Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/rNXQcjutZN5RPfoZhuI7PFOW8ws.roa
File: rNXQcjutZN5RPfoZhuI7PFOW8ws.roa (raw, json)
Hash identifier: N4S6XkZQboBYwIB9iXOSYginURJ4w9FfiOIU+X12xsA=
Subject key identifier: AC:D5:D0:72:3B:AD:64:DE:51:3D:FA:19:86:E2:3B:3C:53:96:F3:0B
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 019026579DB17B023DB21168F3FF24329474
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/rNXQcjutZN5RPfoZhuI7PFOW8ws.roa
Signing time: Mon 17 Jun 2024 13:16:34 +0000
ROA not before: Mon 17 Jun 2024 13:16:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12716
IP address blocks: 37.63.0.0/20 maxlen: 20
37.63.16.0/22 maxlen: 22
37.63.20.0/22 maxlen: 24
37.63.24.0/22 maxlen: 22
37.63.28.0/22 maxlen: 24
37.63.32.0/22 maxlen: 24
37.63.96.0/22 maxlen: 22
62.204.154.0/23 maxlen: 23
83.97.30.0/24 maxlen: 24
84.252.40.0/23 maxlen: 23
85.118.64.0/22 maxlen: 22
85.118.68.0/23 maxlen: 24
85.118.70.0/24 maxlen: 24
85.118.71.0/24 maxlen: 24
85.118.72.0/23 maxlen: 23
85.118.74.0/24 maxlen: 24
85.118.76.0/22 maxlen: 22
85.118.80.0/22 maxlen: 22
85.118.84.0/24 maxlen: 24
85.118.92.0/24 maxlen: 24
85.118.93.0/24 maxlen: 24
89.215.62.0/23 maxlen: 23
151.251.44.0/22 maxlen: 22
151.251.68.0/22 maxlen: 22
151.251.121.0/24 maxlen: 24
151.251.126.0/23 maxlen: 23
151.251.192.0/22 maxlen: 22
151.251.196.0/24 maxlen: 24
151.251.200.0/22 maxlen: 22
151.251.238.0/24 maxlen: 24
151.251.239.0/24 maxlen: 24
151.251.240.0/20 maxlen: 20
176.222.0.0/20 maxlen: 24
185.151.156.0/22 maxlen: 22
185.224.160.0/23 maxlen: 23
212.104.116.0/22 maxlen: 24
213.226.17.0/24 maxlen: 24
213.226.19.0/24 maxlen: 24
213.226.36.0/24 maxlen: 24
213.226.40.0/24 maxlen: 24
213.226.51.0/24 maxlen: 24
213.226.56.0/24 maxlen: 24
213.226.57.0/24 maxlen: 24
213.226.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:26:57:9d:b1:7b:02:3d:b2:11:68:f3:ff:24:32:94:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jun 17 13:16:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acd5d0723bad64de513dfa1986e23b3c5396f30b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:08:a5:22:45:20:2d:a3:8e:89:ad:fe:43:38:
eb:16:69:c0:4b:ee:5b:e9:55:aa:72:21:02:38:e0:
fa:78:ab:99:53:ad:a4:b3:82:3b:dd:98:74:98:e5:
7e:d7:e9:3a:75:b5:3b:f9:44:67:a7:71:cd:5b:e8:
9e:76:a6:6c:dc:db:67:e8:43:2d:c8:61:17:cb:d9:
98:70:e0:2d:cd:dc:c1:de:47:55:68:2a:f5:0f:fc:
86:2b:02:cb:e5:5b:18:0b:7e:ff:d9:67:ea:f4:ed:
d4:8a:46:0e:c3:2f:fa:09:a0:08:55:0f:5f:67:2b:
19:bf:73:f0:ad:27:2a:aa:6d:50:d5:2e:8c:2d:8b:
83:65:b5:b1:8c:b7:2a:25:ef:26:32:8f:f0:1d:9e:
a9:ce:0d:e5:08:6c:1c:6b:76:dd:f4:72:f0:80:e7:
59:70:49:3d:95:00:87:bb:c6:d8:d0:4a:90:58:a6:
0c:f6:39:3e:54:11:a4:3e:88:d7:0a:4c:d0:0e:7b:
c5:ec:6a:e0:f0:df:ba:36:51:c1:76:25:30:8a:3d:
4b:28:11:42:35:1a:d7:37:d4:09:d1:0a:d1:0e:17:
e6:bb:c5:8a:74:9c:9d:cd:07:4d:5f:5d:7c:b2:41:
e0:42:31:61:b6:a6:77:c1:ed:e4:91:c9:88:f2:44:
0e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:D5:D0:72:3B:AD:64:DE:51:3D:FA:19:86:E2:3B:3C:53:96:F3:0B
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/rNXQcjutZN5RPfoZhuI7PFOW8ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.63.0.0-37.63.35.255
37.63.96.0/22
62.204.154.0/23
83.97.30.0/24
84.252.40.0/23
85.118.64.0-85.118.74.255
85.118.76.0-85.118.84.255
85.118.92.0/23
89.215.62.0/23
151.251.44.0/22
151.251.68.0/22
151.251.121.0/24
151.251.126.0/23
151.251.192.0-151.251.196.255
151.251.200.0/22
151.251.238.0-151.251.255.255
176.222.0.0/20
185.151.156.0/22
185.224.160.0/23
212.104.116.0/22
213.226.17.0/24
213.226.19.0/24
213.226.36.0/24
213.226.40.0/24
213.226.51.0/24
213.226.56.0/23
213.226.59.0/24
Signature Algorithm: sha256WithRSAEncryption
67:f0:d9:ed:f7:f3:3c:a6:6f:e1:50:4a:56:40:f8:28:a8:29:
c6:bd:78:4e:48:fd:91:e5:54:9d:8a:e2:62:8e:56:b1:7d:39:
19:5e:cb:85:9c:62:50:15:c3:fe:bf:a8:c4:cc:66:56:89:a3:
6f:60:f3:b0:0e:41:cd:3a:cb:f2:8b:c6:a7:50:5f:82:63:38:
7e:56:22:ea:8f:d2:ad:39:30:54:b4:3f:a7:11:71:9a:0f:84:
52:6c:df:b4:1c:d0:67:79:17:d5:64:a3:67:1f:9d:6e:f7:3a:
f7:e8:63:d4:7b:d7:2d:68:b8:e6:9a:17:af:7e:8a:01:4b:08:
db:d0:94:9c:5e:21:44:8d:3f:9d:09:07:3b:53:b9:a1:0e:5f:
18:a5:bb:ad:72:78:2d:7f:ed:d0:7e:6d:14:68:a5:98:3f:1e:
30:35:7c:79:91:50:39:7f:b4:61:12:63:ed:fc:60:9b:b8:7c:
47:df:db:65:34:8e:44:b4:39:24:8b:1c:b8:e8:0e:4a:a2:28:
4e:5d:d2:56:1f:5b:84:45:bb:e4:11:69:fa:dd:fd:35:c3:11:
27:77:23:82:36:09:13:88:aa:6a:aa:9e:c3:60:b8:58:75:ec:
89:d0:c5:08:a7:b0:b0:5a:77:d9:ac:ac:3a:46:63:04:b4:d7:
a0:00:0f:1a
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAZAmV52xewI9shFo8/8kMpR0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjQwNjE3MTMxNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2Q1ZDA3MjNiYWQ2NGRlNTEzZGZhMTk4NmUyM2IzYzUzOTZmMzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8AilIkUgLaOOia3+QzjrFmnAS+5b
6VWqciECOOD6eKuZU62ks4I73Zh0mOV+1+k6dbU7+URnp3HNW+iedqZs3Ntn6EMt
yGEXy9mYcOAtzdzB3kdVaCr1D/yGKwLL5VsYC37/2Wfq9O3UikYOwy/6CaAIVQ9f
ZysZv3PwrScqqm1Q1S6MLYuDZbWxjLcqJe8mMo/wHZ6pzg3lCGwca3bd9HLwgOdZ
cEk9lQCHu8bY0EqQWKYM9jk+VBGkPojXCkzQDnvF7Grg8N+6NlHBdiUwij1LKBFC
NRrXN9QJ0QrRDhfmu8WKdJydzQdNX118skHgQjFhtqZ3we3kkcmI8kQOkwIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFKzV0HI7rWTeUT36GYbiOzxTlvMLMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvck5YUWNqdXRaTjVSUGZvWmh1STdQRk9XOHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgwCwMD
ACU/AwQCJT8gAwQCJT9gAwQBPsyaAwQAU2EeAwQBVPwoMAwDBAZVdkADBABVdkow
DAMEAlV2TAMEAFV2VAMEAVV2XAMEAVnXPgMEApf7LAMEApf7RAMEAJf7eQMEAZf7
fjAMAwQGl/vAAwQAl/vEAwQCl/vIMAsDBAGX++4DAwKX+AMEBLDeAAMEArmXnAME
AbngoAMEAtRodAMEANXiEQMEANXiEwMEANXiJAMEANXiKAMEANXiMwMEAdXiOAME
ANXiOzANBgkqhkiG9w0BAQsFAAOCAQEAZ/DZ7ffzPKZv4VBKVkD4KKgpxr14Tkj9
keVUnYriYo5WsX05GV7LhZxiUBXD/r+oxMxmVomjb2DzsA5BzTrL8ovGp1BfgmM4
flYi6o/SrTkwVLQ/pxFxmg+EUmzftBzQZ3kX1WSjZx+dbvc69+hj1HvXLWi45poX
r36KAUsI29CUnF4hRI0/nQkHO1O5oQ5fGKW7rXJ4LX/t0H5tFGilmD8eMDV8eZFQ
OX+0YRJj7fxgm7h8R9/bZTSORLQ5JIscuOgOSqIoTl3SVh9bhEW75BFp+t39NcMR
J3cjgjYJE4iqaqqew2C4WHXsidDFCKewsFp32aysOkZjBLTXoAAPGg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:39:05 2024 by rpki-client on console-fra.rpki-client.org