Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Xv2wWMLYZxwIu9OeoNwdDaCreEA.roa
File: Xv2wWMLYZxwIu9OeoNwdDaCreEA.roa (raw, json)
Hash identifier: WbtKfoiIWmSyYlpwfeqekWpwqGdD2Ve7wDLiS//4tzw=
Subject key identifier: 5E:FD:B0:58:C2:D8:67:1C:08:BB:D3:9E:A0:DC:1D:0D:A0:AB:78:40
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018E13ABAAA13F06D5950A8A184394F6C860
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Xv2wWMLYZxwIu9OeoNwdDaCreEA.roa
Signing time: Wed 06 Mar 2024 12:10:01 +0000
ROA not before: Wed 06 Mar 2024 12:10:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52116
IP address blocks: 77.105.6.0/24 maxlen: 24
77.105.11.0/24 maxlen: 24
77.105.31.0/24 maxlen: 24
79.175.103.0/24 maxlen: 24
79.175.115.0/24 maxlen: 24
79.175.116.0/24 maxlen: 24
79.175.118.0/24 maxlen: 24
80.74.173.0/24 maxlen: 24
81.18.49.0/24 maxlen: 24
81.18.50.0/24 maxlen: 24
81.18.52.0/23 maxlen: 23
81.18.55.0/24 maxlen: 24
81.18.61.0/24 maxlen: 24
93.186.64.0/24 maxlen: 24
93.186.67.0/24 maxlen: 24
93.186.71.0/24 maxlen: 24
93.186.72.0/24 maxlen: 24
109.121.60.0/24 maxlen: 24
178.219.8.0/23 maxlen: 23
178.219.11.0/24 maxlen: 24
178.253.207.0/24 maxlen: 24
178.253.210.0/24 maxlen: 24
178.253.213.0/24 maxlen: 24
178.253.214.0/24 maxlen: 24
178.253.219.0/24 maxlen: 24
178.253.222.0/24 maxlen: 24
178.253.236.0/24 maxlen: 24
178.253.240.0/24 maxlen: 24
185.47.88.0/24 maxlen: 24
185.47.89.0/24 maxlen: 24
185.47.90.0/24 maxlen: 24
188.255.130.0/24 maxlen: 24
188.255.140.0/24 maxlen: 24
188.255.185.0/24 maxlen: 24
188.255.190.0/24 maxlen: 24
188.255.208.0/24 maxlen: 24
188.255.213.0/24 maxlen: 24
188.255.219.0/24 maxlen: 24
188.255.238.0/24 maxlen: 24
188.255.244.0/23 maxlen: 23
188.255.246.0/24 maxlen: 24
188.255.247.0/24 maxlen: 24
188.255.248.0/24 maxlen: 24
188.255.250.0/23 maxlen: 23
188.255.252.0/24 maxlen: 24
188.255.254.0/24 maxlen: 24
188.255.255.0/24 maxlen: 24
212.69.6.0/24 maxlen: 24
212.69.7.0/24 maxlen: 24
212.69.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:ab:aa:a1:3f:06:d5:95:0a:8a:18:43:94:f6:c8:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Mar 6 12:10:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5efdb058c2d8671c08bbd39ea0dc1d0da0ab7840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a7:89:72:b2:06:1c:35:c8:fa:3e:6e:ba:33:
c0:49:56:4a:0c:d8:cc:c9:ce:1f:e0:8a:3b:3f:bd:
59:94:8f:a9:40:7e:65:2f:fb:b8:6f:c1:76:b9:6e:
29:fc:7c:43:ef:b9:12:be:6d:0a:a2:a5:39:26:53:
c0:6a:8b:eb:5d:c3:f2:c3:f9:42:bb:28:a1:8e:0e:
0d:4f:3e:ab:63:d3:69:03:bb:1e:a5:c5:18:28:ac:
a5:33:3c:5b:c8:8e:95:a8:f7:86:3b:a1:84:f1:f4:
e6:4b:fa:09:e9:75:d5:db:ac:e4:66:2b:67:08:e2:
99:2e:27:a1:91:10:66:42:2e:9b:97:a9:21:d2:ef:
bb:cc:1e:0f:2d:a0:bb:1e:8f:4e:a5:69:16:73:f5:
de:21:a4:16:df:86:08:b4:40:37:84:07:20:34:b1:
8c:cd:25:36:68:43:8d:15:60:5a:da:82:da:81:db:
10:89:14:3a:e7:1f:0a:8b:b7:3c:78:36:07:90:37:
ce:81:b9:02:e9:72:b2:cf:62:0c:75:dc:cb:ec:39:
35:81:19:c4:0e:91:45:78:ff:bc:ef:73:d6:d2:91:
9a:06:47:e4:b9:3b:73:fe:00:4a:74:eb:e8:fe:09:
09:74:66:2b:03:c9:cc:61:82:8e:97:6c:c9:71:39:
bc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:FD:B0:58:C2:D8:67:1C:08:BB:D3:9E:A0:DC:1D:0D:A0:AB:78:40
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Xv2wWMLYZxwIu9OeoNwdDaCreEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.6.0/24
77.105.11.0/24
77.105.31.0/24
79.175.103.0/24
79.175.115.0-79.175.116.255
79.175.118.0/24
80.74.173.0/24
81.18.49.0-81.18.50.255
81.18.52.0/23
81.18.55.0/24
81.18.61.0/24
93.186.64.0/24
93.186.67.0/24
93.186.71.0-93.186.72.255
109.121.60.0/24
178.219.8.0/23
178.219.11.0/24
178.253.207.0/24
178.253.210.0/24
178.253.213.0-178.253.214.255
178.253.219.0/24
178.253.222.0/24
178.253.236.0/24
178.253.240.0/24
185.47.88.0-185.47.90.255
188.255.130.0/24
188.255.140.0/24
188.255.185.0/24
188.255.190.0/24
188.255.208.0/24
188.255.213.0/24
188.255.219.0/24
188.255.238.0/24
188.255.244.0-188.255.248.255
188.255.250.0-188.255.252.255
188.255.254.0/23
212.69.6.0/23
212.69.12.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:f4:dd:b3:30:d0:7e:ec:cd:6b:b4:b3:35:29:ae:43:27:29:
6c:56:35:b6:a4:86:f0:be:9b:ba:2a:84:4b:7a:d7:37:ae:23:
38:18:da:b1:3c:71:69:55:c0:52:ad:cd:79:07:d7:c9:e1:76:
f7:b1:40:f2:2b:12:13:e1:6b:a7:fa:30:27:a4:5c:27:50:03:
9b:51:a6:3e:f7:05:eb:0c:3b:ef:f9:85:f3:c2:83:50:81:cf:
f2:2e:67:5f:40:fc:3c:fa:8a:06:1c:33:a0:24:f5:8e:59:be:
fa:1e:4c:5a:72:52:37:0b:91:d4:2b:80:9f:2d:a8:26:5e:22:
91:cb:86:d8:71:7a:90:82:d5:ff:1c:e9:fa:91:33:3c:d5:48:
e1:2e:0c:4a:d9:59:1f:b9:9e:4a:f5:92:4e:fb:47:01:08:d2:
93:66:00:93:24:85:20:9c:22:f9:63:a2:42:37:4c:93:a3:39:
2a:68:1e:b6:83:85:f0:c6:f8:1a:80:23:c0:2b:d1:2b:56:9e:
bf:6c:52:e4:b8:0d:b1:fb:0f:3c:5b:d8:b2:c8:54:55:27:75:
80:83:5f:fb:83:bb:1b:2a:cc:ea:57:b2:51:0d:9a:fd:c7:d6:
43:64:36:cd:54:b4:62:e9:6a:ac:eb:4b:e3:20:69:27:49:cc:
d5:71:a7:aa
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgISAY4Tq6qhPwbVlQqKGEOU9shgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMzA2MTIxMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWZkYjA1OGMyZDg2NzFjMDhiYmQzOWVhMGRjMWQwZGEwYWI3ODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqeJcrIGHDXI+j5uujPASVZKDNjM
yc4f4Io7P71ZlI+pQH5lL/u4b8F2uW4p/HxD77kSvm0KoqU5JlPAaovrXcPyw/lC
uyihjg4NTz6rY9NpA7sepcUYKKylMzxbyI6VqPeGO6GE8fTmS/oJ6XXV26zkZitn
COKZLiehkRBmQi6bl6kh0u+7zB4PLaC7Ho9OpWkWc/XeIaQW34YItEA3hAcgNLGM
zSU2aEONFWBa2oLagdsQiRQ65x8Ki7c8eDYHkDfOgbkC6XKyz2IMddzL7Dk1gRnE
DpFFeP+873PW0pGaBkfkuTtz/gBKdOvo/gkJdGYrA8nMYYKOl2zJcTm8TQIDAQAB
o4IDKTCCAyUwHQYDVR0OBBYEFF79sFjC2GccCLvTnqDcHQ2gq3hAMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvWHYyd1dNTFlaeHdJdTlPZW9Od2REYUNyZUVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPQYIKwYBBQUHAQcBAf8EggEsMIIBKDCCASQEAgABMIIB
HAMEAE1pBgMEAE1pCwMEAE1pHwMEAE+vZzAMAwQAT69zAwQAT690AwQAT692AwQA
UEqtMAwDBABREjEDBABREjIDBAFREjQDBABREjcDBABREj0DBABdukADBABdukMw
DAMEAF26RwMEAF26SAMEAG15PAMEAbLbCAMEALLbCwMEALL9zwMEALL90jAMAwQA
sv3VAwQAsv3WAwQAsv3bAwQAsv3eAwQAsv3sAwQAsv3wMAwDBAO5L1gDBAC5L1oD
BAC8/4IDBAC8/4wDBAC8/7kDBAC8/74DBAC8/9ADBAC8/9UDBAC8/9sDBAC8/+4w
DAMEArz/9AMEALz/+DAMAwQBvP/6AwQAvP/8AwQBvP/+AwQB1EUGAwQA1EUMMA0G
CSqGSIb3DQEBCwUAA4IBAQBP9N2zMNB+7M1rtLM1Ka5DJylsVjW2pIbwvpu6KoRL
etc3riM4GNqxPHFpVcBSrc15B9fJ4Xb3sUDyKxIT4Wun+jAnpFwnUAObUaY+9wXr
DDvv+YXzwoNQgc/yLmdfQPw8+ooGHDOgJPWOWb76HkxaclI3C5HUK4CfLagmXiKR
y4bYcXqQgtX/HOn6kTM81UjhLgxK2VkfuZ5K9ZJO+0cBCNKTZgCTJIUgnCL5Y6JC
N0yTozkqaB62g4XwxvgagCPAK9ErVp6/bFLkuA2x+w88W9iyyFRVJ3WAg1/7g7sb
KszqV7JRDZr9x9ZDZDbNVLRi6Wqs60vjIGknSczVcaeq
-----END CERTIFICATE-----
Generated at Sat May 25 21:59:02 2024 by rpki-client on console-fra.rpki-client.org