Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/HSoX_K6mRymgKR8u64Utiw4ECj4.roa
File: HSoX_K6mRymgKR8u64Utiw4ECj4.roa (raw, json)
Hash identifier: PLs8j0i03MuKtVCREktjn4noNaVnP7QLnyhQuadNyc8=
Subject key identifier: 1D:2A:17:FC:AE:A6:47:29:A0:29:1F:2E:EB:85:2D:8B:0E:04:0A:3E
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0192B43327DBA23C01863BEDE9CB8708D1BC
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/HSoX_K6mRymgKR8u64Utiw4ECj4.roa
Signing time: Tue 22 Oct 2024 12:28:24 +0000
ROA not before: Tue 22 Oct 2024 12:28:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 37.235.48.0/24 maxlen: 24
37.235.51.0/24 maxlen: 24
45.153.127.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.46.233.0/24 maxlen: 24
89.46.234.0/24 maxlen: 24
89.46.235.0/24 maxlen: 24
89.46.236.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
134.255.211.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
185.193.48.0/24 maxlen: 24
185.195.64.0/24 maxlen: 24
185.195.66.0/24 maxlen: 24
188.214.32.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
2a03:f80:32::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:65::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b4:33:27:db:a2:3c:01:86:3b:ed:e9:cb:87:08:d1:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Oct 22 12:28:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d2a17fcaea64729a0291f2eeb852d8b0e040a3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:02:b6:de:9a:fb:35:0a:6d:12:97:eb:b3:f8:
02:9e:32:e6:95:d5:55:3c:56:1a:4b:76:6b:4b:d1:
60:70:30:db:a2:4f:51:27:b7:1a:9c:bd:2d:1c:ee:
98:f5:cc:f7:e2:21:cd:ab:2b:86:19:07:3f:05:84:
1f:ea:a7:c1:ff:99:c7:43:b1:dd:b3:f6:13:a6:d4:
e2:90:b5:e5:82:a8:25:37:d3:f7:35:96:3d:a8:31:
c2:8c:c7:51:75:23:08:c0:92:7f:2b:f6:84:be:43:
91:d2:15:f1:63:b1:4d:d4:4c:09:f2:3c:32:49:8f:
25:5c:d4:74:18:a9:e8:db:6c:13:e1:ea:26:6b:96:
b9:b4:ee:1b:10:d1:18:d0:54:fd:67:19:07:2d:36:
b5:d3:00:d0:24:ac:6f:b5:38:f5:12:35:2b:ab:74:
a0:9b:83:c0:37:d2:b4:b9:1b:76:ed:ea:56:bf:17:
72:99:c3:89:22:9e:bd:e7:37:53:08:23:9d:83:2f:
b6:fc:8c:52:29:18:04:f9:3c:7e:dc:7c:77:b2:be:
3a:c0:ca:56:58:bc:2f:b5:c4:fb:ab:05:ad:67:26:
2c:1f:30:c8:7d:59:03:b1:a1:00:f9:e7:c7:ae:71:
02:18:68:e2:bf:b1:60:29:60:b0:46:7b:10:6c:dd:
7f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:2A:17:FC:AE:A6:47:29:A0:29:1F:2E:EB:85:2D:8B:0E:04:0A:3E
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/HSoX_K6mRymgKR8u64Utiw4ECj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/24
37.235.51.0/24
45.153.127.0/24
46.183.187.0/24
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
89.46.233.0-89.46.236.255
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
95.156.204.0/24
95.156.207.0/24
103.57.248.0/23
103.57.251.0/24
134.255.211.0/24
149.154.157.0-149.154.159.255
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
176.126.99.0/24
185.26.236.0/24
185.26.238.0/23
185.76.78.0/23
185.193.48.0/24
185.195.64.0/24
185.195.66.0/24
188.214.32.0/24
213.183.55.0/24
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/48
2a03:f80:44::/47
2a03:f80:47::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
52:1c:9f:09:d2:a0:cd:54:21:ed:36:78:64:db:3a:f5:dc:b8:
91:c4:38:3e:bb:02:b8:ee:b7:25:26:02:3f:cc:21:43:71:4a:
54:16:cb:89:c5:90:6c:94:b9:07:58:cb:4d:3a:07:0b:4f:92:
16:2f:a1:56:c3:df:0e:a2:34:f0:a7:61:db:63:85:b1:11:d1:
88:83:e2:a5:a7:34:05:30:79:6b:35:48:b5:50:58:c8:b1:ad:
11:57:3c:64:d8:1a:51:b6:0c:14:28:1c:25:c2:6f:9c:16:3a:
5d:65:2d:76:f0:d6:d8:ca:2d:bd:49:4b:14:f1:52:0b:e2:5c:
bb:7c:75:7c:c3:67:33:cc:18:c2:89:92:03:dd:59:6d:41:cf:
9a:1a:20:85:9a:4e:fe:a0:dc:bf:24:48:fd:f6:96:cb:73:f3:
6c:33:a8:81:a8:6e:86:eb:b8:66:64:4e:3a:6e:e3:26:58:80:
93:1e:8c:a8:7f:43:15:17:3c:8c:bf:c6:d8:af:22:01:3a:35:
06:cd:d2:65:7a:30:18:3d:e2:6d:eb:02:97:12:48:3a:00:8c:
85:05:b7:ad:2e:45:48:ec:41:f9:10:ca:20:b4:59:89:9f:6d:
14:54:4d:a3:8b:e8:8f:17:cd:4e:5a:ab:35:d6:91:50:1c:b5:
5a:58:76:c3
-----BEGIN CERTIFICATE-----
MIIGazCCBVOgAwIBAgISAZK0MyfbojwBhjvt6cuHCNG8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQxMDIyMTIyODI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDJhMTdmY2FlYTY0NzI5YTAyOTFmMmVlYjg1MmQ4YjBlMDQwYTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gK23pr7NQptEpfrs/gCnjLmldVV
PFYaS3ZrS9FgcDDbok9RJ7canL0tHO6Y9cz34iHNqyuGGQc/BYQf6qfB/5nHQ7Hd
s/YTptTikLXlgqglN9P3NZY9qDHCjMdRdSMIwJJ/K/aEvkOR0hXxY7FN1EwJ8jwy
SY8lXNR0GKno22wT4eoma5a5tO4bENEY0FT9ZxkHLTa10wDQJKxvtTj1EjUrq3Sg
m4PAN9K0uRt27epWvxdymcOJIp695zdTCCOdgy+2/IxSKRgE+Tx+3Hx3sr46wMpW
WLwvtcT7qwWtZyYsHzDIfVkDsaEA+efHrnECGGjiv7FgKWCwRnsQbN1/8wIDAQAB
o4IDdzCCA3MwHQYDVR0OBBYEFB0qF/yupkcpoCkfLuuFLYsOBAo+MB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvSFNvWF9LNm1SeW1nS1I4dTY0VXRpdzRFQ2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBiwYIKwYBBQUHAQcBAf8EggF6MIIBdjCB6QQCAAEwgeID
BAAl6zADBAAl6zMDBAAtmX8DBAAut7sDBAFT83gDBAFZH3gDBABZH3swDAMEAFku
6QMEAFku7AMEAVuEXAMEAFuEXwMEAFzzQAMEAF+czAMEAF+czwMEAWc5+AMEAGc5
+wMEAIb/0zAMAwQAlZqdAwQFlZqAMAwDBACX7A8DBACX7BIwDAMEApfsFAMEAJfs
FgMEAJfsGQMEAJ7/0DAMAwQAnv/VAwQDnv/QAwQAsH5jAwQAuRrsAwQBuRruAwQB
uUxOAwQAucEwAwQAucNAAwQAucNCAwQAvNYgAwQA1bc3MIGHBAIAAjCBgAMHASoD
D4AAMgMHACoDD4AAOQMHACoDD4AAQAMHASoDD4AARDASAwcAKgMPgABHAwcBKgMP
gABIAwcAKgMPgABhAwcAKgMPgABlAwcAKgMPgACBAwcAKgMPgAOBAwcAKgMPgAhS
AwcAKgMPgAlxAwcAKgMPgEQWAwcAKgMPgO1RMA0GCSqGSIb3DQEBCwUAA4IBAQBS
HJ8J0qDNVCHtNnhk2zr13LiRxDg+uwK47rclJgI/zCFDcUpUFsuJxZBslLkHWMtN
OgcLT5IWL6FWw98OojTwp2HbY4WxEdGIg+KlpzQFMHlrNUi1UFjIsa0RVzxk2BpR
tgwUKBwlwm+cFjpdZS128NbYyi29SUsU8VIL4ly7fHV8w2czzBjCiZID3VltQc+a
GiCFmk7+oNy/JEj99pbLc/NsM6iBqG6G67hmZE46buMmWICTHoyof0MVFzyMv8bY
ryIBOjUGzdJlejAYPeJt6wKXEkg6AIyFBbetLkVI7EH5EMogtFmJn20UVE2ji+iP
F81OWqs11pFQHLVaWHbD
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:44:43 2024 by rpki-client on console-ams.rpki-client.org