Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/X1rUcshA77fDQkjlnt2lH8F75jM.roa
File: X1rUcshA77fDQkjlnt2lH8F75jM.roa (raw, json)
Hash identifier: WQrLTMoX1XnlZTzO/Ej8+Si2mwsocfzFBpN/2bkj68A=
Subject key identifier: 5F:5A:D4:72:C8:40:EF:B7:C3:42:48:E5:9E:DD:A5:1F:C1:7B:E6:33
Certificate issuer: /CN=37ed49efac9795987771acdc77a0e228904277ad
Certificate serial: 018CC348BB4B92569CA256B90C8AAC3F4238
Authority key identifier: 37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/X1rUcshA77fDQkjlnt2lH8F75jM.roa
Signing time: Mon 01 Jan 2024 04:29:32 +0000
ROA not before: Mon 01 Jan 2024 04:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 89.221.204.0/24 maxlen: 24
89.221.203.0/24 maxlen: 24
89.221.206.0/24 maxlen: 24
81.22.193.0/24 maxlen: 24
178.130.17.0/24 maxlen: 24
178.130.16.0/24 maxlen: 24
178.130.20.0/24 maxlen: 24
178.130.19.0/24 maxlen: 24
178.130.18.0/24 maxlen: 24
178.130.23.0/24 maxlen: 24
178.130.22.0/24 maxlen: 24
178.130.21.0/24 maxlen: 24
178.130.48.0/24 maxlen: 24
178.130.47.0/24 maxlen: 24
178.130.46.0/24 maxlen: 24
178.130.51.0/24 maxlen: 24
178.130.50.0/24 maxlen: 24
178.130.49.0/24 maxlen: 24
178.130.52.0/24 maxlen: 24
178.130.55.0/24 maxlen: 24
178.130.54.0/24 maxlen: 24
178.130.53.0/24 maxlen: 24
178.130.58.0/24 maxlen: 24
178.130.57.0/24 maxlen: 24
178.130.56.0/24 maxlen: 24
178.130.62.0/24 maxlen: 24
178.130.61.0/24 maxlen: 24
178.130.60.0/24 maxlen: 24
178.130.63.0/24 maxlen: 24
178.130.59.0/24 maxlen: 24
109.172.9.0/24 maxlen: 24
109.172.8.0/24 maxlen: 24
109.172.17.0/24 maxlen: 24
109.172.16.0/24 maxlen: 24
109.172.19.0/24 maxlen: 24
109.172.18.0/24 maxlen: 24
109.172.23.0/24 maxlen: 24
109.172.22.0/24 maxlen: 24
109.172.21.0/24 maxlen: 24
109.172.20.0/24 maxlen: 24
109.172.31.0/24 maxlen: 24
109.172.30.0/24 maxlen: 24
109.172.37.0/24 maxlen: 24
109.172.36.0/24 maxlen: 24
109.172.38.0/24 maxlen: 24
109.172.39.0/24 maxlen: 24
92.61.71.0/24 maxlen: 24
92.61.70.0/24 maxlen: 24
92.61.65.0/24 maxlen: 24
109.172.117.0/24 maxlen: 24
109.172.116.0/24 maxlen: 24
109.172.120.0/24 maxlen: 24
109.172.124.0/24 maxlen: 24
109.172.123.0/24 maxlen: 24
109.172.122.0/24 maxlen: 24
109.172.121.0/24 maxlen: 24
109.172.125.0/24 maxlen: 24
109.172.127.0/24 maxlen: 24
109.172.126.0/24 maxlen: 24
109.172.54.0/24 maxlen: 24
109.172.55.0/24 maxlen: 24
109.172.78.0/24 maxlen: 24
109.172.79.0/24 maxlen: 24
109.172.96.0/24 maxlen: 24
109.172.98.0/24 maxlen: 24
109.172.97.0/24 maxlen: 24
109.172.101.0/24 maxlen: 24
109.172.100.0/24 maxlen: 24
92.61.64.0/24 maxlen: 24
109.172.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.mft
rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:bb:4b:92:56:9c:a2:56:b9:0c:8a:ac:3f:42:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ed49efac9795987771acdc77a0e228904277ad
Validity
Not Before: Jan 1 04:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f5ad472c840efb7c34248e59edda51fc17be633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:05:ea:54:ed:42:cf:48:65:b3:5b:af:39:ee:
1b:0b:f2:0e:45:40:a3:ff:f6:92:d9:ec:b0:e0:53:
63:93:b0:70:e4:20:bc:9d:f2:ba:66:34:f1:09:16:
e9:72:5a:70:0a:96:40:3d:e7:95:29:10:bd:45:b1:
6c:a6:2a:19:f2:ca:ef:1c:92:c8:40:7c:1f:db:e0:
52:a0:dc:a1:27:bb:1e:0a:81:d3:68:14:cc:48:35:
d2:fe:13:5e:3e:5d:ae:5a:65:58:6c:9c:74:52:d8:
a6:f6:a3:d2:55:9c:4a:b9:e8:94:dc:34:fb:d5:d0:
79:c0:44:28:d4:e6:2a:76:8e:a1:5f:66:7a:7c:27:
e1:6b:a9:c7:d2:42:8c:0d:16:b8:88:0c:60:cd:87:
e1:f8:29:4e:3f:05:3e:cb:9a:d0:d1:3d:83:7c:a3:
25:2c:ac:42:b5:2c:1c:44:dc:c7:29:6b:d7:0a:85:
1d:88:28:35:12:40:32:9c:04:41:14:a7:fe:c2:8d:
38:73:ad:67:48:60:8c:37:b4:1e:5e:89:89:46:ad:
af:f6:ce:c8:9f:69:73:06:00:66:4e:d2:20:0a:83:
fa:ca:51:53:32:31:a7:6a:e6:90:c1:6c:c4:d9:d9:
81:06:38:22:ff:89:d6:36:d7:57:7b:b1:e7:d7:f9:
ff:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:5A:D4:72:C8:40:EF:B7:C3:42:48:E5:9E:DD:A5:1F:C1:7B:E6:33
X509v3 Authority Key Identifier:
keyid:37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/X1rUcshA77fDQkjlnt2lH8F75jM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.193.0/24
89.221.203.0-89.221.204.255
89.221.206.0/24
92.61.64.0/23
92.61.70.0/23
109.172.8.0/23
109.172.16.0/21
109.172.30.0/23
109.172.36.0/22
109.172.54.0/23
109.172.78.0/23
109.172.96.0-109.172.101.255
109.172.116.0/23
109.172.120.0/21
178.130.16.0/21
178.130.46.0-178.130.63.255
Signature Algorithm: sha256WithRSAEncryption
19:35:ed:e7:a7:75:60:3f:17:79:7c:28:09:41:63:07:2b:f4:
c1:43:0f:81:12:9e:86:a0:d5:f9:33:eb:f0:fe:94:24:45:42:
a2:e8:b2:f2:70:3e:65:7b:60:c3:db:bb:f1:6d:23:76:38:be:
e0:6f:39:b3:62:ca:08:09:48:7d:68:cd:93:6d:48:8f:c3:66:
53:70:78:91:de:51:21:1f:61:42:d4:f5:24:f6:46:e5:e9:68:
e9:1c:b2:69:ba:e5:bb:69:5b:ca:80:95:7c:cd:97:28:97:10:
e9:98:83:72:fe:21:b6:26:7c:01:a2:e0:aa:97:65:84:ec:a7:
0f:a1:b4:bd:5f:c1:37:24:66:66:f9:db:e7:b6:9c:7d:76:5a:
0f:22:18:6a:37:77:d2:de:e6:48:c8:bb:12:bd:e1:f9:26:4c:
21:2c:5f:61:a3:9d:2a:fa:85:9a:df:c8:48:e6:17:c1:82:98:
1e:04:b5:d2:01:79:67:8d:03:39:f8:bf:f6:d5:fc:e7:90:a3:
2c:b8:6e:e0:e1:14:1f:b2:c4:78:39:cb:44:f5:63:1e:a4:f5:
eb:05:0c:9e:46:a0:1c:ea:df:94:78:e0:42:41:be:05:d2:56:
ed:c5:01:2a:43:2c:64:a8:f4:b6:f4:b8:1a:1f:81:d1:f4:d2:
fd:b7:da:f4
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYzDSLtLklacola5DIqsP0I4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZWQ0OWVmYWM5Nzk1OTg3NzcxYWNkYzc3YTBlMjI4OTA0
Mjc3YWQwHhcNMjQwMTAxMDQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjVhZDQ3MmM4NDBlZmI3YzM0MjQ4ZTU5ZWRkYTUxZmMxN2JlNjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAXqVO1Cz0hls1uvOe4bC/IORUCj
//aS2eyw4FNjk7Bw5CC8nfK6ZjTxCRbpclpwCpZAPeeVKRC9RbFspioZ8srvHJLI
QHwf2+BSoNyhJ7seCoHTaBTMSDXS/hNePl2uWmVYbJx0Utim9qPSVZxKueiU3DT7
1dB5wEQo1OYqdo6hX2Z6fCfha6nH0kKMDRa4iAxgzYfh+ClOPwU+y5rQ0T2DfKMl
LKxCtSwcRNzHKWvXCoUdiCg1EkAynARBFKf+wo04c61nSGCMN7QeXomJRq2v9s7I
n2lzBgBmTtIgCoP6ylFTMjGnauaQwWzE2dmBBjgi/4nWNtdXe7Hn1/n//wIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFF9a1HLIQO+3w0JI5Z7dpR/Be+YzMB8GA1UdIwQY
MBaAFDftSe+sl5WYd3Gs3Heg4iiQQnetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAt
NmEwNmI3NTAyYmQ3LzEvWDFyVWNzaEE3N2ZEUWtqbG50MmxIOEY3NWpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3
LzEvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAURbB
MAwDBABZ3csDBABZ3cwDBABZ3c4DBAFcPUADBAFcPUYDBAFtrAgDBANtrBADBAFt
rB4DBAJtrCQDBAFtrDYDBAFtrE4wDAMEBW2sYAMEAW2sZAMEAW2sdAMEA22seAME
A7KCEDAMAwQBsoIuAwQGsoIAMA0GCSqGSIb3DQEBCwUAA4IBAQAZNe3np3VgPxd5
fCgJQWMHK/TBQw+BEp6GoNX5M+vw/pQkRUKi6LLycD5le2DD27vxbSN2OL7gbzmz
YsoICUh9aM2TbUiPw2ZTcHiR3lEhH2FC1PUk9kbl6WjpHLJpuuW7aVvKgJV8zZco
lxDpmINy/iG2JnwBouCql2WE7KcPobS9X8E3JGZm+dvntpx9dloPIhhqN3fS3uZI
yLsSveH5JkwhLF9ho50q+oWa38hI5hfBgpgeBLXSAXlnjQM5+L/21fznkKMsuG7g
4RQfssR4OctE9WMepPXrBQyeRqAc6t+UeOBCQb4F0lbtxQEqQyxkqPS29LgaH4HR
9NL9t9r0
-----END CERTIFICATE-----
Generated at Sun May 5 23:30:17 2024 by rpki-client on console-ams.rpki-client.org