Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/7nm0uK8YH2yW0E07MbBcIoW_kU8.roa
File: 7nm0uK8YH2yW0E07MbBcIoW_kU8.roa (raw, json)
Hash identifier: Ak8hDhYx15JALNYLZ07OT+x8YLaQdLNt6I/FXntZJfE=
Subject key identifier: EE:79:B4:B8:AF:18:1F:6C:96:D0:4D:3B:31:B0:5C:22:85:BF:91:4F
Certificate issuer: /CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Certificate serial: 0191E16132183D240D756C4338FC8F9BF850
Authority key identifier: 92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/7nm0uK8YH2yW0E07MbBcIoW_kU8.roa
Signing time: Wed 11 Sep 2024 13:58:48 +0000
ROA not before: Wed 11 Sep 2024 13:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8560
IP address blocks: 5.250.176.0/20 maxlen: 24
46.16.72.0/21 maxlen: 24
78.137.96.0/21 maxlen: 24
81.173.112.0/22 maxlen: 24
82.165.0.0/16 maxlen: 24
85.184.248.0/22 maxlen: 24
87.106.0.0/16 maxlen: 24
157.97.104.0/21 maxlen: 24
157.97.104.0/24 maxlen: 32
157.97.105.0/24 maxlen: 32
185.48.116.0/22 maxlen: 24
194.126.206.0/24 maxlen: 24
194.164.4.0/22 maxlen: 24
194.164.8.0/22 maxlen: 24
194.164.16.0/20 maxlen: 24
194.164.48.0/20 maxlen: 24
194.164.88.0/21 maxlen: 24
194.164.120.0/21 maxlen: 24
194.164.160.0/20 maxlen: 24
194.164.192.0/20 maxlen: 24
195.20.224.0/19 maxlen: 24
212.132.64.0/18 maxlen: 24
212.227.0.0/16 maxlen: 24
213.165.64.0/19 maxlen: 24
213.244.192.0/24 maxlen: 24
217.72.192.0/20 maxlen: 24
217.160.0.0/16 maxlen: 24
217.160.124.0/23 maxlen: 24
217.160.150.0/23 maxlen: 32
2001:8d8::/32 maxlen: 48
2a02:2478::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:61:32:18:3d:24:0d:75:6c:43:38:fc:8f:9b:f8:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Validity
Not Before: Sep 11 13:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee79b4b8af181f6c96d04d3b31b05c2285bf914f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:07:60:9d:f5:98:7f:81:08:96:12:6b:31:52:
3e:83:48:c3:18:a4:03:c6:3f:dd:fd:01:50:24:e5:
63:12:89:2c:92:6b:73:80:d6:bf:d0:a3:44:5c:10:
6e:22:ed:4b:cc:7d:c7:e0:2b:8d:46:bb:1e:48:61:
dc:02:ce:eb:b4:35:73:f5:d9:45:6c:58:64:e8:57:
a3:00:d5:72:f7:06:c5:eb:25:08:87:c0:9e:6f:83:
f8:fb:db:bb:89:c8:d8:9a:1b:c1:29:be:30:ee:54:
f5:f8:3d:3b:d7:27:b0:c5:97:cb:b6:16:16:60:10:
97:73:16:bc:ac:4c:5c:f5:93:57:0c:c6:f4:8a:75:
62:34:d8:db:81:9a:06:e0:fe:1e:82:17:ae:4e:6a:
5e:41:11:f7:e2:e7:c9:e3:fa:75:1c:ab:d6:b8:5e:
8a:ce:cd:89:42:be:62:4c:e6:09:9e:fc:4a:f3:4f:
08:b3:cd:40:6c:d4:c3:2b:2d:88:7b:a4:14:19:69:
50:0e:34:3c:cd:20:4a:5f:20:32:81:bb:38:a1:2a:
dd:34:52:86:7e:e2:83:bf:45:ae:fd:07:65:ee:c8:
1b:c4:0c:b4:c3:98:d7:9d:a4:62:3a:41:2c:55:6f:
6f:db:0b:69:44:6a:41:63:0e:d4:ef:e7:a2:a9:94:
10:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:79:B4:B8:AF:18:1F:6C:96:D0:4D:3B:31:B0:5C:22:85:BF:91:4F
X509v3 Authority Key Identifier:
keyid:92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/7nm0uK8YH2yW0E07MbBcIoW_kU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.176.0/20
46.16.72.0/21
78.137.96.0/21
81.173.112.0/22
82.165.0.0/16
85.184.248.0/22
87.106.0.0/16
157.97.104.0/21
185.48.116.0/22
194.126.206.0/24
194.164.4.0-194.164.11.255
194.164.16.0/20
194.164.48.0/20
194.164.88.0/21
194.164.120.0/21
194.164.160.0/20
194.164.192.0/20
195.20.224.0/19
212.132.64.0/18
212.227.0.0/16
213.165.64.0/19
213.244.192.0/24
217.72.192.0/20
217.160.0.0/16
IPv6:
2001:8d8::/32
2a02:2478::/29
Signature Algorithm: sha256WithRSAEncryption
81:4d:6e:3e:e3:1a:d3:a4:7e:4a:fb:31:3e:0d:4a:42:18:9b:
90:25:db:f6:ff:6a:c0:f8:07:2f:b7:7a:79:6b:87:6f:e3:e4:
c3:46:09:00:d0:f3:f4:3a:94:b8:c8:b2:af:c7:e7:1a:63:75:
74:84:c5:c5:0e:62:69:45:ff:d0:df:b8:40:ff:ba:a1:07:4d:
4a:cc:89:bb:f2:3e:b7:da:4c:09:bb:9d:57:6a:28:eb:93:d8:
b1:4b:f1:28:05:03:d0:51:42:4d:6a:51:da:c1:25:ae:b8:2b:
dc:c2:ca:57:4b:54:d8:26:29:c5:6e:99:21:33:bb:db:ee:42:
ab:6d:19:4e:d1:1d:4d:e2:2b:f0:71:6c:cf:42:77:db:e5:3f:
6b:de:9e:1f:ff:95:2a:c6:04:5b:2b:97:0b:f9:06:bf:34:b1:
80:a7:25:c4:87:11:d1:12:9d:b8:0e:b2:65:c2:2c:c7:9d:bf:
52:5a:d8:be:cf:a6:e1:fe:36:b3:87:87:18:cf:f1:c1:b7:4b:
3d:da:04:99:e5:bf:52:da:50:a7:13:7c:9b:1f:03:59:db:ac:
d2:f2:19:25:e6:b6:7d:39:74:1f:bd:51:76:69:ed:38:39:fd:
e9:0d:4e:3b:74:20:2a:ce:41:cc:65:a0:71:a2:05:61:3b:d5:
39:b4:5b:4a
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAZHhYTIYPSQNdWxDOPyPm/hQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTViMWYxZGNkOGZhNmFjMWVmNzg4Mjc4YzQ4OWUxNWVh
Y2FlNzAwHhcNMjQwOTExMTM1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTc5YjRiOGFmMTgxZjZjOTZkMDRkM2IzMWIwNWMyMjg1YmY5MTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgdgnfWYf4EIlhJrMVI+g0jDGKQD
xj/d/QFQJOVjEokskmtzgNa/0KNEXBBuIu1LzH3H4CuNRrseSGHcAs7rtDVz9dlF
bFhk6FejANVy9wbF6yUIh8Ceb4P4+9u7icjYmhvBKb4w7lT1+D071yewxZfLthYW
YBCXcxa8rExc9ZNXDMb0inViNNjbgZoG4P4egheuTmpeQRH34ufJ4/p1HKvWuF6K
zs2JQr5iTOYJnvxK808Is81AbNTDKy2Ie6QUGWlQDjQ8zSBKXyAygbs4oSrdNFKG
fuKDv0Wu/Qdl7sgbxAy0w5jXnaRiOkEsVW9v2wtpRGpBYw7U7+eiqZQQGQIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFO55tLivGB9sltBNOzGwXCKFv5FPMB8GA1UdIwQY
MBaAFJKVsfHc2Ppqwe94gnjEieFerK5wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMt
OWViNDBjYzVmNjhiLzEvN25tMHVLOFlIMnlXMEUwN01iQmNJb1dfa1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMtOWViNDBjYzVmNjhi
LzEva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBmwQCAAEwgZQDBAQF
+rADBAMuEEgDBANOiWADBAJRrXADAwBSpQMEAlW4+AMDAFdqAwQDnWFoAwQCuTB0
AwQAwn7OMAwDBALCpAQDBALCpAgDBATCpBADBATCpDADBAPCpFgDBAPCpHgDBATC
pKADBATCpMADBAXDFOADBAbUhEADAwDU4wMEBdWlQAMEANX0wAMEBNlIwAMDANmg
MBQEAgACMA4DBQAgAQjYAwUDKgIkeDANBgkqhkiG9w0BAQsFAAOCAQEAgU1uPuMa
06R+SvsxPg1KQhibkCXb9v9qwPgHL7d6eWuHb+Pkw0YJANDz9DqUuMiyr8fnGmN1
dITFxQ5iaUX/0N+4QP+6oQdNSsyJu/I+t9pMCbudV2oo65PYsUvxKAUD0FFCTWpR
2sElrrgr3MLKV0tU2CYpxW6ZITO72+5Cq20ZTtEdTeIr8HFsz0J32+U/a96eH/+V
KsYEWyuXC/kGvzSxgKclxIcR0RKduA6yZcIsx52/UlrYvs+m4f42s4eHGM/xwbdL
PdoEmeW/UtpQpxN8mx8DWdus0vIZJea2fTl0H71RdmntODn96Q1OO3QgKs5BzGWg
caIFYTvVObRbSg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:12:42 2024 by rpki-client on console-fra.rpki-client.org