Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/zMQrfXsMQO3Wag983QgrwS6mZBM.roa
File: zMQrfXsMQO3Wag983QgrwS6mZBM.roa (raw, json)
Hash identifier: aXSp/CGhOyC8unYcXBbTnxMIVitcuMaY7BDnicLTJAM=
Subject key identifier: CC:C4:2B:7D:7B:0C:40:ED:D6:6A:0F:7C:DD:08:2B:C1:2E:A6:64:13
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018EE0CC92EBC08731CE82DA05153DA2E7CD
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/zMQrfXsMQO3Wag983QgrwS6mZBM.roa
Signing time: Mon 15 Apr 2024 08:08:07 +0000
ROA not before: Mon 15 Apr 2024 08:08:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202
IP address blocks: 5.159.208.0/21 maxlen: 24
5.181.72.0/22 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
45.137.44.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
83.150.252.0/22 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.90.0.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.182.200.0/23 maxlen: 24
185.204.212.0/22 maxlen: 24
185.229.4.0/22 maxlen: 24
185.246.132.0/22 maxlen: 24
185.247.200.0/22 maxlen: 24
185.248.252.0/24 maxlen: 24
185.248.254.0/24 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a04:e9c0::/29 maxlen: 29
2a0a:f480::/29 maxlen: 29
2a0d:7680::/29 maxlen: 29
2a0d:bf80::/29 maxlen: 29
2a0e:a1c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e0:cc:92:eb:c0:87:31:ce:82:da:05:15:3d:a2:e7:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Apr 15 08:08:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccc42b7d7b0c40edd66a0f7cdd082bc12ea66413
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:25:4e:99:42:33:57:56:74:14:19:4a:43:b6:
03:ea:e5:0d:26:22:b0:ce:3f:2e:e6:f1:d2:21:e8:
e1:cb:43:82:87:a1:a5:91:a8:59:5e:4a:33:53:96:
ab:d0:3d:ea:3b:e5:3d:a7:1f:23:97:f5:c9:e9:3b:
76:5b:d2:4e:33:dd:2c:7b:3e:3d:ab:e5:b6:90:ef:
8d:7c:96:a8:06:96:30:fb:d0:7f:d8:1a:f3:68:8f:
04:45:f8:1b:8e:13:39:1a:cc:8b:34:2a:f7:12:4e:
c2:9f:c9:7f:c9:7a:9a:3b:60:30:cf:f4:46:d2:78:
5b:f3:39:9e:a9:2d:65:d3:ec:af:9e:47:06:81:51:
68:ec:7e:a3:64:27:cb:fc:79:76:51:e7:8b:bb:e1:
92:86:9e:ea:49:2f:76:8a:f7:c4:b3:b9:49:c9:0e:
71:e8:36:5a:16:cc:3e:74:fd:93:f9:2c:c8:6d:3d:
30:26:59:39:2c:16:17:a4:6b:fb:a7:4e:f7:85:35:
df:f4:03:61:f3:3a:f8:7e:75:df:f0:2e:75:6b:60:
24:6a:1f:cd:b2:f9:e1:78:d5:cc:5d:38:4d:6e:9f:
ca:ad:d8:78:91:d3:85:a3:01:8d:f9:75:f4:e4:74:
6c:e5:57:30:76:09:a9:e8:4c:08:9a:f9:fb:10:ac:
30:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:C4:2B:7D:7B:0C:40:ED:D6:6A:0F:7C:DD:08:2B:C1:2E:A6:64:13
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/zMQrfXsMQO3Wag983QgrwS6mZBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.208.0/21
5.181.72.0/22
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
45.137.44.0/22
80.74.240.0/20
83.150.252.0/22
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
176.58.0.0/21
185.79.184.0/22
185.90.0.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.182.200.0/23
185.204.212.0/22
185.229.4.0/22
185.246.132.0/22
185.247.200.0/22
185.248.252.0/24
185.248.254.0/24
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
2a04:e9c0::/29
2a0a:f480::/29
2a0d:7680::/29
2a0d:bf80::/29
2a0e:a1c0::/29
Signature Algorithm: sha256WithRSAEncryption
1d:6f:96:a8:0e:1b:e7:0d:3b:50:e7:d3:e8:6c:30:18:cc:85:
18:1f:15:eb:8d:d5:f7:35:1f:a8:e4:4b:25:16:2f:08:d3:9c:
b2:8b:67:ba:13:5c:55:c8:18:d2:06:aa:90:e3:9c:7f:d7:28:
f4:e1:66:71:76:8d:8d:20:e4:82:38:cd:ec:05:ff:b7:ea:dc:
92:d2:81:fa:3d:40:fb:56:18:5d:a3:9f:7b:36:0e:85:0e:95:
d3:42:15:6e:9c:6b:ef:88:ae:9a:cb:e0:60:35:eb:01:6d:2e:
78:e4:e4:73:5d:e1:bc:91:88:fb:5b:ab:05:b3:46:9c:3f:1a:
27:d9:82:a4:b0:b8:d2:4a:ae:ae:88:87:cb:3d:19:93:98:ce:
a8:c9:33:1c:01:d1:a6:4d:df:58:37:76:da:97:ff:25:6f:1c:
5d:98:ce:c5:69:1e:1e:22:70:50:0b:6e:53:f2:28:60:36:7d:
26:d9:61:cf:bb:9e:e7:d0:64:ea:6c:8b:c9:22:d0:f8:a3:67:
e5:5d:36:cc:22:ea:5d:76:0e:bb:a7:a7:01:1a:d8:57:c3:0b:
ad:c8:37:f6:f2:27:67:b2:1c:8f:cb:0b:ba:57:3d:10:eb:3f:
62:30:7b:86:75:0b:90:75:52:ce:79:ef:b0:6e:a8:02:cf:d6:
32:59:5b:52
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgISAY7gzJLrwIcxzoLaBRU9oufNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwNDE1MDgwODA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2M0MmI3ZDdiMGM0MGVkZDY2YTBmN2NkZDA4MmJjMTJlYTY2NDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliVOmUIzV1Z0FBlKQ7YD6uUNJiKw
zj8u5vHSIejhy0OCh6GlkahZXkozU5ar0D3qO+U9px8jl/XJ6Tt2W9JOM90sez49
q+W2kO+NfJaoBpYw+9B/2BrzaI8ERfgbjhM5GsyLNCr3Ek7Cn8l/yXqaO2Awz/RG
0nhb8zmeqS1l0+yvnkcGgVFo7H6jZCfL/Hl2UeeLu+GShp7qSS92ivfEs7lJyQ5x
6DZaFsw+dP2T+SzIbT0wJlk5LBYXpGv7p073hTXf9ANh8zr4fnXf8C51a2Akah/N
svnheNXMXThNbp/Krdh4kdOFowGN+XX05HRs5Vcwdgmp6EwImvn7EKwwoQIDAQAB
o4IDETCCAw0wHQYDVR0OBBYEFMzEK317DEDt1moPfN0IK8EupmQTMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvek1RcmZYc01RTzNXYWc5ODNRZ3J3UzZtWkJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJQYIKwYBBQUHAQcBAf8EggEUMIIBEDCB2wQCAAEwgdQD
BAMFn9ADBAIFtUgDBAMfwGADBAItCGQDBAIthGwDBAItiSwDBARQSvADBAJTlvwD
BAVVX2ADBANcKngDBANfgUADBAOwOgADBAK5T7gDBAK5WgADBAK5XswDBAK5Y0wD
BAK5kVgDBAK5stgDBAG5tsgDBAK5zNQDBAK55QQDBAK59oQDBAK598gDBAC5+PwD
BAC5+P4DBAO8XhADBADBGAMDBADBGAYDBADBGA0DBADBGB8DBAXDGiADBAHDWAgw
DAMEAtQLRAMEAtQLSAMEBNmRgDAwBAIAAjAqAwUAKgDxwAMFAyoE6cADBQMqCvSA
AwUDKg12gAMFAyoNv4ADBQMqDqHAMA0GCSqGSIb3DQEBCwUAA4IBAQAdb5aoDhvn
DTtQ59PobDAYzIUYHxXrjdX3NR+o5EslFi8I05yyi2e6E1xVyBjSBqqQ45x/1yj0
4WZxdo2NIOSCOM3sBf+36tyS0oH6PUD7Vhhdo597Ng6FDpXTQhVunGvviK6ay+Bg
NesBbS545ORzXeG8kYj7W6sFs0acPxon2YKksLjSSq6uiIfLPRmTmM6oyTMcAdGm
Td9YN3bal/8lbxxdmM7FaR4eInBQC25T8ihgNn0m2WHPu57n0GTqbIvJItD4o2fl
XTbMIupddg67p6cBGthXwwutyDf28idnshyPywu6Vz0Q6z9iMHuGdQuQdVLOee+w
bqgCz9YyWVtS
-----END CERTIFICATE-----
Generated at Sat May 18 22:21:10 2024 by rpki-client on console-fra.rpki-client.org