Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/81df33-7538-40d8-b81e-d18610075efc/1/NhDr2KLQCroDxSQCXWksI7eSBwg.roa
File: NhDr2KLQCroDxSQCXWksI7eSBwg.roa (raw, json)
Hash identifier: oMKGhIYM7Uu/4DtqSZadmurmI1K1Bnhyc8R9Y/b8sBM=
Subject key identifier: 36:10:EB:D8:A2:D0:0A:BA:03:C5:24:02:5D:69:2C:23:B7:92:07:08
Certificate issuer: /CN=5336107179715609dca422bc07a098468c529452
Certificate serial: 018CC3B72B4C22855A0287043092F97C849C
Authority key identifier: 53:36:10:71:79:71:56:09:DC:A4:22:BC:07:A0:98:46:8C:52:94:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UzYQcXlxVgncpCK8B6CYRoxSlFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/81df33-7538-40d8-b81e-d18610075efc/1/NhDr2KLQCroDxSQCXWksI7eSBwg.roa
Signing time: Mon 01 Jan 2024 06:30:10 +0000
ROA not before: Mon 01 Jan 2024 06:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43927
IP address blocks: 77.81.240.0/21 maxlen: 24
185.250.105.0/24 maxlen: 24
185.250.104.0/24 maxlen: 24
185.250.107.0/24 maxlen: 24
185.250.106.0/24 maxlen: 24
93.113.174.0/24 maxlen: 24
185.199.172.0/24 maxlen: 24
185.199.174.0/24 maxlen: 24
185.199.173.0/24 maxlen: 24
185.199.175.0/24 maxlen: 24
188.240.47.0/24 maxlen: 24
92.114.98.0/24 maxlen: 24
46.102.240.0/21 maxlen: 24
91.188.224.0/24 maxlen: 24
91.188.226.0/24 maxlen: 24
91.188.225.0/24 maxlen: 24
91.188.227.0/24 maxlen: 24
89.33.197.0/24 maxlen: 24
185.105.32.0/22 maxlen: 24
185.125.109.0/24 maxlen: 24
185.125.108.0/24 maxlen: 24
185.125.110.0/23 maxlen: 24
89.45.248.0/21 maxlen: 24
89.32.144.0/21 maxlen: 24
188.241.112.0/21 maxlen: 24
2a06:cd40:3::/48 maxlen: 48
2a06:cd40:cafe::/48 maxlen: 48
2a06:cd40:2::/48 maxlen: 48
2a06:cd40:300::/48 maxlen: 64
2a06:cd40:200::/48 maxlen: 48
2a06:cd40:100::/48 maxlen: 48
2a06:cd40:400::/48 maxlen: 48
2a06:cd40:4::/48 maxlen: 48
2a06:cd40:caff::/48 maxlen: 48
2a06:cd40:1::/48 maxlen: 48
2a06:cd40:301::/48 maxlen: 64
2a06:cd40:101::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/81df33-7538-40d8-b81e-d18610075efc/1/UzYQcXlxVgncpCK8B6CYRoxSlFI.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/81df33-7538-40d8-b81e-d18610075efc/1/UzYQcXlxVgncpCK8B6CYRoxSlFI.mft
rsync://rpki.ripe.net/repository/DEFAULT/UzYQcXlxVgncpCK8B6CYRoxSlFI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 06:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:2b:4c:22:85:5a:02:87:04:30:92:f9:7c:84:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5336107179715609dca422bc07a098468c529452
Validity
Not Before: Jan 1 06:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3610ebd8a2d00aba03c524025d692c23b7920708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:92:ba:54:25:36:ea:c5:d7:6f:2e:92:04:40:
47:e8:09:3e:02:d1:15:ad:19:6f:1c:43:43:19:66:
6d:08:d9:e7:1e:cb:81:1e:d1:14:50:85:c9:1a:25:
06:ed:00:cb:0a:d6:91:1c:98:43:93:4e:2b:87:3d:
04:23:24:94:e6:16:05:64:c5:50:95:c0:4f:3a:09:
0a:5e:f9:1b:6b:ee:a6:9a:9a:79:6f:43:c9:e1:2f:
8c:f4:97:bf:cd:d6:e0:ac:12:0d:ec:e9:52:f6:76:
30:51:06:1f:ad:b5:4b:8f:84:75:ae:22:8e:b1:a3:
05:91:a4:62:c8:4c:98:58:83:48:b0:ae:aa:dd:d1:
d1:04:e0:9e:7b:8e:9b:e0:a3:be:e8:a3:30:ac:09:
43:d0:d4:08:d6:64:30:95:57:ec:31:c9:5a:67:25:
eb:0a:de:aa:c7:3c:96:56:70:c5:ad:05:ba:2f:9d:
3b:6e:8a:d9:b0:c1:41:0a:bf:41:7e:d9:c9:a9:4f:
eb:dc:c2:f5:c9:11:17:26:ab:24:c0:12:af:2e:3b:
a6:b2:74:06:f1:65:20:c3:aa:85:49:c6:f6:06:8b:
1e:26:df:9e:c2:42:df:22:06:26:59:06:8b:8b:88:
37:46:38:e7:00:5a:ed:50:cc:f5:57:86:f3:2f:11:
1f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:10:EB:D8:A2:D0:0A:BA:03:C5:24:02:5D:69:2C:23:B7:92:07:08
X509v3 Authority Key Identifier:
keyid:53:36:10:71:79:71:56:09:DC:A4:22:BC:07:A0:98:46:8C:52:94:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzYQcXlxVgncpCK8B6CYRoxSlFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/81df33-7538-40d8-b81e-d18610075efc/1/NhDr2KLQCroDxSQCXWksI7eSBwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/81df33-7538-40d8-b81e-d18610075efc/1/UzYQcXlxVgncpCK8B6CYRoxSlFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.240.0/21
77.81.240.0/21
89.32.144.0/21
89.33.197.0/24
89.45.248.0/21
91.188.224.0/22
92.114.98.0/24
93.113.174.0/24
185.105.32.0/22
185.125.108.0/22
185.199.172.0/22
185.250.104.0/22
188.240.47.0/24
188.241.112.0/21
IPv6:
2a06:cd40:1::-2a06:cd40:4:ffff:ffff:ffff:ffff:ffff
2a06:cd40:100::/47
2a06:cd40:200::/48
2a06:cd40:300::/47
2a06:cd40:400::/48
2a06:cd40:cafe::/47
Signature Algorithm: sha256WithRSAEncryption
11:cb:f5:7e:10:10:a5:67:18:93:45:06:1c:96:6a:ce:2f:48:
27:c1:c0:35:ce:69:77:24:f6:00:c1:14:fd:6a:70:be:7c:1d:
cf:30:55:67:c6:f9:56:6d:ac:ca:9d:7a:dd:60:94:ee:c8:e6:
98:6d:45:e2:c2:e9:99:f5:4f:ca:71:5e:0a:a5:83:76:e2:e3:
a1:21:1c:13:61:cf:16:8b:da:87:6d:36:5e:6a:4e:85:cd:73:
8e:16:e6:9c:41:9f:87:bb:eb:a7:ed:c6:e4:5a:09:4b:78:d7:
2d:8e:ac:ad:b5:62:dd:22:67:1d:d0:54:b3:7e:14:2e:56:87:
50:e8:89:59:7e:af:1e:32:a1:2d:f2:6a:43:a1:6a:17:8a:91:
cc:4c:8d:3e:2f:e5:26:cc:a9:bb:5f:21:57:70:eb:f6:e1:70:
9f:55:de:91:82:ca:5d:2e:dc:6a:2c:94:6f:d3:66:25:af:59:
9e:96:8f:00:a6:6d:ce:4f:de:b2:55:a5:cb:89:c6:ef:92:fd:
cb:66:1d:88:04:0b:d3:e5:7a:d5:0e:fb:5e:34:b3:95:54:af:
1e:51:e3:29:c6:28:e3:88:dd:14:a1:0a:69:e2:cc:76:75:b6:
19:4b:58:8b:54:c7:c4:46:09:8c:dd:4e:34:55:ba:28:11:fc:
6f:cd:40:6a
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYzDtytMIoVaAocEMJL5fIScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMzYxMDcxNzk3MTU2MDlkY2E0MjJiYzA3YTA5ODQ2OGM1
Mjk0NTIwHhcNMjQwMTAxMDYzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjEwZWJkOGEyZDAwYWJhMDNjNTI0MDI1ZDY5MmMyM2I3OTIwNzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZK6VCU26sXXby6SBEBH6Ak+AtEV
rRlvHENDGWZtCNnnHsuBHtEUUIXJGiUG7QDLCtaRHJhDk04rhz0EIySU5hYFZMVQ
lcBPOgkKXvkba+6mmpp5b0PJ4S+M9Je/zdbgrBIN7OlS9nYwUQYfrbVLj4R1riKO
saMFkaRiyEyYWINIsK6q3dHRBOCee46b4KO+6KMwrAlD0NQI1mQwlVfsMclaZyXr
Ct6qxzyWVnDFrQW6L507borZsMFBCr9BftnJqU/r3ML1yREXJqskwBKvLjumsnQG
8WUgw6qFScb2BoseJt+ewkLfIgYmWQaLi4g3RjjnAFrtUMz1V4bzLxEf8wIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFDYQ69ii0Aq6A8UkAl1pLCO3kgcIMB8GA1UdIwQY
MBaAFFM2EHF5cVYJ3KQivAegmEaMUpRSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXpZUWNYbHhWZ25jcENLOEI2Q1lSb3hTbEZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS84MWRmMzMtNzUzOC00MGQ4LWI4MWUt
ZDE4NjEwMDc1ZWZjLzEvTmhEcjJLTFFDcm9EeFNRQ1hXa3NJN2VTQndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS84MWRmMzMtNzUzOC00MGQ4LWI4MWUtZDE4NjEwMDc1ZWZj
LzEvVXpZUWNYbHhWZ25jcENLOEI2Q1lSb3hTbEZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTBaBAIAATBUAwQDLmbw
AwQDTVHwAwQDWSCQAwQAWSHFAwQDWS34AwQCW7zgAwQAXHJiAwQAXXGuAwQCuWkg
AwQCuX1sAwQCucesAwQCufpoAwQAvPAvAwQDvPFwMEcEAgACMEEwEgMHACoGzUAA
AQMHACoGzUAABAMHASoGzUABAAMHACoGzUACAAMHASoGzUADAAMHACoGzUAEAAMH
ASoGzUDK/jANBgkqhkiG9w0BAQsFAAOCAQEAEcv1fhAQpWcYk0UGHJZqzi9IJ8HA
Nc5pdyT2AMEU/WpwvnwdzzBVZ8b5Vm2syp163WCU7sjmmG1F4sLpmfVPynFeCqWD
duLjoSEcE2HPFovah202XmpOhc1zjhbmnEGfh7vrp+3G5FoJS3jXLY6srbVi3SJn
HdBUs34ULlaHUOiJWX6vHjKhLfJqQ6FqF4qRzEyNPi/lJsypu18hV3Dr9uFwn1Xe
kYLKXS7caiyUb9NmJa9ZnpaPAKZtzk/eslWly4nG75L9y2YdiAQL0+V61Q77XjSz
lVSvHlHjKcYo44jdFKEKaeLMdnW2GUtYi1THxEYJjN1ONFW6KBH8b81Aag==
-----END CERTIFICATE-----
Generated at Fri May 24 14:05:43 2024 by rpki-client on console-fra.rpki-client.org