Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/UNo5W7DRpY6BZ21GUmNEqKnS0VM.roa
File: UNo5W7DRpY6BZ21GUmNEqKnS0VM.roa (raw, json)
Hash identifier: ldRzfulBWpz+RJRYW+3YB63no2NtrqUslKB4n/+KREo=
Subject key identifier: 50:DA:39:5B:B0:D1:A5:8E:81:67:6D:46:52:63:44:A8:A9:D2:D1:53
Certificate issuer: /CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Certificate serial: 01918E7E87FD811ABE320816BD93449F22AA
Authority key identifier: E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/UNo5W7DRpY6BZ21GUmNEqKnS0VM.roa
Signing time: Mon 26 Aug 2024 11:42:22 +0000
ROA not before: Mon 26 Aug 2024 11:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203
IP address blocks: 45.94.14.0/24 maxlen: 24
45.94.15.0/24 maxlen: 24
91.229.52.0/22 maxlen: 22
212.26.0.0/17 maxlen: 17
212.26.6.0/23 maxlen: 24
212.26.7.0/24 maxlen: 24
212.26.8.0/22 maxlen: 24
212.26.16.0/24 maxlen: 24
212.26.17.0/24 maxlen: 24
212.26.18.0/24 maxlen: 24
212.26.19.0/24 maxlen: 24
212.26.20.0/24 maxlen: 24
212.26.21.0/24 maxlen: 24
212.26.22.0/24 maxlen: 24
212.26.23.0/24 maxlen: 24
212.26.24.0/21 maxlen: 24
212.26.32.0/24 maxlen: 24
212.26.36.0/24 maxlen: 25
212.26.37.0/24 maxlen: 25
212.26.38.0/24 maxlen: 24
212.26.39.0/24 maxlen: 24
212.26.40.0/24 maxlen: 24
212.26.41.0/24 maxlen: 24
212.26.42.0/24 maxlen: 24
212.26.43.0/24 maxlen: 24
212.26.44.0/24 maxlen: 24
212.26.45.0/24 maxlen: 24
212.26.46.0/23 maxlen: 24
212.26.48.0/24 maxlen: 24
212.26.50.0/23 maxlen: 24
212.26.53.0/24 maxlen: 24
212.26.54.0/24 maxlen: 24
212.26.71.0/24 maxlen: 24
212.26.72.0/24 maxlen: 25
212.26.76.0/24 maxlen: 24
212.26.78.0/24 maxlen: 24
212.138.0.0/16 maxlen: 16
212.138.41.0/24 maxlen: 25
212.138.42.0/24 maxlen: 25
212.138.43.0/24 maxlen: 24
212.138.52.0/22 maxlen: 24
212.138.56.0/21 maxlen: 24
212.138.64.0/22 maxlen: 24
212.138.70.0/24 maxlen: 24
212.138.71.0/24 maxlen: 24
212.138.72.0/22 maxlen: 24
212.138.76.0/22 maxlen: 24
212.138.80.0/23 maxlen: 23
212.138.82.0/24 maxlen: 24
212.138.83.0/24 maxlen: 24
212.138.84.0/23 maxlen: 24
212.138.86.0/24 maxlen: 24
212.138.88.0/24 maxlen: 25
212.138.92.0/24 maxlen: 24
212.138.94.0/24 maxlen: 24
212.138.96.0/21 maxlen: 24
212.138.97.0/24 maxlen: 24
212.138.98.0/23 maxlen: 23
212.138.104.0/24 maxlen: 24
212.138.108.0/24 maxlen: 24
212.138.115.0/24 maxlen: 24
212.138.116.0/24 maxlen: 24
212.138.117.0/24 maxlen: 24
212.138.118.0/24 maxlen: 24
212.138.119.0/24 maxlen: 24
212.138.120.0/24 maxlen: 24
212.138.121.0/24 maxlen: 24
212.138.125.0/24 maxlen: 25
212.138.126.0/24 maxlen: 25
212.138.127.0/24 maxlen: 25
212.138.128.0/24 maxlen: 24
212.138.130.0/24 maxlen: 24
212.138.132.0/24 maxlen: 24
212.138.134.0/24 maxlen: 24
212.138.139.0/24 maxlen: 24
212.138.140.0/24 maxlen: 24
212.138.147.0/24 maxlen: 24
212.138.150.0/24 maxlen: 24
212.138.153.0/24 maxlen: 25
212.138.155.0/24 maxlen: 25
212.138.157.0/24 maxlen: 24
212.138.160.0/24 maxlen: 24
212.138.162.0/24 maxlen: 24
212.138.164.0/24 maxlen: 25
212.138.166.0/24 maxlen: 24
212.138.168.0/24 maxlen: 24
212.138.170.0/24 maxlen: 24
212.138.172.0/24 maxlen: 24
212.138.175.0/24 maxlen: 25
212.138.176.0/24 maxlen: 24
212.138.177.0/24 maxlen: 24
212.138.180.0/24 maxlen: 24
212.138.181.0/24 maxlen: 25
212.138.183.0/24 maxlen: 25
212.138.185.0/24 maxlen: 24
212.138.187.0/24 maxlen: 24
212.138.188.0/24 maxlen: 25
212.138.190.0/24 maxlen: 24
212.138.192.0/24 maxlen: 24
212.138.194.0/24 maxlen: 24
212.138.196.0/24 maxlen: 24
212.138.201.0/24 maxlen: 24
212.138.202.0/24 maxlen: 24
212.138.203.0/24 maxlen: 24
212.138.206.0/24 maxlen: 24
212.138.207.0/24 maxlen: 24
212.138.250.0/24 maxlen: 24
2001:1490::/48 maxlen: 48
2001:1490:1::/48 maxlen: 48
2001:1490:103::/48 maxlen: 48
2001:1490:106::/48 maxlen: 48
2001:1490:107::/48 maxlen: 48
2001:1490:110::/48 maxlen: 49
2001:1490:110:8000::/49 maxlen: 49
2001:1490:111::/48 maxlen: 48
2001:1490:113::/48 maxlen: 48
2001:1497:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.mft
rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 14:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:7e:87:fd:81:1a:be:32:08:16:bd:93:44:9f:22:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Validity
Not Before: Aug 26 11:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50da395bb0d1a58e81676d46526344a8a9d2d153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:21:b2:ea:da:b4:3b:45:96:eb:63:42:7e:09:
db:b9:52:37:73:5a:03:88:c3:41:fc:63:63:63:63:
65:17:63:34:4c:5e:e6:5c:18:ef:93:a3:2c:0f:09:
3b:04:a2:f6:60:9f:f7:f0:26:5e:17:70:50:37:8b:
83:56:9a:54:93:ff:4e:b2:5f:df:84:ba:f1:50:c8:
9f:1c:9f:0b:95:95:bc:0e:a0:58:45:ac:3e:c6:93:
7d:7e:e2:cc:27:7f:f2:1f:b2:26:de:66:97:7e:db:
5a:eb:88:d3:0b:54:40:4e:e0:7f:5f:fe:43:ec:06:
da:3a:1e:5c:ac:38:35:2b:1d:f9:48:b5:21:9d:fc:
c1:69:69:88:c4:75:bf:77:40:83:f4:35:ec:68:4a:
2e:7b:84:2a:aa:cc:c4:3c:46:8c:fd:47:d5:42:a3:
5f:51:6b:d0:5f:fc:e4:97:e8:f1:da:1e:ff:b9:f2:
10:23:b5:c8:05:14:9e:80:1e:0b:5b:f3:83:81:9c:
87:8f:df:b2:9c:02:50:e2:f9:65:6b:34:6b:b6:40:
e0:1e:26:a0:54:65:89:d4:a0:a1:f9:10:cc:9b:0e:
01:ba:21:ea:f2:da:a0:8f:24:0a:52:58:01:75:30:
1c:ab:ad:d9:e5:8f:b1:9d:6a:74:b0:f3:fb:1a:40:
08:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:DA:39:5B:B0:D1:A5:8E:81:67:6D:46:52:63:44:A8:A9:D2:D1:53
X509v3 Authority Key Identifier:
keyid:E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/UNo5W7DRpY6BZ21GUmNEqKnS0VM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.14.0/23
91.229.52.0/22
212.26.0.0/17
212.138.0.0/16
IPv6:
2001:1490::/47
2001:1490:103::/48
2001:1490:106::/47
2001:1490:110::/47
2001:1490:113::/48
2001:1497:2::/48
Signature Algorithm: sha256WithRSAEncryption
9c:17:93:9c:3c:be:0c:3b:d9:b2:cb:b1:8b:ce:c3:d7:86:99:
97:fd:19:1f:df:58:e7:f1:9d:c0:36:be:ab:fc:58:72:11:6f:
16:9a:9a:6b:3f:b2:e9:1f:b9:dc:60:47:b7:78:53:43:b2:c9:
cb:83:a5:f7:c8:dd:8f:21:ae:c5:c2:43:71:6f:92:a1:71:61:
58:5b:7e:33:d6:15:05:1d:d9:11:4d:10:fb:34:a8:e3:25:46:
09:b4:9c:26:f2:2d:28:d4:82:f8:be:0a:a6:d5:d1:4f:fd:8f:
c5:a9:3b:4c:97:47:38:f7:d0:1a:39:c6:49:88:f9:84:10:b8:
2a:47:d0:62:66:0f:8b:b1:8d:03:c9:fa:98:49:9c:b2:7d:5a:
9e:8d:3b:14:4c:4a:44:0b:ec:1b:f6:6e:e3:b6:9f:87:0e:21:
f3:65:9f:ad:dc:52:92:5e:42:35:e6:79:a9:61:66:a7:fa:ed:
77:21:8f:9d:1e:6c:d5:97:de:a6:e1:49:92:7f:5a:fb:b0:58:
a6:f5:6e:72:78:b4:b2:50:7f:8a:60:0f:0c:3e:bc:c0:9c:b9:
f5:b3:c6:5a:e4:8b:1f:96:8a:f2:68:b2:0d:f2:42:7c:1b:a5:
da:a9:8e:5e:0c:c7:68:69:46:5e:83:59:2b:83:0b:3e:49:9b:
be:02:6e:64
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZGOfof9gRq+MggWvZNEnyKqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NGRmNTJhZjQ2MGNhNmZhOGM5MjNhNDlmNWNiNzk1ZWE2
NzA3ZjcwHhcNMjQwODI2MTE0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGRhMzk1YmIwZDFhNThlODE2NzZkNDY1MjYzNDRhOGE5ZDJkMTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSGy6tq0O0WW62NCfgnbuVI3c1oD
iMNB/GNjY2NlF2M0TF7mXBjvk6MsDwk7BKL2YJ/38CZeF3BQN4uDVppUk/9Osl/f
hLrxUMifHJ8LlZW8DqBYRaw+xpN9fuLMJ3/yH7Im3maXftta64jTC1RATuB/X/5D
7AbaOh5crDg1Kx35SLUhnfzBaWmIxHW/d0CD9DXsaEoue4QqqszEPEaM/UfVQqNf
UWvQX/zkl+jx2h7/ufIQI7XIBRSegB4LW/ODgZyHj9+ynAJQ4vllazRrtkDgHiag
VGWJ1KCh+RDMmw4BuiHq8tqgjyQKUlgBdTAcq63Z5Y+xnWp0sPP7GkAI1QIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFFDaOVuw0aWOgWdtRlJjRKip0tFTMB8GA1UdIwQY
MBaAFOhN9Sr0YMpvqMkjpJ9ct5XqZwf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUt
OTRjMmZkYTM5ZWFkLzEvVU5vNVc3RFJwWTZCWjIxR1VtTkVxS25TMFZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUtOTRjMmZkYTM5ZWFk
LzEvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTAdBAIAATAXAwQBLV4OAwQC
W+U0AwQH1BoAAwMA1IowPAQCAAIwNgMHASABFJAAAAMHACABFJABAwMHASABFJAB
BgMHASABFJABEAMHACABFJABEwMHACABFJcAAjANBgkqhkiG9w0BAQsFAAOCAQEA
nBeTnDy+DDvZssuxi87D14aZl/0ZH99Y5/GdwDa+q/xYchFvFpqaaz+y6R+53GBH
t3hTQ7LJy4Ol98jdjyGuxcJDcW+SoXFhWFt+M9YVBR3ZEU0Q+zSo4yVGCbScJvIt
KNSC+L4KptXRT/2Pxak7TJdHOPfQGjnGSYj5hBC4KkfQYmYPi7GNA8n6mEmcsn1a
no07FExKRAvsG/Zu47afhw4h82WfrdxSkl5CNeZ5qWFmp/rtdyGPnR5s1ZfepuFJ
kn9a+7BYpvVucni0slB/imAPDD68wJy59bPGWuSLH5aK8miyDfJCfBul2qmOXgzH
aGlGXoNZK4MLPkmbvgJuZA==
-----END CERTIFICATE-----
Generated at Fri Sep 20 21:30:46 2024 by rpki-client on console-ams.rpki-client.org