Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/HlClfikOJrfktj0svDKphR0_6Ic.roa
File: HlClfikOJrfktj0svDKphR0_6Ic.roa (raw, json)
Hash identifier: g1qw7C3eBB8cA1eir2ZaMGGhWvD9jq2Y2uAjecDMYHM=
Subject key identifier: 1E:50:A5:7E:29:0E:26:B7:E4:B6:3D:2C:BC:32:A9:85:1D:3F:E8:87
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 0194266B2EE023166BB31B39D0A7751D3568
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/HlClfikOJrfktj0svDKphR0_6Ic.roa
Signing time: Thu 02 Jan 2025 09:49:05 +0000
ROA not before: Thu 02 Jan 2025 09:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 27882
IP address blocks: 158.172.152.0/21 maxlen: 21
158.172.152.0/22 maxlen: 22
158.172.152.0/23 maxlen: 23
158.172.152.0/24 maxlen: 24
158.172.153.0/24 maxlen: 24
158.172.154.0/23 maxlen: 23
158.172.154.0/24 maxlen: 24
158.172.155.0/24 maxlen: 24
158.172.156.0/22 maxlen: 22
158.172.156.0/23 maxlen: 23
158.172.156.0/24 maxlen: 24
158.172.157.0/24 maxlen: 24
158.172.158.0/23 maxlen: 23
158.172.158.0/24 maxlen: 24
158.172.159.0/24 maxlen: 24
158.172.224.0/19 maxlen: 19
158.172.224.0/20 maxlen: 20
158.172.224.0/21 maxlen: 21
158.172.224.0/22 maxlen: 22
158.172.224.0/23 maxlen: 23
158.172.224.0/24 maxlen: 24
158.172.225.0/24 maxlen: 24
158.172.226.0/23 maxlen: 23
158.172.226.0/24 maxlen: 24
158.172.227.0/24 maxlen: 24
158.172.228.0/22 maxlen: 22
158.172.228.0/23 maxlen: 23
158.172.228.0/24 maxlen: 24
158.172.229.0/24 maxlen: 24
158.172.230.0/23 maxlen: 23
158.172.230.0/24 maxlen: 24
158.172.231.0/24 maxlen: 24
158.172.232.0/21 maxlen: 21
158.172.232.0/22 maxlen: 22
158.172.232.0/23 maxlen: 23
158.172.232.0/24 maxlen: 24
158.172.233.0/24 maxlen: 24
158.172.234.0/23 maxlen: 23
158.172.234.0/24 maxlen: 24
158.172.235.0/24 maxlen: 24
158.172.236.0/22 maxlen: 22
158.172.236.0/23 maxlen: 23
158.172.236.0/24 maxlen: 24
158.172.237.0/24 maxlen: 24
158.172.238.0/23 maxlen: 23
158.172.238.0/24 maxlen: 24
158.172.239.0/24 maxlen: 24
158.172.240.0/20 maxlen: 20
158.172.240.0/21 maxlen: 21
158.172.240.0/22 maxlen: 22
158.172.240.0/23 maxlen: 23
158.172.240.0/24 maxlen: 24
158.172.241.0/24 maxlen: 24
158.172.242.0/23 maxlen: 23
158.172.242.0/24 maxlen: 24
158.172.243.0/24 maxlen: 24
158.172.244.0/22 maxlen: 22
158.172.244.0/23 maxlen: 23
158.172.244.0/24 maxlen: 24
158.172.245.0/24 maxlen: 24
158.172.246.0/23 maxlen: 23
158.172.246.0/24 maxlen: 24
158.172.247.0/24 maxlen: 24
158.172.248.0/21 maxlen: 21
158.172.248.0/22 maxlen: 22
158.172.248.0/23 maxlen: 23
158.172.248.0/24 maxlen: 24
158.172.249.0/24 maxlen: 24
158.172.250.0/23 maxlen: 23
158.172.250.0/24 maxlen: 24
158.172.251.0/24 maxlen: 24
158.172.252.0/22 maxlen: 22
158.172.252.0/23 maxlen: 23
158.172.252.0/24 maxlen: 24
158.172.253.0/24 maxlen: 24
158.172.254.0/23 maxlen: 23
158.172.254.0/24 maxlen: 24
158.172.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:2e:e0:23:16:6b:b3:1b:39:d0:a7:75:1d:35:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Jan 2 09:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e50a57e290e26b7e4b63d2cbc32a9851d3fe887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:96:03:42:5d:ce:55:18:df:70:f3:01:d0:f3:
e6:b1:1b:bf:6e:02:1f:e7:24:67:c4:b8:c9:c6:a1:
38:39:a0:b8:9a:03:d4:47:6b:55:96:91:a5:d5:b9:
79:a8:77:ec:ff:de:60:91:c5:3c:41:26:b3:4e:48:
f7:b4:6c:7a:41:a6:5c:a0:4f:02:30:1a:c8:ae:aa:
3a:59:25:77:f2:bb:d3:73:99:93:5b:8c:6d:48:1a:
69:b6:a2:98:b5:02:fc:35:72:4b:80:14:fb:b8:c9:
45:ce:32:39:ce:54:cf:3f:3a:67:e4:c0:47:2a:6d:
4c:63:6a:8d:17:04:7c:d8:80:92:b1:20:11:a9:81:
dc:b0:e6:6e:ea:ad:e9:52:da:7e:b4:db:04:98:b6:
fc:db:c3:99:4e:10:5b:1d:60:2c:70:86:d9:4e:66:
0a:1c:4c:45:4f:a4:8b:df:c3:21:bb:48:ae:28:fc:
a8:37:48:e1:d5:bb:b6:d0:60:96:a7:70:af:63:70:
98:fd:65:8e:67:3b:42:48:cd:f2:7b:25:e1:d8:33:
78:41:b1:53:f5:46:d0:7d:1e:7b:a9:78:15:95:37:
d3:24:18:ca:85:15:a3:4b:e8:52:eb:5c:b7:1a:c6:
21:29:fc:5a:fc:80:86:80:f4:68:81:20:08:37:34:
f0:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:50:A5:7E:29:0E:26:B7:E4:B6:3D:2C:BC:32:A9:85:1D:3F:E8:87
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/HlClfikOJrfktj0svDKphR0_6Ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.152.0/21
158.172.224.0/19
Signature Algorithm: sha256WithRSAEncryption
8c:d0:f3:30:41:a7:e9:c2:05:33:2f:a9:6c:7b:b9:9b:be:c2:
59:c1:a5:81:80:81:b8:aa:7f:1e:a9:e4:fb:65:58:c5:f8:28:
0a:41:d2:46:13:e5:07:d1:f1:b2:3b:8e:6d:58:0c:4a:98:27:
98:fc:4c:23:d0:3b:e5:f9:cc:4f:e0:84:21:26:3e:c4:a6:cc:
6c:ad:1b:d5:0c:45:eb:84:63:4c:49:05:5b:76:1e:2f:7e:14:
eb:88:cd:e6:c0:9f:b0:32:65:06:31:75:91:bb:2c:70:b9:51:
82:d4:cb:46:02:44:ea:df:0b:d2:74:f2:f6:54:c3:f4:4c:e0:
f8:ec:c5:3f:ac:bb:d9:32:81:56:80:cb:92:66:f6:8e:f2:34:
d9:94:e4:cc:3c:c5:2e:d5:ca:0b:ac:00:c6:02:a5:47:f8:ed:
21:36:e7:51:79:95:30:47:35:0a:d5:21:8a:0f:55:96:54:e0:
a0:20:ed:75:b5:27:40:fb:ef:24:92:67:79:84:a4:8d:1a:bc:
22:e6:f7:09:45:d1:03:e9:69:77:62:fb:60:7b:95:51:7f:de:
e8:ac:03:60:fb:4c:a5:d4:89:79:75:42:52:c2:88:28:88:02:
73:7a:cf:7c:1d:41:4b:fb:6b:4a:34:90:dc:f3:d5:a1:d7:00:
1e:b9:11:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQmay7gIxZrsxs50Kd1HTVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjUwMTAyMDk0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTUwYTU3ZTI5MGUyNmI3ZTRiNjNkMmNiYzMyYTk4NTFkM2ZlODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZYDQl3OVRjfcPMB0PPmsRu/bgIf
5yRnxLjJxqE4OaC4mgPUR2tVlpGl1bl5qHfs/95gkcU8QSazTkj3tGx6QaZcoE8C
MBrIrqo6WSV38rvTc5mTW4xtSBpptqKYtQL8NXJLgBT7uMlFzjI5zlTPPzpn5MBH
Km1MY2qNFwR82ICSsSARqYHcsOZu6q3pUtp+tNsEmLb828OZThBbHWAscIbZTmYK
HExFT6SL38Mhu0iuKPyoN0jh1bu20GCWp3CvY3CY/WWOZztCSM3yeyXh2DN4QbFT
9UbQfR57qXgVlTfTJBjKhRWjS+hS61y3GsYhKfxa/ICGgPRogSAINzTwhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB5QpX4pDia35LY9LLwyqYUdP+iHMB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvSGxDbGZpa09KcmZrdGowc3ZES3BoUjBfNkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDnqyYAwQF
nqzgMA0GCSqGSIb3DQEBCwUAA4IBAQCM0PMwQafpwgUzL6lse7mbvsJZwaWBgIG4
qn8eqeT7ZVjF+CgKQdJGE+UH0fGyO45tWAxKmCeY/Ewj0Dvl+cxP4IQhJj7Epsxs
rRvVDEXrhGNMSQVbdh4vfhTriM3mwJ+wMmUGMXWRuyxwuVGC1MtGAkTq3wvSdPL2
VMP0TOD47MU/rLvZMoFWgMuSZvaO8jTZlOTMPMUu1coLrADGAqVH+O0hNudReZUw
RzUK1SGKD1WWVOCgIO11tSdA++8kkmd5hKSNGrwi5vcJRdED6Wl3Yvtge5VRf97o
rANg+0yl1Il5dUJSwogoiAJzes98HUFL+2tKNJDc89Wh1wAeuRFF
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:55 2025 by rpki-client