Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/r_-r2lH3Bnw7gmTaDShV3SSPJoY.roa
File: r_-r2lH3Bnw7gmTaDShV3SSPJoY.roa (raw, json)
Hash identifier: +5Ccnxjv6DksxuTuL8Dc4ZVX3tM+X6pmtmmJio+xPpw=
Subject key identifier: AF:FF:AB:DA:51:F7:06:7C:3B:82:64:DA:0D:28:55:DD:24:8F:26:86
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D7842BE15FDED3D28DC4BD9C2B80BEA7A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/r_-r2lH3Bnw7gmTaDShV3SSPJoY.roa
Signing time: Mon 05 Feb 2024 07:54:16 +0000
ROA not before: Mon 05 Feb 2024 07:54:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 62.76.226.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
193.108.115.0/24 maxlen: 24
193.124.2.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
193.124.49.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.226.0/24 maxlen: 24
193.124.227.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.34.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.43.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.63.0/24 maxlen: 24
194.87.78.0/24 maxlen: 24
194.87.85.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.120.0/24 maxlen: 24
194.87.121.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
194.87.205.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.19.0/24 maxlen: 24
195.133.22.0/24 maxlen: 24
195.133.58.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
195.133.82.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
212.192.247.0/24 maxlen: 24
212.193.10.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
212.193.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:42:be:15:fd:ed:3d:28:dc:4b:d9:c2:b8:0b:ea:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 5 07:54:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afffabda51f7067c3b8264da0d2855dd248f2686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:71:06:05:f2:43:17:3e:5a:64:98:9e:c9:0a:
41:c3:fb:13:96:86:f0:06:d7:e9:3e:aa:c4:f2:70:
8f:79:76:87:a1:10:a5:b5:66:de:34:b9:33:18:85:
62:12:21:c2:34:d4:92:b0:86:c3:d0:88:4b:9a:0a:
95:dc:45:c9:f0:26:34:d7:56:3b:da:33:44:5a:5c:
a9:4e:e5:e0:ee:78:24:b0:d9:2f:0a:bf:dd:98:4c:
ce:0c:50:ca:4c:6b:3d:8b:b3:47:14:53:32:81:c7:
1f:42:09:27:09:f7:2a:20:f2:68:5b:28:f4:ea:94:
c1:e5:0e:a5:0b:be:ba:d6:c0:5b:92:9a:e4:91:1d:
9b:0d:34:3c:b7:e0:8b:ae:c5:17:2a:54:f3:b5:cc:
e7:d4:ec:dc:f9:59:fd:5d:84:8c:16:54:0e:fe:06:
e9:e8:21:44:a1:4f:a2:cf:47:14:4c:00:f3:4f:df:
51:37:80:22:ba:91:4b:c7:c6:9a:66:89:ca:39:78:
5d:f2:9d:2e:c6:de:7c:8d:47:9e:18:25:95:d3:c7:
28:f2:78:c3:78:70:f8:60:51:e1:79:99:97:e7:14:
eb:20:d4:86:44:21:9c:d6:1b:29:63:87:d8:24:95:
13:e2:84:03:eb:8b:17:cc:ce:2f:de:b8:4f:5d:de:
1c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:FF:AB:DA:51:F7:06:7C:3B:82:64:DA:0D:28:55:DD:24:8F:26:86
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/r_-r2lH3Bnw7gmTaDShV3SSPJoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
62.76.231.0/24
62.76.235.0/24
193.108.115.0/24
193.124.2.0/23
193.124.6.0/24
193.124.8.0/24
193.124.18.0/24
193.124.49.0/24
193.124.91.0/24
193.124.94.0/24
193.124.201.0/24
193.124.226.0/23
194.58.38.0/24
194.58.43.0/24
194.58.46.0/24
194.58.58.0-194.58.60.255
194.58.67.0/24
194.87.3.0/24
194.87.6.0/23
194.87.16.0/24
194.87.23.0/24
194.87.34.0/24
194.87.36.0/24
194.87.42.0/23
194.87.53.0/24
194.87.63.0/24
194.87.78.0/24
194.87.85.0/24
194.87.105.0/24
194.87.116.0-194.87.121.255
194.87.160.0/24
194.87.163.0/24
194.87.165.0-194.87.166.255
194.87.176.0/23
194.87.180.0-194.87.182.255
194.87.205.0/24
194.87.230.0/24
194.87.240.0/24
194.87.243.0/24
194.135.23.0-194.135.24.255
194.135.46.0/24
195.58.55.0-195.58.56.255
195.58.59.0/24
195.58.62.0/24
195.133.12.0/24
195.133.19.0/24
195.133.22.0/24
195.133.58.0/23
195.133.80.0/24
195.133.82.0/24
195.133.195.0/24
212.192.0.0/24
212.192.7.0/24
212.192.10.0/24
212.192.30.0/24
212.192.210.0/23
212.192.241.0/24
212.192.247.0/24
212.193.10.0/24
212.193.15.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:dc:c2:ac:5b:73:ee:b7:16:ea:4a:08:37:f5:72:78:a8:44:
18:57:3e:0b:ac:13:95:ee:d4:57:24:c7:b0:3c:a5:fc:a3:3b:
45:fb:12:98:53:7e:ff:4b:52:54:bf:d2:bc:84:ed:02:8d:3d:
25:2a:c5:c4:87:a4:50:0e:07:ce:1a:52:c3:57:4d:f4:34:79:
14:4e:26:6b:56:4d:0d:c6:67:8d:20:76:b1:5d:66:e1:fa:30:
3e:4b:82:53:14:ee:70:11:dd:cc:99:fc:95:5e:9f:0a:58:54:
d6:83:25:34:8a:18:c0:3f:96:c7:15:1b:ad:e0:ad:06:2a:d1:
ab:57:79:85:fc:96:10:c6:74:f9:da:7a:5e:43:7a:19:1e:d3:
ad:af:7e:c7:99:90:ab:bd:2d:dd:b8:52:23:d4:df:97:ec:82:
b5:24:70:2c:b1:16:a8:78:27:9e:35:ea:7b:b6:d4:b9:c5:f9:
97:8c:b8:73:8d:db:c0:ac:5d:43:31:aa:0a:a7:40:fc:f5:26:
d4:5f:e5:29:bb:d1:9c:7b:9d:3b:73:91:8e:ab:bd:e1:d8:57:
99:ff:d7:4a:b4:5b:96:fd:f4:87:90:8a:70:91:6d:6f:71:c8:
35:b4:17:8f:da:8e:42:e5:44:08:65:8e:db:47:3b:1b:97:9c:
9f:17:ed:eb
-----BEGIN CERTIFICATE-----
MIIGpTCCBY2gAwIBAgISAY14Qr4V/e09KNxL2cK4C+p6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjA1MDc1NDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmZmYWJkYTUxZjcwNjdjM2I4MjY0ZGEwZDI4NTVkZDI0OGYyNjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnEGBfJDFz5aZJieyQpBw/sTlobw
BtfpPqrE8nCPeXaHoRCltWbeNLkzGIViEiHCNNSSsIbD0IhLmgqV3EXJ8CY011Y7
2jNEWlypTuXg7ngksNkvCr/dmEzODFDKTGs9i7NHFFMygccfQgknCfcqIPJoWyj0
6pTB5Q6lC7661sBbkprkkR2bDTQ8t+CLrsUXKlTztczn1Ozc+Vn9XYSMFlQO/gbp
6CFEoU+iz0cUTADzT99RN4AiupFLx8aaZonKOXhd8p0uxt58jUeeGCWV08co8njD
eHD4YFHheZmX5xTrINSGRCGc1hspY4fYJJUT4oQD64sXzM4v3rhPXd4cVQIDAQAB
o4IDsTCCA60wHQYDVR0OBBYEFK//q9pR9wZ8O4Jk2g0oVd0kjyaGMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcl8tcjJsSDNCbnc3Z21UYURTaFYzU1NQSm9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBxQYIKwYBBQUHAQcBAf8EggG0MIIBsDCCAawEAgABMIIB
pAMEAD5M4gMEAD5M5wMEAD5M6wMEAMFscwMEAcF8AgMEAMF8BgMEAMF8CAMEAMF8
EgMEAMF8MQMEAMF8WwMEAMF8XgMEAMF8yQMEAcF84gMEAMI6JgMEAMI6KwMEAMI6
LjAMAwQBwjo6AwQAwjo8AwQAwjpDAwQAwlcDAwQBwlcGAwQAwlcQAwQAwlcXAwQA
wlciAwQAwlckAwQBwlcqAwQAwlc1AwQAwlc/AwQAwldOAwQAwldVAwQAwldpMAwD
BALCV3QDBAHCV3gDBADCV6ADBADCV6MwDAMEAMJXpQMEAMJXpgMEAcJXsDAMAwQC
wle0AwQAwle2AwQAwlfNAwQAwlfmAwQAwlfwAwQAwlfzMAwDBADChxcDBADChxgD
BADChy4wDAMEAMM6NwMEAMM6OAMEAMM6OwMEAMM6PgMEAMOFDAMEAMOFEwMEAMOF
FgMEAcOFOgMEAMOFUAMEAMOFUgMEAMOFwwMEANTAAAMEANTABwMEANTACgMEANTA
HgMEAdTA0gMEANTA8QMEANTA9wMEANTBCgMEANTBDwMEANTBHzANBgkqhkiG9w0B
AQsFAAOCAQEAC9zCrFtz7rcW6koIN/VyeKhEGFc+C6wTle7UVyTHsDyl/KM7RfsS
mFN+/0tSVL/SvITtAo09JSrFxIekUA4HzhpSw1dN9DR5FE4ma1ZNDcZnjSB2sV1m
4fowPkuCUxTucBHdzJn8lV6fClhU1oMlNIoYwD+WxxUbreCtBirRq1d5hfyWEMZ0
+dp6XkN6GR7Tra9+x5mQq70t3bhSI9Tfl+yCtSRwLLEWqHgnnjXqe7bUucX5l4y4
c43bwKxdQzGqCqdA/PUm1F/lKbvRnHudO3ORjqu94dhXmf/XSrRblv30h5CKcJFt
b3HINbQXj9qOQuVECGWO20c7G5ecnxft6w==
-----END CERTIFICATE-----
Generated at Fri May 17 23:39:05 2024 by rpki-client on console-ams.rpki-client.org