Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/aFT560fIKe2WUbP_n6CnvwwXwJY.roa
File: aFT560fIKe2WUbP_n6CnvwwXwJY.roa (raw, json)
Hash identifier: U0j/ohq9so4uNB8ZkaplKF3T9hD6TIfrUwbEh3cHIRQ=
Subject key identifier: 68:54:F9:EB:47:C8:29:ED:96:51:B3:FF:9F:A0:A7:BF:0C:17:C0:96
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 018EDB627692A09266BCE1E5F5343EA393F5
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/aFT560fIKe2WUbP_n6CnvwwXwJY.roa
Signing time: Sun 14 Apr 2024 06:54:06 +0000
ROA not before: Sun 14 Apr 2024 06:54:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210329
IP address blocks: 45.91.170.0/24 maxlen: 24
63.250.58.0/24 maxlen: 24
81.28.4.0/24 maxlen: 24
81.28.5.0/24 maxlen: 24
83.229.68.0/24 maxlen: 24
83.229.69.0/24 maxlen: 24
83.229.75.0/24 maxlen: 24
91.223.236.0/24 maxlen: 24
103.13.208.0/24 maxlen: 24
103.13.209.0/24 maxlen: 24
103.241.64.0/24 maxlen: 24
103.241.65.0/24 maxlen: 24
185.53.211.0/24 maxlen: 24
185.127.16.0/24 maxlen: 24
185.127.17.0/24 maxlen: 24
185.127.18.0/24 maxlen: 24
185.127.19.0/24 maxlen: 24
185.181.9.0/24 maxlen: 24
185.181.11.0/24 maxlen: 24
185.227.109.0/24 maxlen: 24
185.237.12.0/24 maxlen: 24
185.237.13.0/24 maxlen: 24
185.237.98.0/24 maxlen: 24
185.237.99.0/24 maxlen: 24
185.247.116.0/24 maxlen: 24
185.247.119.0/24 maxlen: 24
194.37.82.0/24 maxlen: 24
194.146.24.0/24 maxlen: 24
194.146.25.0/24 maxlen: 24
195.238.123.0/24 maxlen: 24
212.86.104.0/24 maxlen: 24
212.86.105.0/24 maxlen: 24
2a06:c5c0:600::/48 maxlen: 48
2a07:3b80:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.mft
rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 21:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:db:62:76:92:a0:92:66:bc:e1:e5:f5:34:3e:a3:93:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Apr 14 06:54:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6854f9eb47c829ed9651b3ff9fa0a7bf0c17c096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:57:47:36:c6:f5:42:b5:2a:c4:c2:1a:91:e1:
4e:2a:a4:47:a1:80:41:bb:c5:18:45:8b:d8:0a:69:
50:a7:42:f6:32:7d:ef:07:1e:c0:1b:97:92:61:ba:
11:7d:99:f1:d9:34:a9:52:44:a2:69:58:d7:66:ad:
88:d9:d2:47:fc:89:1f:f1:7e:22:4a:3a:24:31:65:
b4:f6:46:4f:e2:4c:4d:0b:10:10:9e:a5:4b:a9:0b:
3e:93:fb:be:3a:1a:e1:b9:ba:b1:cc:e8:a4:03:2e:
ac:3f:76:8c:87:97:22:74:e3:2a:fb:24:14:ad:a3:
a9:1b:b3:28:16:3f:cd:e4:9e:67:0a:e6:93:dd:7a:
65:8d:9b:7c:9b:1a:6b:60:ca:bb:6c:c6:25:ef:a7:
c8:98:ec:a2:7c:9c:8e:51:83:f6:45:22:da:df:e4:
fd:d2:9b:2e:e0:d3:cb:2a:69:8a:9f:9e:fa:b6:01:
c6:b9:66:9f:7b:c3:c7:dd:58:94:1a:ee:49:c9:db:
a0:cd:d5:27:86:ae:ef:e5:a2:e0:19:93:be:74:bf:
a0:96:45:0e:6e:c7:20:72:86:41:b9:84:89:d2:a8:
6d:fe:0b:fe:26:e5:f5:da:cc:6c:b1:cd:2c:d1:e5:
a9:27:ed:83:9e:68:23:e2:98:83:f0:ee:28:02:79:
7d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:54:F9:EB:47:C8:29:ED:96:51:B3:FF:9F:A0:A7:BF:0C:17:C0:96
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/aFT560fIKe2WUbP_n6CnvwwXwJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.170.0/24
63.250.58.0/24
81.28.4.0/23
83.229.68.0/23
83.229.75.0/24
91.223.236.0/24
103.13.208.0/23
103.241.64.0/23
185.53.211.0/24
185.127.16.0/22
185.181.9.0/24
185.181.11.0/24
185.227.109.0/24
185.237.12.0/23
185.237.98.0/23
185.247.116.0/24
185.247.119.0/24
194.37.82.0/24
194.146.24.0/23
195.238.123.0/24
212.86.104.0/23
IPv6:
2a06:c5c0:600::/48
2a07:3b80:2::/48
Signature Algorithm: sha256WithRSAEncryption
4b:9d:4b:f1:c6:24:08:cf:0e:09:23:ff:d9:de:16:61:8e:f2:
e1:bb:ff:f2:1f:b5:89:4f:bf:12:12:82:01:7f:a8:a0:0e:f2:
81:65:71:5b:fc:b3:25:97:f4:a7:29:cf:44:a0:b3:7d:9a:2a:
7f:e8:25:8a:9d:fb:d7:e9:82:14:34:f4:65:0c:8a:55:df:6f:
d7:aa:1b:6c:2c:4b:c1:5e:0f:a9:ec:06:a5:8e:31:94:17:a9:
75:9d:88:81:13:ae:ad:ca:6b:66:45:bf:ec:bf:53:58:50:fb:
68:b0:62:70:e6:fa:45:e5:b1:a0:67:8b:4b:88:0e:e0:66:7b:
57:9f:8c:54:59:78:22:b6:45:ec:35:4e:3e:d3:7a:e1:ef:2c:
33:cc:aa:fa:fe:53:e9:e7:fa:0c:69:ae:99:4a:3c:e9:cc:8e:
21:a8:45:ab:c2:ac:2b:98:92:a8:38:f1:27:17:e7:72:59:b2:
6b:80:5c:bf:5e:30:8b:7b:bc:5c:fe:53:50:c4:da:4b:9e:8b:
f4:3d:82:de:32:41:ea:67:87:9a:62:19:5a:f1:82:87:ae:7e:
7b:07:88:9e:05:70:2c:d4:bb:c0:70:d5:23:e1:5e:53:8a:8b:
00:89:82:71:46:68:df:e9:02:50:11:6d:42:f0:5b:d2:fc:ba:
8c:9b:b5:11
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAY7bYnaSoJJmvOHl9TQ+o5P1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjQwNDE0MDY1NDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODU0ZjllYjQ3YzgyOWVkOTY1MWIzZmY5ZmEwYTdiZjBjMTdjMDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAildHNsb1QrUqxMIakeFOKqRHoYBB
u8UYRYvYCmlQp0L2Mn3vBx7AG5eSYboRfZnx2TSpUkSiaVjXZq2I2dJH/Ikf8X4i
SjokMWW09kZP4kxNCxAQnqVLqQs+k/u+OhrhubqxzOikAy6sP3aMh5cidOMq+yQU
raOpG7MoFj/N5J5nCuaT3XpljZt8mxprYMq7bMYl76fImOyifJyOUYP2RSLa3+T9
0psu4NPLKmmKn576tgHGuWafe8PH3ViUGu5JydugzdUnhq7v5aLgGZO+dL+glkUO
bscgcoZBuYSJ0qht/gv+JuX12sxssc0s0eWpJ+2Dnmgj4piD8O4oAnl9TQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFGhU+etHyCntllGz/5+gp78MF8CWMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvYUZUNTYwZklLZTJXVWJQX242Q252d3dYd0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBhAQCAAEwfgMEAC1b
qgMEAD/6OgMEAVEcBAMEAVPlRAMEAFPlSwMEAFvf7AMEAWcN0AMEAWfxQAMEALk1
0wMEArl/EAMEALm1CQMEALm1CwMEALnjbQMEAbntDAMEAbntYgMEALn3dAMEALn3
dwMEAMIlUgMEAcKSGAMEAMPuewMEAdRWaDAYBAIAAjASAwcAKgbFwAYAAwcAKgc7
gAACMA0GCSqGSIb3DQEBCwUAA4IBAQBLnUvxxiQIzw4JI//Z3hZhjvLhu//yH7WJ
T78SEoIBf6igDvKBZXFb/LMll/SnKc9EoLN9mip/6CWKnfvX6YIUNPRlDIpV32/X
qhtsLEvBXg+p7AaljjGUF6l1nYiBE66tymtmRb/sv1NYUPtosGJw5vpF5bGgZ4tL
iA7gZntXn4xUWXgitkXsNU4+03rh7ywzzKr6/lPp5/oMaa6ZSjzpzI4hqEWrwqwr
mJKoOPEnF+dyWbJrgFy/XjCLe7xc/lNQxNpLnov0PYLeMkHqZ4eaYhla8YKHrn57
B4ieBXAs1LvAcNUj4V5TiosAiYJxRmjf6QJQEW1C8FvS/LqMm7UR
-----END CERTIFICATE-----
Generated at Sun May 26 06:54:39 2024 by rpki-client on console-ams.rpki-client.org