Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/RnAi33dlvnAG2cKK7oFp7aWVzWA.roa
File: RnAi33dlvnAG2cKK7oFp7aWVzWA.roa (raw, json)
Hash identifier: YwEGUpVKgqfexCNQi1QhkTniHWRQcHPojYObsq/JVIg=
Subject key identifier: 46:70:22:DF:77:65:BE:70:06:D9:C2:8A:EE:81:69:ED:A5:95:CD:60
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 018ECDF93C2EC512536F6CCD59B69946F48B
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/RnAi33dlvnAG2cKK7oFp7aWVzWA.roa
Signing time: Thu 11 Apr 2024 16:24:06 +0000
ROA not before: Thu 11 Apr 2024 16:24:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 5.157.136.0/24 maxlen: 24
5.157.139.0/24 maxlen: 24
37.35.36.0/24 maxlen: 24
37.35.37.0/24 maxlen: 24
37.35.39.0/24 maxlen: 24
62.216.92.0/24 maxlen: 24
62.216.93.0/24 maxlen: 24
91.225.15.0/24 maxlen: 24
146.66.208.0/24 maxlen: 24
146.66.209.0/24 maxlen: 24
146.66.212.0/22 maxlen: 22
146.66.212.0/23 maxlen: 23
146.66.212.0/24 maxlen: 24
146.66.213.0/24 maxlen: 24
146.66.214.0/24 maxlen: 24
146.66.215.0/24 maxlen: 24
146.66.220.0/24 maxlen: 24
146.66.221.0/24 maxlen: 24
146.66.222.0/24 maxlen: 24
146.66.223.0/24 maxlen: 24
178.157.76.0/24 maxlen: 24
178.157.94.0/24 maxlen: 24
178.157.108.0/24 maxlen: 24
178.157.124.0/24 maxlen: 24
178.157.126.0/24 maxlen: 24
188.74.128.0/24 maxlen: 24
188.74.152.0/24 maxlen: 24
188.74.155.0/24 maxlen: 24
188.74.171.0/24 maxlen: 24
188.74.181.0/24 maxlen: 24
188.74.190.0/24 maxlen: 24
188.74.208.0/24 maxlen: 24
188.74.209.0/24 maxlen: 24
188.74.245.0/24 maxlen: 24
188.119.165.0/24 maxlen: 24
188.119.166.0/24 maxlen: 24
188.119.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cd:f9:3c:2e:c5:12:53:6f:6c:cd:59:b6:99:46:f4:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Apr 11 16:24:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=467022df7765be7006d9c28aee8169eda595cd60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:40:78:f2:c6:92:03:4e:24:c1:a1:8c:86:3a:
3a:d2:c9:e7:65:12:ed:9b:04:21:a3:14:3e:7c:32:
14:5d:18:67:fb:6c:78:78:93:0f:f5:4d:ac:83:73:
a2:b8:e0:fc:4a:b2:6e:78:51:c5:89:d0:c5:ec:35:
33:68:57:8b:68:f5:8f:42:11:3b:72:2a:4a:1e:f2:
f2:6d:84:ab:09:07:ca:b0:2d:b6:b3:4a:08:df:36:
46:90:07:07:34:98:9c:20:93:89:c5:68:0c:1a:9c:
8c:20:cb:6f:4e:ee:3a:bb:de:99:e2:6a:8d:7b:53:
4a:a9:cd:b3:63:48:60:b2:d3:ba:03:56:62:9d:a4:
b5:e8:78:d5:5b:43:90:e9:51:32:a4:55:74:75:ab:
06:7b:c5:31:f8:b3:9a:de:89:b4:95:fa:8b:30:8a:
f3:bb:01:6e:75:96:5c:7a:34:24:97:3c:54:ef:ce:
59:ed:25:92:03:4b:b1:34:97:d8:16:c5:57:5b:d2:
a4:31:e8:2f:84:36:29:df:e5:4a:a4:57:7e:83:86:
78:a6:d9:0b:2f:61:d0:56:c6:02:01:a4:51:17:2c:
a3:3f:35:b2:9f:64:b6:ca:1b:fa:aa:1e:fa:c9:9e:
17:0b:be:a1:91:bb:e4:f8:39:69:b1:3d:5c:5f:bc:
f4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:70:22:DF:77:65:BE:70:06:D9:C2:8A:EE:81:69:ED:A5:95:CD:60
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/RnAi33dlvnAG2cKK7oFp7aWVzWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.136.0/24
5.157.139.0/24
37.35.36.0/23
37.35.39.0/24
62.216.92.0/23
91.225.15.0/24
146.66.208.0/23
146.66.212.0/22
146.66.220.0/22
178.157.76.0/24
178.157.94.0/24
178.157.108.0/24
178.157.124.0/24
178.157.126.0/24
188.74.128.0/24
188.74.152.0/24
188.74.155.0/24
188.74.171.0/24
188.74.181.0/24
188.74.190.0/24
188.74.208.0/23
188.74.245.0/24
188.119.165.0-188.119.166.255
188.119.181.0/24
Signature Algorithm: sha256WithRSAEncryption
43:9b:17:1a:35:31:8a:d8:32:61:48:e4:a2:1e:21:63:2c:27:
8d:74:40:15:aa:8e:98:d5:b6:cf:a0:ae:08:04:a0:f6:12:5a:
ae:1c:21:de:ab:a7:f1:a3:c9:d8:57:53:35:f6:ce:51:a7:0f:
e4:ea:4b:35:a0:69:92:24:96:ac:ae:a5:15:eb:52:24:c9:4b:
a8:67:b2:bb:60:2a:e9:1c:44:a1:22:02:16:d6:ad:64:54:d6:
a2:61:3d:fb:7a:af:8a:0d:ba:31:fb:28:5a:d8:72:1a:74:de:
e6:ad:32:a4:5f:ef:bc:d4:0e:a8:00:90:d8:13:e5:33:e7:f7:
df:98:c7:b0:aa:f0:e5:de:66:cb:70:0b:e2:32:66:99:95:60:
4b:88:5f:b4:9f:41:da:45:ce:86:8a:79:6d:e0:01:d8:d1:03:
fb:f4:f3:6d:64:fd:99:c4:8d:a2:c8:30:03:df:d2:3c:e8:d3:
d5:06:83:cf:09:19:62:70:78:f6:1f:de:af:ed:4c:23:92:8e:
5c:74:0f:8d:f1:4a:89:6f:86:6f:97:86:a4:c2:d8:1b:1d:b6:
c2:68:83:9a:a5:6c:2d:a4:33:da:26:da:32:42:90:af:9e:8e:
82:0f:a4:7e:7e:43:4a:57:fe:36:bf:37:c5:00:42:0b:b2:1e:
f5:90:75:c1
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAY7N+TwuxRJTb2zNWbaZRvSLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjQwNDExMTYyNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjcwMjJkZjc3NjViZTcwMDZkOWMyOGFlZTgxNjllZGE1OTVjZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0B48saSA04kwaGMhjo60snnZRLt
mwQhoxQ+fDIUXRhn+2x4eJMP9U2sg3OiuOD8SrJueFHFidDF7DUzaFeLaPWPQhE7
cipKHvLybYSrCQfKsC22s0oI3zZGkAcHNJicIJOJxWgMGpyMIMtvTu46u96Z4mqN
e1NKqc2zY0hgstO6A1ZinaS16HjVW0OQ6VEypFV0dasGe8Ux+LOa3om0lfqLMIrz
uwFudZZcejQklzxU785Z7SWSA0uxNJfYFsVXW9KkMegvhDYp3+VKpFd+g4Z4ptkL
L2HQVsYCAaRRFyyjPzWyn2S2yhv6qh76yZ4XC76hkbvk+DlpsT1cX7z0MwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFEZwIt93Zb5wBtnCiu6Bae2llc1gMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvUm5BaTMzZGx2bkFHMmNLSzdvRnA3YVdWeldBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAAF
nYgDBAAFnYsDBAElIyQDBAAlIycDBAE+2FwDBABb4Q8DBAGSQtADBAKSQtQDBAKS
QtwDBACynUwDBACynV4DBACynWwDBACynXwDBACynX4DBAC8SoADBAC8SpgDBAC8
SpsDBAC8SqsDBAC8SrUDBAC8Sr4DBAG8StADBAC8SvUwDAMEALx3pQMEALx3pgME
ALx3tTANBgkqhkiG9w0BAQsFAAOCAQEAQ5sXGjUxitgyYUjkoh4hYywnjXRAFaqO
mNW2z6CuCASg9hJarhwh3qun8aPJ2FdTNfbOUacP5OpLNaBpkiSWrK6lFetSJMlL
qGeyu2Aq6RxEoSICFtatZFTWomE9+3qvig26MfsoWthyGnTe5q0ypF/vvNQOqACQ
2BPlM+f335jHsKrw5d5my3AL4jJmmZVgS4hftJ9B2kXOhop5beAB2NED+/TzbWT9
mcSNosgwA9/SPOjT1QaDzwkZYnB49h/er+1MI5KOXHQPjfFKiW+Gb5eGpMLYGx22
wmiDmqVsLaQz2ibaMkKQr56Ogg+kfn5DSlf+Nr83xQBCC7Ie9ZB1wQ==
-----END CERTIFICATE-----
Generated at Wed May 8 07:55:21 2024 by rpki-client on console-fra.rpki-client.org