Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/WDTByhYWq_DitfTKNWovxp03Mb0.roa
File: WDTByhYWq_DitfTKNWovxp03Mb0.roa (raw, json)
Hash identifier: GYqQojNn6rstdh4jvrILMZaDG6l4wfjm7AZQgrsbtdw=
Subject key identifier: 58:34:C1:CA:16:16:AB:F0:E2:B5:F4:CA:35:6A:2F:C6:9D:37:31:BD
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018EE751DEAFE0AD7871570E418B2028358E
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/WDTByhYWq_DitfTKNWovxp03Mb0.roa
Signing time: Tue 16 Apr 2024 14:31:25 +0000
ROA not before: Tue 16 Apr 2024 14:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 5.180.4.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.151.196.0/22 maxlen: 22
85.159.117.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.94.0/24 maxlen: 24
91.242.95.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.125.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
185.173.244.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
194.50.200.0/23 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.108.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 03:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e7:51:de:af:e0:ad:78:71:57:0e:41:8b:20:28:35:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Apr 16 14:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5834c1ca1616abf0e2b5f4ca356a2fc69d3731bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:32:ef:b2:60:6f:30:df:d0:0c:13:2a:9a:44:
d3:c2:f5:29:0c:16:ed:90:e9:ac:85:03:d9:db:73:
77:dc:24:44:33:97:ed:82:7a:18:c4:f1:17:c9:ef:
c0:75:b4:b1:e4:23:4c:15:79:9d:0c:11:63:c6:62:
72:07:2f:0d:27:6c:14:ba:02:fe:bd:ba:21:b4:b1:
de:9c:12:b4:2b:5e:cb:75:0f:e2:5a:96:2c:4e:45:
52:be:3e:f6:89:f8:ee:2d:de:80:ff:1b:8f:a4:27:
2f:e1:9d:5f:23:db:b3:12:8d:75:ad:28:8e:03:5e:
73:a1:0a:22:5f:6d:e2:b9:00:12:fd:c6:1b:75:77:
02:d8:db:e9:a2:c6:1c:da:c5:14:ee:3a:45:93:9c:
58:1f:84:bb:d5:09:ce:64:27:79:38:59:16:2a:02:
f3:fc:c7:c0:8b:f9:42:62:ab:46:0e:07:a4:cd:9d:
15:79:b7:11:e3:2f:ec:69:2b:92:cb:92:a5:37:6f:
71:ef:ee:c9:df:00:35:c1:2d:05:0c:e8:9b:00:01:
0f:4c:b7:84:a6:46:4c:a3:64:12:b5:e8:86:7c:3e:
c7:bf:f8:b2:e6:50:13:39:11:bb:f2:2e:9c:87:02:
fa:e9:69:d6:eb:6c:90:4f:05:26:c2:26:fa:62:46:
84:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:34:C1:CA:16:16:AB:F0:E2:B5:F4:CA:35:6A:2F:C6:9D:37:31:BD
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/WDTByhYWq_DitfTKNWovxp03Mb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.4.0/22
45.67.117.0/24
45.151.196.0/22
85.159.117.0/24
89.39.242.0/24
89.40.161.0/24
91.239.59.0/24
91.242.70.0/24
91.242.72.0/22
91.242.94.0/23
91.242.103.0/24
91.242.105.0/24
91.242.123.0-91.242.127.255
94.231.198.0/24
176.126.223.0/24
185.40.105.0/24
185.173.244.0/24
185.173.247.0/24
185.180.145.0/24
194.50.200.0/23
194.50.206.0/23
195.138.103.0-195.138.108.255
195.138.111.0-195.138.112.255
195.138.114.0/24
195.138.116.0/24
195.138.118.0/24
195.138.120.0/24
195.138.122.0-195.138.127.255
Signature Algorithm: sha256WithRSAEncryption
86:59:cc:80:c2:bc:eb:22:82:77:74:23:5f:e0:ff:fe:46:bc:
b1:54:c9:4d:24:f6:26:87:f6:c0:52:4e:f6:16:c8:a0:93:f2:
df:bd:66:98:ab:b4:36:13:35:09:a2:89:70:56:2d:b7:6c:2a:
28:a8:1f:ea:e1:87:9e:08:bf:07:1e:74:ba:dc:73:9f:8f:04:
b8:17:0c:b7:ec:93:ca:b6:c8:b1:ad:a2:95:95:24:91:3c:09:
3a:03:6b:20:a6:d2:74:46:55:43:6c:b4:11:33:1c:84:9a:61:
30:b2:be:84:d5:9f:07:b5:90:90:fe:48:80:7e:9d:da:b2:7d:
0f:ec:cf:5b:58:d8:c5:0c:2c:27:ee:db:d7:48:8a:68:77:39:
9c:df:51:ad:3a:c8:d9:5d:31:7b:20:f5:24:b9:1c:62:a1:4d:
76:f0:25:d6:be:9f:94:75:d2:ac:f0:89:f4:09:1e:ac:b6:41:
37:61:75:92:33:f9:c0:54:d3:a6:df:eb:1e:67:36:7f:a6:d7:
67:2f:64:bf:30:80:ac:80:76:b4:8c:f0:8e:53:38:8a:96:35:
6f:83:31:c2:a4:66:b4:7a:25:18:27:61:22:80:85:ea:60:73:
39:06:7b:64:ad:c2:49:5b:a4:06:2a:d9:9d:a6:ee:58:d9:b9:
e0:be:c2:74
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAY7nUd6v4K14cVcOQYsgKDWOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNDE2MTQzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODM0YzFjYTE2MTZhYmYwZTJiNWY0Y2EzNTZhMmZjNjlkMzczMWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzLvsmBvMN/QDBMqmkTTwvUpDBbt
kOmshQPZ23N33CREM5ftgnoYxPEXye/AdbSx5CNMFXmdDBFjxmJyBy8NJ2wUugL+
vbohtLHenBK0K17LdQ/iWpYsTkVSvj72ifjuLd6A/xuPpCcv4Z1fI9uzEo11rSiO
A15zoQoiX23iuQAS/cYbdXcC2NvposYc2sUU7jpFk5xYH4S71QnOZCd5OFkWKgLz
/MfAi/lCYqtGDgekzZ0VebcR4y/saSuSy5KlN29x7+7J3wA1wS0FDOibAAEPTLeE
pkZMo2QSteiGfD7Hv/iy5lATORG78i6chwL66WnW62yQTwUmwib6YkaE/wIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFFg0wcoWFqvw4rX0yjVqL8adNzG9MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvV0RUQnloWVdxX0RpdGZUS05Xb3Z4cDAzTWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBAIF
tAQDBAAtQ3UDBAItl8QDBABVn3UDBABZJ/IDBABZKKEDBABb7zsDBABb8kYDBAJb
8kgDBAFb8l4DBABb8mcDBABb8mkwDAMEAFvyewMEB1vyAAMEAF7nxgMEALB+3wME
ALkoaQMEALmt9AMEALmt9wMEALm0kQMEAcIyyAMEAcIyzjAMAwQAw4pnAwQAw4ps
MAwDBADDim8DBADDinADBADDinIDBADDinQDBADDinYDBADDingwDAMEAcOKegME
B8OKADANBgkqhkiG9w0BAQsFAAOCAQEAhlnMgMK86yKCd3QjX+D//ka8sVTJTST2
Jof2wFJO9hbIoJPy371mmKu0NhM1CaKJcFYtt2wqKKgf6uGHngi/Bx50utxzn48E
uBcMt+yTyrbIsa2ilZUkkTwJOgNrIKbSdEZVQ2y0ETMchJphMLK+hNWfB7WQkP5I
gH6d2rJ9D+zPW1jYxQwsJ+7b10iKaHc5nN9RrTrI2V0xeyD1JLkcYqFNdvAl1r6f
lHXSrPCJ9AkerLZBN2F1kjP5wFTTpt/rHmc2f6bXZy9kvzCArIB2tIzwjlM4ipY1
b4MxwqRmtHolGCdhIoCF6mBzOQZ7ZK3CSVukBirZnabuWNm54L7CdA==
-----END CERTIFICATE-----
Generated at Sat May 4 09:03:51 2024 by rpki-client on console-ams.rpki-client.org