Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/7HsDB7-Kptdwmi8xeqkqFV0JjYU.roa
File: 7HsDB7-Kptdwmi8xeqkqFV0JjYU.roa (raw, json)
Hash identifier: tT2kzLpRauY5IFy7+cLlqogHTPEBWt72ENvsLy1G7Kk=
Subject key identifier: EC:7B:03:07:BF:8A:A6:D7:70:9A:2F:31:7A:A9:2A:15:5D:09:8D:85
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01931EE2F3FE6F37D4BF312794453137DC21
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/7HsDB7-Kptdwmi8xeqkqFV0JjYU.roa
Signing time: Tue 12 Nov 2024 05:40:10 +0000
ROA not before: Tue 12 Nov 2024 05:40:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12668
IP address blocks: 5.141.234.0/23 maxlen: 23
31.192.171.0/24 maxlen: 24
31.192.179.0/24 maxlen: 24
31.192.180.0/24 maxlen: 24
31.192.181.0/24 maxlen: 24
31.192.187.0/24 maxlen: 24
31.192.188.0/24 maxlen: 24
46.229.96.0/20 maxlen: 20
87.224.249.0/24 maxlen: 24
87.224.251.0/24 maxlen: 24
90.157.5.0/24 maxlen: 24
90.157.16.0/24 maxlen: 24
90.157.24.0/24 maxlen: 24
90.157.30.0/24 maxlen: 24
90.157.34.0/24 maxlen: 24
90.157.54.0/24 maxlen: 24
90.157.58.0/24 maxlen: 24
90.157.64.0/23 maxlen: 23
90.157.66.0/23 maxlen: 23
90.157.68.0/23 maxlen: 23
90.157.70.0/23 maxlen: 23
90.157.78.0/23 maxlen: 23
90.157.80.0/23 maxlen: 23
90.157.82.0/23 maxlen: 23
90.157.109.0/24 maxlen: 24
90.157.110.0/24 maxlen: 24
90.157.115.0/24 maxlen: 24
92.54.69.0/24 maxlen: 24
92.54.90.0/24 maxlen: 24
92.54.117.0/24 maxlen: 24
94.31.134.0/24 maxlen: 24
94.31.135.0/24 maxlen: 24
94.31.136.0/24 maxlen: 24
94.31.147.0/24 maxlen: 24
94.31.148.0/24 maxlen: 24
94.31.151.0/24 maxlen: 24
94.31.158.0/24 maxlen: 24
94.31.159.0/24 maxlen: 24
94.31.171.0/24 maxlen: 24
94.31.176.0/24 maxlen: 24
94.31.178.0/23 maxlen: 23
94.31.184.0/23 maxlen: 23
94.31.193.0/24 maxlen: 24
94.31.194.0/24 maxlen: 24
94.31.195.0/24 maxlen: 24
94.31.196.0/24 maxlen: 24
94.31.198.0/24 maxlen: 24
94.31.199.0/24 maxlen: 24
94.31.202.0/24 maxlen: 24
94.31.206.0/23 maxlen: 23
94.31.207.0/24 maxlen: 24
94.31.210.0/24 maxlen: 24
94.31.212.0/24 maxlen: 24
94.31.216.0/24 maxlen: 24
94.31.217.0/24 maxlen: 24
94.31.221.0/24 maxlen: 24
94.31.224.0/24 maxlen: 24
94.31.226.0/24 maxlen: 24
94.31.229.0/24 maxlen: 24
94.31.233.0/24 maxlen: 24
94.31.234.0/24 maxlen: 24
94.31.240.0/24 maxlen: 24
94.31.241.0/24 maxlen: 24
94.31.243.0/24 maxlen: 24
94.31.246.0/23 maxlen: 23
94.31.250.0/24 maxlen: 24
94.31.253.0/24 maxlen: 24
94.31.255.0/24 maxlen: 24
94.51.232.0/21 maxlen: 21
188.17.116.0/23 maxlen: 23
188.18.112.0/24 maxlen: 24
188.18.113.0/24 maxlen: 24
188.18.116.0/24 maxlen: 24
188.73.131.0/24 maxlen: 24
188.73.136.0/24 maxlen: 24
188.73.137.0/24 maxlen: 24
188.73.139.0/24 maxlen: 24
188.73.141.0/24 maxlen: 24
188.73.142.0/24 maxlen: 24
188.73.144.0/23 maxlen: 23
188.73.144.0/24 maxlen: 24
188.73.147.0/24 maxlen: 24
188.73.149.0/24 maxlen: 24
188.73.151.0/24 maxlen: 24
188.73.154.0/24 maxlen: 24
188.73.156.0/24 maxlen: 24
188.73.158.0/24 maxlen: 24
188.73.162.0/24 maxlen: 24
188.73.168.0/24 maxlen: 24
188.73.170.0/23 maxlen: 23
188.73.174.0/23 maxlen: 23
188.73.183.0/24 maxlen: 24
188.73.185.0/24 maxlen: 24
213.142.34.0/24 maxlen: 24
213.142.35.0/24 maxlen: 24
213.142.37.0/24 maxlen: 24
213.142.40.0/24 maxlen: 24
213.142.41.0/24 maxlen: 24
213.142.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1e:e2:f3:fe:6f:37:d4:bf:31:27:94:45:31:37:dc:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Nov 12 05:40:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec7b0307bf8aa6d7709a2f317aa92a155d098d85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:67:f8:1b:e0:19:6f:cf:77:33:6e:d0:71:66:
d8:1b:b5:a8:57:0a:6a:17:78:f4:b0:1c:a1:c9:64:
1c:fe:60:d5:fc:75:02:2b:e3:1c:78:93:3f:46:d6:
00:98:28:d9:74:b4:ea:1e:d6:47:49:79:03:4a:85:
e9:34:56:49:5d:b8:d6:df:d6:7d:58:4f:69:55:23:
c2:35:f4:ed:60:69:f6:0d:d4:40:77:9c:b2:e6:ef:
2a:4a:c3:20:09:02:21:ed:5c:a5:97:8c:87:03:db:
9e:c1:85:f4:0d:3d:eb:e6:f2:14:37:4a:92:5a:30:
4c:2d:64:53:b8:70:32:56:47:19:0e:60:72:bb:45:
91:0e:60:b8:18:1b:68:13:47:16:fe:5a:ad:2e:9d:
2c:4b:76:f8:39:c8:8b:26:70:49:c5:34:31:41:8b:
7e:15:ef:6c:65:38:af:4c:87:a6:de:7f:c4:c1:b9:
67:e7:f4:15:13:02:bb:47:b9:08:bd:b3:1e:60:17:
d1:0a:8a:d9:57:d1:c9:51:1a:9f:85:dd:fa:c0:f9:
5a:8d:97:d8:fa:86:de:c0:31:12:e0:bc:6e:7f:a2:
04:af:3a:e8:39:a2:9c:81:4a:0c:1f:b8:9f:83:83:
d1:9c:aa:e5:af:78:49:c1:8d:72:f4:2a:57:8f:35:
28:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:7B:03:07:BF:8A:A6:D7:70:9A:2F:31:7A:A9:2A:15:5D:09:8D:85
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/7HsDB7-Kptdwmi8xeqkqFV0JjYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.141.234.0/23
31.192.171.0/24
31.192.179.0-31.192.181.255
31.192.187.0-31.192.188.255
46.229.96.0/20
87.224.249.0/24
87.224.251.0/24
90.157.5.0/24
90.157.16.0/24
90.157.24.0/24
90.157.30.0/24
90.157.34.0/24
90.157.54.0/24
90.157.58.0/24
90.157.64.0/21
90.157.78.0-90.157.83.255
90.157.109.0-90.157.110.255
90.157.115.0/24
92.54.69.0/24
92.54.90.0/24
92.54.117.0/24
94.31.134.0-94.31.136.255
94.31.147.0-94.31.148.255
94.31.151.0/24
94.31.158.0/23
94.31.171.0/24
94.31.176.0/24
94.31.178.0/23
94.31.184.0/23
94.31.193.0-94.31.196.255
94.31.198.0/23
94.31.202.0/24
94.31.206.0/23
94.31.210.0/24
94.31.212.0/24
94.31.216.0/23
94.31.221.0/24
94.31.224.0/24
94.31.226.0/24
94.31.229.0/24
94.31.233.0-94.31.234.255
94.31.240.0/23
94.31.243.0/24
94.31.246.0/23
94.31.250.0/24
94.31.253.0/24
94.31.255.0/24
94.51.232.0/21
188.17.116.0/23
188.18.112.0/23
188.18.116.0/24
188.73.131.0/24
188.73.136.0/23
188.73.139.0/24
188.73.141.0-188.73.142.255
188.73.144.0/23
188.73.147.0/24
188.73.149.0/24
188.73.151.0/24
188.73.154.0/24
188.73.156.0/24
188.73.158.0/24
188.73.162.0/24
188.73.168.0/24
188.73.170.0/23
188.73.174.0/23
188.73.183.0/24
188.73.185.0/24
213.142.34.0/23
213.142.37.0/24
213.142.40.0/23
213.142.57.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:1d:57:67:f6:ed:7d:41:87:31:06:0e:d4:55:73:b3:92:72:
91:38:6b:04:f7:64:d4:96:c5:9a:9e:d9:d8:bc:87:a4:84:3f:
cd:8f:4f:85:f5:34:c9:81:1a:06:9e:ac:59:16:f6:cf:69:01:
49:61:6e:b2:4e:67:e7:29:28:de:2d:c2:58:95:98:17:61:54:
72:9a:16:ba:29:bc:83:28:e2:0f:10:2e:03:dd:1f:b3:13:f3:
77:d3:4a:2b:be:e5:80:72:4d:b8:10:f8:c4:b2:97:32:6b:6e:
9e:c1:b3:05:04:f8:3a:9e:de:5c:53:a5:73:f1:4f:67:ea:e3:
34:ce:0d:f6:28:69:de:73:45:8f:bb:8d:a6:04:b3:80:11:d3:
57:e2:04:e0:33:9a:1c:b7:a1:6e:87:df:1b:fc:2b:04:f2:09:
ca:f1:67:cf:5c:66:2c:6d:e6:8c:16:a5:34:12:f1:99:54:44:
ac:01:98:f5:7b:2d:66:57:ec:19:74:30:3d:08:5f:ad:7e:74:
a3:98:3c:7f:c0:af:34:f4:0f:27:78:8f:d8:ff:1d:d3:7d:0e:
78:bd:f6:99:9e:63:e5:83:89:3f:9d:d9:20:b4:9a:ed:22:e5:
02:1d:12:bc:5e:30:51:7f:af:8a:65:50:9e:b4:6d:3b:f2:d0:
ef:63:3f:31
-----BEGIN CERTIFICATE-----
MIIG+TCCBeGgAwIBAgISAZMe4vP+bzfUvzEnlEUxN9whMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQxMTEyMDU0MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzdiMDMwN2JmOGFhNmQ3NzA5YTJmMzE3YWE5MmExNTVkMDk4ZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2f4G+AZb893M27QcWbYG7WoVwpq
F3j0sByhyWQc/mDV/HUCK+MceJM/RtYAmCjZdLTqHtZHSXkDSoXpNFZJXbjW39Z9
WE9pVSPCNfTtYGn2DdRAd5yy5u8qSsMgCQIh7Vyll4yHA9uewYX0DT3r5vIUN0qS
WjBMLWRTuHAyVkcZDmByu0WRDmC4GBtoE0cW/lqtLp0sS3b4OciLJnBJxTQxQYt+
Fe9sZTivTIem3n/Ewbln5/QVEwK7R7kIvbMeYBfRCorZV9HJURqfhd36wPlajZfY
+obewDES4Lxuf6IErzroOaKcgUoMH7ifg4PRnKrlr3hJwY1y9CpXjzUo3QIDAQAB
o4IEBTCCBAEwHQYDVR0OBBYEFOx7Awe/iqbXcJovMXqpKhVdCY2FMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvN0hzREI3LUtwdGR3bWk4eGVxa3FGVjBKallVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICGQYIKwYBBQUHAQcBAf8EggIIMIICBDCCAgAEAgABMIIB
+AMEAQWN6gMEAB/AqzAMAwQAH8CzAwQBH8C0MAwDBAAfwLsDBAAfwLwDBAQu5WAD
BABX4PkDBABX4PsDBABanQUDBABanRADBABanRgDBABanR4DBABanSIDBABanTYD
BABanToDBANanUAwDAMEAVqdTgMEAlqdUDAMAwQAWp1tAwQAWp1uAwQAWp1zAwQA
XDZFAwQAXDZaAwQAXDZ1MAwDBAFeH4YDBABeH4gwDAMEAF4fkwMEAF4flAMEAF4f
lwMEAV4fngMEAF4fqwMEAF4fsAMEAV4fsgMEAV4fuDAMAwQAXh/BAwQAXh/EAwQB
Xh/GAwQAXh/KAwQBXh/OAwQAXh/SAwQAXh/UAwQBXh/YAwQAXh/dAwQAXh/gAwQA
Xh/iAwQAXh/lMAwDBABeH+kDBABeH+oDBAFeH/ADBABeH/MDBAFeH/YDBABeH/oD
BABeH/0DBABeH/8DBANeM+gDBAG8EXQDBAG8EnADBAC8EnQDBAC8SYMDBAG8SYgD
BAC8SYswDAMEALxJjQMEALxJjgMEAbxJkAMEALxJkwMEALxJlQMEALxJlwMEALxJ
mgMEALxJnAMEALxJngMEALxJogMEALxJqAMEAbxJqgMEAbxJrgMEALxJtwMEALxJ
uQMEAdWOIgMEANWOJQMEAdWOKAMEANWOOTANBgkqhkiG9w0BAQsFAAOCAQEAXR1X
Z/btfUGHMQYO1FVzs5JykThrBPdk1JbFmp7Z2LyHpIQ/zY9PhfU0yYEaBp6sWRb2
z2kBSWFusk5n5yko3i3CWJWYF2FUcpoWuim8gyjiDxAuA90fsxPzd9NKK77lgHJN
uBD4xLKXMmtunsGzBQT4Op7eXFOlc/FPZ+rjNM4N9ihp3nNFj7uNpgSzgBHTV+IE
4DOaHLehboffG/wrBPIJyvFnz1xmLG3mjBalNBLxmVRErAGY9XstZlfsGXQwPQhf
rX50o5g8f8CvNPQPJ3iP2P8d030OeL32mZ5j5YOJP53ZILSa7SLlAh0SvF4wUX+v
imVQnrRtO/LQ72M/MQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:36:25 2024 by rpki-client on console-fra.rpki-client.org