Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/1-2Kg6JXUlzd58Ir9YsFFcMZMzmo.roa
File: 1-2Kg6JXUlzd58Ir9YsFFcMZMzmo.roa (raw, json)
Hash identifier: Ael/p/GCJF2rRhYLyodk58zBBdUO+1LKfIsqlJO4c14=
Subject key identifier: FB:62:A0:E8:95:D4:97:37:79:F0:8A:FD:62:C1:45:70:C6:4C:CE:6A
Certificate issuer: /CN=56a4987bf8c6b4cdd657bbc2d0a5e13e9b626cb9
Certificate serial: 018EE6C0EC7DE30B7F4280ED4E66F8E2EB11
Authority key identifier: 56:A4:98:7B:F8:C6:B4:CD:D6:57:BB:C2:D0:A5:E1:3E:9B:62:6C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/1-2Kg6JXUlzd58Ir9YsFFcMZMzmo.roa
Signing time: Tue 16 Apr 2024 11:53:06 +0000
ROA not before: Tue 16 Apr 2024 11:53:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25133
IP address blocks: 37.139.160.0/22 maxlen: 22
37.139.164.0/22 maxlen: 22
37.139.168.0/24 maxlen: 24
37.139.169.0/24 maxlen: 24
37.139.170.0/24 maxlen: 24
37.139.171.0/24 maxlen: 24
37.139.172.0/24 maxlen: 24
37.139.173.0/24 maxlen: 24
37.139.174.0/24 maxlen: 24
37.139.175.0/24 maxlen: 24
37.139.176.0/24 maxlen: 24
37.139.177.0/24 maxlen: 24
37.139.178.0/24 maxlen: 24
37.139.179.0/24 maxlen: 24
37.139.180.0/22 maxlen: 22
37.139.184.0/22 maxlen: 22
37.139.188.0/22 maxlen: 22
45.95.164.0/22 maxlen: 22
45.143.48.0/22 maxlen: 22
45.153.208.0/22 maxlen: 22
45.158.48.0/22 maxlen: 22
46.255.32.0/22 maxlen: 22
46.255.36.0/22 maxlen: 22
78.137.0.0/19 maxlen: 19
78.137.32.0/24 maxlen: 24
78.137.33.0/24 maxlen: 24
78.137.34.0/24 maxlen: 24
78.137.35.0/24 maxlen: 24
78.137.36.0/22 maxlen: 22
78.137.40.0/21 maxlen: 21
78.137.48.0/20 maxlen: 20
83.142.48.0/22 maxlen: 22
89.200.232.0/21 maxlen: 21
91.105.207.0/24 maxlen: 24
91.211.136.0/22 maxlen: 22
91.217.144.0/24 maxlen: 24
91.244.0.0/18 maxlen: 18
92.43.80.0/22 maxlen: 22
92.118.220.0/22 maxlen: 22
103.35.160.0/22 maxlen: 22
103.237.44.0/22 maxlen: 22
109.227.64.0/19 maxlen: 19
109.227.96.0/19 maxlen: 19
152.89.20.0/22 maxlen: 22
176.67.0.0/19 maxlen: 19
176.67.0.0/21 maxlen: 21
176.67.8.0/22 maxlen: 22
176.67.12.0/22 maxlen: 22
176.67.16.0/24 maxlen: 24
176.67.17.0/24 maxlen: 24
176.67.18.0/24 maxlen: 24
176.67.19.0/24 maxlen: 24
176.67.20.0/24 maxlen: 24
176.67.21.0/24 maxlen: 24
176.67.22.0/24 maxlen: 24
176.67.23.0/24 maxlen: 24
176.67.24.0/24 maxlen: 24
176.67.25.0/24 maxlen: 24
176.67.26.0/24 maxlen: 24
176.67.27.0/24 maxlen: 24
176.67.28.0/24 maxlen: 24
176.67.29.0/24 maxlen: 24
176.67.30.0/24 maxlen: 24
176.67.31.0/24 maxlen: 24
178.216.16.0/21 maxlen: 21
185.3.148.0/24 maxlen: 24
185.3.149.0/24 maxlen: 24
185.3.150.0/24 maxlen: 24
185.3.151.0/24 maxlen: 24
185.41.192.0/23 maxlen: 23
185.41.194.0/23 maxlen: 23
185.62.96.0/22 maxlen: 22
185.96.28.0/22 maxlen: 22
185.103.40.0/23 maxlen: 23
185.103.42.0/23 maxlen: 23
185.128.92.0/22 maxlen: 22
185.176.108.0/22 maxlen: 22
185.176.112.0/22 maxlen: 22
185.203.244.0/22 maxlen: 22
185.208.112.0/22 maxlen: 22
185.220.94.0/23 maxlen: 23
185.228.100.0/22 maxlen: 22
193.106.80.0/22 maxlen: 22
194.1.220.0/23 maxlen: 23
212.55.64.0/22 maxlen: 22
212.55.68.0/22 maxlen: 22
212.55.72.0/23 maxlen: 23
212.55.74.0/23 maxlen: 23
212.55.76.0/22 maxlen: 22
212.55.80.0/22 maxlen: 22
212.55.84.0/23 maxlen: 23
212.55.86.0/23 maxlen: 23
212.55.88.0/22 maxlen: 22
212.55.92.0/22 maxlen: 22
213.108.52.0/22 maxlen: 22
217.115.96.0/21 maxlen: 21
217.115.104.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/VqSYe_jGtM3WV7vC0KXhPptibLk.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/VqSYe_jGtM3WV7vC0KXhPptibLk.mft
rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e6:c0:ec:7d:e3:0b:7f:42:80:ed:4e:66:f8:e2:eb:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56a4987bf8c6b4cdd657bbc2d0a5e13e9b626cb9
Validity
Not Before: Apr 16 11:53:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb62a0e895d4973779f08afd62c14570c64cce6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:cc:89:c7:2a:78:cb:2c:b7:81:7a:3f:61:2e:
36:93:e6:61:46:2f:a9:c2:f3:cf:a6:39:4b:a0:92:
04:86:83:75:93:a9:ce:2f:8a:56:a8:1c:a0:8f:c3:
29:8c:b1:a3:5e:c7:3c:a0:f1:b2:83:a1:65:18:6b:
4a:7c:b7:b6:41:b3:2f:b1:b4:2a:57:b8:25:83:2c:
76:43:0b:37:c6:8c:31:95:de:97:64:67:33:e7:95:
6f:13:dc:c8:ff:81:6b:fb:af:0e:ce:06:11:82:ec:
fc:84:44:31:ed:18:87:95:a3:ee:32:5f:e4:64:0a:
9b:63:4f:d4:24:fb:ae:20:38:b3:90:99:88:3b:d3:
ba:de:02:1c:37:f7:ab:33:14:4a:c3:23:63:4f:6e:
d5:3c:f5:3f:e8:f9:46:2e:e0:73:d4:ed:a8:54:43:
df:85:26:67:ee:1e:40:a7:9b:fd:9a:84:8a:8b:ef:
a8:e6:ab:ca:41:aa:f7:2d:59:9b:45:cc:75:3e:80:
18:6c:6a:3f:b2:9a:a1:54:ed:e8:11:43:be:22:d3:
3d:bd:9a:8d:9e:7b:5e:62:2d:79:0b:4e:50:38:df:
2b:9c:1d:58:18:34:53:19:3f:02:87:af:55:9b:b3:
fe:58:81:40:98:c9:d1:0c:c3:9b:58:10:88:22:23:
f2:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:62:A0:E8:95:D4:97:37:79:F0:8A:FD:62:C1:45:70:C6:4C:CE:6A
X509v3 Authority Key Identifier:
keyid:56:A4:98:7B:F8:C6:B4:CD:D6:57:BB:C2:D0:A5:E1:3E:9B:62:6C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/1-2Kg6JXUlzd58Ir9YsFFcMZMzmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/VqSYe_jGtM3WV7vC0KXhPptibLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.160.0/19
45.95.164.0/22
45.143.48.0/22
45.153.208.0/22
45.158.48.0/22
46.255.32.0/21
78.137.0.0/18
83.142.48.0/22
89.200.232.0/21
91.105.207.0/24
91.211.136.0/22
91.217.144.0/24
91.244.0.0/18
92.43.80.0/22
92.118.220.0/22
103.35.160.0/22
103.237.44.0/22
109.227.64.0/18
152.89.20.0/22
176.67.0.0/19
178.216.16.0/21
185.3.148.0/22
185.41.192.0/22
185.62.96.0/22
185.96.28.0/22
185.103.40.0/22
185.128.92.0/22
185.176.108.0-185.176.115.255
185.203.244.0/22
185.208.112.0/22
185.220.94.0/23
185.228.100.0/22
193.106.80.0/22
194.1.220.0/23
212.55.64.0/19
213.108.52.0/22
217.115.96.0/20
Signature Algorithm: sha256WithRSAEncryption
39:c9:79:7e:83:77:37:88:af:18:af:73:c2:c5:a4:67:58:81:
91:9e:3d:b9:0b:86:3d:0a:f1:77:0a:71:3e:4c:0a:3a:b0:f5:
a3:db:ff:e9:4c:a8:57:e7:1b:00:e3:01:cc:21:4f:b2:44:3e:
4c:bd:2d:21:4d:20:84:86:db:1f:bd:50:0b:9e:66:d1:b1:d5:
9e:6b:b3:81:cb:e9:c5:80:31:52:4c:eb:9a:17:66:a2:f3:ca:
4d:67:0a:b7:28:2c:67:4c:a9:0e:c6:2a:26:c2:12:f2:21:03:
52:e1:dd:a5:22:ce:42:67:36:cf:fe:2c:98:5b:0c:3b:33:d4:
cb:74:9d:46:c7:0e:56:e5:6f:5e:e8:65:fc:4d:97:ee:ca:97:
88:78:dd:bb:ab:7b:74:02:e6:cb:92:80:b6:e5:e5:95:e4:52:
06:12:ea:67:e0:44:3a:38:da:cb:1b:8f:d5:cf:a5:d7:90:69:
d5:15:33:9c:78:79:89:96:8e:9d:7a:c9:d9:28:84:de:1a:1c:
f9:a6:f0:c5:ba:1f:20:02:cb:59:1d:43:7d:d3:a8:90:f8:d7:
bd:b0:6a:f2:d1:72:78:7d:67:49:15:23:5e:a4:66:32:c1:fa:
dc:58:36:e6:00:50:d0:d5:f6:f2:b0:7c:0b:00:a6:fc:8d:40:
ac:0b:15:d7
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAY7mwOx94wt/QoDtTmb44usRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YTQ5ODdiZjhjNmI0Y2RkNjU3YmJjMmQwYTVlMTNlOWI2
MjZjYjkwHhcNMjQwNDE2MTE1MzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjYyYTBlODk1ZDQ5NzM3NzlmMDhhZmQ2MmMxNDU3MGM2NGNjZTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcyJxyp4yyy3gXo/YS42k+ZhRi+p
wvPPpjlLoJIEhoN1k6nOL4pWqBygj8MpjLGjXsc8oPGyg6FlGGtKfLe2QbMvsbQq
V7glgyx2Qws3xowxld6XZGcz55VvE9zI/4Fr+68OzgYRguz8hEQx7RiHlaPuMl/k
ZAqbY0/UJPuuIDizkJmIO9O63gIcN/erMxRKwyNjT27VPPU/6PlGLuBz1O2oVEPf
hSZn7h5Ap5v9moSKi++o5qvKQar3LVmbRcx1PoAYbGo/spqhVO3oEUO+ItM9vZqN
nnteYi15C05QON8rnB1YGDRTGT8Ch69Vm7P+WIFAmMnRDMObWBCIIiPyuQIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFPtioOiV1Jc3efCK/WLBRXDGTM5qMB8GA1UdIwQY
MBaAFFakmHv4xrTN1le7wtCl4T6bYmy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnFTWWVfakd0TTNXVjd2QzBLWGhQcHRpYkxrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84ODA5ZGQtNjY3YS00MDQ3LTgxMDQt
ZGU1ODY5OGI2NDcwLzEvMS0yS2c2SlhVbHpkNThJcjlZc0ZGY01aTXptby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGIvODgwOWRkLTY2N2EtNDA0Ny04MTA0LWRlNTg2OThiNjQ3
MC8xL1ZxU1llX2pHdE0zV1Y3dkMwS1hoUHB0aWJMay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAQMGCCsGAQUFBwEHAQH/BIHzMIHwMIHtBAIAATCB5gME
BSWLoAMEAi1fpAMEAi2PMAMEAi2Z0AMEAi2eMAMEAy7/IAMEBk6JAAMEAlOOMAME
A1nI6AMEAFtpzwMEAlvTiAMEAFvZkAMEBlv0AAMEAlwrUAMEAlx23AMEAmcjoAME
AmftLAMEBm3jQAMEAphZFAMEBbBDAAMEA7LYEAMEArkDlAMEArkpwAMEArk+YAME
ArlgHAMEArlnKAMEArmAXDAMAwQCubBsAwQCubBwAwQCucv0AwQCudBwAwQBudxe
AwQCueRkAwQCwWpQAwQBwgHcAwQF1DdAAwQC1Ww0AwQE2XNgMA0GCSqGSIb3DQEB
CwUAA4IBAQA5yXl+g3c3iK8Yr3PCxaRnWIGRnj25C4Y9CvF3CnE+TAo6sPWj2//p
TKhX5xsA4wHMIU+yRD5MvS0hTSCEhtsfvVALnmbRsdWea7OBy+nFgDFSTOuaF2ai
88pNZwq3KCxnTKkOxiomwhLyIQNS4d2lIs5CZzbP/iyYWww7M9TLdJ1Gxw5W5W9e
6GX8TZfuypeIeN27q3t0AubLkoC25eWV5FIGEupn4EQ6ONrLG4/Vz6XXkGnVFTOc
eHmJlo6desnZKITeGhz5pvDFuh8gAstZHUN906iQ+Ne9sGry0XJ4fWdJFSNepGYy
wfrcWDbmAFDQ1fbysHwLAKb8jUCsCxXX
-----END CERTIFICATE-----
Generated at Sun Apr 21 03:45:06 2024 by rpki-client on console-fra.rpki-client.org