Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/udWzHdDDg-xnpALwg1rEp54soIE.roa
File: udWzHdDDg-xnpALwg1rEp54soIE.roa (raw, json)
Hash identifier: QRB8s2ji25VULmogzLZTVpf7darvTbKLRETwDgF/V0o=
Subject key identifier: B9:D5:B3:1D:D0:C3:83:EC:67:A4:02:F0:83:5A:C4:A7:9E:2C:A0:81
Certificate issuer: /CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Certificate serial: 0192B46824DE114DC6DB9A61A4F403191B69
Authority key identifier: E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/udWzHdDDg-xnpALwg1rEp54soIE.roa
Signing time: Tue 22 Oct 2024 13:26:16 +0000
ROA not before: Tue 22 Oct 2024 13:26:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5610
IP address blocks: 37.188.128.0/17 maxlen: 17
37.188.128.0/21 maxlen: 21
37.188.136.0/21 maxlen: 21
37.188.144.0/20 maxlen: 20
37.188.144.0/21 maxlen: 21
37.188.152.0/21 maxlen: 21
37.188.160.0/20 maxlen: 20
37.188.160.0/21 maxlen: 21
37.188.168.0/21 maxlen: 21
37.188.176.0/20 maxlen: 20
37.188.176.0/21 maxlen: 21
37.188.184.0/21 maxlen: 21
37.188.192.0/23 maxlen: 23
37.188.194.0/23 maxlen: 23
37.188.224.0/21 maxlen: 21
37.188.232.0/21 maxlen: 21
37.188.240.0/20 maxlen: 20
37.188.240.0/21 maxlen: 21
37.188.248.0/21 maxlen: 21
80.188.0.0/16 maxlen: 16
80.188.0.0/17 maxlen: 17
80.188.40.0/24 maxlen: 24
80.188.128.0/17 maxlen: 17
80.188.222.0/24 maxlen: 24
81.90.160.0/20 maxlen: 20
81.90.168.0/24 maxlen: 24
81.90.170.0/24 maxlen: 24
81.90.173.0/24 maxlen: 24
83.69.32.0/19 maxlen: 19
83.208.0.0/16 maxlen: 16
83.208.0.0/18 maxlen: 18
83.208.64.0/18 maxlen: 18
83.208.128.0/19 maxlen: 19
85.70.0.0/15 maxlen: 15
85.70.0.0/16 maxlen: 16
85.70.0.0/17 maxlen: 17
85.70.128.0/17 maxlen: 17
85.71.0.0/16 maxlen: 16
85.160.0.0/15 maxlen: 15
85.193.0.0/18 maxlen: 18
88.83.160.0/19 maxlen: 19
88.83.175.0/24 maxlen: 24
88.100.0.0/14 maxlen: 14
88.100.0.0/15 maxlen: 15
88.102.0.0/15 maxlen: 15
88.102.0.0/16 maxlen: 16
90.176.32.0/19 maxlen: 19
90.176.64.0/18 maxlen: 18
90.176.128.0/17 maxlen: 17
90.177.0.0/16 maxlen: 16
90.178.0.0/15 maxlen: 15
90.180.0.0/14 maxlen: 14
90.182.6.0/24 maxlen: 24
90.182.108.0/24 maxlen: 24
90.183.72.0/24 maxlen: 24
90.183.76.0/24 maxlen: 24
90.183.77.0/24 maxlen: 24
90.183.78.0/24 maxlen: 24
92.243.192.0/19 maxlen: 19
109.80.0.0/15 maxlen: 15
109.81.112.0/20 maxlen: 20
109.81.160.0/20 maxlen: 20
109.81.208.0/24 maxlen: 24
109.81.209.0/24 maxlen: 24
109.81.210.0/24 maxlen: 24
109.81.211.0/24 maxlen: 24
109.81.212.0/24 maxlen: 24
109.81.213.0/24 maxlen: 24
109.81.214.0/24 maxlen: 24
109.81.215.0/24 maxlen: 24
160.218.0.0/16 maxlen: 16
160.218.13.0/24 maxlen: 24
185.61.228.0/22 maxlen: 22
194.228.0.0/16 maxlen: 16
194.228.0.0/17 maxlen: 17
194.228.11.0/24 maxlen: 24
194.228.13.0/24 maxlen: 24
194.228.20.0/24 maxlen: 24
194.228.32.0/24 maxlen: 24
194.228.59.0/24 maxlen: 24
194.228.68.0/24 maxlen: 24
194.228.72.0/22 maxlen: 22
194.228.76.0/24 maxlen: 24
194.228.79.0/24 maxlen: 24
194.228.128.0/17 maxlen: 17
217.117.208.0/20 maxlen: 20
217.194.160.0/20 maxlen: 20
2001:41d8::/32 maxlen: 32
2a00:1028::/29 maxlen: 29
2a00:1028::/32 maxlen: 32
2a00:1028:d::/48 maxlen: 48
2a02:9b8::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.mft
rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b4:68:24:de:11:4d:c6:db:9a:61:a4:f4:03:19:1b:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Validity
Not Before: Oct 22 13:26:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9d5b31dd0c383ec67a402f0835ac4a79e2ca081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f7:16:34:05:e4:42:6d:66:50:f2:f0:0f:92:
94:08:9b:d0:f9:b0:08:ab:34:49:91:38:00:d8:a9:
37:32:ee:1b:31:9b:86:c4:8e:b1:06:ac:2f:8e:a2:
73:ac:8c:7a:15:60:3b:a8:36:4f:37:86:fd:ff:88:
1f:66:8d:3b:18:26:d1:07:f4:d6:cb:30:0f:99:cf:
0a:58:f8:35:62:97:2b:86:d5:d0:86:92:5b:27:7a:
8d:19:09:64:2a:6a:cb:2d:78:0d:68:f1:74:87:3a:
63:81:23:81:cf:4b:b5:c3:74:07:2b:92:f8:8d:9e:
94:0f:4f:39:ea:1f:f6:5e:0d:ff:90:62:d5:65:d7:
a4:7d:14:f8:9b:db:ee:07:0c:4c:e8:13:cf:fa:ee:
63:31:18:2c:97:c3:81:4d:8c:54:0f:04:e3:7e:f3:
26:80:de:33:a7:e8:ee:81:1a:dc:ce:71:27:77:92:
4d:c2:37:0f:f3:3e:6d:c0:46:26:c1:df:d2:c7:6b:
e1:e4:e3:fb:fb:ec:2e:bb:21:ee:1c:90:0b:4f:15:
1b:2f:cc:89:11:93:87:34:31:a5:cd:7f:6c:9b:82:
b9:a7:82:d2:1a:92:84:db:ed:f7:b2:ca:c5:c0:1b:
41:a5:9d:3c:fd:d1:15:a1:c7:a7:2f:c2:f9:de:6b:
b5:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:D5:B3:1D:D0:C3:83:EC:67:A4:02:F0:83:5A:C4:A7:9E:2C:A0:81
X509v3 Authority Key Identifier:
keyid:E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/udWzHdDDg-xnpALwg1rEp54soIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.188.128.0/17
80.188.0.0/16
81.90.160.0/20
83.69.32.0/19
83.208.0.0/16
85.70.0.0/15
85.160.0.0/15
85.193.0.0/18
88.83.160.0/19
88.100.0.0/14
90.176.32.0-90.183.255.255
92.243.192.0/19
109.80.0.0/15
160.218.0.0/16
185.61.228.0/22
194.228.0.0/16
217.117.208.0/20
217.194.160.0/20
IPv6:
2001:41d8::/32
2a00:1028::/29
2a02:9b8::/31
Signature Algorithm: sha256WithRSAEncryption
47:54:00:7a:9a:b7:6d:0e:11:76:79:d3:8b:0e:4d:9f:02:7b:
67:4d:29:0e:ce:81:53:75:79:4c:b4:2b:c5:70:cb:b5:36:1f:
4f:14:34:7e:f9:94:68:87:72:02:f0:da:f1:0b:c5:8b:d9:6a:
21:25:39:ee:6c:1a:35:e4:fd:53:47:07:2b:47:ff:53:2f:1f:
fc:9d:03:e0:b9:67:5e:c6:c6:b0:17:d3:5a:93:87:11:fe:d1:
e5:d8:40:bd:08:c2:20:fe:b4:71:3a:75:cf:7f:ca:51:ce:17:
3a:ab:18:af:79:d7:a6:b7:b4:94:0f:ee:c9:b0:e4:a8:5b:ee:
0f:79:1a:9d:ad:43:ad:09:59:03:cc:5f:c5:d7:d3:1e:dc:8c:
1f:3a:8a:e5:a7:e7:29:bf:6f:c7:62:f8:5b:97:cb:3f:98:d0:
9e:8e:80:48:d7:46:83:fe:f9:25:9e:54:06:52:51:f8:a9:20:
76:02:34:94:09:ec:f0:9e:fd:3c:2d:6c:fd:82:02:50:47:4a:
e3:9d:4e:10:6a:f3:b3:ab:20:2b:5f:af:50:9e:c1:cb:74:8d:
d5:35:dd:29:8f:1e:7d:a4:b2:be:61:ae:fa:89:d4:5e:02:87:
3c:c1:4e:07:e7:c9:04:bd:e4:6d:4f:82:56:46:c5:12:a7:22:
62:a5:7a:53
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZK0aCTeEU3G25phpPQDGRtpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZDZjNmU4YmNlZDQwYmQwMzJkMTc3MThjMWIxZTM5YWU4
NDFhZTgwHhcNMjQxMDIyMTMyNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWQ1YjMxZGQwYzM4M2VjNjdhNDAyZjA4MzVhYzRhNzllMmNhMDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPcWNAXkQm1mUPLwD5KUCJvQ+bAI
qzRJkTgA2Kk3Mu4bMZuGxI6xBqwvjqJzrIx6FWA7qDZPN4b9/4gfZo07GCbRB/TW
yzAPmc8KWPg1YpcrhtXQhpJbJ3qNGQlkKmrLLXgNaPF0hzpjgSOBz0u1w3QHK5L4
jZ6UD0856h/2Xg3/kGLVZdekfRT4m9vuBwxM6BPP+u5jMRgsl8OBTYxUDwTjfvMm
gN4zp+jugRrcznEnd5JNwjcP8z5twEYmwd/Sx2vh5OP7++wuuyHuHJALTxUbL8yJ
EZOHNDGlzX9sm4K5p4LSGpKE2+33ssrFwBtBpZ08/dEVocenL8L53mu1LwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFLnVsx3Qw4PsZ6QC8INaxKeeLKCBMB8GA1UdIwQY
MBaAFOXWxui87UC9Ay0XcYwbHjmuhBroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQt
YmQyNDliNjI1Nzk3LzEvdWRXekhkRERnLXhucEFMd2cxckVwNTRzb0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQtYmQyNDliNjI1Nzk3
LzEvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDBxBAIAATBrAwQHJbyA
AwMAULwDBARRWqADBAVTRSADAwBT0AMDAVVGAwMBVaADBAZVwQADBAVYU6ADAwJY
ZDALAwQFWrAgAwMDWrADBAVc88ADAwFtUAMDAKDaAwQCuT3kAwMAwuQDBATZddAD
BATZwqAwGwQCAAIwFQMFACABQdgDBQMqABAoAwUBKgIJuDANBgkqhkiG9w0BAQsF
AAOCAQEAR1QAepq3bQ4RdnnTiw5NnwJ7Z00pDs6BU3V5TLQrxXDLtTYfTxQ0fvmU
aIdyAvDa8QvFi9lqISU57mwaNeT9U0cHK0f/Uy8f/J0D4LlnXsbGsBfTWpOHEf7R
5dhAvQjCIP60cTp1z3/KUc4XOqsYr3nXpre0lA/uybDkqFvuD3kana1DrQlZA8xf
xdfTHtyMHzqK5afnKb9vx2L4W5fLP5jQno6ASNdGg/75JZ5UBlJR+KkgdgI0lAns
8J79PC1s/YICUEdK451OEGrzs6sgK1+vUJ7By3SN1TXdKY8efaSyvmGu+onUXgKH
PMFOB+fJBL3kbU+CVkbFEqciYqV6Uw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:06:24 2024 by rpki-client on console-fra.rpki-client.org