Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/UsVZApOM1qxNQJinfWAjjz1hh6U.roa
File: UsVZApOM1qxNQJinfWAjjz1hh6U.roa (raw, json)
Hash identifier: 547QC8Gu/5V5vK1YG79yyDZgGwsGtUhPkuO6do5VUEE=
Subject key identifier: 52:C5:59:02:93:8C:D6:AC:4D:40:98:A7:7D:60:23:8F:3D:61:87:A5
Certificate issuer: /CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Certificate serial: 018CC492355811AF7B63139C6EBF198811B9
Authority key identifier: 65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/UsVZApOM1qxNQJinfWAjjz1hh6U.roa
Signing time: Mon 01 Jan 2024 10:29:25 +0000
ROA not before: Mon 01 Jan 2024 10:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34295
IP address blocks: 109.107.64.0/24 maxlen: 24
109.107.65.0/24 maxlen: 24
109.107.67.0/24 maxlen: 24
109.107.66.0/24 maxlen: 24
109.107.69.0/24 maxlen: 24
109.107.68.0/24 maxlen: 24
109.107.68.0/23 maxlen: 23
109.107.81.0/24 maxlen: 24
109.107.80.0/24 maxlen: 24
109.107.83.0/24 maxlen: 24
109.107.82.0/24 maxlen: 24
109.107.85.0/24 maxlen: 24
109.107.84.0/24 maxlen: 24
109.107.86.0/24 maxlen: 24
109.107.87.0/24 maxlen: 24
94.139.203.0/24 maxlen: 24
94.139.202.0/24 maxlen: 24
94.139.201.0/24 maxlen: 24
94.139.200.0/24 maxlen: 24
94.139.200.0/21 maxlen: 21
94.139.200.0/22 maxlen: 22
94.139.192.0/24 maxlen: 24
94.139.192.0/22 maxlen: 22
94.139.196.0/24 maxlen: 24
94.139.198.0/24 maxlen: 24
94.139.197.0/24 maxlen: 24
94.139.199.0/24 maxlen: 24
94.139.196.0/22 maxlen: 22
185.52.49.0/24 maxlen: 24
77.76.161.0/24 maxlen: 24
77.76.160.0/24 maxlen: 24
77.76.162.0/24 maxlen: 24
77.76.164.0/24 maxlen: 24
77.76.163.0/24 maxlen: 24
77.76.166.0/24 maxlen: 24
77.76.165.0/24 maxlen: 24
77.76.169.0/24 maxlen: 24
77.76.171.0/24 maxlen: 24
77.76.170.0/24 maxlen: 24
77.76.172.0/24 maxlen: 24
77.76.168.0/24 maxlen: 24
77.76.167.0/24 maxlen: 24
77.76.173.0/24 maxlen: 24
77.76.175.0/24 maxlen: 24
77.76.174.0/24 maxlen: 24
77.76.183.0/24 maxlen: 24
77.76.180.0/24 maxlen: 24
77.76.182.0/24 maxlen: 24
77.76.181.0/24 maxlen: 24
188.124.64.0/24 maxlen: 24
188.124.65.0/24 maxlen: 24
188.124.67.0/24 maxlen: 24
188.124.66.0/24 maxlen: 24
188.124.69.0/24 maxlen: 24
188.124.68.0/24 maxlen: 24
188.124.70.0/24 maxlen: 24
188.124.71.0/24 maxlen: 24
188.124.72.0/24 maxlen: 24
188.124.74.0/24 maxlen: 24
188.124.73.0/24 maxlen: 24
188.124.75.0/24 maxlen: 24
188.124.77.0/24 maxlen: 24
188.124.76.0/24 maxlen: 24
188.124.78.0/24 maxlen: 24
188.124.80.0/22 maxlen: 22
188.124.79.0/24 maxlen: 24
188.124.81.0/24 maxlen: 24
188.124.80.0/24 maxlen: 24
188.124.82.0/24 maxlen: 24
188.124.84.0/24 maxlen: 24
188.124.83.0/24 maxlen: 24
188.124.85.0/24 maxlen: 24
188.124.86.0/24 maxlen: 24
188.124.88.0/24 maxlen: 24
188.124.87.0/24 maxlen: 24
188.124.89.0/24 maxlen: 24
188.124.91.0/24 maxlen: 24
188.124.90.0/24 maxlen: 24
178.75.202.0/24 maxlen: 24
178.75.204.0/22 maxlen: 22
178.75.203.0/24 maxlen: 24
178.75.205.0/24 maxlen: 24
178.75.206.0/24 maxlen: 24
178.75.204.0/24 maxlen: 24
178.75.201.0/24 maxlen: 24
178.75.200.0/24 maxlen: 24
178.75.208.0/24 maxlen: 24
178.75.208.0/22 maxlen: 22
178.75.212.0/22 maxlen: 22
178.75.207.0/24 maxlen: 24
178.75.210.0/24 maxlen: 24
178.75.209.0/24 maxlen: 24
178.75.211.0/24 maxlen: 24
178.75.213.0/24 maxlen: 24
178.75.212.0/24 maxlen: 24
178.75.217.0/24 maxlen: 24
178.75.216.0/24 maxlen: 24
178.75.218.0/24 maxlen: 24
178.75.219.0/24 maxlen: 24
178.75.215.0/24 maxlen: 24
178.75.214.0/24 maxlen: 24
178.75.216.0/22 maxlen: 22
178.75.220.0/24 maxlen: 24
178.75.222.0/24 maxlen: 24
178.75.221.0/24 maxlen: 24
178.75.223.0/24 maxlen: 24
178.75.220.0/22 maxlen: 22
178.75.240.0/24 maxlen: 24
178.75.240.0/23 maxlen: 23
178.75.245.0/24 maxlen: 24
178.75.244.0/24 maxlen: 24
178.75.246.0/24 maxlen: 24
178.75.241.0/24 maxlen: 24
178.75.243.0/24 maxlen: 24
178.75.242.0/24 maxlen: 24
178.75.248.0/24 maxlen: 24
178.75.247.0/24 maxlen: 24
178.75.250.0/24 maxlen: 24
178.75.249.0/24 maxlen: 24
178.75.251.0/24 maxlen: 24
178.75.248.0/22 maxlen: 22
77.76.145.0/24 maxlen: 24
77.76.144.0/24 maxlen: 24
77.76.147.0/24 maxlen: 24
77.76.146.0/24 maxlen: 24
77.76.148.0/24 maxlen: 24
77.76.149.0/24 maxlen: 24
178.75.192.0/22 maxlen: 22
178.75.192.0/24 maxlen: 24
178.75.194.0/24 maxlen: 24
178.75.193.0/24 maxlen: 24
178.75.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 20:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:35:58:11:af:7b:63:13:9c:6e:bf:19:88:11:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Validity
Not Before: Jan 1 10:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52c55902938cd6ac4d4098a77d60238f3d6187a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5e:9d:84:d1:d4:a6:04:03:7a:02:1c:c1:21:
b4:8b:1e:ee:e6:8f:3c:47:b8:02:14:d0:b4:b2:b3:
0f:02:c1:54:cc:24:02:5b:f3:db:30:e3:c4:0f:d3:
fd:c7:a8:ec:7e:9a:48:13:50:f2:8b:0f:aa:a1:e8:
cf:91:ef:2b:67:1d:58:e7:a5:d6:12:10:16:37:90:
d3:e9:e0:75:12:08:e2:09:32:b6:b7:24:a8:be:c8:
db:0c:b5:61:8c:a9:63:e1:c2:06:e7:f2:dc:32:70:
6e:6a:e9:9e:f4:b2:1f:c7:c2:97:39:11:63:9c:a6:
7e:fc:87:dd:dd:a4:af:fc:d6:8b:bd:1c:06:c4:6d:
57:f1:10:4c:94:3c:71:f5:fc:91:39:d7:e3:44:ef:
d2:d3:5f:cd:b8:86:c2:9f:a0:15:89:2f:cc:fc:e8:
e9:93:ec:bd:c3:08:36:0d:66:7d:98:8d:a5:c3:d8:
c5:3c:ee:a1:c1:29:02:4a:a6:4d:5b:e0:24:d7:95:
28:84:f5:27:de:68:e1:de:c9:57:aa:7c:3f:3a:24:
97:3a:39:c2:69:08:e6:aa:63:06:8e:e9:8e:ec:a8:
69:a4:bd:84:05:be:fb:06:34:a0:74:ec:1d:86:cc:
81:73:01:67:bc:85:f5:7b:c7:30:bd:ad:2c:f1:a9:
b3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C5:59:02:93:8C:D6:AC:4D:40:98:A7:7D:60:23:8F:3D:61:87:A5
X509v3 Authority Key Identifier:
keyid:65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/UsVZApOM1qxNQJinfWAjjz1hh6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.144.0-77.76.149.255
77.76.160.0/20
77.76.180.0/22
94.139.192.0/20
109.107.64.0-109.107.69.255
109.107.80.0/21
178.75.192.0/22
178.75.200.0-178.75.223.255
178.75.240.0-178.75.251.255
185.52.49.0/24
188.124.64.0-188.124.91.255
Signature Algorithm: sha256WithRSAEncryption
51:76:48:77:2d:2e:d4:1d:e4:a2:77:e4:82:98:3a:3f:20:cd:
eb:26:42:27:ee:87:74:3c:77:73:3b:47:f2:7e:cd:9b:43:f7:
ba:04:90:16:eb:e6:25:5c:87:eb:3e:cf:a6:06:c3:f5:5a:bc:
ed:34:b4:e2:ce:3a:34:4f:c2:5c:e2:29:3a:7f:9b:92:21:b1:
68:a1:8d:ac:61:91:d7:7d:bf:79:f3:57:b5:b4:69:b3:21:43:
18:54:e9:45:83:ca:0d:87:64:84:f6:d5:80:97:e8:72:6c:0b:
aa:37:40:10:03:45:6e:4f:7e:e4:31:55:57:17:a4:b3:8d:8c:
da:a0:f5:d0:0e:b9:ce:47:78:09:10:bc:6b:a5:fb:ea:25:14:
b0:e5:85:00:6c:0e:50:b9:7b:dd:ae:1b:e7:3f:20:8e:bf:8c:
c1:f4:b8:5d:c6:42:4e:9a:c5:04:f0:1d:fe:98:23:b2:65:f8:
10:ea:cc:d6:1f:88:55:57:4b:ae:59:94:cf:3c:6f:f6:4e:4a:
4c:ed:38:42:36:cc:46:2e:64:6b:5c:bc:97:fd:54:30:fa:84:
de:0a:b3:a0:70:d6:a3:de:77:ab:d5:d3:1e:5b:d1:f6:f3:da:
31:29:cf:e5:80:dd:94:2f:65:f8:fd:56:66:df:7b:6e:7d:01:
c1:52:5d:84
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYzEkjVYEa97YxOcbr8ZiBG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ODE2Nzc0YjdjNTY2NWQ2N2E4NmMyMGNlYjY0ODdiNWI3
OGIzOGQwHhcNMjQwMTAxMTAyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmM1NTkwMjkzOGNkNmFjNGQ0MDk4YTc3ZDYwMjM4ZjNkNjE4N2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlF6dhNHUpgQDegIcwSG0ix7u5o88
R7gCFNC0srMPAsFUzCQCW/PbMOPED9P9x6jsfppIE1Dyiw+qoejPke8rZx1Y56XW
EhAWN5DT6eB1EgjiCTK2tySovsjbDLVhjKlj4cIG5/LcMnBuaume9LIfx8KXORFj
nKZ+/Ifd3aSv/NaLvRwGxG1X8RBMlDxx9fyROdfjRO/S01/NuIbCn6AViS/M/Ojp
k+y9wwg2DWZ9mI2lw9jFPO6hwSkCSqZNW+Ak15UohPUn3mjh3slXqnw/OiSXOjnC
aQjmqmMGjumO7KhppL2EBb77BjSgdOwdhsyBcwFnvIX1e8cwva0s8amznwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFFLFWQKTjNasTUCYp31gI489YYelMB8GA1UdIwQY
MBaAFGWBZ3S3xWZdZ6hsIM62SHtbeLONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYt
NmIxNDY5YzNiOTVhLzEvVXNWWkFwT00xcXhOUUppbmZXQWpqejFoaDZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYtNmIxNDY5YzNiOTVh
LzEvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwajAMAwQETUyQ
AwQBTUyUAwQETUygAwQCTUy0AwQEXovAMAwDBAZta0ADBAFta0QDBANta1ADBAKy
S8AwDAMEA7JLyAMEBbJLwDAMAwQEskvwAwQCskv4AwQAuTQxMAwDBAa8fEADBAK8
fFgwDQYJKoZIhvcNAQELBQADggEBAFF2SHctLtQd5KJ35IKYOj8gzesmQifuh3Q8
d3M7R/J+zZtD97oEkBbr5iVch+s+z6YGw/VavO00tOLOOjRPwlziKTp/m5IhsWih
jaxhkdd9v3nzV7W0abMhQxhU6UWDyg2HZIT21YCX6HJsC6o3QBADRW5PfuQxVVcX
pLONjNqg9dAOuc5HeAkQvGul++olFLDlhQBsDlC5e92uG+c/II6/jMH0uF3GQk6a
xQTwHf6YI7Jl+BDqzNYfiFVXS65ZlM88b/ZOSkztOEI2zEYuZGtcvJf9VDD6hN4K
s6Bw1qPed6vV0x5b0fbz2jEpz+WA3ZQvZfj9Vmbfe259AcFSXYQ=
-----END CERTIFICATE-----
Generated at Fri Jun 21 03:37:26 2024 by rpki-client on console-ams.rpki-client.org