Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/4U87KcGj_nqQxET3HT3dkZe36Cw.roa
File: 4U87KcGj_nqQxET3HT3dkZe36Cw.roa (raw, json)
Hash identifier: 0OgTYQmf4ZA0Gu6C7NMeeQ39xDCJA+jhnnLulnhJymo=
Subject key identifier: E1:4F:3B:29:C1:A3:FE:7A:90:C4:44:F7:1D:3D:DD:91:97:B7:E8:2C
Certificate issuer: /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial: 018FEF5E06E875760361DBCE40C4846C404E
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/4U87KcGj_nqQxET3HT3dkZe36Cw.roa
Signing time: Thu 06 Jun 2024 21:04:27 +0000
ROA not before: Thu 06 Jun 2024 21:04:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208677
IP address blocks: 37.18.8.0/23 maxlen: 23
37.18.10.0/24 maxlen: 24
37.18.22.0/24 maxlen: 24
37.18.72.0/23 maxlen: 23
37.18.100.0/23 maxlen: 23
37.18.102.0/24 maxlen: 24
37.18.107.0/24 maxlen: 24
37.18.108.0/22 maxlen: 22
37.18.112.0/23 maxlen: 23
37.18.114.0/24 maxlen: 24
37.18.115.0/24 maxlen: 24
37.18.116.0/22 maxlen: 22
37.18.120.0/23 maxlen: 23
37.18.122.0/24 maxlen: 24
37.230.139.0/24 maxlen: 24
37.230.179.0/24 maxlen: 24
37.230.180.0/23 maxlen: 23
37.230.180.0/24 maxlen: 24
37.230.184.0/23 maxlen: 23
37.230.186.0/24 maxlen: 24
37.230.192.0/21 maxlen: 21
37.230.224.0/24 maxlen: 24
37.230.233.0/24 maxlen: 24
45.9.24.0/22 maxlen: 22
45.89.224.0/22 maxlen: 22
46.243.141.0/24 maxlen: 24
46.243.142.0/23 maxlen: 23
46.243.172.0/24 maxlen: 24
46.243.201.0/24 maxlen: 24
46.243.205.0/24 maxlen: 24
46.243.206.0/24 maxlen: 24
46.243.226.0/23 maxlen: 23
46.243.244.0/23 maxlen: 23
87.242.84.0/22 maxlen: 22
87.242.88.0/21 maxlen: 21
87.242.100.0/22 maxlen: 22
87.242.116.0/22 maxlen: 22
87.242.120.0/21 maxlen: 21
89.232.160.0/21 maxlen: 21
89.232.168.0/22 maxlen: 22
89.232.176.0/22 maxlen: 22
91.224.86.0/23 maxlen: 23
94.139.252.0/22 maxlen: 22
95.174.88.0/21 maxlen: 21
141.101.151.0/24 maxlen: 24
141.101.152.0/24 maxlen: 24
141.101.201.0/24 maxlen: 24
176.109.96.0/20 maxlen: 20
176.123.160.0/21 maxlen: 21
178.170.191.0/24 maxlen: 24
178.170.192.0/22 maxlen: 22
178.170.196.0/23 maxlen: 23
178.170.242.0/24 maxlen: 24
185.50.200.0/22 maxlen: 22
188.72.96.0/24 maxlen: 24
188.72.106.0/23 maxlen: 23
188.72.108.0/23 maxlen: 23
188.72.117.0/24 maxlen: 24
188.72.118.0/24 maxlen: 24
192.144.12.0/22 maxlen: 22
194.5.92.0/23 maxlen: 23
194.113.34.0/23 maxlen: 23
195.128.152.0/24 maxlen: 24
213.171.24.0/21 maxlen: 21
2a0c:2b80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ef:5e:06:e8:75:76:03:61:db:ce:40:c4:84:6c:40:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Validity
Not Before: Jun 6 21:04:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e14f3b29c1a3fe7a90c444f71d3ddd9197b7e82c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6e:08:7d:f7:ee:a0:57:8e:9d:4e:01:e2:e0:
58:e0:05:87:32:e8:de:bc:e7:13:f9:23:2b:ca:63:
59:9b:d1:bf:f0:8f:d1:ca:26:bc:10:44:66:18:da:
d6:b7:30:bc:48:fd:05:01:8d:47:06:81:c3:28:d8:
02:95:07:b0:40:99:ff:03:98:cb:8f:c4:b5:f4:c6:
04:2c:72:6d:6c:72:16:22:5c:21:47:9a:87:48:c8:
c2:6e:bb:3d:ef:46:20:72:eb:32:87:dc:b2:f6:b5:
ff:91:bb:56:7b:7b:f1:ce:88:0f:a4:96:db:48:de:
1f:f5:66:85:2d:75:20:c3:a3:58:ea:68:de:84:fa:
80:af:83:06:d6:c1:98:b3:f9:a7:98:25:c7:bb:ec:
5b:ec:6c:9b:f8:a9:01:e7:f5:3d:a6:a6:75:a2:83:
4a:09:4a:95:e1:93:76:26:c5:ad:ed:49:e1:5c:fd:
af:04:ad:aa:ca:70:92:4f:c8:12:69:0d:b4:c2:52:
0d:85:69:cb:ec:23:27:b4:ad:74:58:c3:0b:0f:92:
d2:7d:df:ff:14:b3:9b:14:3a:38:be:5e:a1:23:ab:
cf:09:f9:f1:63:ae:56:06:97:f4:12:73:75:41:1e:
b3:d0:4b:d0:f4:1d:9b:45:51:8a:25:14:5f:f2:2a:
e6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:4F:3B:29:C1:A3:FE:7A:90:C4:44:F7:1D:3D:DD:91:97:B7:E8:2C
X509v3 Authority Key Identifier:
keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/4U87KcGj_nqQxET3HT3dkZe36Cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.8.0-37.18.10.255
37.18.22.0/24
37.18.72.0/23
37.18.100.0-37.18.102.255
37.18.107.0-37.18.122.255
37.230.139.0/24
37.230.179.0-37.230.181.255
37.230.184.0-37.230.186.255
37.230.192.0/21
37.230.224.0/24
37.230.233.0/24
45.9.24.0/22
45.89.224.0/22
46.243.141.0-46.243.143.255
46.243.172.0/24
46.243.201.0/24
46.243.205.0-46.243.206.255
46.243.226.0/23
46.243.244.0/23
87.242.84.0-87.242.95.255
87.242.100.0/22
87.242.116.0-87.242.127.255
89.232.160.0-89.232.171.255
89.232.176.0/22
91.224.86.0/23
94.139.252.0/22
95.174.88.0/21
141.101.151.0-141.101.152.255
141.101.201.0/24
176.109.96.0/20
176.123.160.0/21
178.170.191.0-178.170.197.255
178.170.242.0/24
185.50.200.0/22
188.72.96.0/24
188.72.106.0-188.72.109.255
188.72.117.0-188.72.118.255
192.144.12.0/22
194.5.92.0/23
194.113.34.0/23
195.128.152.0/24
213.171.24.0/21
IPv6:
2a0c:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
0e:c7:6b:59:e8:e9:e5:72:fc:e7:5c:82:41:7e:56:87:b9:8f:
64:fb:59:32:24:b8:8d:9c:25:22:9c:70:ec:0f:43:0e:fa:26:
e9:7b:e5:d7:98:73:33:f0:8f:7c:14:2a:61:23:1b:66:65:a0:
76:4b:68:f9:b7:93:19:08:7f:49:a3:18:21:83:a3:cf:64:73:
87:2d:d6:ce:e7:cd:9d:4d:eb:c4:fa:76:5c:b5:b0:24:30:e6:
ed:53:ca:cb:37:ef:73:c8:d5:f6:28:41:53:57:a0:68:b7:77:
d9:9e:97:a4:ee:d7:05:af:a1:b5:ec:ed:4c:3f:41:15:85:11:
dd:ae:54:07:d5:9b:fa:94:39:4e:9d:a4:34:74:71:c4:9e:7a:
22:57:37:e8:7b:83:41:8e:5e:b3:57:e6:9d:c5:1c:97:3b:1a:
f5:e4:4d:a0:fb:0d:90:4f:ab:bb:74:75:74:2c:fe:76:f8:f2:
37:f2:84:5d:02:b9:6e:75:e9:b2:50:30:84:67:cb:7a:b3:3a:
6b:88:b8:a4:66:62:4d:d1:f9:d6:68:5a:2c:c1:cb:74:f4:8c:
01:27:1b:7c:1a:22:89:6c:50:71:cd:02:ea:be:56:59:69:cf:
db:04:32:07:40:a0:cb:de:06:fa:20:30:c5:a4:dd:be:8c:d0:
d2:f4:12:3a
-----BEGIN CERTIFICATE-----
MIIGfjCCBWagAwIBAgISAY/vXgbodXYDYdvOQMSEbEBOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MTllMWYzZmU2OWI0ZWJkZmYwMmE5YTg1N2U3YzZjMmIy
NTMwMWEwHhcNMjQwNjA2MjEwNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTRmM2IyOWMxYTNmZTdhOTBjNDQ0ZjcxZDNkZGQ5MTk3YjdlODJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx24IfffuoFeOnU4B4uBY4AWHMuje
vOcT+SMrymNZm9G/8I/Ryia8EERmGNrWtzC8SP0FAY1HBoHDKNgClQewQJn/A5jL
j8S19MYELHJtbHIWIlwhR5qHSMjCbrs970Ygcusyh9yy9rX/kbtWe3vxzogPpJbb
SN4f9WaFLXUgw6NY6mjehPqAr4MG1sGYs/mnmCXHu+xb7Gyb+KkB5/U9pqZ1ooNK
CUqV4ZN2JsWt7UnhXP2vBK2qynCST8gSaQ20wlINhWnL7CMntK10WMMLD5LSfd//
FLObFDo4vl6hI6vPCfnxY65WBpf0EnN1QR6z0EvQ9B2bRVGKJRRf8irmlwIDAQAB
o4IDijCCA4YwHQYDVR0OBBYEFOFPOynBo/56kMRE9x093ZGXt+gsMB8GA1UdIwQY
MBaAFPkZ4fP+abTr3/AqmoV+fGwrJTAaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Sbmg4XzVwdE92ZjhDcWFoWDU4YkNzbE1Cby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAz
LWRhZDA0MjBiODVkMy8xLzRVODdLY0dqX25xUXhFVDNIVDNka1plMzZDdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAzLWRhZDA0MjBiODVk
My8xLzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggGcBggrBgEFBQcBBwEB/wSCAYswggGHMIIBdAQCAAEw
ggFsMAwDBAMlEggDBAAlEgoDBAAlEhYDBAElEkgwDAMEAiUSZAMEACUSZjAMAwQA
JRJrAwQAJRJ6AwQAJeaLMAwDBAAl5rMDBAEl5rQwDAMEAyXmuAMEACXmugMEAyXm
wAMEACXm4AMEACXm6QMEAi0JGAMEAi1Z4DAMAwQALvONAwQELvOAAwQALvOsAwQA
LvPJMAwDBAAu880DBAAu884DBAEu8+IDBAEu8/QwDAMEAlfyVAMEBVfyQAMEAlfy
ZDAMAwQCV/J0AwQHV/IAMAwDBAVZ6KADBAJZ6KgDBAJZ6LADBAFb4FYDBAJei/wD
BANfrlgwDAMEAI1llwMEAI1lmAMEAI1lyQMEBLBtYAMEA7B7oDAMAwQAsqq/AwQB
sqrEAwQAsqryAwQCuTLIAwQAvEhgMAwDBAG8SGoDBAG8SGwwDAMEALxIdQMEALxI
dgMEAsCQDAMEAcIFXAMEAcJxIgMEAMOAmAMEA9WrGDANBAIAAjAHAwUDKgwrgDAN
BgkqhkiG9w0BAQsFAAOCAQEADsdrWejp5XL851yCQX5Wh7mPZPtZMiS4jZwlIpxw
7A9DDvom6Xvl15hzM/CPfBQqYSMbZmWgdkto+beTGQh/SaMYIYOjz2Rzhy3WzufN
nU3rxPp2XLWwJDDm7VPKyzfvc8jV9ihBU1egaLd32Z6XpO7XBa+hteztTD9BFYUR
3a5UB9Wb+pQ5Tp2kNHRxxJ56Ilc36HuDQY5es1fmncUclzsa9eRNoPsNkE+ru3R1
dCz+dvjyN/KEXQK5bnXpslAwhGfLerM6a4i4pGZiTdH51mhaLMHLdPSMAScbfBoi
iWxQcc0C6r5WWWnP2wQyB0Cgy94G+iAwxaTdvozQ0vQSOg==
-----END CERTIFICATE-----
Generated at Fri Jun 21 17:54:24 2024 by rpki-client on console-ams.rpki-client.org