Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/xmjbxR5UBTaXlW0VK9l1Bef8G4I.roa
File: xmjbxR5UBTaXlW0VK9l1Bef8G4I.roa (raw, json)
Hash identifier: gDq3uCz+6RZ0PvCqK0cWYQkCxdlHWR4LiNXz9ucNilU=
Subject key identifier: C6:68:DB:C5:1E:54:05:36:97:95:6D:15:2B:D9:75:05:E7:FC:1B:82
Certificate issuer: /CN=353e3f28e647e92ac8a710c305c2e21b623edc1c
Certificate serial: 018CC5DC91E3636B26E467A9CED42DB12175
Authority key identifier: 35:3E:3F:28:E6:47:E9:2A:C8:A7:10:C3:05:C2:E2:1B:62:3E:DC:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/xmjbxR5UBTaXlW0VK9l1Bef8G4I.roa
Signing time: Mon 01 Jan 2024 16:30:16 +0000
ROA not before: Mon 01 Jan 2024 16:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57970
IP address blocks: 37.152.128.0/24 maxlen: 24
37.152.129.0/24 maxlen: 24
37.152.128.0/19 maxlen: 24
37.152.130.0/24 maxlen: 24
37.152.131.0/24 maxlen: 24
37.152.132.0/24 maxlen: 24
37.152.138.0/24 maxlen: 24
37.152.139.0/24 maxlen: 24
37.152.133.0/24 maxlen: 24
37.152.134.0/24 maxlen: 24
37.152.135.0/24 maxlen: 24
37.152.136.0/23 maxlen: 23
37.152.140.0/24 maxlen: 24
37.152.141.0/24 maxlen: 24
37.152.142.0/24 maxlen: 24
37.152.144.0/21 maxlen: 21
37.152.143.0/24 maxlen: 24
37.152.152.0/22 maxlen: 22
37.152.156.0/24 maxlen: 24
37.152.157.0/24 maxlen: 24
37.152.158.0/24 maxlen: 24
37.152.159.0/24 maxlen: 24
185.86.72.0/22 maxlen: 22
185.86.72.0/24 maxlen: 24
185.86.73.0/24 maxlen: 24
185.86.74.0/24 maxlen: 24
185.86.75.0/24 maxlen: 24
185.88.0.0/24 maxlen: 24
185.88.1.0/24 maxlen: 24
185.88.2.0/24 maxlen: 24
185.88.3.0/24 maxlen: 24
185.88.0.0/22 maxlen: 22
185.20.192.0/24 maxlen: 24
185.20.192.0/22 maxlen: 22
185.20.193.0/24 maxlen: 24
185.20.194.0/24 maxlen: 24
185.20.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.mft
rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:91:e3:63:6b:26:e4:67:a9:ce:d4:2d:b1:21:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=353e3f28e647e92ac8a710c305c2e21b623edc1c
Validity
Not Before: Jan 1 16:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c668dbc51e54053697956d152bd97505e7fc1b82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:12:bc:77:61:68:b5:81:d2:a1:f2:94:b4:36:
c0:bd:54:9b:97:ee:79:79:c0:90:bd:5e:1a:a1:45:
90:bb:56:de:1e:cb:bb:cb:70:b2:25:25:44:c3:00:
67:51:7b:e8:62:2c:5a:24:5b:82:87:c3:10:df:8f:
63:ab:82:d0:55:89:3b:77:cb:8f:19:36:46:62:66:
8a:68:0e:5a:ad:15:09:fb:e4:c2:50:6c:35:f8:d6:
7b:83:e4:f1:c3:d2:7d:27:c6:58:49:a6:80:bc:b9:
9f:7a:8d:f2:97:3b:f3:93:9c:6f:ef:35:f5:2e:62:
67:7d:df:d8:4f:15:49:50:86:d7:6b:f0:5b:5d:f8:
a1:f7:75:df:a9:af:9e:73:92:53:aa:88:5c:b0:aa:
bd:18:73:33:88:50:7f:0a:fa:05:8b:61:66:45:82:
6e:37:1a:28:17:05:8c:ad:6e:27:6b:08:72:25:9f:
a4:ed:b1:f7:5f:1a:d9:0d:4d:5d:3b:4d:77:95:c9:
91:5b:dd:b1:76:85:cc:69:fc:2b:e5:ca:13:f6:7b:
55:1d:6e:be:72:07:2a:ab:6b:8a:d0:d9:9d:6a:a7:
d0:8b:3d:8a:f3:28:a9:ae:bb:f6:43:a3:f3:83:fc:
88:43:29:f4:70:51:54:b2:dd:e3:5f:2c:54:d0:94:
44:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:68:DB:C5:1E:54:05:36:97:95:6D:15:2B:D9:75:05:E7:FC:1B:82
X509v3 Authority Key Identifier:
keyid:35:3E:3F:28:E6:47:E9:2A:C8:A7:10:C3:05:C2:E2:1B:62:3E:DC:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/xmjbxR5UBTaXlW0VK9l1Bef8G4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.152.128.0/19
185.20.192.0/22
185.86.72.0/22
185.88.0.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:14:06:6e:fa:59:c1:61:5c:d1:59:bd:c1:a2:b2:2f:56:3f:
1d:c0:02:1a:33:1b:fd:bc:a7:19:55:cd:2a:04:49:5d:d6:87:
0d:1b:fe:19:e6:fc:9e:a6:38:83:f6:02:3b:2a:ea:f0:d1:e9:
a6:d2:ef:4a:61:90:41:da:f5:c1:04:c2:cd:47:1d:b2:d0:ea:
70:74:c7:7f:48:32:56:69:6a:1e:7a:86:3f:05:0c:45:31:98:
e0:15:5a:8d:07:07:fc:2c:79:af:12:41:15:9c:bf:dc:72:24:
7b:96:5f:e4:f3:e6:da:8e:0d:85:28:28:44:6d:91:d2:a9:6a:
9a:2d:9c:bc:9d:a8:ab:90:ee:ff:f3:4f:07:07:b7:73:06:0f:
dc:d4:e4:78:3a:fe:75:c7:7a:e9:68:1b:33:01:59:66:5d:5b:
d4:70:71:7d:df:c1:c4:8f:bb:90:84:58:c5:02:ed:ef:76:b8:
e1:90:1a:77:8a:35:08:68:6c:be:3a:d3:4a:dd:39:55:b9:b3:
e0:50:e5:a2:6d:52:4e:f5:2d:5a:b0:9c:33:81:6d:a7:0a:4d:
ba:62:98:4a:0e:84:fa:68:5f:e3:0e:29:dc:e5:33:3c:db:cf:
8a:46:15:25:a1:b7:46:ce:63:7a:2c:d5:de:82:aa:fe:2f:f2:
63:25:5a:5c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzF3JHjY2sm5GepztQtsSF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1M2UzZjI4ZTY0N2U5MmFjOGE3MTBjMzA1YzJlMjFiNjIz
ZWRjMWMwHhcNMjQwMTAxMTYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjY4ZGJjNTFlNTQwNTM2OTc5NTZkMTUyYmQ5NzUwNWU3ZmMxYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBK8d2FotYHSofKUtDbAvVSbl+55
ecCQvV4aoUWQu1beHsu7y3CyJSVEwwBnUXvoYixaJFuCh8MQ349jq4LQVYk7d8uP
GTZGYmaKaA5arRUJ++TCUGw1+NZ7g+Txw9J9J8ZYSaaAvLmfeo3ylzvzk5xv7zX1
LmJnfd/YTxVJUIbXa/BbXfih93Xfqa+ec5JTqohcsKq9GHMziFB/CvoFi2FmRYJu
NxooFwWMrW4nawhyJZ+k7bH3XxrZDU1dO013lcmRW92xdoXMafwr5coT9ntVHW6+
cgcqq2uK0NmdaqfQiz2K8yiprrv2Q6Pzg/yIQyn0cFFUst3jXyxU0JREGwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMZo28UeVAU2l5VtFSvZdQXn/BuCMB8GA1UdIwQY
MBaAFDU+PyjmR+kqyKcQwwXC4htiPtwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlQ0X0tPWkg2U3JJcHhEREJjTGlHMkktM0J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83Njc5MzMtNGE3My00YjJmLWFjODQt
ZGFjYTI2ZGU2ZjdiLzEveG1qYnhSNVVCVGFYbFcwVks5bDFCZWY4RzRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83Njc5MzMtNGE3My00YjJmLWFjODQtZGFjYTI2ZGU2Zjdi
LzEvTlQ0X0tPWkg2U3JJcHhEREJjTGlHMkktM0J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFJZiAAwQC
uRTAAwQCuVZIAwQCuVgAMA0GCSqGSIb3DQEBCwUAA4IBAQB+FAZu+lnBYVzRWb3B
orIvVj8dwAIaMxv9vKcZVc0qBEld1ocNG/4Z5vyepjiD9gI7Kurw0emm0u9KYZBB
2vXBBMLNRx2y0OpwdMd/SDJWaWoeeoY/BQxFMZjgFVqNBwf8LHmvEkEVnL/cciR7
ll/k8+bajg2FKChEbZHSqWqaLZy8nairkO7/808HB7dzBg/c1OR4Ov51x3rpaBsz
AVlmXVvUcHF938HEj7uQhFjFAu3vdrjhkBp3ijUIaGy+OtNK3TlVubPgUOWibVJO
9S1asJwzgW2nCk26YphKDoT6aF/jDinc5TM828+KRhUlobdGzmN6LNXegqr+L/Jj
JVpc
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:30:35 2024 by rpki-client on console-ams.rpki-client.org