Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/xxB-qqnxUZgb9QCB1HFtzgJmhvM.roa
File: xxB-qqnxUZgb9QCB1HFtzgJmhvM.roa (raw, json)
Hash identifier: cxyx+GWerVv9b8iR3vbxhOLUoWJbBJYKJyAp6bmvdfA=
Subject key identifier: C7:10:7E:AA:A9:F1:51:98:1B:F5:00:81:D4:71:6D:CE:02:66:86:F3
Certificate issuer: /CN=24ba4f52ac1be0755d34bc5483c061bdf293447e
Certificate serial: 018CC8DE627DD2C1D7E2ADC0C43B43AB3BDD
Authority key identifier: 24:BA:4F:52:AC:1B:E0:75:5D:34:BC:54:83:C0:61:BD:F2:93:44:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JLpPUqwb4HVdNLxUg8BhvfKTRH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/xxB-qqnxUZgb9QCB1HFtzgJmhvM.roa
Signing time: Tue 02 Jan 2024 06:31:06 +0000
ROA not before: Tue 02 Jan 2024 06:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8781
IP address blocks: 78.100.112.0/20 maxlen: 24
78.100.128.0/19 maxlen: 24
37.211.192.0/20 maxlen: 24
78.100.155.0/24 maxlen: 24
37.211.96.0/22 maxlen: 24
78.100.53.0/24 maxlen: 24
78.100.64.0/20 maxlen: 24
37.211.104.0/22 maxlen: 24
37.211.100.0/22 maxlen: 24
78.100.59.0/24 maxlen: 24
185.96.224.0/22 maxlen: 24
37.211.112.0/22 maxlen: 24
37.211.108.0/22 maxlen: 24
37.211.116.0/22 maxlen: 24
37.211.124.0/22 maxlen: 24
37.211.120.0/22 maxlen: 24
78.100.80.0/20 maxlen: 24
176.202.0.0/15 maxlen: 24
37.211.208.0/22 maxlen: 24
37.211.212.0/22 maxlen: 24
37.211.216.0/22 maxlen: 24
37.211.224.0/22 maxlen: 24
37.208.128.0/17 maxlen: 24
37.211.228.0/22 maxlen: 24
37.211.232.0/22 maxlen: 24
37.211.236.0/22 maxlen: 24
37.211.240.0/20 maxlen: 24
78.100.2.0/24 maxlen: 24
78.100.3.0/24 maxlen: 24
86.62.241.0/24 maxlen: 24
78.100.6.0/24 maxlen: 24
89.211.48.0/20 maxlen: 24
78.100.0.0/15 maxlen: 24
213.130.96.0/19 maxlen: 24
213.130.112.0/24 maxlen: 24
213.130.113.0/24 maxlen: 24
78.100.32.0/20 maxlen: 24
78.100.32.0/24 maxlen: 24
213.130.121.0/24 maxlen: 24
213.130.119.0/24 maxlen: 24
78.100.48.0/20 maxlen: 24
78.100.48.0/24 maxlen: 24
86.62.192.0/18 maxlen: 24
89.211.4.0/24 maxlen: 24
89.211.3.0/24 maxlen: 24
89.211.0.0/16 maxlen: 24
89.211.7.0/24 maxlen: 24
89.211.6.0/24 maxlen: 24
89.211.5.0/24 maxlen: 24
89.211.16.0/21 maxlen: 24
89.211.24.0/21 maxlen: 24
89.211.32.0/20 maxlen: 24
37.210.0.0/15 maxlen: 24
212.77.192.0/24 maxlen: 24
212.77.192.0/19 maxlen: 24
212.77.199.0/24 maxlen: 24
212.77.204.0/24 maxlen: 24
212.77.202.0/24 maxlen: 24
212.77.207.0/24 maxlen: 24
212.77.211.0/24 maxlen: 24
212.77.210.0/24 maxlen: 24
212.77.209.0/24 maxlen: 24
212.77.218.0/24 maxlen: 24
212.77.217.0/24 maxlen: 24
212.77.221.0/24 maxlen: 24
212.77.220.0/24 maxlen: 24
82.148.96.0/19 maxlen: 24
82.148.96.0/24 maxlen: 24
178.152.0.0/15 maxlen: 24
2001:1a10::/29 maxlen: 48
2001:1a10:c1::/48 maxlen: 48
2001:1a11::/32 maxlen: 48
2001:1a10:1::/48 maxlen: 48
2001:1a10:cd::/48 maxlen: 64
2001:1a10:4000::/36 maxlen: 36
2001:1a10::/40 maxlen: 48
2001:1a10:100::/40 maxlen: 40
2001:1a10::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/JLpPUqwb4HVdNLxUg8BhvfKTRH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/JLpPUqwb4HVdNLxUg8BhvfKTRH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/JLpPUqwb4HVdNLxUg8BhvfKTRH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:02:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:62:7d:d2:c1:d7:e2:ad:c0:c4:3b:43:ab:3b:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24ba4f52ac1be0755d34bc5483c061bdf293447e
Validity
Not Before: Jan 2 06:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7107eaaa9f151981bf50081d4716dce026686f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:71:5a:59:e3:e5:fd:86:3f:6d:c8:34:ab:9d:
a6:cd:f4:c3:42:ae:ed:14:4a:88:6d:53:c4:12:d2:
fe:31:65:e0:76:65:0e:fd:4a:9f:e4:fc:85:5b:88:
e9:67:57:85:e3:60:8a:ef:37:c3:90:c1:14:da:67:
b8:67:d5:f8:54:63:7c:b9:10:d8:bd:5c:1b:ab:76:
0b:d5:79:29:4d:4f:25:da:f0:78:d0:ba:b7:bc:13:
ef:64:37:89:b1:ea:f6:d4:11:a4:a2:25:2f:27:cf:
b2:c9:89:3a:c7:62:f1:4f:98:2a:58:13:20:04:b7:
5e:ca:58:eb:2e:24:9f:2e:6a:2f:d7:8e:1a:44:20:
40:45:ed:60:7c:8a:c4:a5:a4:6d:d9:79:cf:71:5f:
ab:a5:50:04:ee:37:e0:1e:47:6a:9d:d2:41:25:56:
c7:60:fe:36:78:84:37:16:15:19:54:e4:7a:6d:00:
db:92:78:8a:27:64:4e:de:5d:fd:00:68:9f:64:57:
a0:85:16:ac:ed:01:17:46:c0:3c:e4:e6:52:f6:32:
a4:9b:58:9c:a6:d4:68:9f:e4:17:4e:53:96:92:88:
82:bf:d2:d0:bc:e6:f8:4b:f5:d0:c9:d5:13:b6:75:
a6:84:42:2b:3c:a7:d3:74:5f:0a:90:d5:7f:ae:ea:
93:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:10:7E:AA:A9:F1:51:98:1B:F5:00:81:D4:71:6D:CE:02:66:86:F3
X509v3 Authority Key Identifier:
keyid:24:BA:4F:52:AC:1B:E0:75:5D:34:BC:54:83:C0:61:BD:F2:93:44:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JLpPUqwb4HVdNLxUg8BhvfKTRH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/xxB-qqnxUZgb9QCB1HFtzgJmhvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/JLpPUqwb4HVdNLxUg8BhvfKTRH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.208.128.0/17
37.210.0.0/15
78.100.0.0/15
82.148.96.0/19
86.62.192.0/18
89.211.0.0/16
176.202.0.0/15
178.152.0.0/15
185.96.224.0/22
212.77.192.0/19
213.130.96.0/19
IPv6:
2001:1a10::/29
Signature Algorithm: sha256WithRSAEncryption
7c:51:fe:ab:95:61:78:43:e1:0f:1e:cd:8a:54:37:56:dd:7a:
64:ea:20:26:23:ee:6c:50:19:1a:fc:c4:78:07:ea:23:1b:b3:
1d:f8:b8:6f:c5:6b:c8:5d:5b:60:83:2d:fe:cd:ab:a1:92:85:
5c:65:a3:dc:0e:80:f6:50:1e:cd:fe:c3:82:7a:61:1d:b0:ad:
d9:a4:34:3a:52:32:45:0c:f8:67:23:f1:1c:c5:62:8b:b5:3c:
32:eb:bc:d4:42:ac:cc:ce:43:aa:bb:9e:45:83:82:c1:8e:3e:
83:38:ad:83:de:8c:7d:38:9d:d4:0a:df:5e:8a:14:ad:47:63:
a4:71:20:0c:5d:30:65:2d:50:52:9f:40:f1:3e:12:7e:13:27:
07:f5:f7:62:86:85:77:c7:2d:22:01:f4:9b:e7:8e:38:1d:76:
cc:ac:60:4a:7e:e7:63:94:69:d6:15:0b:65:e5:df:f2:e3:9d:
9c:d0:d1:ba:44:72:53:70:ff:aa:39:5f:4f:07:1b:d9:50:ef:
fb:fb:c5:f9:df:b4:ec:10:09:93:56:59:74:b7:c7:fd:c4:80:
d2:bc:3d:70:b7:f0:ac:63:6d:e9:ff:7b:07:f1:14:1f:47:58:
d6:61:5a:a5:60:0b:eb:cb:86:63:e4:99:95:35:f6:6c:22:8f:
8c:9e:38:f0
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYzI3mJ90sHX4q3AxDtDqzvdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YmE0ZjUyYWMxYmUwNzU1ZDM0YmM1NDgzYzA2MWJkZjI5
MzQ0N2UwHhcNMjQwMTAyMDYzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzEwN2VhYWE5ZjE1MTk4MWJmNTAwODFkNDcxNmRjZTAyNjY4NmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXFaWePl/YY/bcg0q52mzfTDQq7t
FEqIbVPEEtL+MWXgdmUO/Uqf5PyFW4jpZ1eF42CK7zfDkMEU2me4Z9X4VGN8uRDY
vVwbq3YL1XkpTU8l2vB40Lq3vBPvZDeJser21BGkoiUvJ8+yyYk6x2LxT5gqWBMg
BLdeyljrLiSfLmov144aRCBARe1gfIrEpaRt2XnPcV+rpVAE7jfgHkdqndJBJVbH
YP42eIQ3FhUZVOR6bQDbkniKJ2RO3l39AGifZFeghRas7QEXRsA85OZS9jKkm1ic
ptRon+QXTlOWkoiCv9LQvOb4S/XQydUTtnWmhEIrPKfTdF8KkNV/ruqT0wIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFMcQfqqp8VGYG/UAgdRxbc4CZobzMB8GA1UdIwQY
MBaAFCS6T1KsG+B1XTS8VIPAYb3yk0R+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkxwUFVxd2I0SFZkTkx4VWc4Qmh2ZktUUkg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8zOTc1NDYtZGM3Yi00NjYwLThhNTEt
YmY1OWZjMWNiMjZkLzEveHhCLXFxbnhVWmdiOVFDQjFIRnR6Z0ptaHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8zOTc1NDYtZGM3Yi00NjYwLThhNTEtYmY1OWZjMWNiMjZk
LzEvSkxwUFVxd2I0SFZkTkx4VWc4Qmh2ZktUUkg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBDBAIAATA9AwQHJdCAAwMB
JdIDAwFOZAMEBVKUYAMEBlY+wAMDAFnTAwMBsMoDAwGymAMEArlg4AMEBdRNwAME
BdWCYDANBAIAAjAHAwUDIAEaEDANBgkqhkiG9w0BAQsFAAOCAQEAfFH+q5VheEPh
Dx7NilQ3Vt16ZOogJiPubFAZGvzEeAfqIxuzHfi4b8VryF1bYIMt/s2roZKFXGWj
3A6A9lAezf7DgnphHbCt2aQ0OlIyRQz4ZyPxHMVii7U8Muu81EKszM5DqrueRYOC
wY4+gzitg96MfTid1ArfXooUrUdjpHEgDF0wZS1QUp9A8T4SfhMnB/X3YoaFd8ct
IgH0m+eOOB12zKxgSn7nY5Rp1hULZeXf8uOdnNDRukRyU3D/qjlfTwcb2VDv+/vF
+d+07BAJk1ZZdLfH/cSA0rw9cLfwrGNt6f97B/EUH0dY1mFapWAL68uGY+SZlTX2
bCKPjJ448A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:36:57 2024 by rpki-client on console-ams.rpki-client.org