Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/EDfZKDFKdoMjVe-axmbkQgBjt3c.roa
File: EDfZKDFKdoMjVe-axmbkQgBjt3c.roa (raw, json)
Hash identifier: BBlgevxZjmV+674NEOsaw/Fj2d/NVMQ5YIeLy14vDvQ=
Subject key identifier: 10:37:D9:28:31:4A:76:83:23:55:EF:9A:C6:66:E4:42:00:63:B7:77
Certificate issuer: /CN=ab1d0e7e818baf9a7afb9866124292a61aafb8ca
Certificate serial: 018CC26D3F06CA77F1BB184ED4787872C785
Authority key identifier: AB:1D:0E:7E:81:8B:AF:9A:7A:FB:98:66:12:42:92:A6:1A:AF:B8:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qx0OfoGLr5p6-5hmEkKSphqvuMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/EDfZKDFKdoMjVe-axmbkQgBjt3c.roa
Signing time: Mon 01 Jan 2024 00:29:48 +0000
ROA not before: Mon 01 Jan 2024 00:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59674
IP address blocks: 5.250.241.0/24 maxlen: 24
5.250.245.0/24 maxlen: 24
5.250.246.0/24 maxlen: 24
5.250.243.0/24 maxlen: 24
5.250.244.0/24 maxlen: 24
5.250.242.0/24 maxlen: 24
5.250.247.0/24 maxlen: 24
5.250.248.0/24 maxlen: 24
5.250.252.0/24 maxlen: 24
5.250.250.0/24 maxlen: 24
5.250.251.0/24 maxlen: 24
5.250.249.0/24 maxlen: 24
185.67.123.0/24 maxlen: 24
185.67.121.0/24 maxlen: 24
185.67.122.0/24 maxlen: 24
5.250.240.0/24 maxlen: 24
2a05:e80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/qx0OfoGLr5p6-5hmEkKSphqvuMo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/qx0OfoGLr5p6-5hmEkKSphqvuMo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qx0OfoGLr5p6-5hmEkKSphqvuMo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 01:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:3f:06:ca:77:f1:bb:18:4e:d4:78:78:72:c7:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab1d0e7e818baf9a7afb9866124292a61aafb8ca
Validity
Not Before: Jan 1 00:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1037d928314a76832355ef9ac666e4420063b777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e0:87:e5:3d:52:e5:78:33:99:48:5f:97:e1:
5f:27:21:da:9c:ff:eb:f9:30:7e:11:77:40:58:97:
ca:aa:e7:b9:bd:f5:a6:86:99:92:ff:98:35:5d:0b:
3f:9a:42:fd:7c:3d:c5:7c:4d:ed:9d:56:b0:8e:0d:
5f:7d:ab:4b:d5:3a:be:81:5d:be:0c:f5:f7:50:1d:
ae:70:99:68:e6:b3:dd:96:54:62:59:f1:62:1a:e7:
49:1e:54:06:bd:8a:4e:99:fb:4e:6a:6a:07:32:d4:
ce:7b:ff:15:72:66:0d:ec:be:37:b9:4a:11:d6:9e:
d2:72:b4:3c:6a:aa:d6:a1:dd:92:e5:ee:1f:96:3c:
09:db:43:3f:92:ba:dd:0c:28:67:06:8a:fc:09:e9:
d9:97:ab:f2:79:1e:5c:c7:df:2f:73:50:8b:4d:55:
e0:15:77:db:6d:de:26:07:f3:9a:90:96:60:27:bf:
a7:23:1d:16:0f:ab:c4:b6:34:89:09:e6:4a:74:30:
8b:3b:e2:a0:98:26:e0:85:d9:d6:02:c5:ca:f9:a2:
2b:d7:8e:9c:8e:2f:14:1d:09:37:fb:aa:54:ac:7c:
6c:a0:d5:a5:76:79:8b:5c:47:3c:a5:7b:9a:ae:d9:
e9:74:a8:9e:44:9f:55:92:0b:83:25:7f:92:59:bf:
c3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:37:D9:28:31:4A:76:83:23:55:EF:9A:C6:66:E4:42:00:63:B7:77
X509v3 Authority Key Identifier:
keyid:AB:1D:0E:7E:81:8B:AF:9A:7A:FB:98:66:12:42:92:A6:1A:AF:B8:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qx0OfoGLr5p6-5hmEkKSphqvuMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/EDfZKDFKdoMjVe-axmbkQgBjt3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/qx0OfoGLr5p6-5hmEkKSphqvuMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.240.0-5.250.252.255
185.67.121.0-185.67.123.255
IPv6:
2a05:e80::/32
Signature Algorithm: sha256WithRSAEncryption
5e:9b:24:ea:87:49:dc:e3:57:4c:59:8d:12:1d:06:61:6e:3a:
f4:4e:aa:20:05:fb:ff:d6:87:d1:f4:45:26:57:33:46:e6:38:
8a:10:77:78:26:9f:87:b1:aa:18:ae:c0:df:9e:71:55:6f:0e:
aa:58:dd:61:85:cb:72:d5:13:dd:78:32:19:ee:63:2e:8d:ab:
8d:b5:9e:92:8b:70:30:07:d5:a9:a2:96:04:7c:b7:5b:a5:a7:
e4:29:d1:49:a7:61:d6:50:14:a5:17:15:16:af:eb:11:3a:ec:
8c:25:35:6e:35:02:bf:2f:d8:3a:d3:b7:2a:9a:ae:96:74:2d:
5e:18:d3:08:df:a0:9d:52:90:90:8e:55:c3:d4:18:63:ac:7e:
cc:c8:14:01:47:64:6e:89:8e:78:88:15:49:8a:4a:8c:06:1a:
ac:40:54:ae:37:6d:15:76:11:91:be:9d:4a:d1:d4:4a:11:32:
88:44:bf:48:af:20:6b:a0:c4:ad:64:21:4b:e8:7a:41:a8:de:
87:ea:2c:ab:38:61:13:41:98:27:08:59:c7:9f:5c:5d:f5:74:
d1:c3:c1:49:46:2b:c8:8f:4a:6b:0c:6e:a5:d8:8d:aa:97:6f:
36:e8:59:37:36:c6:fc:88:9d:39:5b:83:aa:9d:26:b2:4a:13:
a7:6b:3e:a7
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYzCbT8GynfxuxhO1Hh4cseFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMWQwZTdlODE4YmFmOWE3YWZiOTg2NjEyNDI5MmE2MWFh
ZmI4Y2EwHhcNMjQwMTAxMDAyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDM3ZDkyODMxNGE3NjgzMjM1NWVmOWFjNjY2ZTQ0MjAwNjNiNzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOCH5T1S5XgzmUhfl+FfJyHanP/r
+TB+EXdAWJfKque5vfWmhpmS/5g1XQs/mkL9fD3FfE3tnVawjg1ffatL1Tq+gV2+
DPX3UB2ucJlo5rPdllRiWfFiGudJHlQGvYpOmftOamoHMtTOe/8VcmYN7L43uUoR
1p7ScrQ8aqrWod2S5e4fljwJ20M/krrdDChnBor8CenZl6vyeR5cx98vc1CLTVXg
FXfbbd4mB/OakJZgJ7+nIx0WD6vEtjSJCeZKdDCLO+KgmCbghdnWAsXK+aIr146c
ji8UHQk3+6pUrHxsoNWldnmLXEc8pXuartnpdKieRJ9VkguDJX+SWb/DeQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFBA32SgxSnaDI1XvmsZm5EIAY7d3MB8GA1UdIwQY
MBaAFKsdDn6Bi6+aevuYZhJCkqYar7jKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXgwT2ZvR0xyNXA2LTVobUVrS1NwaHF2dU1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8xMjRjMzUtOTUyMy00M2I3LWI3ZWIt
ZWE1OTI2NGY5MDgzLzEvRURmWktERktkb01qVmUtYXhtYmtRZ0JqdDNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8xMjRjMzUtOTUyMy00M2I3LWI3ZWItZWE1OTI2NGY5MDgz
LzEvcXgwT2ZvR0xyNXA2LTVobUVrS1NwaHF2dU1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAiBAIAATAcMAwDBAQF+vAD
BAAF+vwwDAMEALlDeQMEArlDeDANBAIAAjAHAwUAKgUOgDANBgkqhkiG9w0BAQsF
AAOCAQEAXpsk6odJ3ONXTFmNEh0GYW469E6qIAX7/9aH0fRFJlczRuY4ihB3eCaf
h7GqGK7A355xVW8OqljdYYXLctUT3XgyGe5jLo2rjbWekotwMAfVqaKWBHy3W6Wn
5CnRSadh1lAUpRcVFq/rETrsjCU1bjUCvy/YOtO3KpqulnQtXhjTCN+gnVKQkI5V
w9QYY6x+zMgUAUdkbomOeIgVSYpKjAYarEBUrjdtFXYRkb6dStHUShEyiES/SK8g
a6DErWQhS+h6Qajeh+osqzhhE0GYJwhZx59cXfV00cPBSUYryI9KawxupdiNqpdv
NuhZNzbG/IidOVuDqp0mskoTp2s+pw==
-----END CERTIFICATE-----
Generated at Mon Jun 17 06:43:13 2024 by rpki-client on console-fra.rpki-client.org