Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/QgXQ0jofwuGVXnjhXJU7D3pw4a8.roa
File: QgXQ0jofwuGVXnjhXJU7D3pw4a8.roa (raw, json)
Hash identifier: +QIoPxXL555k2fAxahFvxNlcyJubTz0+MIXCA/qjmZw=
Subject key identifier: 42:05:D0:D2:3A:1F:C2:E1:95:5E:78:E1:5C:95:3B:0F:7A:70:E1:AF
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018EE19F24C493A2B083DB348DC6F3163CE5
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/QgXQ0jofwuGVXnjhXJU7D3pw4a8.roa
Signing time: Mon 15 Apr 2024 11:58:06 +0000
ROA not before: Mon 15 Apr 2024 11:58:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57169
IP address blocks: 5.180.114.0/24 maxlen: 24
37.235.48.0/20 maxlen: 20
37.235.50.0/23 maxlen: 23
37.235.50.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.122.0/24 maxlen: 24
83.243.123.0/24 maxlen: 24
84.247.61.0/24 maxlen: 24
86.106.119.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
92.243.66.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
134.255.210.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.14.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.28.0/24 maxlen: 24
151.236.30.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
2a03:f80::/29 maxlen: 29
2a03:f80:7::/48 maxlen: 48
2a03:f80:31::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:57::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:357::/48 maxlen: 48
2a03:f80:359::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f87:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:9f:24:c4:93:a2:b0:83:db:34:8d:c6:f3:16:3c:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Apr 15 11:58:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4205d0d23a1fc2e1955e78e15c953b0f7a70e1af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a2:a2:e6:75:43:f9:bf:6e:4e:7c:9b:3f:1b:
f9:68:95:6c:2d:f8:43:42:1f:86:d5:6c:38:14:40:
d0:77:99:8f:21:d6:d6:f9:3a:fe:f3:6f:d4:59:1e:
6b:0b:49:16:46:27:c4:f7:5c:f6:a5:85:65:75:54:
52:33:82:c1:7d:c3:55:96:1f:58:fd:51:ed:2c:01:
cc:f8:95:87:1e:4d:ee:87:50:c3:73:cd:8e:97:4a:
3c:0a:7a:92:f1:62:1e:a8:2b:5b:e0:fd:9a:6d:9f:
ca:1f:38:d6:c7:56:63:4b:3a:ca:52:e2:15:da:88:
b6:35:f0:83:ea:36:6e:d3:84:3a:90:7c:34:69:16:
cd:1a:f2:ac:06:ed:66:21:45:82:e3:a4:90:f3:79:
15:da:6a:aa:6d:ab:bd:09:90:bc:1e:77:62:ff:2d:
aa:f5:39:2b:31:a1:b9:a1:02:d7:db:7c:a1:d3:96:
44:a3:b8:6b:fb:23:f3:aa:5b:df:a1:2d:2a:88:d7:
76:54:cf:db:da:7e:f5:fc:09:22:14:8c:8c:2e:8b:
79:59:17:88:f5:66:42:83:56:03:51:21:ad:26:24:
73:ef:d3:31:1a:16:1e:20:6b:6c:f1:77:c3:9d:37:
28:16:75:d4:6f:29:d7:18:ce:dd:90:e1:8d:46:e5:
f3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:05:D0:D2:3A:1F:C2:E1:95:5E:78:E1:5C:95:3B:0F:7A:70:E1:AF
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/QgXQ0jofwuGVXnjhXJU7D3pw4a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.114.0/24
37.235.48.0/20
83.243.120.0/24
83.243.122.0/23
84.247.61.0/24
86.106.119.0/24
89.31.123.0/24
91.132.94.0/24
91.227.204.0/23
92.243.66.0/24
103.57.250.0/24
134.255.210.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
185.26.236.0-185.26.238.255
213.183.54.0-213.183.57.255
IPv6:
2a03:f80::/29
Signature Algorithm: sha256WithRSAEncryption
99:ea:9d:9c:b7:f4:19:92:a0:2c:e6:78:a0:08:9a:61:1c:27:
e4:1c:c1:cf:7f:54:d4:48:59:e9:68:60:18:92:13:df:75:06:
bc:77:3a:21:f6:26:62:d2:79:88:8d:0e:b8:d0:cd:2e:51:7a:
f0:0c:3a:bb:a6:59:2d:2d:04:38:01:82:9c:82:d6:d2:75:78:
eb:30:39:5a:5a:bb:ce:20:ae:c2:10:83:a0:06:5c:17:62:96:
5b:59:98:8c:8b:e1:18:ac:28:d1:04:47:5e:71:50:fc:02:62:
a9:15:74:b0:c7:41:19:b3:fa:4a:af:7d:9e:62:d0:d6:d8:43:
07:00:3e:f9:a8:e5:f1:9a:d1:87:2c:b6:fe:29:ac:f3:b5:81:
28:d1:49:17:d4:3c:7f:1f:30:f8:d6:00:f4:8c:0c:a0:24:27:
54:b8:13:e2:68:b9:9c:82:26:6a:88:73:4a:fc:40:ef:71:8e:
e1:98:e3:44:bc:01:43:a0:b0:ea:b8:f7:cf:87:bf:ff:4f:44:
42:6c:c1:c0:02:de:f9:ac:f4:bb:ce:26:7c:1e:ee:7f:33:f1:
02:9f:71:eb:95:21:4c:9f:24:a3:98:d2:87:a4:34:d0:71:da:
ba:dd:ba:b3:92:9e:6c:6f:b6:e4:da:73:86:92:0f:89:d8:97:
dd:4c:60:e1
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgISAY7hnyTEk6Kwg9s0jcbzFjzlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwNDE1MTE1ODA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjA1ZDBkMjNhMWZjMmUxOTU1ZTc4ZTE1Yzk1M2IwZjdhNzBlMWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6Ki5nVD+b9uTnybPxv5aJVsLfhD
Qh+G1Ww4FEDQd5mPIdbW+Tr+82/UWR5rC0kWRifE91z2pYVldVRSM4LBfcNVlh9Y
/VHtLAHM+JWHHk3uh1DDc82Ol0o8CnqS8WIeqCtb4P2abZ/KHzjWx1ZjSzrKUuIV
2oi2NfCD6jZu04Q6kHw0aRbNGvKsBu1mIUWC46SQ83kV2mqqbau9CZC8Hndi/y2q
9TkrMaG5oQLX23yh05ZEo7hr+yPzqlvfoS0qiNd2VM/b2n71/AkiFIyMLot5WReI
9WZCg1YDUSGtJiRz79MxGhYeIGts8XfDnTcoFnXUbynXGM7dkOGNRuXz4QIDAQAB
o4ICnTCCApkwHQYDVR0OBBYEFEIF0NI6H8LhlV544VyVOw96cOGvMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvUWdYUTBqb2Z3dUdWWG5qaFhKVTdEM3B3NGE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGyBggrBgEFBQcBBwEB/wSBojCBnzCBjQQCAAEwgYYDBAAF
tHIDBAQl6zADBABT83gDBAFT83oDBABU9z0DBABWancDBABZH3sDBABbhF4DBAFb
48wDBABc80IDBABnOfoDBACG/9IwDAMEA5WamAMEAJWanAMEBZfsADAMAwQAnv/R
AwQAnv/UMAwDBAK5GuwDBAC5Gu4wDAMEAdW3NgMEAdW3ODANBAIAAjAHAwUDKgMP
gDANBgkqhkiG9w0BAQsFAAOCAQEAmeqdnLf0GZKgLOZ4oAiaYRwn5BzBz39U1EhZ
6WhgGJIT33UGvHc6IfYmYtJ5iI0OuNDNLlF68Aw6u6ZZLS0EOAGCnILW0nV46zA5
Wlq7ziCuwhCDoAZcF2KWW1mYjIvhGKwo0QRHXnFQ/AJiqRV0sMdBGbP6Sq99nmLQ
1thDBwA++ajl8ZrRhyy2/ims87WBKNFJF9Q8fx8w+NYA9IwMoCQnVLgT4mi5nIIm
aohzSvxA73GO4ZjjRLwBQ6Cw6rj3z4e//09EQmzBwALe+az0u84mfB7ufzPxAp9x
65UhTJ8ko5jSh6Q00HHaut26s5KebG+25NpzhpIPidiX3Uxg4Q==
-----END CERTIFICATE-----
Generated at Wed May 22 06:47:22 2024 by rpki-client on console-fra.rpki-client.org