Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/pHPnDprD3N8ErT_XV-mOGzKkutY.roa
File: pHPnDprD3N8ErT_XV-mOGzKkutY.roa (raw, json)
Hash identifier: JwBywrnXxhqyPRP6p846ztVKgnW/UGdJoOVrqbilWQk=
Subject key identifier: A4:73:E7:0E:9A:C3:DC:DF:04:AD:3F:D7:57:E9:8E:1B:32:A4:BA:D6
Certificate issuer: /CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Certificate serial: 018CC3B724455CE77DA2EC414D2555E53170
Authority key identifier: 5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/pHPnDprD3N8ErT_XV-mOGzKkutY.roa
Signing time: Mon 01 Jan 2024 06:30:08 +0000
ROA not before: Mon 01 Jan 2024 06:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34397
IP address blocks: 213.181.190.0/24 maxlen: 24
212.107.97.0/24 maxlen: 24
212.107.96.0/19 maxlen: 19
212.107.99.0/24 maxlen: 24
212.107.103.0/24 maxlen: 24
212.107.105.0/24 maxlen: 24
212.107.106.0/24 maxlen: 24
213.181.160.0/19 maxlen: 19
213.210.196.0/24 maxlen: 24
213.210.192.0/18 maxlen: 18
213.210.195.0/24 maxlen: 24
213.210.216.0/24 maxlen: 24
89.5.220.0/23 maxlen: 23
89.5.220.0/24 maxlen: 24
88.213.64.0/18 maxlen: 18
88.213.72.0/21 maxlen: 21
212.119.93.0/24 maxlen: 24
212.119.92.0/23 maxlen: 23
212.119.92.0/24 maxlen: 24
85.129.128.0/17 maxlen: 17
85.129.164.0/22 maxlen: 22
88.213.126.0/23 maxlen: 23
212.119.64.0/20 maxlen: 20
212.119.64.0/24 maxlen: 24
212.119.69.0/24 maxlen: 24
212.119.74.0/24 maxlen: 24
212.119.81.0/24 maxlen: 24
212.119.80.0/21 maxlen: 21
212.119.82.0/24 maxlen: 24
212.119.88.0/22 maxlen: 22
93.98.0.0/16 maxlen: 16
212.71.37.0/24 maxlen: 24
212.71.32.0/24 maxlen: 24
212.71.32.0/19 maxlen: 19
212.71.35.0/24 maxlen: 24
212.71.33.0/24 maxlen: 24
89.4.0.0/15 maxlen: 15
79.172.128.0/18 maxlen: 18
88.213.0.0/18 maxlen: 18
93.98.127.0/24 maxlen: 24
88.213.6.0/24 maxlen: 24
212.71.42.0/24 maxlen: 24
212.71.41.0/24 maxlen: 24
212.71.51.0/24 maxlen: 24
212.71.53.0/24 maxlen: 24
212.118.96.0/19 maxlen: 19
212.118.100.0/24 maxlen: 24
212.118.102.0/24 maxlen: 24
212.118.107.0/24 maxlen: 24
212.118.106.0/24 maxlen: 24
212.118.108.0/22 maxlen: 22
212.118.115.0/24 maxlen: 24
212.118.119.0/24 maxlen: 24
212.118.124.0/24 maxlen: 24
212.118.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 03:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:24:45:5c:e7:7d:a2:ec:41:4d:25:55:e5:31:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Validity
Not Before: Jan 1 06:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a473e70e9ac3dcdf04ad3fd757e98e1b32a4bad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:82:1f:42:ee:5b:86:92:5f:b9:a2:2b:45:67:
ee:28:10:cd:a7:5e:e9:a0:c2:c3:89:fd:9b:f6:6b:
f7:5d:54:a4:22:b1:a6:01:37:bc:d3:b3:74:4d:da:
1f:13:0d:c0:43:8e:d9:18:ce:f3:e0:9c:56:69:32:
b6:55:87:69:01:b3:d3:d0:4f:79:0f:14:bc:9d:bf:
c2:12:26:7e:35:1f:21:2f:93:19:9a:2f:22:3f:bc:
30:14:ff:c4:ef:07:fa:e0:c1:4d:bd:9f:7e:49:b3:
ca:fb:2c:fc:eb:31:7d:6e:08:ea:5d:1a:06:c7:cc:
e0:95:a9:8e:92:e5:67:0a:30:22:eb:df:e6:c0:7e:
11:20:9a:f9:80:74:ba:e8:00:d8:d5:0b:55:92:29:
04:6d:d6:4c:d8:a3:42:55:b9:7f:fc:33:28:d0:2f:
75:f1:50:5c:04:d9:3b:28:91:ca:40:1f:17:3f:8b:
98:61:9c:bb:a4:18:61:87:3c:a3:3c:29:4c:64:9b:
87:37:ea:13:3e:06:a3:1f:57:fe:24:48:a3:24:05:
75:8f:a8:c8:c6:cb:95:da:af:ff:27:53:4b:0f:a2:
8d:04:f8:a7:28:23:3f:ed:31:77:26:b4:67:ad:75:
a2:e0:65:b8:28:ca:f3:1c:36:c7:c4:f9:4a:b6:81:
ea:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:73:E7:0E:9A:C3:DC:DF:04:AD:3F:D7:57:E9:8E:1B:32:A4:BA:D6
X509v3 Authority Key Identifier:
keyid:5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/pHPnDprD3N8ErT_XV-mOGzKkutY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.128.0/18
85.129.128.0/17
88.213.0.0/17
89.4.0.0/15
93.98.0.0/16
212.71.32.0/19
212.107.96.0/19
212.118.96.0/19
212.119.64.0-212.119.93.255
213.181.160.0/19
213.210.192.0/18
Signature Algorithm: sha256WithRSAEncryption
61:79:32:62:1b:01:e1:23:5e:6c:18:5c:01:8f:c2:1b:72:51:
5e:95:97:b2:af:86:b8:b8:49:e2:7b:28:c9:39:6e:38:34:98:
ec:9e:7d:9e:97:8d:fe:40:39:66:de:ce:04:d4:e6:48:a5:2f:
ac:80:23:fa:57:61:70:42:d7:54:27:3d:ce:46:12:2c:03:ca:
99:7f:72:c4:68:ab:ac:93:f4:db:ea:3d:e8:bf:4c:13:a2:fb:
a2:dd:5f:38:51:74:be:d6:7d:9a:10:95:fd:47:45:10:89:03:
d3:ec:4d:2f:94:46:74:68:0d:ec:0a:09:49:86:ac:42:67:7f:
b5:33:f4:5d:3f:cb:e0:51:64:1a:d0:3f:0f:38:35:1d:75:4a:
64:8b:a4:f6:d9:dc:3e:94:b3:15:26:25:29:81:60:a8:1b:cb:
90:67:ec:d8:aa:f7:2f:a4:a1:53:41:55:01:e3:3a:42:a0:34:
d2:ed:5b:a6:0c:cf:ac:2d:71:b7:6a:4f:a1:34:8d:f9:6c:19:
16:0b:fd:f4:46:fb:77:7f:ab:f8:ea:2e:75:a3:4f:45:00:96:
b7:73:b7:8f:2b:b3:6b:96:83:15:a2:05:12:83:0b:9f:e9:48:
c5:5a:b6:ad:2a:7b:bd:82:52:ea:a2:5c:5f:23:91:c9:b1:ab:
a5:8e:23:2a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzDtyRFXOd9ouxBTSVV5TFwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2RlY2ExNzFlNDIyYzc5YzkzOGMyNzMyYTkwZDQ4YThj
NTNjMDYwHhcNMjQwMTAxMDYzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDczZTcwZTlhYzNkY2RmMDRhZDNmZDc1N2U5OGUxYjMyYTRiYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoIfQu5bhpJfuaIrRWfuKBDNp17p
oMLDif2b9mv3XVSkIrGmATe807N0TdofEw3AQ47ZGM7z4JxWaTK2VYdpAbPT0E95
DxS8nb/CEiZ+NR8hL5MZmi8iP7wwFP/E7wf64MFNvZ9+SbPK+yz86zF9bgjqXRoG
x8zglamOkuVnCjAi69/mwH4RIJr5gHS66ADY1QtVkikEbdZM2KNCVbl//DMo0C91
8VBcBNk7KJHKQB8XP4uYYZy7pBhhhzyjPClMZJuHN+oTPgajH1f+JEijJAV1j6jI
xsuV2q//J1NLD6KNBPinKCM/7TF3JrRnrXWi4GW4KMrzHDbHxPlKtoHqOwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKRz5w6aw9zfBK0/11fpjhsypLrWMB8GA1UdIwQY
MBaAFFzN7KFx5CLHnJOMJzKpDUioxTwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUt
YTg4MWVjODIyOGI1LzEvcEhQbkRwckQzTjhFclRfWFYtbU9HektrdXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUtYTg4MWVjODIyOGI1
LzEvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQGT6yAAwQH
VYGAAwQHWNUAAwMBWQQDAwBdYgMEBdRHIAMEBdRrYAMEBdR2YDAMAwQG1HdAAwQB
1HdcAwQF1bWgAwQG1dLAMA0GCSqGSIb3DQEBCwUAA4IBAQBheTJiGwHhI15sGFwB
j8IbclFelZeyr4a4uEnieyjJOW44NJjsnn2el43+QDlm3s4E1OZIpS+sgCP6V2Fw
QtdUJz3ORhIsA8qZf3LEaKusk/Tb6j3ov0wTovui3V84UXS+1n2aEJX9R0UQiQPT
7E0vlEZ0aA3sCglJhqxCZ3+1M/RdP8vgUWQa0D8PODUddUpki6T22dw+lLMVJiUp
gWCoG8uQZ+zYqvcvpKFTQVUB4zpCoDTS7VumDM+sLXG3ak+hNI35bBkWC/30Rvt3
f6v46i51o09FAJa3c7ePK7NrloMVogUSgwuf6UjFWratKnu9glLqolxfI5HJsaul
jiMq
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:47:04 2024 by rpki-client on console-fra.rpki-client.org