Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/qrmw0mt3KaCG9adNOgcSlKMZWkM.roa
File: qrmw0mt3KaCG9adNOgcSlKMZWkM.roa (raw, json)
Hash identifier: /tpwpPsrcaObgpmHb1RQNHYspiJig75r8iHR+E6g4Oc=
Subject key identifier: AA:B9:B0:D2:6B:77:29:A0:86:F5:A7:4D:3A:07:12:94:A3:19:5A:43
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 018CC7933CF896DE6C56E5FBABD89CCE34E2
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/qrmw0mt3KaCG9adNOgcSlKMZWkM.roa
Signing time: Tue 02 Jan 2024 00:29:24 +0000
ROA not before: Tue 02 Jan 2024 00:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 37.252.3.0/24 maxlen: 24
37.252.14.0/23 maxlen: 23
37.252.13.0/24 maxlen: 24
213.142.146.0/23 maxlen: 23
185.238.170.0/23 maxlen: 23
185.238.168.0/23 maxlen: 23
5.45.72.0/22 maxlen: 22
5.45.76.0/22 maxlen: 22
5.45.84.0/22 maxlen: 22
188.116.24.0/24 maxlen: 24
188.116.23.0/24 maxlen: 24
188.116.21.0/24 maxlen: 24
5.45.88.0/22 maxlen: 22
188.116.26.0/24 maxlen: 24
5.45.92.0/22 maxlen: 22
188.116.25.0/24 maxlen: 24
188.116.27.0/24 maxlen: 24
176.97.79.0/24 maxlen: 24
46.102.106.0/24 maxlen: 24
5.45.64.0/21 maxlen: 21
45.136.48.0/22 maxlen: 22
37.1.200.0/21 maxlen: 21
62.197.48.0/23 maxlen: 23
37.1.216.0/21 maxlen: 21
5.61.48.0/22 maxlen: 22
5.61.56.0/22 maxlen: 22
5.61.52.0/22 maxlen: 22
2a02:c6c3::/32 maxlen: 32
2a02:c6c1:2::/48 maxlen: 48
2a02:c6c1:10::/48 maxlen: 48
2a02:c6c2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:3c:f8:96:de:6c:56:e5:fb:ab:d8:9c:ce:34:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Jan 2 00:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aab9b0d26b7729a086f5a74d3a071294a3195a43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:fe:30:3d:d1:2c:b8:81:22:6f:26:06:4e:6e:
16:36:0a:50:24:5f:81:a7:c8:48:1f:24:36:ec:34:
49:5a:88:05:2d:be:96:9c:48:ab:68:14:27:50:50:
08:59:eb:27:9a:b1:85:09:14:84:00:ef:a0:e1:8f:
92:3d:9c:59:37:de:4f:b1:a0:e9:5a:6e:7a:e5:6c:
83:b5:a3:f4:f6:44:a5:87:37:ff:35:65:d4:03:0e:
8a:d1:d6:d6:8e:cd:01:6b:fd:c1:78:4c:d6:d0:9e:
ff:10:be:2f:e8:c2:80:61:cc:62:d2:69:02:b4:90:
b8:62:f6:f7:a0:da:01:b9:64:a7:30:31:be:f6:6b:
a4:c5:ec:60:bc:d4:0b:81:1b:05:ef:7d:3a:52:f1:
38:8a:46:ff:b9:db:ed:23:f5:8e:7d:97:fc:c5:f0:
df:62:f0:01:d1:7f:9b:07:f2:c8:02:02:d5:80:0c:
73:05:1e:12:3e:6c:d1:68:14:f8:7e:44:a5:24:dc:
d2:bc:b9:24:ea:93:83:f9:d0:84:4f:69:01:6c:c9:
0f:37:12:04:28:ed:c6:84:bc:c7:35:b0:cb:6e:77:
b4:5e:43:0e:a8:f6:83:2e:28:3e:24:e6:15:83:1b:
25:55:38:34:9a:e6:ad:a5:b0:8f:9f:89:ef:3a:48:
12:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:B9:B0:D2:6B:77:29:A0:86:F5:A7:4D:3A:07:12:94:A3:19:5A:43
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/qrmw0mt3KaCG9adNOgcSlKMZWkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.64.0/20
5.45.84.0-5.45.95.255
5.61.48.0-5.61.59.255
37.1.200.0/21
37.1.216.0/21
37.252.3.0/24
37.252.13.0-37.252.15.255
45.136.48.0/22
46.102.106.0/24
62.197.48.0/23
176.97.79.0/24
185.238.168.0/22
188.116.21.0/24
188.116.23.0-188.116.27.255
213.142.146.0/23
IPv6:
2a02:c6c1:2::/48
2a02:c6c1:10::/48
2a02:c6c2::/31
Signature Algorithm: sha256WithRSAEncryption
09:b3:1b:ee:52:71:9e:f3:90:f0:7b:e3:37:e0:71:b7:2c:3b:
03:07:d4:24:b8:55:36:2b:e4:49:ae:c7:8d:4b:cf:fc:48:5f:
02:15:8d:55:a4:8f:39:03:be:70:e1:47:98:6a:24:1e:0b:37:
7a:9c:c8:57:9e:a7:70:68:d2:b0:46:79:ba:68:11:0b:3a:fa:
18:e0:88:1a:40:f1:6c:d8:4d:a8:5b:1d:74:a0:ea:ea:96:67:
ad:7f:e8:48:f8:7b:1a:5a:5e:c2:0a:49:43:79:89:4d:e7:78:
8c:5d:c5:3e:fc:71:22:50:ee:9a:b8:c7:9b:47:18:0a:c9:12:
cb:3b:65:e2:bd:67:20:b7:1a:1f:69:9f:6c:a6:bc:1c:54:4f:
86:65:0c:a9:bf:b5:eb:8f:33:82:fb:fe:c8:0b:c6:32:82:92:
b7:cb:7c:e2:0e:67:f2:5b:d1:a4:43:a8:00:c1:7d:07:82:af:
c9:f4:2c:cf:ac:f8:02:b2:28:dc:4e:8c:08:d3:df:b0:92:21:
ac:c4:be:25:07:79:8b:f7:6c:2d:42:e5:7e:de:6d:8f:bf:27:
84:92:f2:d4:b4:a8:e3:66:21:1b:6a:eb:22:25:c1:af:7a:d8:
b1:d6:3d:e7:2b:f0:b8:ba:f4:26:c6:f4:35:f5:cf:1a:c6:fa:
15:68:8e:a7
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYzHkzz4lt5sVuX7q9iczjTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjQwMTAyMDAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWI5YjBkMjZiNzcyOWEwODZmNWE3NGQzYTA3MTI5NGEzMTk1YTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApf4wPdEsuIEibyYGTm4WNgpQJF+B
p8hIHyQ27DRJWogFLb6WnEiraBQnUFAIWesnmrGFCRSEAO+g4Y+SPZxZN95PsaDp
Wm565WyDtaP09kSlhzf/NWXUAw6K0dbWjs0Ba/3BeEzW0J7/EL4v6MKAYcxi0mkC
tJC4Yvb3oNoBuWSnMDG+9mukxexgvNQLgRsF7306UvE4ikb/udvtI/WOfZf8xfDf
YvAB0X+bB/LIAgLVgAxzBR4SPmzRaBT4fkSlJNzSvLkk6pOD+dCET2kBbMkPNxIE
KO3GhLzHNbDLbne0XkMOqPaDLig+JOYVgxslVTg0muatpbCPn4nvOkgStwIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFKq5sNJrdymghvWnTToHEpSjGVpDMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvcXJtdzBtdDNLYUNHOWFkTk9nY1NsS01aV2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBgAQCAAEwegMEBAUt
QDAMAwQCBS1UAwQFBS1AMAwDBAQFPTADBAIFPTgDBAMlAcgDBAMlAdgDBAAl/AMw
DAMEACX8DQMEBCX8AAMEAi2IMAMEAC5magMEAT7FMAMEALBhTwMEArnuqAMEALx0
FTAMAwQAvHQXAwQCvHQYAwQB1Y6SMB8EAgACMBkDBwAqAsbBAAIDBwAqAsbBABAD
BQEqAsbCMA0GCSqGSIb3DQEBCwUAA4IBAQAJsxvuUnGe85Dwe+M34HG3LDsDB9Qk
uFU2K+RJrseNS8/8SF8CFY1VpI85A75w4UeYaiQeCzd6nMhXnqdwaNKwRnm6aBEL
OvoY4IgaQPFs2E2oWx10oOrqlmetf+hI+HsaWl7CCklDeYlN53iMXcU+/HEiUO6a
uMebRxgKyRLLO2XivWcgtxofaZ9sprwcVE+GZQypv7XrjzOC+/7IC8YygpK3y3zi
DmfyW9GkQ6gAwX0Hgq/J9CzPrPgCsijcTowI09+wkiGsxL4lB3mL92wtQuV+3m2P
vyeEkvLUtKjjZiEbausiJcGvetix1j3nK/C4uvQmxvQ19c8axvoVaI6n
-----END CERTIFICATE-----
Generated at Mon May 20 17:55:31 2024 by rpki-client on console-ams.rpki-client.org