Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/846050-2a3b-48d7-b2ae-2581b3db78cb/1/i1Pm7iqt8aUlXgG1gx_3q8icnyE.roa
File: i1Pm7iqt8aUlXgG1gx_3q8icnyE.roa (raw, json)
Hash identifier: 4X3PJPS34vzgkccNJ3rO7cHdz4O52WIhRLoOdVUXRBg=
Subject key identifier: 8B:53:E6:EE:2A:AD:F1:A5:25:5E:01:B5:83:1F:F7:AB:C8:9C:9F:21
Certificate issuer: /CN=f1c1f9ae4d1847d49d4d8fdae3457b5a17256707
Certificate serial: 018CC34907CB38350ECF72E5FD34FED4FA3C
Authority key identifier: F1:C1:F9:AE:4D:18:47:D4:9D:4D:8F:DA:E3:45:7B:5A:17:25:67:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8cH5rk0YR9SdTY_a40V7WhclZwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/846050-2a3b-48d7-b2ae-2581b3db78cb/1/i1Pm7iqt8aUlXgG1gx_3q8icnyE.roa
Signing time: Mon 01 Jan 2024 04:29:52 +0000
ROA not before: Mon 01 Jan 2024 04:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42560
IP address blocks: 185.58.92.0/22 maxlen: 22
77.77.195.0/24 maxlen: 24
77.77.192.0/18 maxlen: 24
5.43.64.0/18 maxlen: 18
146.255.128.0/19 maxlen: 19
77.77.216.0/22 maxlen: 22
77.221.0.0/19 maxlen: 19
185.24.208.0/22 maxlen: 22
185.18.152.0/22 maxlen: 22
185.15.64.0/22 maxlen: 22
37.208.32.0/21 maxlen: 21
93.180.96.0/19 maxlen: 19
178.209.0.0/19 maxlen: 19
31.185.112.0/20 maxlen: 20
141.170.192.0/20 maxlen: 20
185.48.172.0/22 maxlen: 22
77.239.0.0/19 maxlen: 19
77.78.192.0/19 maxlen: 24
77.78.192.0/18 maxlen: 18
109.237.32.0/20 maxlen: 20
185.6.104.0/22 maxlen: 22
178.236.80.0/20 maxlen: 20
77.78.224.0/19 maxlen: 19
128.65.104.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/846050-2a3b-48d7-b2ae-2581b3db78cb/1/8cH5rk0YR9SdTY_a40V7WhclZwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/846050-2a3b-48d7-b2ae-2581b3db78cb/1/8cH5rk0YR9SdTY_a40V7WhclZwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/8cH5rk0YR9SdTY_a40V7WhclZwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:07:cb:38:35:0e:cf:72:e5:fd:34:fe:d4:fa:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1c1f9ae4d1847d49d4d8fdae3457b5a17256707
Validity
Not Before: Jan 1 04:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b53e6ee2aadf1a5255e01b5831ff7abc89c9f21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1f:19:88:98:2e:07:75:62:ed:b2:8a:0f:30:
8d:f5:34:c2:49:77:c1:bf:7d:4a:28:ca:71:72:76:
ba:c0:01:c9:ea:a9:a0:64:c3:2c:9e:f6:bd:93:94:
c3:3f:1c:77:14:b6:cf:fb:8f:90:2f:b8:5f:c4:f2:
40:32:d9:03:d4:43:51:ad:63:f4:ae:87:31:de:71:
7e:e3:06:5c:62:ca:c7:b0:06:af:5b:41:21:7f:e8:
1f:a4:eb:2d:a4:82:e9:92:4e:d1:30:23:be:ad:d3:
57:33:a8:92:d8:35:71:5a:9a:19:ec:53:be:52:05:
1a:72:d7:d7:a9:76:d3:0b:c5:af:d1:60:8e:fd:33:
3d:32:7b:22:a9:67:9c:c6:aa:10:57:86:15:ba:93:
30:15:39:eb:bf:46:d0:eb:13:17:d4:25:7e:21:f4:
f0:ff:9b:26:f3:24:e1:db:fe:b1:18:4e:46:ab:8b:
19:d1:0f:b6:d2:ee:a1:5d:38:7f:b7:05:04:d0:c7:
b4:3f:6f:45:74:f0:bd:97:ee:be:2e:02:04:d1:3e:
e8:f9:5e:eb:9a:9e:d0:39:61:44:22:1e:5d:75:db:
dd:bb:66:b5:78:0f:9d:9c:bd:0f:88:13:2c:a2:28:
26:1d:c7:94:ef:08:bc:be:12:91:a1:96:8f:61:f0:
b2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:53:E6:EE:2A:AD:F1:A5:25:5E:01:B5:83:1F:F7:AB:C8:9C:9F:21
X509v3 Authority Key Identifier:
keyid:F1:C1:F9:AE:4D:18:47:D4:9D:4D:8F:DA:E3:45:7B:5A:17:25:67:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8cH5rk0YR9SdTY_a40V7WhclZwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/846050-2a3b-48d7-b2ae-2581b3db78cb/1/i1Pm7iqt8aUlXgG1gx_3q8icnyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/846050-2a3b-48d7-b2ae-2581b3db78cb/1/8cH5rk0YR9SdTY_a40V7WhclZwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.43.64.0/18
31.185.112.0/20
37.208.32.0/21
77.77.192.0/18
77.78.192.0/18
77.221.0.0/19
77.239.0.0/19
93.180.96.0/19
109.237.32.0/20
128.65.104.0/21
141.170.192.0/20
146.255.128.0/19
178.209.0.0/19
178.236.80.0/20
185.6.104.0/22
185.15.64.0/22
185.18.152.0/22
185.24.208.0/22
185.48.172.0/22
185.58.92.0/22
Signature Algorithm: sha256WithRSAEncryption
45:fd:0c:96:4c:47:ae:47:3b:42:06:b5:bb:ec:f3:33:99:fb:
1c:e5:1d:11:e7:34:f6:55:7d:ba:25:de:10:8c:1a:81:c1:c7:
bc:dc:47:8b:81:3b:8e:19:60:a5:34:c5:73:68:7e:06:25:30:
7a:a5:c7:8d:e1:d2:94:fa:b9:ec:36:a0:31:f7:b3:a9:5c:8c:
eb:e4:39:44:af:53:ec:fc:c0:ec:54:7e:9d:30:cb:ca:e3:1c:
01:29:7b:30:6c:96:9d:a6:17:e5:18:41:5e:48:8a:6d:50:5c:
1d:d1:09:5b:42:0e:be:e5:36:15:89:a0:71:bd:70:30:d8:9b:
59:43:2b:d8:c7:dc:1b:6f:90:4f:cb:33:37:60:a2:75:32:33:
97:3f:fd:f9:f2:18:3d:45:dc:c6:8d:30:07:a3:97:49:6c:a5:
91:e8:0c:24:99:84:2e:6a:d9:fe:b9:fd:02:8e:a9:65:a6:f9:
b4:03:5f:68:6d:41:5f:a2:4f:df:23:9d:d0:61:d3:e4:d5:1a:
88:22:50:e6:0e:42:80:91:3b:82:ce:59:af:f3:71:77:51:53:
a6:8d:46:59:ac:f4:f2:9e:82:e2:96:98:20:92:5d:0a:2a:5a:
bd:ec:6c:1b:57:6f:7c:22:04:13:3b:68:8c:6e:a6:19:94:57:
dc:1a:0e:a9
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYzDSQfLODUOz3Ll/TT+1Po8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYzFmOWFlNGQxODQ3ZDQ5ZDRkOGZkYWUzNDU3YjVhMTcy
NTY3MDcwHhcNMjQwMTAxMDQyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjUzZTZlZTJhYWRmMWE1MjU1ZTAxYjU4MzFmZjdhYmM4OWM5ZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx8ZiJguB3Vi7bKKDzCN9TTCSXfB
v31KKMpxcna6wAHJ6qmgZMMsnva9k5TDPxx3FLbP+4+QL7hfxPJAMtkD1ENRrWP0
rocx3nF+4wZcYsrHsAavW0Ehf+gfpOstpILpkk7RMCO+rdNXM6iS2DVxWpoZ7FO+
UgUactfXqXbTC8Wv0WCO/TM9MnsiqWecxqoQV4YVupMwFTnrv0bQ6xMX1CV+IfTw
/5sm8yTh2/6xGE5Gq4sZ0Q+20u6hXTh/twUE0Me0P29FdPC9l+6+LgIE0T7o+V7r
mp7QOWFEIh5dddvdu2a1eA+dnL0PiBMsoigmHceU7wi8vhKRoZaPYfCyiwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFItT5u4qrfGlJV4BtYMf96vInJ8hMB8GA1UdIwQY
MBaAFPHB+a5NGEfUnU2P2uNFe1oXJWcHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGNINXJrMFlSOVNkVFlfYTQwVjdXaGNsWndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC84NDYwNTAtMmEzYi00OGQ3LWIyYWUt
MjU4MWIzZGI3OGNiLzEvaTFQbTdpcXQ4YVVsWGdHMWd4XzNxOGljbnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC84NDYwNTAtMmEzYi00OGQ3LWIyYWUtMjU4MWIzZGI3OGNi
LzEvOGNINXJrMFlSOVNkVFlfYTQwVjdXaGNsWndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQGBStA
AwQEH7lwAwQDJdAgAwQGTU3AAwQGTU7AAwQFTd0AAwQFTe8AAwQFXbRgAwQEbe0g
AwQDgEFoAwQEjarAAwQFkv+AAwQFstEAAwQEsuxQAwQCuQZoAwQCuQ9AAwQCuRKY
AwQCuRjQAwQCuTCsAwQCuTpcMA0GCSqGSIb3DQEBCwUAA4IBAQBF/QyWTEeuRztC
BrW77PMzmfsc5R0R5zT2VX26Jd4QjBqBwce83EeLgTuOGWClNMVzaH4GJTB6pceN
4dKU+rnsNqAx97OpXIzr5DlEr1Ps/MDsVH6dMMvK4xwBKXswbJadphflGEFeSIpt
UFwd0QlbQg6+5TYViaBxvXAw2JtZQyvYx9wbb5BPyzM3YKJ1MjOXP/358hg9RdzG
jTAHo5dJbKWR6AwkmYQuatn+uf0Cjqllpvm0A19obUFfok/fI53QYdPk1RqIIlDm
DkKAkTuCzlmv83F3UVOmjUZZrPTynoLilpggkl0KKlq97GwbV298IgQTO2iMbqYZ
lFfcGg6p
-----END CERTIFICATE-----
Generated at Sun May 19 07:43:08 2024 by rpki-client on console-fra.rpki-client.org