Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/FlGMQXNM1zUHlbKAnR37epgdjG0.roa
File: FlGMQXNM1zUHlbKAnR37epgdjG0.roa (raw, json)
Hash identifier: htZt99hFyp5+fe7Pzdpq7Ig+P8mHbiZWpxkN94jZ3AU=
Subject key identifier: 16:51:8C:41:73:4C:D7:35:07:95:B2:80:9D:1D:FB:7A:98:1D:8C:6D
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0191772C6274D95E6BCA9ED69BD85FE9B923
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/FlGMQXNM1zUHlbKAnR37epgdjG0.roa
Signing time: Wed 21 Aug 2024 23:01:23 +0000
ROA not before: Wed 21 Aug 2024 23:01:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51765
IP address blocks: 37.72.141.0/24 maxlen: 24
45.159.21.0/24 maxlen: 24
45.159.22.0/24 maxlen: 24
46.253.131.0/24 maxlen: 24
62.204.49.0/24 maxlen: 24
77.83.24.0/22 maxlen: 24
83.97.116.0/22 maxlen: 24
88.218.45.0/24 maxlen: 24
88.218.47.0/24 maxlen: 24
91.246.51.0/24 maxlen: 24
91.247.163.0/24 maxlen: 24
94.154.113.0/24 maxlen: 24
146.19.39.0/24 maxlen: 24
146.19.44.0/24 maxlen: 24
176.126.104.0/24 maxlen: 24
178.20.28.0/22 maxlen: 24
185.202.108.0/24 maxlen: 24
185.212.115.0/24 maxlen: 24
193.31.126.0/24 maxlen: 24
193.151.189.0/24 maxlen: 24
193.151.190.0/24 maxlen: 24
193.151.191.0/24 maxlen: 24
193.163.89.0/24 maxlen: 24
193.163.92.0/24 maxlen: 24
193.163.207.0/24 maxlen: 24
194.70.234.0/24 maxlen: 24
194.99.24.0/24 maxlen: 24
194.99.26.0/24 maxlen: 24
212.18.113.0/24 maxlen: 24
212.18.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:77:2c:62:74:d9:5e:6b:ca:9e:d6:9b:d8:5f:e9:b9:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Aug 21 23:01:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16518c41734cd7350795b2809d1dfb7a981d8c6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:17:56:67:13:a9:27:ff:61:06:e5:ea:2a:b6:
8f:e5:fb:89:94:33:5b:6f:0f:a6:e3:34:e9:b1:2b:
2e:39:3b:64:b8:e3:6f:7f:11:41:1c:ad:76:cc:5f:
5a:74:79:69:6c:a0:4e:81:19:c2:71:77:77:4c:52:
30:23:4c:d5:80:3b:5b:4d:65:d8:52:5c:0b:c7:3b:
1f:d8:81:eb:1b:14:0f:c5:29:43:a7:99:3d:22:18:
c4:5a:e4:fe:5b:af:6c:f7:6a:ee:27:05:ec:f8:ec:
14:d1:dd:13:af:fb:fd:6f:f2:29:e6:63:67:d2:cf:
b4:9e:03:07:3a:f5:91:44:6a:c6:45:c0:01:a5:aa:
b3:6c:0f:e1:bd:eb:5e:e0:7c:ff:5a:79:6c:36:f8:
9d:9c:00:ed:c1:d9:60:f3:71:be:95:a4:5f:87:71:
13:df:44:e6:c0:5d:01:1d:9c:12:34:36:d1:77:29:
b4:b9:c6:d3:af:31:e4:87:9e:a6:26:fa:6b:15:55:
90:f2:91:15:e4:b8:db:a9:d0:39:16:06:55:e5:93:
24:ba:85:87:28:04:05:e7:20:57:a0:3d:c4:cd:0d:
d1:34:35:99:45:2f:9e:79:0c:b4:1d:94:95:a1:00:
c8:3e:ee:c4:34:18:8a:ec:b4:84:b2:81:11:de:a2:
50:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:51:8C:41:73:4C:D7:35:07:95:B2:80:9D:1D:FB:7A:98:1D:8C:6D
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/FlGMQXNM1zUHlbKAnR37epgdjG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.141.0/24
45.159.21.0-45.159.22.255
46.253.131.0/24
62.204.49.0/24
77.83.24.0/22
83.97.116.0/22
88.218.45.0/24
88.218.47.0/24
91.246.51.0/24
91.247.163.0/24
94.154.113.0/24
146.19.39.0/24
146.19.44.0/24
176.126.104.0/24
178.20.28.0/22
185.202.108.0/24
185.212.115.0/24
193.31.126.0/24
193.151.189.0-193.151.191.255
193.163.89.0/24
193.163.92.0/24
193.163.207.0/24
194.70.234.0/24
194.99.24.0/24
194.99.26.0/24
212.18.113.0/24
212.18.127.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:14:e0:eb:72:bf:ae:51:d3:ff:49:4f:59:c9:ef:ba:5e:74:
de:92:8d:e3:72:b4:0f:11:ce:39:04:6d:5f:f9:f0:03:cb:4f:
f3:cb:d8:19:5b:a7:6f:e1:e3:ed:95:e7:bf:74:ad:83:d0:8e:
e9:2b:73:ab:36:12:85:79:7a:bf:a0:8b:17:a1:f3:6c:0e:fe:
df:0a:af:53:57:0d:ce:1e:21:2d:cc:c6:40:61:eb:dd:c6:02:
07:6b:ec:bc:08:33:1a:81:fe:cd:3f:29:d9:8c:56:cd:fb:be:
fa:2a:1c:98:aa:b2:11:17:2b:48:6b:41:36:d3:51:c3:f3:3e:
e9:aa:ab:13:e4:bd:86:99:8b:62:43:92:37:75:ee:0e:da:b5:
1b:18:64:5f:75:b2:2a:b7:e4:c5:3d:42:21:f7:00:26:47:99:
2d:f7:2a:9f:17:fc:45:76:fc:6b:eb:e6:5a:4c:2a:f4:6b:5e:
77:6e:0a:01:3c:de:f1:b5:03:75:16:6b:a8:5d:46:86:a7:0e:
c8:06:4f:02:ef:d0:bb:51:29:02:8b:58:cc:69:90:a6:96:84:
b5:d3:51:25:e8:01:fa:93:d9:12:32:d2:da:ab:f4:af:fb:ef:
f8:84:0a:51:73:5d:7c:7b:71:39:8a:ea:39:16:79:a5:57:c2:
6d:4f:80:12
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAZF3LGJ02V5ryp7Wm9hf6bkjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjQwODIxMjMwMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjUxOGM0MTczNGNkNzM1MDc5NWIyODA5ZDFkZmI3YTk4MWQ4YzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBdWZxOpJ/9hBuXqKraP5fuJlDNb
bw+m4zTpsSsuOTtkuONvfxFBHK12zF9adHlpbKBOgRnCcXd3TFIwI0zVgDtbTWXY
UlwLxzsf2IHrGxQPxSlDp5k9IhjEWuT+W69s92ruJwXs+OwU0d0Tr/v9b/Ip5mNn
0s+0ngMHOvWRRGrGRcABpaqzbA/hvete4Hz/WnlsNvidnADtwdlg83G+laRfh3ET
30TmwF0BHZwSNDbRdym0ucbTrzHkh56mJvprFVWQ8pEV5LjbqdA5FgZV5ZMkuoWH
KAQF5yBXoD3EzQ3RNDWZRS+eeQy0HZSVoQDIPu7ENBiK7LSEsoER3qJQvwIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFBZRjEFzTNc1B5WygJ0d+3qYHYxtMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvRmxHTVFYTk0xelVIbGJLQW5SMzdlcGdkakcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAAl
SI0wDAMEAC2fFQMEAC2fFgMEAC79gwMEAD7MMQMEAk1TGAMEAlNhdAMEAFjaLQME
AFjaLwMEAFv2MwMEAFv3owMEAF6acQMEAJITJwMEAJITLAMEALB+aAMEArIUHAME
ALnKbAMEALnUcwMEAMEffjAMAwQAwZe9AwQGwZeAAwQAwaNZAwQAwaNcAwQAwaPP
AwQAwkbqAwQAwmMYAwQAwmMaAwQA1BJxAwQA1BJ/MA0GCSqGSIb3DQEBCwUAA4IB
AQB9FODrcr+uUdP/SU9Zye+6XnTeko3jcrQPEc45BG1f+fADy0/zy9gZW6dv4ePt
lee/dK2D0I7pK3OrNhKFeXq/oIsXofNsDv7fCq9TVw3OHiEtzMZAYevdxgIHa+y8
CDMagf7NPynZjFbN+776KhyYqrIRFytIa0E201HD8z7pqqsT5L2GmYtiQ5I3de4O
2rUbGGRfdbIqt+TFPUIh9wAmR5kt9yqfF/xFdvxr6+ZaTCr0a153bgoBPN7xtQN1
FmuoXUaGpw7IBk8C79C7USkCi1jMaZCmloS101El6AH6k9kSMtLaq/Sv++/4hApR
c118e3E5iuo5FnmlV8JtT4AS
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:50:17 2024 by rpki-client on console-fra.rpki-client.org