Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/Ldv3PgbAWieAMjQM94Wf3rmvosg.roa
File: Ldv3PgbAWieAMjQM94Wf3rmvosg.roa (raw, json)
Hash identifier: OwJO2RKXWYXrnt0Tj/fqJj00UB9tvnOSctf31vFZeOk=
Subject key identifier: 2D:DB:F7:3E:06:C0:5A:27:80:32:34:0C:F7:85:9F:DE:B9:AF:A2:C8
Certificate issuer: /CN=0af61798dd18965c027afa7f93ae030ff5e1d76e
Certificate serial: 018CC3B6F80B75A8404AE60C4BB221D7E328
Authority key identifier: 0A:F6:17:98:DD:18:96:5C:02:7A:FA:7F:93:AE:03:0F:F5:E1:D7:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/Ldv3PgbAWieAMjQM94Wf3rmvosg.roa
Signing time: Mon 01 Jan 2024 06:29:57 +0000
ROA not before: Mon 01 Jan 2024 06:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5606
IP address blocks: 128.140.224.0/21 maxlen: 24
176.223.110.0/24 maxlen: 24
89.38.59.0/24 maxlen: 24
84.247.28.0/24 maxlen: 24
91.194.235.0/24 maxlen: 24
188.213.33.0/24 maxlen: 24
89.44.200.0/24 maxlen: 24
188.241.222.0/24 maxlen: 24
109.205.91.0/24 maxlen: 24
109.205.88.0/24 maxlen: 24
109.205.90.0/24 maxlen: 24
109.205.89.0/24 maxlen: 24
193.41.251.0/24 maxlen: 24
109.205.95.0/24 maxlen: 24
94.176.190.0/24 maxlen: 24
87.237.104.0/22 maxlen: 24
188.212.37.0/24 maxlen: 24
87.237.110.0/23 maxlen: 24
86.104.3.0/24 maxlen: 24
188.213.132.0/23 maxlen: 24
86.104.17.0/24 maxlen: 24
188.211.236.0/24 maxlen: 24
212.146.64.0/18 maxlen: 24
89.38.241.0/24 maxlen: 24
93.113.30.0/24 maxlen: 24
93.113.58.0/23 maxlen: 24
188.212.152.0/24 maxlen: 24
37.156.182.0/23 maxlen: 24
89.40.132.0/24 maxlen: 24
89.38.231.0/24 maxlen: 24
185.8.152.0/22 maxlen: 24
77.81.2.0/24 maxlen: 24
85.204.108.0/24 maxlen: 24
89.41.31.0/24 maxlen: 24
89.44.121.0/24 maxlen: 24
193.226.128.0/18 maxlen: 24
5.35.208.0/21 maxlen: 24
85.204.75.0/24 maxlen: 24
89.37.143.0/24 maxlen: 24
89.39.68.0/24 maxlen: 24
85.9.0.0/18 maxlen: 24
194.105.1.0/24 maxlen: 24
2001:4d80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/CvYXmN0YllwCevp_k64DD_Xh124.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/CvYXmN0YllwCevp_k64DD_Xh124.mft
rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f8:0b:75:a8:40:4a:e6:0c:4b:b2:21:d7:e3:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0af61798dd18965c027afa7f93ae030ff5e1d76e
Validity
Not Before: Jan 1 06:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ddbf73e06c05a278032340cf7859fdeb9afa2c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:74:88:0b:69:e9:79:b8:a3:69:5a:37:1c:46:
b4:38:a2:a0:11:10:12:85:18:23:7e:70:8b:fe:a2:
50:d3:f9:28:26:07:c0:52:6f:d6:8f:a1:75:b8:f7:
97:38:0c:58:1e:cd:a5:ac:89:f4:cc:cb:e3:7a:05:
34:55:ac:73:46:3a:6c:69:9e:dc:be:1b:d3:0b:aa:
1e:5d:b6:7e:c0:0a:df:24:7a:d6:b3:97:96:d0:03:
89:f1:5f:9c:f6:da:c5:d3:57:57:b6:50:76:e4:28:
7a:fd:16:79:ff:6d:fc:91:12:a1:56:a1:07:48:00:
a7:e0:1b:40:c3:58:01:98:8d:33:86:b5:f7:ca:8d:
76:5f:8c:b4:aa:e1:65:b5:bd:52:76:84:f7:ad:b2:
eb:e3:b4:e2:a2:90:60:fe:5a:2b:ed:00:21:87:61:
e5:87:49:aa:cc:1a:2e:81:c8:2f:3f:1a:d4:0b:83:
c8:52:89:71:c2:92:f8:20:5d:78:6a:26:65:ea:ca:
e9:02:f9:ad:d5:36:b4:f8:ac:3b:ca:1c:e2:ca:94:
c3:d6:c3:fd:fe:e4:6b:e7:98:29:fa:8b:6e:65:14:
8c:85:52:04:88:e1:86:95:1d:51:35:da:64:13:99:
58:97:40:4f:de:a8:4b:cd:81:d4:0a:7f:af:62:c0:
b5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:DB:F7:3E:06:C0:5A:27:80:32:34:0C:F7:85:9F:DE:B9:AF:A2:C8
X509v3 Authority Key Identifier:
keyid:0A:F6:17:98:DD:18:96:5C:02:7A:FA:7F:93:AE:03:0F:F5:E1:D7:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/Ldv3PgbAWieAMjQM94Wf3rmvosg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/CvYXmN0YllwCevp_k64DD_Xh124.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.208.0/21
37.156.182.0/23
77.81.2.0/24
84.247.28.0/24
85.9.0.0/18
85.204.75.0/24
85.204.108.0/24
86.104.3.0/24
86.104.17.0/24
87.237.104.0/22
87.237.110.0/23
89.37.143.0/24
89.38.59.0/24
89.38.231.0/24
89.38.241.0/24
89.39.68.0/24
89.40.132.0/24
89.41.31.0/24
89.44.121.0/24
89.44.200.0/24
91.194.235.0/24
93.113.30.0/24
93.113.58.0/23
94.176.190.0/24
109.205.88.0/22
109.205.95.0/24
128.140.224.0/21
176.223.110.0/24
185.8.152.0/22
188.211.236.0/24
188.212.37.0/24
188.212.152.0/24
188.213.33.0/24
188.213.132.0/23
188.241.222.0/24
193.41.251.0/24
193.226.128.0/18
194.105.1.0/24
212.146.64.0/18
IPv6:
2001:4d80::/32
Signature Algorithm: sha256WithRSAEncryption
b5:9e:3c:ae:87:52:a8:66:db:7c:d9:88:17:a9:6c:7a:9e:b5:
ae:56:8d:5d:74:2f:dd:ff:d7:3e:c4:1e:09:87:3e:22:01:21:
4b:49:fa:f7:57:d4:93:dd:fd:52:b1:b3:de:83:c7:11:ce:15:
fc:0d:58:9c:dc:fd:47:77:01:19:7a:42:cf:4b:ba:ea:ca:d3:
f1:d9:91:d7:35:82:18:e5:89:e7:a2:85:fa:4f:d6:44:f1:2f:
44:36:b1:76:ef:d3:31:48:b2:b8:3b:a0:8a:8e:92:29:45:cc:
94:40:d3:5e:af:6b:cd:8b:1d:b7:ea:31:34:54:b0:fd:ab:ae:
64:8c:8c:af:39:c2:4a:86:b8:bf:11:70:e0:97:e8:f7:57:50:
17:21:1a:42:30:ba:ac:23:60:57:8f:2a:d2:5d:65:49:3b:1e:
0c:cc:a7:05:a3:9b:9b:9e:9e:36:6f:ff:49:34:9b:b6:d1:5c:
f1:16:52:da:4b:29:24:10:c5:d8:0f:19:a5:b2:d0:40:f3:5b:
b7:0f:f7:e3:3a:49:b6:2c:f3:f5:1b:92:10:df:07:b8:9c:f8:
26:cf:be:e6:5b:ca:ce:aa:a6:03:0a:60:ca:5f:c9:70:82:c5:
40:f3:ce:a1:27:e9:47:94:37:75:57:ec:01:e2:ba:bd:94:8a:
c1:c7:26:64
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgISAYzDtvgLdahASuYMS7Ih1+MoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZjYxNzk4ZGQxODk2NWMwMjdhZmE3ZjkzYWUwMzBmZjVl
MWQ3NmUwHhcNMjQwMTAxMDYyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGRiZjczZTA2YzA1YTI3ODAzMjM0MGNmNzg1OWZkZWI5YWZhMmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXSIC2npebijaVo3HEa0OKKgERAS
hRgjfnCL/qJQ0/koJgfAUm/Wj6F1uPeXOAxYHs2lrIn0zMvjegU0VaxzRjpsaZ7c
vhvTC6oeXbZ+wArfJHrWs5eW0AOJ8V+c9trF01dXtlB25Ch6/RZ5/238kRKhVqEH
SACn4BtAw1gBmI0zhrX3yo12X4y0quFltb1SdoT3rbLr47TiopBg/lor7QAhh2Hl
h0mqzBougcgvPxrUC4PIUolxwpL4IF14aiZl6srpAvmt1Ta0+Kw7yhziypTD1sP9
/uRr55gp+otuZRSMhVIEiOGGlR1RNdpkE5lYl0BP3qhLzYHUCn+vYsC1NwIDAQAB
o4IDBDCCAwAwHQYDVR0OBBYEFC3b9z4GwFongDI0DPeFn965r6LIMB8GA1UdIwQY
MBaAFAr2F5jdGJZcAnr6f5OuAw/14dduMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3ZZWG1OMFlsbHdDZXZwX2s2NEREX1hoMTI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82MTUxNjQtNmQ5Ni00ODhhLTk2YmEt
ZDZlMWUzNDdmOWM3LzEvTGR2M1BnYkFXaWVBTWpRTTk0V2Yzcm12b3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82MTUxNjQtNmQ5Ni00ODhhLTk2YmEtZDZlMWUzNDdmOWM3
LzEvQ3ZZWG1OMFlsbHdDZXZwX2s2NEREX1hoMTI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGAYIKwYBBQUHAQcBAf8EggEHMIIBAzCB8QQCAAEwgeoD
BAMFI9ADBAElnLYDBABNUQIDBABU9xwDBAZVCQADBABVzEsDBABVzGwDBABWaAMD
BABWaBEDBAJX7WgDBAFX7W4DBABZJY8DBABZJjsDBABZJucDBABZJvEDBABZJ0QD
BABZKIQDBABZKR8DBABZLHkDBABZLMgDBABbwusDBABdcR4DBAFdcToDBABesL4D
BAJtzVgDBABtzV8DBAOAjOADBACw324DBAK5CJgDBAC80+wDBAC81CUDBAC81JgD
BAC81SEDBAG81YQDBAC88d4DBADBKfsDBAbB4oADBADCaQEDBAbUkkAwDQQCAAIw
BwMFACABTYAwDQYJKoZIhvcNAQELBQADggEBALWePK6HUqhm23zZiBepbHqeta5W
jV10L93/1z7EHgmHPiIBIUtJ+vdX1JPd/VKxs96DxxHOFfwNWJzc/Ud3ARl6Qs9L
uurK0/HZkdc1ghjlieeihfpP1kTxL0Q2sXbv0zFIsrg7oIqOkilFzJRA016va82L
HbfqMTRUsP2rrmSMjK85wkqGuL8RcOCX6PdXUBchGkIwuqwjYFePKtJdZUk7HgzM
pwWjm5uenjZv/0k0m7bRXPEWUtpLKSQQxdgPGaWy0EDzW7cP9+M6SbYs8/UbkhDf
B7ic+CbPvuZbys6qpgMKYMpfyXCCxUDzzqEn6UeUN3VX7AHiur2UisHHJmQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:41 2024 by rpki-client on console-fra.rpki-client.org