxlen: 23
94.156.16.0/22 maxlen: 22
94.156.32.0/24 maxlen: 24
94.156.48.0/21 maxlen: 21
94.156.95.0/24 maxlen: 24
94.156.108.0/22 maxlen: 22
94.156.168.0/23 maxlen: 23
94.156.182.0/23 maxlen: 23
94.156.184.0/24 maxlen: 24
94.156.187.0/24 maxlen: 24
94.156.192.0/23 maxlen: 23
94.156.234.0/23 maxlen: 23
94.156.240.0/22 maxlen: 22
94.156.246.0/23 maxlen: 23
94.240.56.0/22 maxlen: 22
95.214.124.0/23 maxlen: 23
95.214.126.0/23 maxlen: 23
141.98.0.0/24 maxlen: 24
164.40.184.0/24 maxlen: 24
178.175.184.0/21 maxlen: 21
178.175.184.0/22 maxlen: 22
185.171.148.0/22 maxlen: 22
193.19.200.0/22 maxlen: 22
193.36.232.0/22 maxlen: 22
193.37.43.0/24 maxlen: 24
193.46.172.0/22 maxlen: 22
193.56.16.0/22 maxlen: 22
193.56.248.0/22 maxlen: 22
193.58.184.0/22 maxlen: 22
193.207.0.0/24 maxlen: 24
193.207.16.0/21 maxlen: 21
194.76.204.0/22 maxlen: 22
194.147.8.0/22 maxlen: 22
195.225.120.0/22 maxlen: 22
212.22.128.0/19 maxlen: 19
212.24.0.0/19 maxlen: 19
212.73.135.0/24 maxlen: 24
2a09:e6c0::/29 maxlen: 29
2a09:e6c0::/48 maxlen: 48
2a09:e6c7:f800::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/B6alie6EioBSI4GRuYA153USJyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/B6alie6EioBSI4GRuYA153USJyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/B6alie6EioBSI4GRuYA153USJyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e6:8f:7d:66:3b:71:94:27:59:41:5e:c2:b4:68:d7:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07a6a589ee848a8052238191b98035e775122725
Validity
Not Before: Apr 16 10:59:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fc4fbb62fe4f3a94ee69c16c2254aa4ecb26971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d2:d6:97:64:f4:93:e7:5b:12:62:42:7a:bd:
f5:b6:cc:96:d4:30:28:dd:aa:05:8d:31:c7:02:5b:
1d:06:73:38:ee:a9:31:7d:e9:fe:6c:2a:67:47:f4:
86:db:d1:86:a0:c6:b9:75:c7:75:66:2d:a1:98:8f:
d8:ee:e8:5e:d8:6e:2d:d8:ef:76:cb:17:bf:d5:0e:
8e:d7:3a:8c:c4:54:f2:8d:68:68:b6:0b:eb:8b:4e:
5c:e4:5d:8a:98:bb:6f:80:54:eb:39:ae:ae:87:f1:
db:cb:c1:af:df:60:da:f7:76:b9:68:66:63:6a:74:
c5:3e:8b:b4:71:31:3b:a6:4f:41:86:10:d1:2a:a9:
9e:3d:3d:06:51:3a:7a:2e:86:4b:00:95:b0:1a:cd:
76:79:7b:9a:60:5e:c9:29:93:37:da:95:0e:33:f5:
80:9e:67:46:38:8c:f2:f7:03:32:e0:73:9b:4b:17:
fb:57:0a:2a:4b:94:cd:c9:f3:28:36:72:e5:9b:af:
dc:fd:95:ee:f3:1b:75:bf:94:5a:dd:52:04:04:7d:
43:5f:3a:ce:ca:53:94:8d:f4:97:1a:a7:3f:2a:c8:
38:d9:97:ac:ce:d1:b2:64:ef:4c:fe:74:b5:41:eb:
a9:fe:70:37:01:cd:79:dd:0c:d8:0f:5e:0b:f4:f4:
68:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:C4:FB:B6:2F:E4:F3:A9:4E:E6:9C:16:C2:25:4A:A4:EC:B2:69:71
X509v3 Authority Key Identifier:
keyid:07:A6:A5:89:EE:84:8A:80:52:23:81:91:B9:80:35:E7:75:12:27:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6alie6EioBSI4GRuYA153USJyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/H8T7ti_k86lO5pwWwiVKpOyyaXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/B6alie6EioBSI4GRuYA153USJyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.94.0/24
2.58.136.0/22
2.59.248.0/22
31.13.194.0/24
31.13.249.0-31.13.255.255
45.8.74.0/23
45.12.248.0/22
45.139.100.0/22
45.149.232.0/24
77.75.56.0/22
78.40.160.0/21
80.249.124.0/22
87.120.46.0/23
87.120.63.0/24
87.120.85.0-87.120.86.255
87.120.96.0/23
87.120.111.0/24
87.120.177.0/24
87.120.218.0/24
87.120.224.0/24
87.120.226.0/24
87.120.232.0/22
87.121.19.0/24
87.121.36.0/23
87.121.66.0-87.121.68.255
87.121.116.0/24
87.121.148.0/23
91.92.3.0/24
91.197.196.0/22
91.243.184.0/22
92.249.51.0/24
93.123.68.0/22
93.123.86.0/23
93.123.108.0/24
94.154.174.0/23
94.156.16.0/22
94.156.32.0/24
94.156.48.0/21
94.156.95.0/24
94.156.108.0/22
94.156.168.0/23
94.156.182.0-94.156.184.255
94.156.187.0/24
94.156.192.0/23
94.156.234.0/23
94.156.240.0/22
94.156.246.0/23
94.240.56.0/22
95.214.124.0/22
141.98.0.0/24
164.40.184.0/24
178.175.184.0/21
185.171.148.0/22
193.19.200.0/22
193.36.232.0/22
193.37.43.0/24
193.46.172.0/22
193.56.16.0/22
193.56.248.0/22
193.58.184.0/22
193.207.0.0/24
193.207.16.0/21
194.76.204.0/22
194.147.8.0/22
195.225.120.0/22
212.22.128.0/19
212.24.0.0/19
212.73.135.0/24
IPv6:
2a09:e6c0::/29
Signature Algorithm: sha256WithRSAEncryption
27:16:cd:b2:dd:95:6a:4a:c4:ff:d7:47:06:06:55:cf:18:57:
e4:67:60:be:37:e0:00:66:ea:ba:f0:27:9d:57:8b:03:48:00:
86:bd:e8:ba:53:06:4d:8a:92:8a:26:aa:0a:cb:0e:8f:d4:95:
f3:0c:b7:dc:77:85:da:4b:d8:73:e3:2d:50:c1:2b:c7:bd:3c:
0c:27:29:08:bf:c1:ed:e1:16:2b:4a:28:76:76:b1:96:fd:13:
8c:4b:23:91:25:0b:e8:83:7c:c0:d9:fa:25:8e:e0:29:40:2b:
be:19:57:bb:7c:e9:ff:6d:01:58:7f:91:6e:67:8c:d2:cd:27:
91:20:f3:56:59:2c:80:61:7c:57:3c:80:e2:df:5a:70:32:14:
ce:d2:db:87:7f:ff:bb:92:e5:8f:dd:53:b2:d5:cd:84:ce:23:
6f:6c:c6:09:57:15:7b:aa:8b:3a:34:f2:7c:c0:c8:be:e8:c6:
1b:3a:fd:70:7b:92:f2:04:dc:49:33:f6:58:b8:bb:cd:e3:e6:
89:0c:54:aa:46:5a:1a:b4:92:9b:01:0a:0d:31:ca:32:c3:23:
2d:24:40:ca:03:11:5b:f5:75:e6:d7:29:c2:82:42:0b:02:03:
f3:b2:40:c4:8e:af:cd:19:ed:27:1e:83:ed:9c:18:7d:e2:74:
6e:ca:5a:7f
-----BEGIN CERTIFICATE-----
MIIGxzCCBa+gAwIBAgISAY7mj31mO3GUJ1lBXsK0aNd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YTZhNTg5ZWU4NDhhODA1MjIzODE5MWI5ODAzNWU3NzUx
MjI3MjUwHhcNMjQwNDE2MTA1OTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmM0ZmJiNjJmZTRmM2E5NGVlNjljMTZjMjI1NGFhNGVjYjI2OTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdLWl2T0k+dbEmJCer31tsyW1DAo
3aoFjTHHAlsdBnM47qkxfen+bCpnR/SG29GGoMa5dcd1Zi2hmI/Y7uhe2G4t2O92
yxe/1Q6O1zqMxFTyjWhotgvri05c5F2KmLtvgFTrOa6uh/Hby8Gv32Da93a5aGZj
anTFPou0cTE7pk9BhhDRKqmePT0GUTp6LoZLAJWwGs12eXuaYF7JKZM32pUOM/WA
nmdGOIzy9wMy4HObSxf7VwoqS5TNyfMoNnLlm6/c/ZXu8xt1v5Ra3VIEBH1DXzrO
ylOUjfSXGqc/Ksg42ZesztGyZO9M/nS1Qeup/nA3Ac153QzYD14L9PRohwIDAQAB
o4ID0zCCA88wHQYDVR0OBBYEFB/E+7Yv5POpTuacFsIlSqTssmlxMB8GA1UdIwQY
MBaAFAempYnuhIqAUiOBkbmANed1EiclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjZhbGllNkVpb0JTSTRHUnVZQTE1M1VTSnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83ZmFmNWUtNzQzNS00OWZlLWFjZDct
MjBmYmM5MDY0OTRiLzEvSDhUN3RpX2s4NmxPNXB3V3dpVktwT3l5YVhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83ZmFmNWUtNzQzNS00OWZlLWFjZDctMjBmYmM5MDY0OTRi
LzEvQjZhbGllNkVpb0JTSTRHUnVZQTE1M1VTSnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB5wYIKwYBBQUHAQcBAf8EggHWMIIB0jCCAb8EAgABMIIB
twMEAAI6XgMEAgI6iAMEAgI7+AMEAB8NwjALAwQAHw35AwMBHwwDBAEtCEoDBAIt
DPgDBAIti2QDBAAtlegDBAJNSzgDBANOKKADBAJQ+XwDBAFXeC4DBABXeD8wDAME
AFd4VQMEAFd4VgMEAVd4YAMEAFd4bwMEAFd4sQMEAFd42gMEAFd44AMEAFd44gME
Ald46AMEAFd5EwMEAVd5JDAMAwQBV3lCAwQAV3lEAwQAV3l0AwQBV3mUAwQAW1wD
AwQCW8XEAwQCW/O4AwQAXPkzAwQCXXtEAwQBXXtWAwQAXXtsAwQBXpquAwQCXpwQ
AwQAXpwgAwQDXpwwAwQAXpxfAwQCXpxsAwQBXpyoMAwDBAFenLYDBABenLgDBABe
nLsDBAFenMADBAFenOoDBAJenPADBAFenPYDBAJe8DgDBAJf1nwDBACNYgADBACk
KLgDBAOyr7gDBAK5q5QDBALBE8gDBALBJOgDBADBJSsDBALBLqwDBALBOBADBALB
OPgDBALBOrgDBADBzwADBAPBzxADBALCTMwDBALCkwgDBALD4XgDBAXUFoADBAXU
GAADBADUSYcwDQQCAAIwBwMFAyoJ5sAwDQYJKoZIhvcNAQELBQADggEBACcWzbLd
lWpKxP/XRwYGVc8YV+RnYL434ABm6rrwJ51XiwNIAIa96LpTBk2KkoomqgrLDo/U
lfMMt9x3hdpL2HPjLVDBK8e9PAwnKQi/we3hFitKKHZ2sZb9E4xLI5ElC+iDfMDZ
+iWO4ClAK74ZV7t86f9tAVh/kW5njNLNJ5Eg81ZZLIBhfFc8gOLfWnAyFM7S24d/
/7uS5Y/dU7LVzYTOI29sxglXFXuqizo08nzAyL7oxhs6/XB7kvIE3Ekz9li4u83j
5okMVKpGWhq0kpsBCg0xyjLDIy0kQMoDEVv1debXKcKCQgsCA/OyQMSOr80Z7Sce
g+2cGH3idG7KWn8=
-----END CERTIFICATE-----
Generated at Sun May 12 07:51:17 2024 by rpki-client on console-fra.rpki-client.org