Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/L2m3Je6oc2YwR3a4uVV_1cgP0E8.roa
File: L2m3Je6oc2YwR3a4uVV_1cgP0E8.roa (raw, json)
Hash identifier: 9nvEbM367CFICmPEPiNs+M3T9SuD3jcvLgVEbOgpPmY=
Subject key identifier: 2F:69:B7:25:EE:A8:73:66:30:47:76:B8:B9:55:7F:D5:C8:0F:D0:4F
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018F2B7E8447D58AAD820996C8D36D444919
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/L2m3Je6oc2YwR3a4uVV_1cgP0E8.roa
Signing time: Mon 29 Apr 2024 20:14:22 +0000
ROA not before: Mon 29 Apr 2024 20:14:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28964
IP address blocks: 77.105.8.0/24 maxlen: 24
77.105.39.0/24 maxlen: 24
79.175.66.0/24 maxlen: 24
79.175.85.0/24 maxlen: 24
79.175.120.0/24 maxlen: 24
81.18.51.0/24 maxlen: 24
81.18.56.0/24 maxlen: 24
81.18.57.0/24 maxlen: 24
81.18.58.0/24 maxlen: 24
81.18.63.0/24 maxlen: 24
93.186.65.0/24 maxlen: 24
93.186.77.0/24 maxlen: 24
109.121.48.0/24 maxlen: 24
109.121.49.0/24 maxlen: 24
109.121.53.0/24 maxlen: 24
109.121.55.0/24 maxlen: 24
178.219.2.0/24 maxlen: 24
178.253.212.0/24 maxlen: 24
178.253.216.0/24 maxlen: 24
178.253.217.0/24 maxlen: 24
178.253.218.0/24 maxlen: 24
178.253.220.0/23 maxlen: 23
178.253.232.0/24 maxlen: 24
178.253.238.0/24 maxlen: 24
178.253.245.0/24 maxlen: 24
178.253.246.0/24 maxlen: 24
188.255.179.0/24 maxlen: 24
188.255.190.0/24 maxlen: 24
188.255.192.0/23 maxlen: 23
188.255.195.0/24 maxlen: 24
188.255.196.0/22 maxlen: 22
188.255.207.0/24 maxlen: 24
188.255.217.0/24 maxlen: 24
188.255.228.0/24 maxlen: 24
188.255.230.0/23 maxlen: 23
188.255.253.0/24 maxlen: 24
212.69.2.0/24 maxlen: 24
212.69.3.0/24 maxlen: 24
212.69.4.0/24 maxlen: 24
212.69.5.0/24 maxlen: 24
212.69.19.0/24 maxlen: 24
212.69.21.0/24 maxlen: 24
212.69.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2b:7e:84:47:d5:8a:ad:82:09:96:c8:d3:6d:44:49:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Apr 29 20:14:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f69b725eea87366304776b8b9557fd5c80fd04f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:86:14:c6:0d:6d:1d:fe:36:34:18:32:87:5e:
06:77:25:e1:ad:0a:b8:d4:87:74:d8:94:42:5f:db:
c9:d9:bf:f7:56:11:76:86:0e:15:73:14:48:22:91:
7d:d3:fa:00:6f:e3:f8:bd:82:bf:5e:42:a8:23:e3:
b0:f6:0f:0e:cc:6e:49:a9:09:7a:45:c4:8b:83:02:
a8:a2:ee:73:fa:ba:b3:c4:e1:43:2d:ac:35:6c:82:
13:bc:68:23:08:d5:e4:9d:67:6e:0c:71:af:78:07:
21:2c:b6:98:34:c7:5a:4c:79:5f:66:5e:4b:f8:ec:
6c:48:2e:ba:f8:45:be:e7:49:0d:c6:ff:54:a4:45:
50:d2:41:06:ce:70:7b:31:21:33:dd:f0:b7:d8:73:
f7:a3:d3:70:95:6c:c1:eb:0a:59:4a:b9:05:d2:a4:
85:ed:af:55:eb:5a:6c:ce:76:fa:35:6c:bd:aa:ff:
ef:f7:e6:88:a6:8d:eb:05:e6:31:f7:2d:48:3c:6a:
56:f6:3c:43:50:3a:99:10:70:38:a7:85:8b:ce:1e:
46:7b:9f:c4:89:f4:1d:ed:43:f6:81:de:f8:3c:17:
8d:8a:2a:3a:3c:47:e4:17:62:59:20:e1:62:32:77:
a7:c8:08:76:ba:39:f3:19:ae:22:ae:3c:76:b9:02:
66:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:69:B7:25:EE:A8:73:66:30:47:76:B8:B9:55:7F:D5:C8:0F:D0:4F
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/L2m3Je6oc2YwR3a4uVV_1cgP0E8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
77.105.39.0/24
79.175.66.0/24
79.175.85.0/24
79.175.120.0/24
81.18.51.0/24
81.18.56.0-81.18.58.255
81.18.63.0/24
93.186.65.0/24
93.186.77.0/24
109.121.48.0/23
109.121.53.0/24
109.121.55.0/24
178.219.2.0/24
178.253.212.0/24
178.253.216.0-178.253.218.255
178.253.220.0/23
178.253.232.0/24
178.253.238.0/24
178.253.245.0-178.253.246.255
188.255.179.0/24
188.255.190.0/24
188.255.192.0/23
188.255.195.0-188.255.199.255
188.255.207.0/24
188.255.217.0/24
188.255.228.0/24
188.255.230.0/23
188.255.253.0/24
212.69.2.0-212.69.5.255
212.69.19.0/24
212.69.21.0/24
212.69.30.0/24
Signature Algorithm: sha256WithRSAEncryption
20:6d:8a:35:43:24:5a:60:97:bb:63:f3:b9:2e:16:3f:7f:74:
5b:05:54:22:39:72:eb:76:c4:a8:0c:8e:72:11:2b:37:42:4e:
4e:26:91:bb:b7:04:fa:85:3b:f0:c9:fc:c1:f3:3e:ed:a3:14:
00:85:9e:d8:ec:87:f9:6b:32:f6:5c:65:fc:dc:e5:44:86:b3:
af:42:a0:0d:27:0e:2e:d0:e1:21:1a:7a:23:4b:8b:66:ff:f8:
c1:62:64:82:f0:6f:83:89:69:aa:e4:b3:3e:de:45:29:cb:65:
43:4e:10:9b:6f:e9:04:82:46:01:dd:75:cd:43:eb:20:2e:b7:
6e:c4:5e:ae:5c:a4:d9:80:c8:df:98:9d:4b:80:5f:20:17:26:
39:ed:93:05:c0:8d:8d:96:f2:45:fa:da:4f:fe:20:18:9f:39:
fc:80:94:70:ed:3a:0d:95:10:c7:ce:86:71:69:12:f2:8e:f9:
e8:80:35:34:d7:87:d4:77:26:dc:af:0f:1b:a0:15:c6:8d:66:
89:82:2e:ae:12:cd:6a:e1:f2:40:78:a1:43:99:41:bf:c6:6a:
6c:8d:7a:37:5a:4e:d7:f8:0b:ee:57:19:53:3e:93:a8:d4:3f:
ed:96:dc:c4:c0:5a:56:e1:2b:a3:6e:82:08:fa:1c:da:10:0b:
c3:88:a1:f0
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAY8rfoRH1YqtggmWyNNtREkZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwNDI5MjAxNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjY5YjcyNWVlYTg3MzY2MzA0Nzc2YjhiOTU1N2ZkNWM4MGZkMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYYUxg1tHf42NBgyh14GdyXhrQq4
1Id02JRCX9vJ2b/3VhF2hg4VcxRIIpF90/oAb+P4vYK/XkKoI+Ow9g8OzG5JqQl6
RcSLgwKoou5z+rqzxOFDLaw1bIITvGgjCNXknWduDHGveAchLLaYNMdaTHlfZl5L
+OxsSC66+EW+50kNxv9UpEVQ0kEGznB7MSEz3fC32HP3o9NwlWzB6wpZSrkF0qSF
7a9V61psznb6NWy9qv/v9+aIpo3rBeYx9y1IPGpW9jxDUDqZEHA4p4WLzh5Ge5/E
ifQd7UP2gd74PBeNiio6PEfkF2JZIOFiMnenyAh2ujnzGa4irjx2uQJm4QIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFC9ptyXuqHNmMEd2uLlVf9XID9BPMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvTDJtM0plNm9jMll3UjNhNHVWVl8xY2dQMEU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuAwQA
TWkIAwQATWknAwQAT69CAwQAT69VAwQAT694AwQAURIzMAwDBANREjgDBABREjoD
BABREj8DBABdukEDBABduk0DBAFteTADBABteTUDBABteTcDBACy2wIDBACy/dQw
DAMEA7L92AMEALL92gMEAbL93AMEALL96AMEALL97jAMAwQAsv31AwQAsv32AwQA
vP+zAwQAvP++AwQBvP/AMAwDBAC8/8MDBAO8/8ADBAC8/88DBAC8/9kDBAC8/+QD
BAG8/+YDBAC8//0wDAMEAdRFAgMEAdRFBAMEANRFEwMEANRFFQMEANRFHjANBgkq
hkiG9w0BAQsFAAOCAQEAIG2KNUMkWmCXu2PzuS4WP390WwVUIjly63bEqAyOchEr
N0JOTiaRu7cE+oU78Mn8wfM+7aMUAIWe2OyH+Wsy9lxl/NzlRIazr0KgDScOLtDh
IRp6I0uLZv/4wWJkgvBvg4lpquSzPt5FKctlQ04Qm2/pBIJGAd11zUPrIC63bsRe
rlyk2YDI35idS4BfIBcmOe2TBcCNjZbyRfraT/4gGJ85/ICUcO06DZUQx86GcWkS
8o756IA1NNeH1Hcm3K8PG6AVxo1miYIurhLNauHyQHihQ5lBv8ZqbI16N1pO1/gL
7lcZUz6TqNQ/7ZbcxMBaVuEro26CCPoc2hALw4ih8A==
-----END CERTIFICATE-----
Generated at Sat May 18 16:18:56 2024 by rpki-client on console-ams.rpki-client.org