Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/w6e9cMhXSbZ5Mu-zudmTJqavMRU.roa
File: w6e9cMhXSbZ5Mu-zudmTJqavMRU.roa (raw, json)
Hash identifier: 7LFPTwYCcq90mwU99cSvlr/tsyTRVvMioUxsb5Ktc7w=
Subject key identifier: C3:A7:BD:70:C8:57:49:B6:79:32:EF:B3:B9:D9:93:26:A6:AF:31:15
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018F2986FBC3E1315BD06755466760B658BD
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/w6e9cMhXSbZ5Mu-zudmTJqavMRU.roa
Signing time: Mon 29 Apr 2024 11:04:22 +0000
ROA not before: Mon 29 Apr 2024 11:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 45.83.188.0/22 maxlen: 24
45.87.22.0/24 maxlen: 24
45.88.120.0/24 maxlen: 24
45.88.122.0/24 maxlen: 24
45.129.232.0/22 maxlen: 24
45.130.143.0/24 maxlen: 24
45.133.252.0/24 maxlen: 24
45.133.254.0/24 maxlen: 24
45.143.192.0/24 maxlen: 24
45.143.194.0/24 maxlen: 24
45.146.52.0/24 maxlen: 24
45.148.24.0/24 maxlen: 24
45.149.0.0/24 maxlen: 24
45.150.92.0/24 maxlen: 24
45.150.94.0/24 maxlen: 24
45.154.136.0/24 maxlen: 24
45.154.139.0/24 maxlen: 24
45.157.96.0/22 maxlen: 24
45.157.113.0/24 maxlen: 24
45.157.114.0/23 maxlen: 24
45.159.244.0/22 maxlen: 24
89.36.36.0/24 maxlen: 24
89.38.38.0/24 maxlen: 24
89.46.46.0/24 maxlen: 24
89.251.1.0/24 maxlen: 24
89.251.3.0/24 maxlen: 24
136.144.16.0/24 maxlen: 24
136.144.18.0/24 maxlen: 24
136.144.24.0/24 maxlen: 24
136.144.26.0/23 maxlen: 24
136.144.32.0/24 maxlen: 24
136.144.34.0/24 maxlen: 24
185.51.193.0/24 maxlen: 24
185.51.194.0/23 maxlen: 23
185.114.60.0/22 maxlen: 22
185.227.32.0/24 maxlen: 24
185.243.244.0/24 maxlen: 24
185.243.246.0/24 maxlen: 24
188.208.38.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:86:fb:c3:e1:31:5b:d0:67:55:46:67:60:b6:58:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Apr 29 11:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3a7bd70c85749b67932efb3b9d99326a6af3115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:cb:98:d7:e9:2a:0b:f2:9d:6c:f5:73:57:1e:
61:74:86:2f:99:cb:09:f6:bd:ee:44:4d:7c:ae:a0:
ef:14:1a:f6:56:29:1d:a2:81:b8:ff:80:ac:a1:e7:
bf:3c:f8:61:56:2c:35:44:7b:b4:74:c1:3b:50:1a:
53:34:48:7b:a7:90:da:8b:0d:9a:d9:aa:11:85:3a:
0c:87:a8:54:33:49:6c:3a:86:31:6d:bf:9c:89:32:
2f:43:56:71:25:a2:ac:4c:2e:2f:f1:72:eb:32:38:
cb:d3:8a:b5:24:7a:7b:3a:a5:8e:0d:30:3a:f3:74:
c5:45:a7:ea:14:80:9b:17:a2:ac:c2:65:07:2c:26:
be:0d:bc:61:cb:30:fb:6e:8e:ef:1c:02:15:b5:29:
b0:7a:b5:77:2f:e3:46:9b:29:de:c5:1b:c3:02:a3:
92:0f:94:a4:d8:d3:1e:e7:4a:87:ff:8a:d6:39:a6:
2c:9d:84:57:5c:24:bb:2a:52:96:6a:58:66:86:c2:
70:78:02:82:94:df:5c:fe:a6:e0:1a:95:b3:69:0f:
e7:ca:d7:d0:0a:d0:2b:9f:96:8a:c7:4f:e5:66:50:
56:85:30:45:f5:c4:4e:d9:e1:0f:c6:5b:87:4d:65:
a3:9c:99:8d:21:1c:2d:d9:c4:54:ad:17:e2:3a:ae:
cd:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:A7:BD:70:C8:57:49:B6:79:32:EF:B3:B9:D9:93:26:A6:AF:31:15
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/w6e9cMhXSbZ5Mu-zudmTJqavMRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.188.0/22
45.87.22.0/24
45.88.120.0/24
45.88.122.0/24
45.129.232.0/22
45.130.143.0/24
45.133.252.0/24
45.133.254.0/24
45.143.192.0/24
45.143.194.0/24
45.146.52.0/24
45.148.24.0/24
45.149.0.0/24
45.150.92.0/24
45.150.94.0/24
45.154.136.0/24
45.154.139.0/24
45.157.96.0/22
45.157.113.0-45.157.115.255
45.159.244.0/22
89.36.36.0/24
89.38.38.0/24
89.46.46.0/24
89.251.1.0/24
89.251.3.0/24
136.144.16.0/24
136.144.18.0/24
136.144.24.0/24
136.144.26.0/23
136.144.32.0/24
136.144.34.0/24
185.51.193.0-185.51.195.255
185.114.60.0/22
185.227.32.0/24
185.243.244.0/24
185.243.246.0/24
188.208.38.0/23
Signature Algorithm: sha256WithRSAEncryption
53:c2:ce:76:e6:d2:46:6f:67:21:22:c0:4b:46:b8:c5:79:a5:
56:e5:21:07:ea:45:a6:10:ea:f1:34:9c:8a:02:e6:fd:33:3d:
26:9c:96:dc:36:13:bb:bb:27:74:2c:4a:f3:73:c1:09:ac:ac:
a7:94:ee:78:81:b1:6b:2c:cc:0b:be:55:bc:e6:5c:d9:50:25:
25:6b:95:8f:72:29:af:aa:58:5a:e7:04:8d:b2:db:7d:95:01:
12:98:24:28:19:14:2b:18:f6:53:c3:52:06:b4:d0:18:6d:cf:
8c:96:16:e1:8e:2b:43:52:5f:b9:c0:09:4f:92:ff:fe:a1:8f:
11:f8:28:ad:de:5c:49:9e:57:fa:58:f4:98:98:55:b8:26:ef:
5c:34:bf:01:0b:2a:34:06:12:22:69:f9:83:cf:72:7c:8e:e0:
0a:54:2d:8f:67:0f:a0:1e:13:e6:b0:4e:b0:9b:40:82:64:27:
58:c1:48:15:3a:14:bb:11:24:c0:91:08:89:9e:6e:16:5e:ca:
83:40:fd:98:0b:56:c3:b2:2f:56:a0:76:da:51:9b:3d:d3:05:
9e:e6:64:99:70:8c:36:36:62:49:aa:a2:bc:d3:e7:5a:82:47:
07:88:40:9f:c4:f5:dc:79:13:19:be:d7:85:bc:7e:ac:15:4e:
9b:1b:a6:d0
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAY8phvvD4TFb0GdVRmdgtli9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwNDI5MTEwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2E3YmQ3MGM4NTc0OWI2NzkzMmVmYjNiOWQ5OTMyNmE2YWYzMTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMuY1+kqC/KdbPVzVx5hdIYvmcsJ
9r3uRE18rqDvFBr2VikdooG4/4Csoee/PPhhViw1RHu0dME7UBpTNEh7p5Daiw2a
2aoRhToMh6hUM0lsOoYxbb+ciTIvQ1ZxJaKsTC4v8XLrMjjL04q1JHp7OqWODTA6
83TFRafqFICbF6KswmUHLCa+DbxhyzD7bo7vHAIVtSmwerV3L+NGmynexRvDAqOS
D5Sk2NMe50qH/4rWOaYsnYRXXCS7KlKWalhmhsJweAKClN9c/qbgGpWzaQ/nytfQ
CtArn5aKx0/lZlBWhTBF9cRO2eEPxluHTWWjnJmNIRwt2cRUrRfiOq7N3QIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFMOnvXDIV0m2eTLvs7nZkyamrzEVMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvdzZlOWNNaFhTYlo1TXUtenVkbVRKcWF2TVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuAwQC
LVO8AwQALVcWAwQALVh4AwQALVh6AwQCLYHoAwQALYKPAwQALYX8AwQALYX+AwQA
LY/AAwQALY/CAwQALZI0AwQALZQYAwQALZUAAwQALZZcAwQALZZeAwQALZqIAwQA
LZqLAwQCLZ1gMAwDBAAtnXEDBAItnXADBAItn/QDBABZJCQDBABZJiYDBABZLi4D
BABZ+wEDBABZ+wMDBACIkBADBACIkBIDBACIkBgDBAGIkBoDBACIkCADBACIkCIw
DAMEALkzwQMEArkzwAMEArlyPAMEALnjIAMEALnz9AMEALnz9gMEAbzQJjANBgkq
hkiG9w0BAQsFAAOCAQEAU8LOdubSRm9nISLAS0a4xXmlVuUhB+pFphDq8TScigLm
/TM9JpyW3DYTu7sndCxK83PBCaysp5TueIGxayzMC75VvOZc2VAlJWuVj3Ipr6pY
WucEjbLbfZUBEpgkKBkUKxj2U8NSBrTQGG3PjJYW4Y4rQ1JfucAJT5L//qGPEfgo
rd5cSZ5X+lj0mJhVuCbvXDS/AQsqNAYSImn5g89yfI7gClQtj2cPoB4T5rBOsJtA
gmQnWMFIFToUuxEkwJEIiZ5uFl7Kg0D9mAtWw7IvVqB22lGbPdMFnuZkmXCMNjZi
SaqivNPnWoJHB4hAn8T13HkTGb7Xhbx+rBVOmxum0A==
-----END CERTIFICATE-----
Generated at Fri May 17 07:06:24 2024 by rpki-client on console-fra.rpki-client.org