Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/fHXZhm-GVGtL6-o_G7G7tGL67Tc.roa
File: fHXZhm-GVGtL6-o_G7G7tGL67Tc.roa (raw, json)
Hash identifier: OntMKwIaZdDlQJt8/zC4XyzrBtHXmAUhDh9dWorVBdQ=
Subject key identifier: 7C:75:D9:86:6F:86:54:6B:4B:EB:EA:3F:1B:B1:BB:B4:62:FA:ED:37
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 0191BC742058DD1EC025CE8BF913E524A7F3
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/fHXZhm-GVGtL6-o_G7G7tGL67Tc.roa
Signing time: Wed 04 Sep 2024 09:53:32 +0000
ROA not before: Wed 04 Sep 2024 09:53:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44709
IP address blocks: 5.100.248.0/24 maxlen: 24
5.100.249.0/24 maxlen: 24
5.100.250.0/24 maxlen: 24
5.100.251.0/24 maxlen: 24
5.100.252.0/24 maxlen: 24
5.100.253.0/24 maxlen: 24
5.100.254.0/24 maxlen: 24
5.100.255.0/24 maxlen: 24
31.133.100.0/24 maxlen: 24
31.133.102.0/24 maxlen: 24
31.133.103.0/24 maxlen: 24
45.83.40.0/24 maxlen: 24
45.83.42.0/24 maxlen: 24
45.83.43.0/24 maxlen: 24
45.93.92.0/24 maxlen: 24
45.93.93.0/24 maxlen: 24
45.93.94.0/24 maxlen: 24
45.93.95.0/24 maxlen: 24
63.250.61.0/24 maxlen: 24
63.250.62.0/24 maxlen: 24
63.250.63.0/24 maxlen: 24
81.28.7.0/24 maxlen: 24
83.229.70.0/24 maxlen: 24
83.229.71.0/24 maxlen: 24
83.229.72.0/24 maxlen: 24
83.229.73.0/24 maxlen: 24
83.229.74.0/24 maxlen: 24
91.202.168.0/24 maxlen: 24
91.202.169.0/24 maxlen: 24
91.202.170.0/24 maxlen: 24
91.202.171.0/24 maxlen: 24
91.223.106.0/24 maxlen: 24
91.226.72.0/24 maxlen: 24
91.226.76.0/24 maxlen: 24
91.228.126.0/23 maxlen: 23
103.45.244.0/24 maxlen: 24
109.207.76.0/24 maxlen: 24
109.207.79.0/24 maxlen: 24
185.28.152.0/24 maxlen: 24
185.28.153.0/24 maxlen: 24
185.28.154.0/24 maxlen: 24
185.28.155.0/24 maxlen: 24
185.47.173.0/24 maxlen: 24
185.47.175.0/24 maxlen: 24
185.56.72.0/22 maxlen: 22
185.139.231.0/24 maxlen: 24
185.159.72.0/24 maxlen: 24
185.159.73.0/24 maxlen: 24
185.159.74.0/24 maxlen: 24
185.162.124.0/24 maxlen: 24
185.162.125.0/24 maxlen: 24
185.162.126.0/24 maxlen: 24
185.220.207.0/24 maxlen: 24
185.241.4.0/24 maxlen: 24
185.241.5.0/24 maxlen: 24
185.241.6.0/24 maxlen: 24
185.241.7.0/24 maxlen: 24
185.253.72.0/24 maxlen: 24
185.253.73.0/24 maxlen: 24
185.253.75.0/24 maxlen: 24
188.191.147.0/24 maxlen: 24
194.36.89.0/24 maxlen: 24
194.36.90.0/24 maxlen: 24
194.36.91.0/24 maxlen: 24
195.28.180.0/24 maxlen: 24
195.28.181.0/24 maxlen: 24
195.238.120.0/24 maxlen: 24
212.80.204.0/24 maxlen: 24
212.80.205.0/24 maxlen: 24
212.80.206.0/24 maxlen: 24
212.80.207.0/24 maxlen: 24
2a06:c5c0::/48 maxlen: 48
2a06:c5c0:700::/48 maxlen: 48
2a06:c5c0:900::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.mft
rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bc:74:20:58:dd:1e:c0:25:ce:8b:f9:13:e5:24:a7:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Sep 4 09:53:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c75d9866f86546b4bebea3f1bb1bbb462faed37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:de:91:2a:6c:51:c1:b3:b5:db:93:7a:33:ff:
79:80:f3:fa:2a:99:cf:a8:02:b2:9a:97:a2:08:70:
31:b9:2e:f9:2c:c9:84:01:52:72:e7:43:9e:e3:37:
3c:6f:df:d5:ab:91:e2:68:15:93:5f:84:6a:54:b3:
ec:2c:78:40:81:ca:63:1d:50:f2:08:20:3b:88:df:
79:0e:ac:e6:bf:d7:1c:20:60:46:c9:41:b7:67:9f:
6c:27:6b:93:25:23:7f:b4:51:9f:cf:d4:3b:93:21:
62:c5:ab:4b:5c:10:d9:f7:53:78:a1:a6:18:a1:d0:
64:c8:b0:c5:cd:ee:91:51:c0:4a:63:da:f2:6d:04:
d0:31:46:6e:ca:e2:17:5e:46:97:77:30:1b:07:8e:
db:69:18:ba:15:f6:8d:d2:42:18:f2:82:68:6d:c0:
9c:12:04:16:c7:31:5f:6e:88:f1:95:bd:b9:06:9a:
a5:a3:c9:c7:d3:60:b8:fc:3a:9d:13:73:98:64:b7:
2f:ca:0b:f0:ce:17:d0:43:da:39:5e:e0:fb:f0:58:
2f:a0:82:cd:da:b6:97:85:31:aa:ab:99:5e:d0:c0:
3b:39:82:5a:76:e3:69:80:67:8d:59:36:e1:0d:16:
07:bc:83:0c:89:3c:38:12:39:dd:eb:61:14:dd:f4:
b3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:75:D9:86:6F:86:54:6B:4B:EB:EA:3F:1B:B1:BB:B4:62:FA:ED:37
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/fHXZhm-GVGtL6-o_G7G7tGL67Tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.248.0/21
31.133.100.0/24
31.133.102.0/23
45.83.40.0/24
45.83.42.0/23
45.93.92.0/22
63.250.61.0-63.250.63.255
81.28.7.0/24
83.229.70.0-83.229.74.255
91.202.168.0/22
91.223.106.0/24
91.226.72.0/24
91.226.76.0/24
91.228.126.0/23
103.45.244.0/24
109.207.76.0/24
109.207.79.0/24
185.28.152.0/22
185.47.173.0/24
185.47.175.0/24
185.56.72.0/22
185.139.231.0/24
185.159.72.0-185.159.74.255
185.162.124.0-185.162.126.255
185.220.207.0/24
185.241.4.0/22
185.253.72.0/23
185.253.75.0/24
188.191.147.0/24
194.36.89.0-194.36.91.255
195.28.180.0/23
195.238.120.0/24
212.80.204.0/22
IPv6:
2a06:c5c0::/48
2a06:c5c0:700::/48
2a06:c5c0:900::/48
Signature Algorithm: sha256WithRSAEncryption
ad:19:3c:d9:68:0e:84:44:3d:e6:96:05:f5:ab:dc:64:ba:2c:
1a:00:c3:12:28:35:ac:28:c4:f0:f4:6a:bd:6d:3c:7b:65:1c:
6f:37:98:52:c4:57:64:77:bb:82:ce:c1:cf:1d:31:6c:f9:52:
2a:98:dc:0c:7e:a1:bb:16:c2:df:fe:8b:59:3e:f7:48:4d:26:
b7:21:b1:d5:9d:b7:e4:5c:24:79:24:01:e5:05:9c:30:c9:61:
8f:20:4c:49:ba:4b:bd:fa:16:6d:52:b3:15:6c:ec:aa:73:ca:
e3:01:fb:72:01:b1:64:07:01:12:df:6a:0e:0f:61:2d:e6:31:
da:f8:9b:e7:3a:4c:18:bc:68:df:08:cd:42:d0:b4:a2:18:71:
91:62:b8:4c:c9:92:f1:b5:ca:a9:83:15:77:4a:59:98:17:1d:
6d:66:8d:45:bd:16:cf:8c:6b:92:e7:11:5b:24:48:6c:f9:0e:
bb:08:0a:00:0e:89:9c:b4:64:b1:79:e8:4a:a2:4a:b3:ea:9d:
41:88:50:5f:2e:5a:9b:e4:90:37:dc:c6:95:24:93:c6:8b:b3:
5f:14:40:36:f1:95:22:c5:73:99:2f:b3:0c:a7:f4:dd:e2:eb:
89:3b:e3:b1:d8:f7:ca:a4:e2:11:53:ee:12:57:5e:dc:63:60:
21:62:56:47
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgISAZG8dCBY3R7AJc6L+RPlJKfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjQwOTA0MDk1MzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yzc1ZDk4NjZmODY1NDZiNGJlYmVhM2YxYmIxYmJiNDYyZmFlZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt96RKmxRwbO125N6M/95gPP6KpnP
qAKympeiCHAxuS75LMmEAVJy50Oe4zc8b9/Vq5HiaBWTX4RqVLPsLHhAgcpjHVDy
CCA7iN95Dqzmv9ccIGBGyUG3Z59sJ2uTJSN/tFGfz9Q7kyFixatLXBDZ91N4oaYY
odBkyLDFze6RUcBKY9rybQTQMUZuyuIXXkaXdzAbB47baRi6FfaN0kIY8oJobcCc
EgQWxzFfbojxlb25Bpqlo8nH02C4/DqdE3OYZLcvygvwzhfQQ9o5XuD78FgvoILN
2raXhTGqq5le0MA7OYJaduNpgGeNWTbhDRYHvIMMiTw4Ejnd62EU3fSz5wIDAQAB
o4IDHDCCAxgwHQYDVR0OBBYEFHx12YZvhlRrS+vqPxuxu7Ri+u03MB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvZkhYWmhtLUdWR3RMNi1vX0c3Rzd0R0w2N1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMAYIKwYBBQUHAQcBAf8EggEfMIIBGzCB9QQCAAEwge4D
BAMFZPgDBAAfhWQDBAEfhWYDBAAtUygDBAEtUyoDBAItXVwwDAMEAD/6PQMEBj/6
AAMEAFEcBzAMAwQBU+VGAwQAU+VKAwQCW8qoAwQAW99qAwQAW+JIAwQAW+JMAwQB
W+R+AwQAZy30AwQAbc9MAwQAbc9PAwQCuRyYAwQAuS+tAwQAuS+vAwQCuThIAwQA
uYvnMAwDBAO5n0gDBAC5n0owDAMEArmifAMEALmifgMEALnczwMEArnxBAMEAbn9
SAMEALn9SwMEALy/kzAMAwQAwiRZAwQCwiRYAwQBwxy0AwQAw+54AwQC1FDMMCEE
AgACMBsDBwAqBsXAAAADBwAqBsXABwADBwAqBsXACQAwDQYJKoZIhvcNAQELBQAD
ggEBAK0ZPNloDoREPeaWBfWr3GS6LBoAwxIoNawoxPD0ar1tPHtlHG83mFLEV2R3
u4LOwc8dMWz5UiqY3Ax+obsWwt/+i1k+90hNJrchsdWdt+RcJHkkAeUFnDDJYY8g
TEm6S736Fm1SsxVs7KpzyuMB+3IBsWQHARLfag4PYS3mMdr4m+c6TBi8aN8IzULQ
tKIYcZFiuEzJkvG1yqmDFXdKWZgXHW1mjUW9Fs+Ma5LnEVskSGz5DrsICgAOiZy0
ZLF56EqiSrPqnUGIUF8uWpvkkDfcxpUkk8aLs18UQDbxlSLFc5kvswyn9N3i64k7
47HY98qk4hFT7hJXXtxjYCFiVkc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:26 2024 by rpki-client on console-ams.rpki-client.org