Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/DazDJ2e9jzNzW-57MLb4NmWNc1o.roa
File: DazDJ2e9jzNzW-57MLb4NmWNc1o.roa (raw, json)
Hash identifier: zlV/vdc2q2yo89jNGtYUQOG4X4PxzkF0mW4UeVoHgl8=
Subject key identifier: 0D:AC:C3:27:67:BD:8F:33:73:5B:EE:7B:30:B6:F8:36:65:8D:73:5A
Certificate issuer: /CN=505127723ea0cfd0724713b291734caa353e20ea
Certificate serial: 018F0328FD8DED26215BE73286E0717B195F
Authority key identifier: 50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/DazDJ2e9jzNzW-57MLb4NmWNc1o.roa
Signing time: Mon 22 Apr 2024 00:16:08 +0000
ROA not before: Mon 22 Apr 2024 00:16:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46261
IP address blocks: 59.152.124.0/22 maxlen: 24
61.14.224.0/22 maxlen: 24
79.110.176.0/21 maxlen: 24
79.110.181.0/24 maxlen: 24
85.8.148.0/22 maxlen: 24
85.202.172.0/22 maxlen: 24
85.202.173.0/24 maxlen: 24
91.132.84.0/24 maxlen: 24
91.132.85.0/24 maxlen: 24
91.132.86.0/24 maxlen: 24
91.132.87.0/24 maxlen: 24
103.203.40.0/22 maxlen: 24
103.205.84.0/22 maxlen: 24
103.207.160.0/22 maxlen: 24
103.207.163.0/24 maxlen: 24
121.46.124.0/22 maxlen: 24
160.238.96.0/22 maxlen: 24
185.105.10.0/24 maxlen: 24
185.118.132.0/22 maxlen: 24
185.118.135.0/24 maxlen: 24
185.145.44.0/22 maxlen: 24
185.147.156.0/22 maxlen: 24
185.147.158.0/24 maxlen: 24
185.157.232.0/22 maxlen: 24
185.158.136.0/22 maxlen: 24
185.176.88.0/22 maxlen: 24
185.176.90.0/24 maxlen: 24
185.190.56.0/22 maxlen: 24
185.196.24.0/23 maxlen: 24
185.196.26.0/23 maxlen: 24
185.202.44.0/23 maxlen: 24
185.202.46.0/23 maxlen: 24
185.206.20.0/23 maxlen: 24
185.206.20.0/24 maxlen: 24
185.206.22.0/23 maxlen: 24
185.209.128.0/23 maxlen: 24
185.209.128.0/24 maxlen: 24
185.209.130.0/23 maxlen: 24
185.213.16.0/23 maxlen: 24
185.213.18.0/23 maxlen: 24
185.214.140.0/22 maxlen: 24
185.214.142.0/23 maxlen: 24
185.214.240.0/23 maxlen: 24
185.214.240.0/24 maxlen: 24
185.214.242.0/23 maxlen: 24
185.219.20.0/22 maxlen: 24
185.219.23.0/24 maxlen: 24
185.225.12.0/23 maxlen: 24
185.225.14.0/23 maxlen: 24
185.227.252.0/23 maxlen: 24
185.227.252.0/24 maxlen: 24
185.227.254.0/23 maxlen: 24
185.227.254.0/24 maxlen: 24
185.228.44.0/22 maxlen: 24
185.235.120.0/22 maxlen: 24
185.235.122.0/24 maxlen: 24
185.235.123.0/24 maxlen: 24
185.238.115.0/24 maxlen: 24
185.242.185.0/24 maxlen: 24
193.31.112.0/22 maxlen: 24
193.31.114.0/24 maxlen: 24
193.163.35.0/24 maxlen: 24
193.176.116.0/22 maxlen: 24
193.187.180.0/22 maxlen: 24
194.50.192.0/22 maxlen: 24
195.216.148.0/22 maxlen: 24
195.245.74.0/23 maxlen: 24
217.18.56.0/22 maxlen: 24
2a07:4580::/29 maxlen: 29
2a07:4580:b0d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:03:28:fd:8d:ed:26:21:5b:e7:32:86:e0:71:7b:19:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505127723ea0cfd0724713b291734caa353e20ea
Validity
Not Before: Apr 22 00:16:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0dacc32767bd8f33735bee7b30b6f836658d735a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:12:fd:54:4c:97:26:52:e6:7f:bb:4c:b8:52:
19:56:50:dc:08:e9:b9:40:a6:ca:f1:b0:5f:5f:dd:
a7:cb:b4:89:ea:06:13:23:0c:40:09:18:aa:36:03:
8c:b6:dd:c9:60:b2:d0:d1:01:ff:f6:72:c9:b4:4e:
b6:1f:5a:7e:39:e8:dc:04:8c:35:8e:e6:8b:8e:3c:
34:a1:36:80:e4:b9:d6:04:b6:4f:2a:9a:13:07:ad:
2d:86:44:14:68:d6:a0:40:31:10:65:d0:6e:34:43:
d1:7e:3b:17:6b:1c:80:23:c6:bc:d2:7e:39:4d:8e:
34:15:48:6a:cb:f5:8a:78:1d:bc:39:ce:ed:bc:50:
50:c1:42:6b:2b:0c:a9:11:2b:8c:6b:b7:cc:39:5b:
e4:d0:8f:3f:fa:09:2e:71:83:63:db:1e:7a:89:d3:
67:b3:27:23:0a:7b:e1:42:94:28:88:af:b2:4d:c0:
a7:77:3b:64:85:16:f2:c7:31:b7:39:16:21:1f:46:
e4:5f:a5:2d:11:18:a4:0f:52:55:01:85:16:fe:03:
45:a1:77:23:72:b7:d8:09:11:2a:a1:16:6c:56:0b:
3e:7e:1a:ee:d0:c4:25:30:41:d4:80:a8:2d:42:8a:
38:b0:f6:61:46:df:b4:c5:4b:ea:fe:3f:b2:19:3e:
b2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:AC:C3:27:67:BD:8F:33:73:5B:EE:7B:30:B6:F8:36:65:8D:73:5A
X509v3 Authority Key Identifier:
keyid:50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/DazDJ2e9jzNzW-57MLb4NmWNc1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
59.152.124.0/22
61.14.224.0/22
79.110.176.0/21
85.8.148.0/22
85.202.172.0/22
91.132.84.0/22
103.203.40.0/22
103.205.84.0/22
103.207.160.0/22
121.46.124.0/22
160.238.96.0/22
185.105.10.0/24
185.118.132.0/22
185.145.44.0/22
185.147.156.0/22
185.157.232.0/22
185.158.136.0/22
185.176.88.0/22
185.190.56.0/22
185.196.24.0/22
185.202.44.0/22
185.206.20.0/22
185.209.128.0/22
185.213.16.0/22
185.214.140.0/22
185.214.240.0/22
185.219.20.0/22
185.225.12.0/22
185.227.252.0/22
185.228.44.0/22
185.235.120.0/22
185.238.115.0/24
185.242.185.0/24
193.31.112.0/22
193.163.35.0/24
193.176.116.0/22
193.187.180.0/22
194.50.192.0/22
195.216.148.0/22
195.245.74.0/23
217.18.56.0/22
IPv6:
2a07:4580::/29
Signature Algorithm: sha256WithRSAEncryption
3c:c8:6c:c1:84:b3:d4:f5:1b:9d:5e:f8:ca:4a:29:2d:11:da:
b0:6e:18:ac:60:56:ce:e3:79:48:90:e1:6d:75:ca:b7:9a:3c:
49:19:81:0c:5a:11:2f:2b:7c:80:25:94:2b:9c:48:4a:e9:fa:
4d:b7:3a:e1:2a:90:95:a8:bb:47:0e:8b:40:d1:9a:84:54:04:
03:89:4f:f1:1a:72:32:fe:d1:ad:71:ab:be:32:af:c7:c5:8f:
20:ed:3e:98:74:68:e5:d4:9b:97:e5:72:41:24:7a:df:c3:c9:
2b:6f:7a:d5:22:41:8a:fb:22:88:99:9f:10:61:ae:91:58:32:
d8:bc:81:2a:80:85:7c:95:bb:54:ed:38:75:b6:01:ae:99:d3:
e6:77:d8:e9:89:7f:dc:d2:5e:1d:83:fb:49:17:f3:b3:d0:cd:
5c:ec:5c:b7:22:eb:d4:1c:e9:81:9c:e8:f2:2b:86:61:e9:95:
4d:da:12:08:ae:c3:54:dd:d6:f2:7e:d5:6b:3e:b9:60:41:0a:
da:f7:b9:cb:ec:ce:c2:72:99:3b:e6:2d:d4:49:0c:73:9f:71:
cc:a3:1f:6e:18:46:5e:da:b7:9a:39:be:36:2d:6d:8b:f3:5c:
3a:14:77:33:73:55:22:75:e0:8f:9b:cd:4d:3c:a5:be:e3:61:
4c:77:de:0c
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgISAY8DKP2N7SYhW+cyhuBxexlfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTEyNzcyM2VhMGNmZDA3MjQ3MTNiMjkxNzM0Y2FhMzUz
ZTIwZWEwHhcNMjQwNDIyMDAxNjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGFjYzMyNzY3YmQ4ZjMzNzM1YmVlN2IzMGI2ZjgzNjY1OGQ3MzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxL9VEyXJlLmf7tMuFIZVlDcCOm5
QKbK8bBfX92ny7SJ6gYTIwxACRiqNgOMtt3JYLLQ0QH/9nLJtE62H1p+OejcBIw1
juaLjjw0oTaA5LnWBLZPKpoTB60thkQUaNagQDEQZdBuNEPRfjsXaxyAI8a80n45
TY40FUhqy/WKeB28Oc7tvFBQwUJrKwypESuMa7fMOVvk0I8/+gkucYNj2x56idNn
sycjCnvhQpQoiK+yTcCndztkhRbyxzG3ORYhH0bkX6UtERikD1JVAYUW/gNFoXcj
crfYCREqoRZsVgs+fhru0MQlMEHUgKgtQoo4sPZhRt+0xUvq/j+yGT6yrwIDAQAB
o4IDEDCCAwwwHQYDVR0OBBYEFA2swydnvY8zc1vuezC2+DZljXNaMB8GA1UdIwQY
MBaAFFBRJ3I+oM/QckcTspFzTKo1PiDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYt
NTU2MDhiNjk0NDU2LzEvRGF6REoyZTlqek56Vy01N01MYjRObVdOYzFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYtNTU2MDhiNjk0NDU2
LzEvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJAYIKwYBBQUHAQcBAf8EggETMIIBDzCB/QQCAAEwgfYD
BAI7mHwDBAI9DuADBANPbrADBAJVCJQDBAJVyqwDBAJbhFQDBAJnyygDBAJnzVQD
BAJnz6ADBAJ5LnwDBAKg7mADBAC5aQoDBAK5doQDBAK5kSwDBAK5k5wDBAK5negD
BAK5nogDBAK5sFgDBAK5vjgDBAK5xBgDBAK5yiwDBAK5zhQDBAK50YADBAK51RAD
BAK51owDBAK51vADBAK52xQDBAK54QwDBAK54/wDBAK55CwDBAK563gDBAC57nMD
BAC58rkDBALBH3ADBADBoyMDBALBsHQDBALBu7QDBALCMsADBALD2JQDBAHD9UoD
BALZEjgwDQQCAAIwBwMFAyoHRYAwDQYJKoZIhvcNAQELBQADggEBADzIbMGEs9T1
G51e+MpKKS0R2rBuGKxgVs7jeUiQ4W11yreaPEkZgQxaES8rfIAllCucSErp+k23
OuEqkJWou0cOi0DRmoRUBAOJT/EacjL+0a1xq74yr8fFjyDtPph0aOXUm5flckEk
et/DyStvetUiQYr7IoiZnxBhrpFYMti8gSqAhXyVu1TtOHW2Aa6Z0+Z32OmJf9zS
Xh2D+0kX87PQzVzsXLci69Qc6YGc6PIrhmHplU3aEgiuw1Td1vJ+1Ws+uWBBCtr3
ucvszsJymTvmLdRJDHOfccyjH24YRl7at5o5vjYtbYvzXDoUdzNzVSJ14I+bzU08
pb7jYUx33gw=
-----END CERTIFICATE-----
Generated at Sat May 4 20:03:27 2024 by rpki-client on console-ams.rpki-client.org