Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/UfyvRqFQ443XR7JE0YlCsyUfoNI.roa
File: UfyvRqFQ443XR7JE0YlCsyUfoNI.roa (raw, json)
Hash identifier: 10a9zl5nqJqJcV9IYRmBTA5j4X45PZnIzqkf0M5Z21E=
Subject key identifier: 51:FC:AF:46:A1:50:E3:8D:D7:47:B2:44:D1:89:42:B3:25:1F:A0:D2
Certificate issuer: /CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Certificate serial: 0190DF753626FA8AA99E5241DD4D4A267A49
Authority key identifier: AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/UfyvRqFQ443XR7JE0YlCsyUfoNI.roa
Signing time: Tue 23 Jul 2024 11:58:39 +0000
ROA not before: Tue 23 Jul 2024 11:58:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25229
IP address blocks: 77.120.0.0/20 maxlen: 24
77.120.4.0/24 maxlen: 24
77.120.6.0/24 maxlen: 24
77.120.16.0/20 maxlen: 21
77.120.32.0/20 maxlen: 21
77.120.52.0/22 maxlen: 23
77.120.60.0/22 maxlen: 23
77.120.64.0/21 maxlen: 22
77.120.72.0/21 maxlen: 22
77.120.80.0/20 maxlen: 21
77.120.96.0/19 maxlen: 20
77.120.112.0/22 maxlen: 22
77.120.128.0/18 maxlen: 24
77.120.192.0/21 maxlen: 24
77.120.208.0/21 maxlen: 24
77.120.211.0/24 maxlen: 24
77.120.212.0/23 maxlen: 24
77.120.214.0/23 maxlen: 24
77.120.216.0/22 maxlen: 23
77.120.220.0/22 maxlen: 24
77.120.224.0/20 maxlen: 21
77.120.240.0/20 maxlen: 21
77.120.248.0/21 maxlen: 22
77.121.0.0/21 maxlen: 22
77.121.8.0/22 maxlen: 23
77.121.12.0/24 maxlen: 24
77.121.13.0/24 maxlen: 24
77.121.15.0/24 maxlen: 24
77.121.16.0/24 maxlen: 24
77.121.17.0/24 maxlen: 24
77.121.18.0/24 maxlen: 24
77.121.19.0/24 maxlen: 24
77.121.20.0/24 maxlen: 24
77.121.21.0/24 maxlen: 24
77.121.22.0/24 maxlen: 24
77.121.23.0/24 maxlen: 24
77.121.24.0/24 maxlen: 24
77.121.25.0/24 maxlen: 24
77.121.26.0/24 maxlen: 24
77.121.27.0/24 maxlen: 24
77.121.28.0/24 maxlen: 24
77.121.29.0/24 maxlen: 24
77.121.30.0/24 maxlen: 24
77.121.64.0/21 maxlen: 24
77.121.70.0/23 maxlen: 24
77.121.72.0/21 maxlen: 22
77.121.80.0/20 maxlen: 21
77.121.96.0/19 maxlen: 20
77.121.96.0/20 maxlen: 21
77.121.112.0/20 maxlen: 21
77.123.128.0/19 maxlen: 20
77.123.144.0/22 maxlen: 22
77.244.32.0/20 maxlen: 21
82.144.192.0/19 maxlen: 20
109.201.224.0/24 maxlen: 24
109.201.225.0/24 maxlen: 24
109.201.226.0/24 maxlen: 24
109.201.227.0/24 maxlen: 24
109.201.228.0/22 maxlen: 23
109.201.232.0/22 maxlen: 23
109.201.236.0/23 maxlen: 24
109.201.238.0/23 maxlen: 24
109.201.240.0/20 maxlen: 21
141.170.224.0/23 maxlen: 24
141.170.226.0/23 maxlen: 24
141.170.226.0/24 maxlen: 24
141.170.227.0/24 maxlen: 24
141.170.229.0/24 maxlen: 24
141.170.230.0/24 maxlen: 24
141.170.231.0/24 maxlen: 24
141.170.232.0/24 maxlen: 24
141.170.233.0/24 maxlen: 24
141.170.234.0/23 maxlen: 24
141.170.236.0/24 maxlen: 24
141.170.238.0/24 maxlen: 24
141.170.240.0/22 maxlen: 23
141.170.244.0/22 maxlen: 23
141.170.248.0/21 maxlen: 22
141.170.248.0/23 maxlen: 24
141.170.250.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rV7aCh50ecTKeP5BxY0X6dE7Z6o.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rV7aCh50ecTKeP5BxY0X6dE7Z6o.mft
rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:df:75:36:26:fa:8a:a9:9e:52:41:dd:4d:4a:26:7a:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Validity
Not Before: Jul 23 11:58:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51fcaf46a150e38dd747b244d18942b3251fa0d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b5:b3:34:83:a6:3e:5d:d1:2c:fd:06:c5:01:
dd:16:f8:b2:92:86:ac:11:e6:48:37:14:38:c3:54:
8b:7b:3c:ce:7d:c4:ce:79:35:7c:4c:71:ae:db:57:
46:a4:3e:6c:15:c9:2e:e9:e5:26:52:80:48:44:51:
0a:d8:fc:b9:14:48:29:8a:4f:55:d8:d1:82:6f:0f:
17:54:01:a9:56:8b:c7:f9:33:fb:88:05:86:36:15:
33:40:23:5f:bc:56:b5:36:1a:e5:6f:d2:fd:31:d5:
fe:12:e1:f7:ba:ae:0f:9e:ad:a6:73:70:56:be:b5:
89:bb:8a:e2:23:95:c6:b8:c7:43:db:4e:8f:ff:a4:
ed:f2:84:9a:06:6f:e6:71:fb:af:5e:04:92:af:b9:
de:7a:fc:51:f3:c6:25:86:2b:42:65:e2:af:5d:a5:
68:30:24:28:3d:8f:37:ff:b7:70:2b:a2:20:28:02:
ee:20:6b:ab:5a:93:56:62:8a:5a:94:0f:f1:0b:0e:
76:aa:24:2c:22:07:7c:4e:26:d2:99:75:0f:79:25:
5c:05:30:fd:93:1d:78:df:aa:12:59:8b:5d:ae:d4:
de:07:1b:fa:4f:43:c2:45:a7:57:e0:dc:b5:f1:d0:
78:bd:14:61:3c:67:d7:15:6b:05:47:67:92:a5:fd:
c1:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:FC:AF:46:A1:50:E3:8D:D7:47:B2:44:D1:89:42:B3:25:1F:A0:D2
X509v3 Authority Key Identifier:
keyid:AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/UfyvRqFQ443XR7JE0YlCsyUfoNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rV7aCh50ecTKeP5BxY0X6dE7Z6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.120.0.0-77.120.47.255
77.120.52.0/22
77.120.60.0-77.120.199.255
77.120.208.0-77.121.13.255
77.121.15.0-77.121.30.255
77.121.64.0/18
77.123.128.0/19
77.244.32.0/20
82.144.192.0/19
109.201.224.0/19
141.170.224.0/22
141.170.229.0-141.170.236.255
141.170.238.0/24
141.170.240.0/20
Signature Algorithm: sha256WithRSAEncryption
a0:c2:fb:b9:e3:72:e5:59:a7:81:45:94:63:dd:3a:7f:94:6c:
b2:d1:44:15:41:b7:bb:31:55:6e:75:a7:dc:3d:80:9a:c8:1f:
06:9e:86:20:0f:29:3a:cc:26:6a:a2:6a:49:e7:5a:3a:94:47:
ee:2e:54:d5:91:8e:04:54:15:fa:13:2b:2e:14:4e:d5:93:57:
6d:49:b7:39:c7:59:92:64:b5:0a:06:c7:10:a6:4d:a1:fd:4a:
63:aa:15:0b:e1:61:df:03:1c:90:4e:6e:0d:2b:8f:83:9c:02:
26:bb:f3:dc:0b:20:25:d0:a7:0d:d1:e4:75:e7:3b:3a:5e:1e:
63:b1:b2:97:d9:e8:be:4f:f8:1b:1a:b9:88:73:87:83:72:fd:
f4:ca:8f:fc:58:19:9a:c1:21:5a:f2:24:c3:14:2e:f0:01:e1:
64:53:16:b6:f7:9b:80:e8:72:b7:a3:9b:da:a1:65:aa:45:fe:
16:79:b3:87:90:15:90:49:d2:f6:4f:45:06:2b:20:06:92:86:
30:83:21:0d:7c:20:eb:46:d5:a0:d2:0b:08:ec:97:f6:cd:09:
2e:49:f8:c8:a5:e0:34:54:56:cb:4d:10:83:fd:25:c7:e9:c0:
0c:37:c5:63:74:ec:a8:67:a6:c3:72:16:df:a6:40:1d:87:a3:
7d:92:78:e6
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAZDfdTYm+oqpnlJB3U1KJnpJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNWVkYTBhMWU3NDc5YzRjYTc4ZmU0MWM1OGQxN2U5ZDEz
YjY3YWEwHhcNMjQwNzIzMTE1ODM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWZjYWY0NmExNTBlMzhkZDc0N2IyNDRkMTg5NDJiMzI1MWZhMGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbWzNIOmPl3RLP0GxQHdFviykoas
EeZINxQ4w1SLezzOfcTOeTV8THGu21dGpD5sFcku6eUmUoBIRFEK2Py5FEgpik9V
2NGCbw8XVAGpVovH+TP7iAWGNhUzQCNfvFa1Nhrlb9L9MdX+EuH3uq4Pnq2mc3BW
vrWJu4riI5XGuMdD206P/6Tt8oSaBm/mcfuvXgSSr7neevxR88YlhitCZeKvXaVo
MCQoPY83/7dwK6IgKALuIGurWpNWYopalA/xCw52qiQsIgd8TibSmXUPeSVcBTD9
kx1436oSWYtdrtTeBxv6T0PCRadX4Ny18dB4vRRhPGfXFWsFR2eSpf3BiQIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFFH8r0ahUOON10eyRNGJQrMlH6DSMB8GA1UdIwQY
MBaAFK1e2goedHnEynj+QcWNF+nRO2eqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTIt
OTQ0Y2U3ZWViMTU0LzEvVWZ5dlJxRlE0NDNYUjdKRTBZbENzeVVmb05JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTItOTQ0Y2U3ZWViMTU0
LzEvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDCBgQQCAAEwezALAwMD
TXgDBARNeCADBAJNeDQwDAMEAk14PAMEA014wDAMAwQETXjQAwQBTXkMMAwDBABN
eQ8DBABNeR4DBAZNeUADBAVNe4ADBARN9CADBAVSkMADBAVtyeADBAKNquAwDAME
AI2q5QMEAI2q7AMEAI2q7gMEBI2q8DANBgkqhkiG9w0BAQsFAAOCAQEAoML7ueNy
5VmngUWUY906f5RsstFEFUG3uzFVbnWn3D2AmsgfBp6GIA8pOswmaqJqSedaOpRH
7i5U1ZGOBFQV+hMrLhRO1ZNXbUm3OcdZkmS1CgbHEKZNof1KY6oVC+Fh3wMckE5u
DSuPg5wCJrvz3AsgJdCnDdHkdec7Ol4eY7Gyl9novk/4Gxq5iHOHg3L99MqP/FgZ
msEhWvIkwxQu8AHhZFMWtvebgOhyt6Ob2qFlqkX+Fnmzh5AVkEnS9k9FBisgBpKG
MIMhDXwg60bVoNILCOyX9s0JLkn4yKXgNFRWy00Qg/0lx+nADDfFY3TsqGemw3IW
36ZAHYejfZJ45g==
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:15:14 2024 by rpki-client on console-fra.rpki-client.org