Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Xd2lcSJV29wC4M-NHCroizgpTVU.roa
File: Xd2lcSJV29wC4M-NHCroizgpTVU.roa (raw, json)
Hash identifier: wr7x0kWiZuqprClN9DGvYSn0dkayfba+VXhMfkuW/DM=
Subject key identifier: 5D:DD:A5:71:22:55:DB:DC:02:E0:CF:8D:1C:2A:E8:8B:38:29:4D:55
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191BD9829B553C8C8E777240718EC38FB90
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Xd2lcSJV29wC4M-NHCroizgpTVU.roa
Signing time: Wed 04 Sep 2024 15:12:31 +0000
ROA not before: Wed 04 Sep 2024 15:12:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 62.76.226.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
193.124.2.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.226.0/24 maxlen: 24
193.124.227.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.34.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.63.0/24 maxlen: 24
194.87.78.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.120.0/24 maxlen: 24
194.87.121.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
194.87.205.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.19.0/24 maxlen: 24
195.133.22.0/24 maxlen: 24
195.133.58.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
195.133.82.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
212.192.247.0/24 maxlen: 24
212.193.10.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Sep 2024 04:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:98:29:b5:53:c8:c8:e7:77:24:07:18:ec:38:fb:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 4 15:12:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ddda5712255dbdc02e0cf8d1c2ae88b38294d55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:49:64:24:d5:fa:3a:fa:60:55:84:92:cc:15:
ba:ed:d2:9f:f4:db:dd:88:0d:e3:b9:99:c1:8e:3f:
4e:94:c1:60:e7:e7:ba:1d:15:93:17:36:a6:f8:13:
7c:d2:c7:0e:d5:0f:10:19:82:f7:51:68:d5:e2:23:
06:0b:b0:8c:75:e8:7a:62:64:54:ff:f9:f2:c8:3b:
6a:f7:2e:7e:0a:1a:42:5d:16:4b:e5:fd:89:4c:88:
34:c4:31:d6:a8:27:77:3d:dc:37:11:b7:e9:02:4c:
a2:d5:5a:02:9c:12:80:31:a5:05:cc:78:b6:a7:d3:
bb:7c:c1:4e:f8:2e:d7:95:cd:bf:90:f2:08:3e:68:
1f:aa:92:17:41:75:55:40:ee:96:45:e4:ec:c5:d7:
46:4d:36:4c:20:e4:0b:f2:71:24:91:19:55:9d:e8:
47:29:e6:ff:f8:85:0f:7c:e5:d9:12:6d:2c:62:0b:
6c:15:f6:08:7b:68:f9:6c:93:51:a7:00:77:31:37:
9e:4e:af:9e:ef:6f:a0:07:8b:51:13:74:ef:40:ba:
bb:ac:11:44:a5:f5:24:1c:db:e2:4c:8a:6d:36:6e:
61:4d:13:6c:e6:89:57:22:16:02:d0:b5:c0:f9:c6:
6d:7d:1a:6c:40:5b:01:4a:fa:78:94:6d:aa:0d:a6:
f7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:DD:A5:71:22:55:DB:DC:02:E0:CF:8D:1C:2A:E8:8B:38:29:4D:55
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Xd2lcSJV29wC4M-NHCroizgpTVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
62.76.231.0/24
62.76.235.0/24
193.124.2.0/23
193.124.6.0/24
193.124.8.0/24
193.124.18.0/24
193.124.49.0/24
193.124.91.0/24
193.124.94.0/24
193.124.201.0/24
193.124.226.0/23
194.58.38.0/24
194.58.43.0/24
194.58.46.0/24
194.58.58.0-194.58.60.255
194.58.67.0/24
194.87.3.0/24
194.87.6.0/23
194.87.16.0/24
194.87.23.0/24
194.87.34.0/24
194.87.36.0/24
194.87.42.0/24
194.87.53.0/24
194.87.63.0/24
194.87.78.0/24
194.87.105.0/24
194.87.116.0/23
194.87.120.0/23
194.87.160.0/24
194.87.163.0/24
194.87.165.0-194.87.166.255
194.87.176.0/23
194.87.180.0-194.87.182.255
194.87.205.0/24
194.87.240.0/24
194.135.23.0-194.135.24.255
194.135.46.0/24
195.58.55.0-195.58.56.255
195.58.59.0/24
195.58.62.0/24
195.133.12.0/24
195.133.19.0/24
195.133.22.0/24
195.133.58.0/23
195.133.80.0/24
195.133.82.0/24
195.133.195.0/24
212.192.0.0/24
212.192.7.0/24
212.192.10.0/24
212.192.30.0/24
212.192.210.0/23
212.192.241.0/24
212.192.247.0/24
212.193.10.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
94:e6:a5:7e:26:bb:e2:3b:3f:47:2f:b0:47:0c:67:14:48:3d:
18:38:fa:61:1a:0f:c5:49:d9:a0:18:72:c0:10:54:73:b7:0a:
fe:0c:e3:f5:e9:43:b2:d7:9b:5d:52:04:8d:d6:2e:47:dd:c5:
80:99:55:65:73:76:88:7b:75:f5:3e:d8:6b:02:4f:95:da:3e:
e0:7f:de:13:ff:aa:6c:6c:e5:6f:4c:2e:66:78:bc:e6:32:ea:
ab:40:50:a0:49:0b:1a:c5:fb:e1:0f:8e:39:ef:fb:2a:3f:22:
2b:d8:9d:24:fd:4c:51:4e:68:17:22:c1:df:37:f8:52:38:37:
44:ce:ef:37:9a:f3:ab:a5:25:4a:66:bc:87:81:e1:33:87:45:
e1:28:df:05:cf:b2:0e:18:16:a8:e4:16:30:85:92:90:a6:ed:
36:3e:9a:9b:0e:b9:c7:18:00:52:27:2e:7b:cb:0a:0f:30:cd:
c6:a8:e3:fa:c7:4d:c7:62:1e:2a:3a:ab:b6:af:49:45:33:d5:
18:63:99:df:9b:2b:ce:ef:a9:15:89:a9:26:40:de:8b:9a:28:
e2:0b:c9:a2:21:11:72:c5:dd:99:c5:54:07:1a:b0:66:1a:ff:
ea:8c:7e:c3:b2:c2:f1:f0:b0:ec:af:d1:02:b9:3e:b3:78:d8:
4a:1a:7e:ec
-----BEGIN CERTIFICATE-----
MIIGhTCCBW2gAwIBAgISAZG9mCm1U8jI53ckBxjsOPuQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTA0MTUxMjMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGRkYTU3MTIyNTVkYmRjMDJlMGNmOGQxYzJhZTg4YjM4Mjk0ZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0lkJNX6OvpgVYSSzBW67dKf9Nvd
iA3juZnBjj9OlMFg5+e6HRWTFzam+BN80scO1Q8QGYL3UWjV4iMGC7CMdeh6YmRU
//nyyDtq9y5+ChpCXRZL5f2JTIg0xDHWqCd3Pdw3EbfpAkyi1VoCnBKAMaUFzHi2
p9O7fMFO+C7Xlc2/kPIIPmgfqpIXQXVVQO6WReTsxddGTTZMIOQL8nEkkRlVnehH
Keb/+IUPfOXZEm0sYgtsFfYIe2j5bJNRpwB3MTeeTq+e72+gB4tRE3TvQLq7rBFE
pfUkHNviTIptNm5hTRNs5olXIhYC0LXA+cZtfRpsQFsBSvp4lG2qDab37QIDAQAB
o4IDkTCCA40wHQYDVR0OBBYEFF3dpXEiVdvcAuDPjRwq6Is4KU1VMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWGQybGNTSlYyOXdDNE0tTkhDcm9pemdwVFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBpQYIKwYBBQUHAQcBAf8EggGUMIIBkDCCAYwEAgABMIIB
hAMEAD5M4gMEAD5M5wMEAD5M6wMEAcF8AgMEAMF8BgMEAMF8CAMEAMF8EgMEAMF8
MQMEAMF8WwMEAMF8XgMEAMF8yQMEAcF84gMEAMI6JgMEAMI6KwMEAMI6LjAMAwQB
wjo6AwQAwjo8AwQAwjpDAwQAwlcDAwQBwlcGAwQAwlcQAwQAwlcXAwQAwlciAwQA
wlckAwQAwlcqAwQAwlc1AwQAwlc/AwQAwldOAwQAwldpAwQBwld0AwQBwld4AwQA
wlegAwQAwlejMAwDBADCV6UDBADCV6YDBAHCV7AwDAMEAsJXtAMEAMJXtgMEAMJX
zQMEAMJX8DAMAwQAwocXAwQAwocYAwQAwocuMAwDBADDOjcDBADDOjgDBADDOjsD
BADDOj4DBADDhQwDBADDhRMDBADDhRYDBAHDhToDBADDhVADBADDhVIDBADDhcMD
BADUwAADBADUwAcDBADUwAoDBADUwB4DBAHUwNIDBADUwPEDBADUwPcDBADUwQoD
BADUwQ8wDQYJKoZIhvcNAQELBQADggEBAJTmpX4mu+I7P0cvsEcMZxRIPRg4+mEa
D8VJ2aAYcsAQVHO3Cv4M4/XpQ7LXm11SBI3WLkfdxYCZVWVzdoh7dfU+2GsCT5Xa
PuB/3hP/qmxs5W9MLmZ4vOYy6qtAUKBJCxrF++EPjjnv+yo/IivYnST9TFFOaBci
wd83+FI4N0TO7zea86ulJUpmvIeB4TOHReEo3wXPsg4YFqjkFjCFkpCm7TY+mpsO
uccYAFInLnvLCg8wzcao4/rHTcdiHio6q7avSUUz1Rhjmd+bK87vqRWJqSZA3oua
KOILyaIhEXLF3ZnFVAcasGYa/+qMfsOywvHwsOyv0QK5PrN42Eoafuw=
-----END CERTIFICATE-----
Generated at Mon Sep 16 14:21:47 2024 by rpki-client on console-ams.rpki-client.org