Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/A1MUl13Z-jxBEJC7UtliYum_rc4.roa
File: A1MUl13Z-jxBEJC7UtliYum_rc4.roa (raw, json)
Hash identifier: uIbWT59bVjJ+NjkfUiMTqEx0wpnuh3FKMDLBU5iJ300=
Subject key identifier: 03:53:14:97:5D:D9:FA:3C:41:10:90:BB:52:D9:62:62:E9:BF:AD:CE
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018F1A33193011C7078D6BB617148C5999A1
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/A1MUl13Z-jxBEJC7UtliYum_rc4.roa
Signing time: Fri 26 Apr 2024 11:38:27 +0000
ROA not before: Fri 26 Apr 2024 11:38:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41111
IP address blocks: 5.180.20.0/24 maxlen: 24
5.180.21.0/24 maxlen: 24
5.180.22.0/23 maxlen: 24
5.180.27.0/24 maxlen: 24
5.180.29.0/24 maxlen: 24
5.180.31.0/24 maxlen: 24
5.180.40.0/24 maxlen: 24
5.180.42.0/24 maxlen: 24
5.180.43.0/24 maxlen: 24
5.180.46.0/24 maxlen: 24
5.180.47.0/24 maxlen: 24
5.180.52.0/24 maxlen: 24
5.180.54.0/24 maxlen: 24
5.180.145.0/24 maxlen: 24
5.180.147.0/24 maxlen: 24
5.253.28.0/24 maxlen: 24
5.253.29.0/24 maxlen: 24
5.253.30.0/24 maxlen: 24
5.253.31.0/24 maxlen: 24
5.253.42.0/24 maxlen: 24
45.66.160.0/22 maxlen: 24
45.66.164.0/22 maxlen: 24
45.86.66.0/24 maxlen: 24
45.128.60.0/24 maxlen: 24
45.136.114.0/24 maxlen: 24
45.136.115.0/24 maxlen: 24
45.136.116.0/24 maxlen: 24
45.136.117.0/24 maxlen: 24
45.136.124.0/22 maxlen: 24
45.136.128.0/23 maxlen: 24
45.136.149.0/24 maxlen: 24
45.149.112.0/22 maxlen: 24
85.208.119.0/24 maxlen: 24
85.209.155.0/24 maxlen: 24
85.209.156.0/22 maxlen: 24
85.209.194.0/24 maxlen: 24
88.218.92.0/24 maxlen: 24
88.218.94.0/24 maxlen: 24
88.218.95.0/24 maxlen: 24
141.98.188.0/22 maxlen: 24
194.36.36.0/22 maxlen: 24
194.55.136.0/23 maxlen: 24
194.55.188.0/24 maxlen: 24
194.55.189.0/24 maxlen: 24
194.59.221.0/24 maxlen: 24
194.59.244.0/24 maxlen: 24
194.59.245.0/24 maxlen: 24
194.76.146.0/24 maxlen: 24
194.76.147.0/24 maxlen: 24
194.76.154.0/23 maxlen: 24
194.124.250.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 03:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1a:33:19:30:11:c7:07:8d:6b:b6:17:14:8c:59:99:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Apr 26 11:38:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=035314975dd9fa3c411090bb52d96262e9bfadce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:8c:40:a7:cb:43:54:62:16:cf:b5:11:67:99:
f6:95:72:a2:a3:4e:a8:3b:04:14:2e:e6:c3:9d:66:
af:08:40:e8:2e:28:1f:9b:1f:ca:29:07:0c:30:57:
7c:fd:79:05:4e:ad:28:32:7e:d4:16:20:53:0f:20:
6f:90:81:f1:d8:3e:c4:19:54:3d:c0:0a:c9:2b:54:
6a:cf:68:5c:2c:59:60:30:12:6e:e4:78:92:d7:4f:
78:aa:ac:d7:b0:6a:4b:9a:8f:60:5c:1f:70:34:e6:
50:97:a6:da:78:19:a2:0c:71:10:26:f0:7b:f2:f5:
fa:28:51:83:85:97:bc:a5:4c:7f:e8:e2:a3:53:9f:
81:50:11:64:65:4a:47:fd:fe:70:ff:35:06:65:33:
12:a3:42:89:0c:a2:b7:57:67:ab:01:ac:3c:df:a2:
bd:91:4c:13:fa:1a:04:fa:d5:e9:40:7c:80:72:58:
d1:1d:70:c2:5d:85:b4:da:ec:90:4b:d4:a0:06:b4:
bc:5d:1c:15:81:98:2c:01:74:4f:c1:70:c7:82:c0:
f4:d5:bf:90:2e:c3:85:14:f7:aa:45:2e:d1:d7:e9:
b9:bf:c8:45:6d:61:27:e0:57:23:59:48:95:96:48:
3c:f6:9e:46:0e:09:04:b0:12:49:c2:dc:b7:0d:02:
ef:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:53:14:97:5D:D9:FA:3C:41:10:90:BB:52:D9:62:62:E9:BF:AD:CE
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/A1MUl13Z-jxBEJC7UtliYum_rc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.20.0/22
5.180.27.0/24
5.180.29.0/24
5.180.31.0/24
5.180.40.0/24
5.180.42.0/23
5.180.46.0/23
5.180.52.0/24
5.180.54.0/24
5.180.145.0/24
5.180.147.0/24
5.253.28.0/22
5.253.42.0/24
45.66.160.0/21
45.86.66.0/24
45.128.60.0/24
45.136.114.0-45.136.117.255
45.136.124.0-45.136.129.255
45.136.149.0/24
45.149.112.0/22
85.208.119.0/24
85.209.155.0-85.209.159.255
85.209.194.0/24
88.218.92.0/24
88.218.94.0/23
141.98.188.0/22
194.36.36.0/22
194.55.136.0/23
194.55.188.0/23
194.59.221.0/24
194.59.244.0/23
194.76.146.0/23
194.76.154.0/23
194.124.250.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:1f:ee:63:a9:1f:dc:59:43:a2:69:58:c3:d6:c6:23:54:dd:
62:e3:e0:05:9c:50:5e:98:33:eb:cf:cf:da:15:66:5f:4d:86:
2d:42:be:5c:50:40:8f:da:ff:e7:dc:e0:bb:f9:41:03:da:60:
ac:ae:17:09:88:c4:4c:06:c4:ea:1d:88:95:cd:19:5a:28:63:
05:41:f6:4e:c5:13:3b:a8:a6:7d:f4:3b:3d:63:ef:dd:18:7f:
fc:0a:b9:ee:02:4e:99:a6:25:c0:5f:78:7c:98:cb:ee:4d:dc:
e2:3c:63:12:06:75:d5:e2:dd:ba:b5:60:31:b7:d6:12:e3:ea:
84:b4:9a:7e:43:be:88:cb:8d:d1:96:57:8b:83:fb:62:d8:04:
29:a2:ec:1a:83:0e:9e:1c:a2:94:82:b9:30:06:07:09:c1:43:
2b:ab:96:f8:0b:8e:b9:7d:1e:84:e0:ea:01:70:d7:7c:48:19:
9c:c6:5d:ef:79:7a:7e:d9:cb:df:8e:19:55:c7:2e:fe:ce:f0:
56:86:10:ba:24:f4:93:21:32:2b:3f:c9:ac:12:39:32:e8:07:
a5:e6:c4:e5:00:d4:b6:ab:b9:4e:7f:a7:eb:fd:bb:43:2b:f4:
21:ad:4c:fc:e6:69:e8:23:2e:db:f6:1f:0c:db:f7:21:00:e4:
b8:4d:54:7e
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAY8aMxkwEccHjWu2FxSMWZmhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwNDI2MTEzODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzUzMTQ5NzVkZDlmYTNjNDExMDkwYmI1MmQ5NjI2MmU5YmZhZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoxAp8tDVGIWz7URZ5n2lXKio06o
OwQULubDnWavCEDoLigfmx/KKQcMMFd8/XkFTq0oMn7UFiBTDyBvkIHx2D7EGVQ9
wArJK1Rqz2hcLFlgMBJu5HiS1094qqzXsGpLmo9gXB9wNOZQl6baeBmiDHEQJvB7
8vX6KFGDhZe8pUx/6OKjU5+BUBFkZUpH/f5w/zUGZTMSo0KJDKK3V2erAaw836K9
kUwT+hoE+tXpQHyAcljRHXDCXYW02uyQS9SgBrS8XRwVgZgsAXRPwXDHgsD01b+Q
LsOFFPeqRS7R1+m5v8hFbWEn4FcjWUiVlkg89p5GDgkEsBJJwty3DQLvSwIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFANTFJdd2fo8QRCQu1LZYmLpv63OMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvQTFNVWwxM1otanhCRUpDN1V0bGlZdW1fcmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkAwQC
BbQUAwQABbQbAwQABbQdAwQABbQfAwQABbQoAwQBBbQqAwQBBbQuAwQABbQ0AwQA
BbQ2AwQABbSRAwQABbSTAwQCBf0cAwQABf0qAwQDLUKgAwQALVZCAwQALYA8MAwD
BAEtiHIDBAEtiHQwDAMEAi2IfAMEAS2IgAMEAC2IlQMEAi2VcAMEAFXQdzAMAwQA
VdGbAwQFVdGAAwQAVdHCAwQAWNpcAwQBWNpeAwQCjWK8AwQCwiQkAwQBwjeIAwQB
wje8AwQAwjvdAwQBwjv0AwQBwkySAwQBwkyaAwQBwnz6MA0GCSqGSIb3DQEBCwUA
A4IBAQBfH+5jqR/cWUOiaVjD1sYjVN1i4+AFnFBemDPrz8/aFWZfTYYtQr5cUECP
2v/n3OC7+UED2mCsrhcJiMRMBsTqHYiVzRlaKGMFQfZOxRM7qKZ99Ds9Y+/dGH/8
CrnuAk6ZpiXAX3h8mMvuTdziPGMSBnXV4t26tWAxt9YS4+qEtJp+Q76Iy43RlleL
g/ti2AQpouwagw6eHKKUgrkwBgcJwUMrq5b4C465fR6E4OoBcNd8SBmcxl3veXp+
2cvfjhlVxy7+zvBWhhC6JPSTITIrP8msEjky6Ael5sTlANS2q7lOf6fr/btDK/Qh
rUz85mnoIy7b9h8M2/chAOS4TVR+
-----END CERTIFICATE-----
Generated at Mon Jun 3 12:15:02 2024 by rpki-client on console-fra.rpki-client.org