Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/RDbvzDX5JYdPDwPeV6ioG6xLZuM.roa
File: RDbvzDX5JYdPDwPeV6ioG6xLZuM.roa (raw, json)
Hash identifier: oTaJ6927xUsd2AJELjVpRo4BsBoo0+xMH8AFX4Ssz8o=
Subject key identifier: 44:36:EF:CC:35:F9:25:87:4F:0F:03:DE:57:A8:A8:1B:AC:4B:66:E3
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018EE0CC93F2E5BB63BF1649F88FD9827759
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/RDbvzDX5JYdPDwPeV6ioG6xLZuM.roa
Signing time: Mon 15 Apr 2024 08:08:07 +0000
ROA not before: Mon 15 Apr 2024 08:08:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21267
IP address blocks: 5.159.208.0/21 maxlen: 24
5.181.72.0/22 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
45.137.44.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
83.150.252.0/22 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.90.0.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.182.200.0/23 maxlen: 24
185.204.212.0/22 maxlen: 24
185.229.4.0/22 maxlen: 24
185.246.132.0/22 maxlen: 24
185.247.200.0/22 maxlen: 24
185.248.252.0/24 maxlen: 24
185.248.254.0/24 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a04:e9c0::/29 maxlen: 29
2a0a:f480::/29 maxlen: 29
2a0d:7680::/29 maxlen: 29
2a0d:bf80::/29 maxlen: 29
2a0e:a1c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e0:cc:93:f2:e5:bb:63:bf:16:49:f8:8f:d9:82:77:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Apr 15 08:08:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4436efcc35f925874f0f03de57a8a81bac4b66e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:93:f3:aa:4c:e1:57:b2:19:cd:74:87:bc:73:
90:6b:bb:99:e4:70:a2:04:02:6a:f6:cb:e1:67:2b:
0c:14:17:0e:b9:ad:e9:f7:65:0c:9c:da:9c:ff:d5:
5f:e6:ef:72:93:9c:93:d2:26:eb:51:b9:e9:a2:d9:
70:4d:d1:09:d4:d5:92:f7:06:7f:44:96:a1:08:1e:
8c:a1:d2:14:93:b0:36:a4:af:91:40:fc:d5:ae:e8:
e5:52:b2:e5:dd:58:a1:69:0a:a2:fd:79:c0:0e:d5:
d3:0f:a6:64:55:67:74:e7:31:c6:32:cd:2a:01:e3:
41:55:64:75:5e:a7:a1:98:5c:6a:b8:8d:e5:a3:d6:
f8:44:07:75:9a:61:ab:0f:81:68:23:0d:6c:21:24:
43:df:c6:16:e0:b1:7c:0c:ac:28:11:97:ac:57:86:
75:81:9f:09:bf:53:aa:df:ad:af:f0:01:c0:1c:5d:
83:0c:76:df:7e:f0:af:9f:b5:57:56:f2:1b:34:9b:
e9:e3:4e:a9:40:23:db:81:72:44:d7:24:85:6b:fb:
ca:53:04:84:ef:e8:d2:53:40:42:b5:aa:89:28:53:
65:31:e3:14:a8:5e:e7:07:eb:99:86:fd:58:91:4a:
84:ca:bb:75:cd:47:d2:59:44:36:18:1d:f9:8a:b8:
3d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:36:EF:CC:35:F9:25:87:4F:0F:03:DE:57:A8:A8:1B:AC:4B:66:E3
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/RDbvzDX5JYdPDwPeV6ioG6xLZuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.208.0/21
5.181.72.0/22
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
45.137.44.0/22
80.74.240.0/20
83.150.252.0/22
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
176.58.0.0/21
185.79.184.0/22
185.90.0.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.182.200.0/23
185.204.212.0/22
185.229.4.0/22
185.246.132.0/22
185.247.200.0/22
185.248.252.0/24
185.248.254.0/24
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
2a04:e9c0::/29
2a0a:f480::/29
2a0d:7680::/29
2a0d:bf80::/29
2a0e:a1c0::/29
Signature Algorithm: sha256WithRSAEncryption
11:2d:70:83:a9:80:79:3e:76:0f:7a:1e:32:19:56:0e:59:90:
f5:30:35:f5:56:08:ec:cf:3f:e0:d8:8f:bc:dd:fd:9f:ba:53:
a1:9e:9d:d5:92:ad:4a:e8:a2:15:52:fd:e4:bb:a4:f3:3e:57:
67:45:36:0a:ce:10:8c:0a:93:ff:a0:9f:59:94:cd:15:0a:e4:
8d:ff:bb:c5:96:0f:b6:56:f2:45:17:3e:b6:a6:26:79:de:e5:
30:79:5b:86:e3:6c:27:7d:61:d1:68:29:5e:d9:b8:53:1d:ca:
54:fe:14:d8:92:f5:61:d3:d7:61:65:78:a1:2a:dc:56:a5:50:
7f:37:90:a7:26:65:be:44:cd:2d:c4:47:f7:76:31:3d:0a:a8:
0c:c3:11:b3:c8:d9:7a:11:31:b0:72:5f:b5:dd:01:29:43:73:
c6:6b:54:1c:c4:67:4f:37:b8:cf:f4:9f:61:02:93:69:ee:7b:
35:a2:41:67:eb:61:5c:76:b0:ba:f3:02:7b:08:51:e0:05:1f:
31:53:80:22:0b:51:18:0b:5b:cd:2c:e4:4b:51:df:be:4f:89:
0a:ec:5c:50:79:cc:23:bc:ef:33:2e:05:ef:98:3a:d7:78:3d:
8e:ab:56:75:aa:8b:b3:fe:1b:4e:27:cd:ce:76:4f:98:45:3d:
88:d8:ed:f3
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgISAY7gzJPy5btjvxZJ+I/ZgndZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwNDE1MDgwODA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDM2ZWZjYzM1ZjkyNTg3NGYwZjAzZGU1N2E4YTgxYmFjNGI2NmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJPzqkzhV7IZzXSHvHOQa7uZ5HCi
BAJq9svhZysMFBcOua3p92UMnNqc/9Vf5u9yk5yT0ibrUbnpotlwTdEJ1NWS9wZ/
RJahCB6ModIUk7A2pK+RQPzVrujlUrLl3VihaQqi/XnADtXTD6ZkVWd05zHGMs0q
AeNBVWR1XqehmFxquI3lo9b4RAd1mmGrD4FoIw1sISRD38YW4LF8DKwoEZesV4Z1
gZ8Jv1Oq362v8AHAHF2DDHbffvCvn7VXVvIbNJvp406pQCPbgXJE1ySFa/vKUwSE
7+jSU0BCtaqJKFNlMeMUqF7nB+uZhv1YkUqEyrt1zUfSWUQ2GB35irg9BwIDAQAB
o4IDETCCAw0wHQYDVR0OBBYEFEQ278w1+SWHTw8D3leoqBusS2bjMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvUkRidnpEWDVKWWRQRHdQZVY2aW9HNnhMWnVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJQYIKwYBBQUHAQcBAf8EggEUMIIBEDCB2wQCAAEwgdQD
BAMFn9ADBAIFtUgDBAMfwGADBAItCGQDBAIthGwDBAItiSwDBARQSvADBAJTlvwD
BAVVX2ADBANcKngDBANfgUADBAOwOgADBAK5T7gDBAK5WgADBAK5XswDBAK5Y0wD
BAK5kVgDBAK5stgDBAG5tsgDBAK5zNQDBAK55QQDBAK59oQDBAK598gDBAC5+PwD
BAC5+P4DBAO8XhADBADBGAMDBADBGAYDBADBGA0DBADBGB8DBAXDGiADBAHDWAgw
DAMEAtQLRAMEAtQLSAMEBNmRgDAwBAIAAjAqAwUAKgDxwAMFAyoE6cADBQMqCvSA
AwUDKg12gAMFAyoNv4ADBQMqDqHAMA0GCSqGSIb3DQEBCwUAA4IBAQARLXCDqYB5
PnYPeh4yGVYOWZD1MDX1Vgjszz/g2I+83f2fulOhnp3Vkq1K6KIVUv3ku6TzPldn
RTYKzhCMCpP/oJ9ZlM0VCuSN/7vFlg+2VvJFFz62piZ53uUweVuG42wnfWHRaCle
2bhTHcpU/hTYkvVh09dhZXihKtxWpVB/N5CnJmW+RM0txEf3djE9CqgMwxGzyNl6
ETGwcl+13QEpQ3PGa1QcxGdPN7jP9J9hApNp7ns1okFn62FcdrC68wJ7CFHgBR8x
U4AiC1EYC1vNLORLUd++T4kK7FxQecwjvO8zLgXvmDrXeD2Oq1Z1qouz/htOJ83O
dk+YRT2I2O3z
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:35:30 2024 by rpki-client on console-ams.rpki-client.org