Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/c8c5e4-225a-489e-9100-ab2ce94c1423/1/z1axDLzgcCtonhdmi2sKkKra3kI.roa
File: z1axDLzgcCtonhdmi2sKkKra3kI.roa (raw, json)
Hash identifier: qozlQVNqM5uEiSHvOmk4GEKYMvchvDy8p9FGtwuIAMo=
Subject key identifier: CF:56:B1:0C:BC:E0:70:2B:68:9E:17:66:8B:6B:0A:90:AA:DA:DE:42
Certificate issuer: /CN=ee37d34869bc60b7d9e78335f4a32381fb7210e5
Certificate serial: 018CC871250ADC3E8A22E2596D832B8EF38B
Authority key identifier: EE:37:D3:48:69:BC:60:B7:D9:E7:83:35:F4:A3:23:81:FB:72:10:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jfTSGm8YLfZ54M19KMjgftyEOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/c8c5e4-225a-489e-9100-ab2ce94c1423/1/z1axDLzgcCtonhdmi2sKkKra3kI.roa
Signing time: Tue 02 Jan 2024 04:31:47 +0000
ROA not before: Tue 02 Jan 2024 04:31:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48544
IP address blocks: 83.174.144.0/22 maxlen: 24
91.231.172.0/23 maxlen: 24
185.29.145.0/24 maxlen: 24
185.29.144.0/24 maxlen: 24
185.29.146.0/24 maxlen: 24
31.185.17.0/24 maxlen: 24
31.185.16.0/24 maxlen: 24
87.252.106.0/23 maxlen: 24
31.185.21.0/24 maxlen: 24
31.185.23.0/24 maxlen: 24
31.185.22.0/24 maxlen: 24
31.185.20.0/24 maxlen: 24
31.185.19.0/24 maxlen: 24
31.185.18.0/24 maxlen: 24
185.164.185.0/24 maxlen: 24
185.164.186.0/23 maxlen: 24
89.36.206.0/24 maxlen: 24
89.36.205.0/24 maxlen: 24
89.36.204.0/24 maxlen: 24
89.36.207.0/24 maxlen: 24
185.39.24.0/23 maxlen: 24
185.39.27.0/24 maxlen: 24
185.39.26.0/24 maxlen: 24
188.116.56.0/23 maxlen: 24
188.116.60.0/23 maxlen: 23
188.116.63.0/24 maxlen: 24
188.116.62.0/24 maxlen: 24
212.69.137.0/24 maxlen: 24
212.69.136.0/24 maxlen: 24
212.69.139.0/24 maxlen: 24
212.69.138.0/24 maxlen: 24
212.69.143.0/24 maxlen: 24
212.69.142.0/24 maxlen: 24
212.69.141.0/24 maxlen: 24
212.69.140.0/24 maxlen: 24
89.32.159.0/24 maxlen: 24
89.32.158.0/24 maxlen: 24
89.32.157.0/24 maxlen: 24
89.32.156.0/24 maxlen: 24
194.145.248.0/22 maxlen: 23
78.159.144.0/22 maxlen: 24
93.189.136.0/21 maxlen: 24
188.116.11.0/24 maxlen: 24
188.116.10.0/24 maxlen: 24
188.116.8.0/23 maxlen: 23
188.116.32.0/23 maxlen: 24
46.102.112.0/24 maxlen: 24
46.102.114.0/24 maxlen: 24
46.102.113.0/24 maxlen: 24
46.102.115.0/24 maxlen: 24
185.84.84.0/22 maxlen: 24
45.10.72.0/22 maxlen: 22
217.20.250.0/23 maxlen: 24
217.20.248.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/c8c5e4-225a-489e-9100-ab2ce94c1423/1/7jfTSGm8YLfZ54M19KMjgftyEOU.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/c8c5e4-225a-489e-9100-ab2ce94c1423/1/7jfTSGm8YLfZ54M19KMjgftyEOU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7jfTSGm8YLfZ54M19KMjgftyEOU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:25:0a:dc:3e:8a:22:e2:59:6d:83:2b:8e:f3:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee37d34869bc60b7d9e78335f4a32381fb7210e5
Validity
Not Before: Jan 2 04:31:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf56b10cbce0702b689e17668b6b0a90aadade42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f3:0a:c6:b1:d2:0b:7a:db:c8:e9:a5:32:ef:
e3:f8:25:db:b3:e1:d8:b4:fb:8e:af:f0:81:60:fd:
44:d9:67:14:c0:6d:a3:7b:59:ef:1a:7c:00:1f:7d:
1b:c0:4e:2d:65:9a:d8:a4:a8:04:72:f4:59:3a:df:
40:d8:be:86:ac:6f:16:40:ec:13:e2:67:8a:12:76:
96:f2:13:48:cd:cc:77:f3:2e:e3:e2:99:49:62:95:
3f:65:1e:21:1e:ac:d3:ee:15:85:04:d0:87:8d:ca:
a9:fb:af:37:e4:56:85:3d:e4:96:3b:5c:55:9c:f1:
78:62:81:72:db:9b:c5:21:21:2f:f2:f2:22:21:eb:
4b:5e:41:30:21:59:d5:a1:0e:2e:9b:9f:a2:bf:73:
82:35:54:ff:4f:85:06:08:69:86:fb:f7:d5:a3:e2:
a9:b8:14:dd:40:56:75:d0:77:b9:71:d2:ca:25:66:
d0:06:3b:28:a2:d6:ec:b5:fd:38:f8:6f:2a:c9:7f:
ab:f5:00:15:17:13:8f:40:c1:8a:95:af:e9:e4:95:
e0:d5:86:b8:dc:68:1a:d7:5a:2b:74:45:8c:94:3c:
18:ba:73:4a:83:1f:60:35:f5:35:0c:ac:7f:f1:80:
8d:e0:6d:9b:95:fb:e9:18:14:f1:96:60:8b:63:73:
38:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:56:B1:0C:BC:E0:70:2B:68:9E:17:66:8B:6B:0A:90:AA:DA:DE:42
X509v3 Authority Key Identifier:
keyid:EE:37:D3:48:69:BC:60:B7:D9:E7:83:35:F4:A3:23:81:FB:72:10:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jfTSGm8YLfZ54M19KMjgftyEOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/c8c5e4-225a-489e-9100-ab2ce94c1423/1/z1axDLzgcCtonhdmi2sKkKra3kI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/c8c5e4-225a-489e-9100-ab2ce94c1423/1/7jfTSGm8YLfZ54M19KMjgftyEOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.16.0/21
45.10.72.0/22
46.102.112.0/22
78.159.144.0/22
83.174.144.0/22
87.252.106.0/23
89.32.156.0/22
89.36.204.0/22
91.231.172.0/23
93.189.136.0/21
185.29.144.0-185.29.146.255
185.39.24.0/22
185.84.84.0/22
185.164.185.0-185.164.187.255
188.116.8.0/22
188.116.32.0/23
188.116.56.0/23
188.116.60.0/22
194.145.248.0/22
212.69.136.0/21
217.20.248.0/22
Signature Algorithm: sha256WithRSAEncryption
33:b3:0f:52:cf:30:54:67:be:39:dc:c7:62:34:f3:24:1f:9e:
42:f8:71:64:1c:a9:8d:82:79:26:19:05:46:53:69:2b:2b:89:
37:69:bc:34:49:d2:d6:d7:15:79:5a:b4:52:d1:84:c4:80:8c:
fa:6e:3c:39:d3:28:83:a9:0e:98:74:e2:1b:e2:2a:be:27:61:
bc:51:04:5d:60:68:05:46:a5:09:9b:4f:26:38:b1:44:69:b4:
c1:ea:4b:85:6a:25:f8:ca:89:fb:c6:c4:59:8d:08:b7:30:74:
0e:f2:94:5f:bf:bd:5a:1b:25:3e:6e:5a:52:cd:38:d1:92:a7:
f7:5d:66:0e:38:b9:41:59:66:34:a4:21:ac:a0:23:09:f8:ae:
16:ef:01:22:9e:67:75:40:e7:ec:8a:ff:f4:f6:37:f0:0b:ec:
ae:ff:fd:16:b9:d4:cb:d5:25:5c:75:97:a7:97:95:86:c8:cc:
39:67:b5:0e:65:60:3a:a1:c8:2e:9f:a9:a3:cb:3d:ea:a8:37:
a7:e9:79:3a:0e:b6:08:c0:57:27:1e:86:10:7d:97:9e:33:bc:
12:46:85:2e:29:f0:c7:40:95:22:50:44:76:5b:53:87:04:5a:
1a:17:9c:d3:05:6b:e9:83:0c:e6:80:da:33:f9:90:31:2b:51:
28:87:d5:65
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYzIcSUK3D6KIuJZbYMrjvOLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzdkMzQ4NjliYzYwYjdkOWU3ODMzNWY0YTMyMzgxZmI3
MjEwZTUwHhcNMjQwMTAyMDQzMTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjU2YjEwY2JjZTA3MDJiNjg5ZTE3NjY4YjZiMGE5MGFhZGFkZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfMKxrHSC3rbyOmlMu/j+CXbs+HY
tPuOr/CBYP1E2WcUwG2je1nvGnwAH30bwE4tZZrYpKgEcvRZOt9A2L6GrG8WQOwT
4meKEnaW8hNIzcx38y7j4plJYpU/ZR4hHqzT7hWFBNCHjcqp+6835FaFPeSWO1xV
nPF4YoFy25vFISEv8vIiIetLXkEwIVnVoQ4um5+iv3OCNVT/T4UGCGmG+/fVo+Kp
uBTdQFZ10He5cdLKJWbQBjsootbstf04+G8qyX+r9QAVFxOPQMGKla/p5JXg1Ya4
3Gga11ordEWMlDwYunNKgx9gNfU1DKx/8YCN4G2blfvpGBTxlmCLY3M4fQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFM9WsQy84HAraJ4XZotrCpCq2t5CMB8GA1UdIwQY
MBaAFO4300hpvGC32eeDNfSjI4H7chDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pmVFNHbThZTGZaNTRNMTlLTWpnZnR5RU9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9jOGM1ZTQtMjI1YS00ODllLTkxMDAt
YWIyY2U5NGMxNDIzLzEvejFheERMemdjQ3RvbmhkbWkyc0trS3JhM2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9jOGM1ZTQtMjI1YS00ODllLTkxMDAtYWIyY2U5NGMxNDIz
LzEvN2pmVFNHbThZTGZaNTRNMTlLTWpnZnR5RU9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAMf
uRADBAItCkgDBAIuZnADBAJOn5ADBAJTrpADBAFX/GoDBAJZIJwDBAJZJMwDBAFb
56wDBANdvYgwDAMEBLkdkAMEALkdkgMEArknGAMEArlUVDAMAwQAuaS5AwQCuaS4
AwQCvHQIAwQBvHQgAwQBvHQ4AwQCvHQ8AwQCwpH4AwQD1EWIAwQC2RT4MA0GCSqG
SIb3DQEBCwUAA4IBAQAzsw9SzzBUZ7453MdiNPMkH55C+HFkHKmNgnkmGQVGU2kr
K4k3abw0SdLW1xV5WrRS0YTEgIz6bjw50yiDqQ6YdOIb4iq+J2G8UQRdYGgFRqUJ
m08mOLFEabTB6kuFaiX4yon7xsRZjQi3MHQO8pRfv71aGyU+blpSzTjRkqf3XWYO
OLlBWWY0pCGsoCMJ+K4W7wEinmd1QOfsiv/09jfwC+yu//0WudTL1SVcdZenl5WG
yMw5Z7UOZWA6ocgun6mjyz3qqDen6Xk6DrYIwFcnHoYQfZeeM7wSRoUuKfDHQJUi
UER2W1OHBFoaF5zTBWvpgwzmgNoz+ZAxK1Eoh9Vl
-----END CERTIFICATE-----
Generated at Sun May 19 14:05:53 2024 by rpki-client on console-fra.rpki-client.org