Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/0JY6ttKIzs8yGyahgYODHewowsk.roa
File: 0JY6ttKIzs8yGyahgYODHewowsk.roa (raw, json)
Hash identifier: ejBrdkoSFGmEf6cUrSXZdEkxuEelfg50T4SeFC5iQVk=
Subject key identifier: D0:96:3A:B6:D2:88:CE:CF:32:1B:26:A1:81:83:83:1D:EC:28:C2:C9
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 018EBDAAD33E5B28EB6A1078688D6C60716D
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/0JY6ttKIzs8yGyahgYODHewowsk.roa
Signing time: Mon 08 Apr 2024 12:24:32 +0000
ROA not before: Mon 08 Apr 2024 12:24:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12716
IP address blocks: 37.63.0.0/20 maxlen: 20
37.63.16.0/22 maxlen: 22
37.63.20.0/22 maxlen: 24
37.63.24.0/22 maxlen: 22
37.63.28.0/22 maxlen: 24
37.63.32.0/22 maxlen: 24
37.63.96.0/24 maxlen: 24
37.63.97.0/24 maxlen: 24
37.63.98.0/24 maxlen: 24
37.63.99.0/24 maxlen: 24
62.204.154.0/23 maxlen: 23
83.97.30.0/24 maxlen: 24
84.252.40.0/23 maxlen: 23
85.118.64.0/22 maxlen: 22
85.118.68.0/23 maxlen: 24
85.118.70.0/24 maxlen: 24
85.118.71.0/24 maxlen: 24
85.118.72.0/23 maxlen: 23
85.118.74.0/24 maxlen: 24
85.118.76.0/22 maxlen: 22
85.118.80.0/22 maxlen: 22
85.118.84.0/24 maxlen: 24
85.118.92.0/24 maxlen: 24
85.118.93.0/24 maxlen: 24
89.215.62.0/23 maxlen: 23
151.251.44.0/22 maxlen: 22
151.251.68.0/22 maxlen: 22
151.251.121.0/24 maxlen: 24
151.251.126.0/23 maxlen: 23
151.251.192.0/22 maxlen: 22
151.251.238.0/24 maxlen: 24
151.251.239.0/24 maxlen: 24
151.251.240.0/20 maxlen: 20
151.251.240.0/24 maxlen: 24
151.251.241.0/24 maxlen: 24
151.251.242.0/24 maxlen: 24
151.251.243.0/24 maxlen: 24
151.251.244.0/24 maxlen: 24
151.251.245.0/24 maxlen: 24
151.251.246.0/24 maxlen: 24
151.251.247.0/24 maxlen: 24
151.251.248.0/24 maxlen: 24
151.251.249.0/24 maxlen: 24
151.251.250.0/24 maxlen: 24
151.251.251.0/24 maxlen: 24
151.251.252.0/24 maxlen: 24
151.251.253.0/24 maxlen: 24
151.251.254.0/24 maxlen: 24
151.251.255.0/24 maxlen: 24
176.222.0.0/20 maxlen: 24
185.151.156.0/22 maxlen: 22
185.224.160.0/23 maxlen: 23
212.104.116.0/22 maxlen: 24
213.226.17.0/24 maxlen: 24
213.226.19.0/24 maxlen: 24
213.226.36.0/24 maxlen: 24
213.226.40.0/24 maxlen: 24
213.226.51.0/24 maxlen: 24
213.226.56.0/24 maxlen: 24
213.226.57.0/24 maxlen: 24
213.226.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:aa:d3:3e:5b:28:eb:6a:10:78:68:8d:6c:60:71:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Apr 8 12:24:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0963ab6d288cecf321b26a18183831dec28c2c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f5:b2:ab:d7:57:5f:f0:11:00:1e:93:46:71:
85:41:36:bf:55:3b:00:dc:3d:2b:2e:10:8a:6d:e8:
33:24:b1:6a:4c:08:de:3e:7e:62:37:e1:db:9b:44:
5f:82:f5:56:cb:c7:fd:d8:0c:1b:e9:fd:10:b4:45:
64:55:6d:68:da:de:3a:13:74:a2:26:f9:e3:36:a0:
9d:7a:bd:9f:94:88:8d:53:b1:70:5d:e5:16:0f:fa:
08:0a:ef:fb:1e:9d:99:70:80:c7:b5:25:50:da:ab:
43:d8:ae:2f:d3:b3:6d:85:6e:65:95:be:b3:cb:b6:
5b:e7:4f:bf:70:b0:79:63:35:d3:a8:e5:aa:45:e4:
76:1d:2e:66:d0:81:d1:98:23:7a:c7:d7:65:c8:9f:
c6:eb:cd:dc:46:c6:24:dc:b6:15:4c:38:13:97:b8:
1f:c7:d6:ae:be:b2:a2:a1:b3:c4:45:36:ba:c8:b2:
8f:f9:d8:7b:3d:77:14:cc:93:c0:b9:57:5e:05:ad:
66:44:8b:32:3e:7a:0d:55:55:96:c5:16:97:8c:e0:
3b:aa:6f:39:d4:05:31:c1:08:d7:40:31:14:f0:0c:
b5:f4:17:79:fa:76:c0:8c:1f:30:c8:e9:c7:d5:0d:
b8:6e:80:5c:b4:4e:c5:26:2a:80:ad:ff:09:6e:77:
65:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:96:3A:B6:D2:88:CE:CF:32:1B:26:A1:81:83:83:1D:EC:28:C2:C9
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/0JY6ttKIzs8yGyahgYODHewowsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.63.0.0-37.63.35.255
37.63.96.0/22
62.204.154.0/23
83.97.30.0/24
84.252.40.0/23
85.118.64.0-85.118.74.255
85.118.76.0-85.118.84.255
85.118.92.0/23
89.215.62.0/23
151.251.44.0/22
151.251.68.0/22
151.251.121.0/24
151.251.126.0/23
151.251.192.0/22
151.251.238.0-151.251.255.255
176.222.0.0/20
185.151.156.0/22
185.224.160.0/23
212.104.116.0/22
213.226.17.0/24
213.226.19.0/24
213.226.36.0/24
213.226.40.0/24
213.226.51.0/24
213.226.56.0/23
213.226.59.0/24
Signature Algorithm: sha256WithRSAEncryption
82:56:e0:a6:42:6f:c9:2e:5d:47:48:95:f1:b2:0e:41:38:8e:
03:d9:55:7d:4c:70:05:21:64:a3:63:8d:0d:29:ac:36:1c:a2:
92:2a:87:d2:61:7a:b7:04:10:1e:fe:dc:ea:bc:3d:28:9f:5a:
80:0d:54:ff:3b:4e:94:66:6c:56:61:3f:0f:a7:bf:c1:33:cf:
77:ca:be:8c:6c:72:60:55:ab:76:6e:4c:f1:29:f6:f7:91:30:
f1:f8:2b:a2:b3:8f:3b:d3:b1:59:96:f7:de:fd:f7:2b:2f:0b:
ee:e2:18:46:5e:f2:64:53:0d:4a:62:9c:b5:da:1c:6d:a3:b4:
4b:8a:6a:67:6d:a8:12:3e:bc:4c:8a:1a:f0:ba:62:31:e9:65:
1b:57:43:10:5f:71:76:db:7f:93:ae:21:1f:46:81:0b:25:ef:
4d:d7:a1:a3:45:92:e4:ff:9b:fe:bf:8b:4a:f8:ef:47:c1:d2:
d6:14:d7:bb:43:de:b6:dc:6c:b6:bb:87:d8:f5:11:19:a7:37:
cc:4b:09:12:5d:06:87:b4:c0:f5:6a:e2:6f:07:c1:3c:4d:dd:
58:96:f5:21:37:ac:7d:cd:8a:24:7b:dd:06:72:98:7f:cb:7b:
70:cc:e3:ce:bf:f2:a4:51:1a:d7:8f:45:58:e6:7a:a1:6d:18:
24:6b:79:93
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAY69qtM+WyjrahB4aI1sYHFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjQwNDA4MTIyNDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDk2M2FiNmQyODhjZWNmMzIxYjI2YTE4MTgzODMxZGVjMjhjMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvWyq9dXX/ARAB6TRnGFQTa/VTsA
3D0rLhCKbegzJLFqTAjePn5iN+Hbm0RfgvVWy8f92Awb6f0QtEVkVW1o2t46E3Si
JvnjNqCder2flIiNU7FwXeUWD/oICu/7Hp2ZcIDHtSVQ2qtD2K4v07NthW5llb6z
y7Zb50+/cLB5YzXTqOWqReR2HS5m0IHRmCN6x9dlyJ/G683cRsYk3LYVTDgTl7gf
x9auvrKiobPERTa6yLKP+dh7PXcUzJPAuVdeBa1mRIsyPnoNVVWWxRaXjOA7qm85
1AUxwQjXQDEU8Ay19Bd5+nbAjB8wyOnH1Q24boBctE7FJiqArf8JbndlvQIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFNCWOrbSiM7PMhsmoYGDgx3sKMLJMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvMEpZNnR0S0l6czh5R3lhaGdZT0RIZXdvd3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgbowCwMD
ACU/AwQCJT8gAwQCJT9gAwQBPsyaAwQAU2EeAwQBVPwoMAwDBAZVdkADBABVdkow
DAMEAlV2TAMEAFV2VAMEAVV2XAMEAVnXPgMEApf7LAMEApf7RAMEAJf7eQMEAZf7
fgMEApf7wDALAwQBl/vuAwMCl/gDBASw3gADBAK5l5wDBAG54KADBALUaHQDBADV
4hEDBADV4hMDBADV4iQDBADV4igDBADV4jMDBAHV4jgDBADV4jswDQYJKoZIhvcN
AQELBQADggEBAIJW4KZCb8kuXUdIlfGyDkE4jgPZVX1McAUhZKNjjQ0prDYcopIq
h9JhercEEB7+3Oq8PSifWoANVP87TpRmbFZhPw+nv8Ezz3fKvoxscmBVq3ZuTPEp
9veRMPH4K6KzjzvTsVmW99799ysvC+7iGEZe8mRTDUpinLXaHG2jtEuKamdtqBI+
vEyKGvC6YjHpZRtXQxBfcXbbf5OuIR9GgQsl703XoaNFkuT/m/6/i0r470fB0tYU
17tD3rbcbLa7h9j1ERmnN8xLCRJdBoe0wPVq4m8HwTxN3ViW9SE3rH3NiiR73QZy
mH/Le3DM486/8qRRGtePRVjmeqFtGCRreZM=
-----END CERTIFICATE-----
Generated at Mon May 6 17:42:14 2024 by rpki-client on console-fra.rpki-client.org