Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/1Zv81osYL2X6USnK4m1QYMXy-wI.roa
File: 1Zv81osYL2X6USnK4m1QYMXy-wI.roa (raw, json)
Hash identifier: FFkBQmWSl/ySB5gA5IjJaxbtZ78ElUWC/w0nu9mjDRU=
Subject key identifier: D5:9B:FC:D6:8B:18:2F:65:FA:51:29:CA:E2:6D:50:60:C5:F2:FB:02
Certificate issuer: /CN=dab53f9b21d13e078e3e844d645eea8580f1cce1
Certificate serial: 01926D271A5F2741D6FA921CF1183150581C
Authority key identifier: DA:B5:3F:9B:21:D1:3E:07:8E:3E:84:4D:64:5E:EA:85:80:F1:CC:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2rU_myHRPgeOPoRNZF7qhYDxzOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/1Zv81osYL2X6USnK4m1QYMXy-wI.roa
Signing time: Tue 08 Oct 2024 17:22:12 +0000
ROA not before: Tue 08 Oct 2024 17:22:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33874
IP address blocks: 37.75.32.0/19 maxlen: 19
37.75.32.0/20 maxlen: 20
37.75.48.0/20 maxlen: 20
77.25.128.0/17 maxlen: 17
77.25.128.0/19 maxlen: 19
77.25.192.0/22 maxlen: 22
77.25.196.0/22 maxlen: 22
77.25.200.0/22 maxlen: 22
77.25.204.0/22 maxlen: 22
77.25.220.0/22 maxlen: 22
77.243.64.0/22 maxlen: 22
77.243.68.0/23 maxlen: 23
77.243.70.0/23 maxlen: 23
77.243.72.0/22 maxlen: 22
77.243.76.0/23 maxlen: 23
77.243.78.0/23 maxlen: 23
80.85.96.0/20 maxlen: 20
80.85.96.0/23 maxlen: 23
80.85.98.0/24 maxlen: 24
80.85.99.0/24 maxlen: 24
80.85.100.0/24 maxlen: 24
80.85.101.0/24 maxlen: 24
80.85.102.0/24 maxlen: 24
80.85.103.0/24 maxlen: 24
80.85.104.0/24 maxlen: 24
80.85.105.0/24 maxlen: 24
80.85.106.0/24 maxlen: 24
80.85.107.0/24 maxlen: 24
80.85.108.0/24 maxlen: 24
80.85.109.0/24 maxlen: 24
80.85.110.0/24 maxlen: 24
80.85.111.0/24 maxlen: 24
109.200.32.0/19 maxlen: 19
109.200.32.0/20 maxlen: 20
109.200.48.0/21 maxlen: 21
109.200.56.0/22 maxlen: 22
159.20.24.0/21 maxlen: 21
159.20.24.0/24 maxlen: 24
159.20.25.0/24 maxlen: 24
159.20.26.0/24 maxlen: 24
159.20.28.0/24 maxlen: 24
159.20.29.0/24 maxlen: 24
159.20.30.0/24 maxlen: 24
159.20.31.0/24 maxlen: 24
185.5.48.0/24 maxlen: 24
188.172.0.0/19 maxlen: 19
188.172.0.0/20 maxlen: 20
188.172.16.0/21 maxlen: 21
188.172.24.0/22 maxlen: 22
188.172.32.0/19 maxlen: 19
188.172.32.0/20 maxlen: 20
188.172.48.0/21 maxlen: 21
188.172.56.0/22 maxlen: 22
188.172.64.0/19 maxlen: 19
188.172.64.0/21 maxlen: 21
188.172.72.0/22 maxlen: 22
188.172.80.0/21 maxlen: 21
188.172.88.0/22 maxlen: 22
2a10:5500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/2rU_myHRPgeOPoRNZF7qhYDxzOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/2rU_myHRPgeOPoRNZF7qhYDxzOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2rU_myHRPgeOPoRNZF7qhYDxzOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6d:27:1a:5f:27:41:d6:fa:92:1c:f1:18:31:50:58:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dab53f9b21d13e078e3e844d645eea8580f1cce1
Validity
Not Before: Oct 8 17:22:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d59bfcd68b182f65fa5129cae26d5060c5f2fb02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8b:1e:10:04:ff:5e:b2:6d:6f:33:e4:cf:25:
51:52:ef:a4:16:3f:10:b0:33:4d:2a:b2:0e:c8:4e:
bf:89:74:fd:d2:7e:e0:57:30:ec:d8:67:23:b9:08:
f0:4d:e9:44:fc:1d:f6:1e:6e:f7:59:45:ee:ee:3a:
9e:6e:03:6f:c5:1f:56:e5:46:aa:26:67:14:be:00:
70:48:6f:dd:a4:7c:75:57:16:8e:61:e3:b2:84:f1:
59:f6:3f:df:7a:c7:f9:3d:7d:cd:42:05:53:fc:6d:
0b:44:f2:64:e0:c0:e9:e0:3a:ac:8e:fa:4c:80:92:
30:17:d8:35:4d:99:8f:b3:85:c8:75:10:e0:58:cf:
ba:d4:02:92:ca:c0:31:a5:13:de:54:d5:ca:3c:19:
48:80:7d:24:a8:12:9a:5a:fc:7d:8f:41:c3:4f:89:
0d:c2:5d:c9:78:05:92:af:a3:8d:d5:12:ab:89:ec:
77:ac:e0:97:73:9e:00:83:41:5f:b9:12:ea:c3:b0:
75:e7:8e:fa:e9:f9:da:c6:f3:58:12:24:90:27:26:
73:9e:a0:b1:92:9f:4f:41:62:f1:f7:a4:66:9c:c3:
45:12:19:5f:97:8f:52:bb:68:ab:f2:7d:eb:1c:c6:
81:72:cc:1e:66:13:73:37:e9:87:ee:9c:47:97:2e:
f4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:9B:FC:D6:8B:18:2F:65:FA:51:29:CA:E2:6D:50:60:C5:F2:FB:02
X509v3 Authority Key Identifier:
keyid:DA:B5:3F:9B:21:D1:3E:07:8E:3E:84:4D:64:5E:EA:85:80:F1:CC:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2rU_myHRPgeOPoRNZF7qhYDxzOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/1Zv81osYL2X6USnK4m1QYMXy-wI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/2rU_myHRPgeOPoRNZF7qhYDxzOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.32.0/19
77.25.128.0/17
77.243.64.0/20
80.85.96.0/20
109.200.32.0/19
159.20.24.0/21
185.5.48.0/24
188.172.0.0-188.172.95.255
IPv6:
2a10:5500::/32
Signature Algorithm: sha256WithRSAEncryption
5f:df:85:6c:ac:7e:f4:d1:34:d0:ac:1c:1b:fa:e3:b5:2b:80:
7f:cf:ef:74:b0:7c:00:2b:25:bb:45:f9:aa:cb:e2:2b:05:4c:
e0:03:c0:84:b3:26:ed:87:dd:b8:03:32:75:7b:93:28:a6:d9:
17:11:43:ca:d1:fd:7e:c2:66:5e:09:a8:21:4e:66:da:ff:32:
8e:36:bf:7f:fc:0c:d2:d6:da:ed:cf:28:67:22:8e:8d:8a:fa:
c8:21:4c:18:74:eb:a2:7c:49:55:7c:c7:df:0b:40:c5:ca:a7:
ae:56:56:98:3c:1f:bf:0e:2c:90:d9:9b:e1:1d:07:28:7f:4f:
fc:3b:30:b7:a2:6e:59:3d:eb:91:40:fd:b9:6e:3b:6d:fb:02:
2d:0c:d7:df:ab:f3:8f:c4:05:c4:6b:83:cd:e2:bf:c5:ce:07:
2f:8f:64:49:3b:a2:30:df:42:0a:1f:b6:25:db:f1:83:c5:e4:
ef:7e:51:82:9b:33:33:33:4f:5b:49:32:83:f0:e3:9d:a7:9f:
fc:7d:57:dc:b0:d0:e1:f5:5e:58:84:77:44:e1:22:6d:b1:9b:
0f:dc:ef:26:15:a2:63:d7:c7:da:53:a1:2c:74:bb:22:ec:80:
76:4d:e0:5c:5a:d0:fc:d1:6a:60:0c:23:40:8a:4f:30:23:c8:
81:63:97:33
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZJtJxpfJ0HW+pIc8RgxUFgcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYjUzZjliMjFkMTNlMDc4ZTNlODQ0ZDY0NWVlYTg1ODBm
MWNjZTEwHhcNMjQxMDA4MTcyMjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTliZmNkNjhiMTgyZjY1ZmE1MTI5Y2FlMjZkNTA2MGM1ZjJmYjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYseEAT/XrJtbzPkzyVRUu+kFj8Q
sDNNKrIOyE6/iXT90n7gVzDs2GcjuQjwTelE/B32Hm73WUXu7jqebgNvxR9W5Uaq
JmcUvgBwSG/dpHx1VxaOYeOyhPFZ9j/fesf5PX3NQgVT/G0LRPJk4MDp4DqsjvpM
gJIwF9g1TZmPs4XIdRDgWM+61AKSysAxpRPeVNXKPBlIgH0kqBKaWvx9j0HDT4kN
wl3JeAWSr6ON1RKriex3rOCXc54Ag0FfuRLqw7B154766fnaxvNYEiSQJyZznqCx
kp9PQWLx96RmnMNFEhlfl49Su2ir8n3rHMaBcsweZhNzN+mH7pxHly70oQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFNWb/NaLGC9l+lEpyuJtUGDF8vsCMB8GA1UdIwQY
MBaAFNq1P5sh0T4Hjj6ETWRe6oWA8czhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnJVX215SFJQZ2VPUG9STlpGN3FoWUR4ek9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi83ZjlhYjEtYmM3Yy00ZDBkLWE5NzAt
NWI4YmM1OTBiMTk3LzEvMVp2ODFvc1lMMlg2VVNuSzRtMVFZTVh5LXdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi83ZjlhYjEtYmM3Yy00ZDBkLWE5NzAtNWI4YmM1OTBiMTk3
LzEvMnJVX215SFJQZ2VPUG9STlpGN3FoWUR4ek9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA9BAIAATA3AwQFJUsgAwQH
TRmAAwQETfNAAwQEUFVgAwQFbcggAwQDnxQYAwQAuQUwMAsDAwK8rAMEBbysQDAN
BAIAAjAHAwUAKhBVADANBgkqhkiG9w0BAQsFAAOCAQEAX9+FbKx+9NE00KwcG/rj
tSuAf8/vdLB8ACslu0X5qsviKwVM4APAhLMm7YfduAMydXuTKKbZFxFDytH9fsJm
XgmoIU5m2v8yjja/f/wM0tba7c8oZyKOjYr6yCFMGHTronxJVXzH3wtAxcqnrlZW
mDwfvw4skNmb4R0HKH9P/Dswt6JuWT3rkUD9uW47bfsCLQzX36vzj8QFxGuDzeK/
xc4HL49kSTuiMN9CCh+2Jdvxg8Xk735RgpszMzNPW0kyg/Djnaef/H1X3LDQ4fVe
WIR3ROEibbGbD9zvJhWiY9fH2lOhLHS7IuyAdk3gXFrQ/NFqYAwjQIpPMCPIgWOX
Mw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:55:40 2024 by rpki-client on console-fra.rpki-client.org