Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/UrVumc67ZfQQxY4cDqDEw5D5G_Y.roa
File: UrVumc67ZfQQxY4cDqDEw5D5G_Y.roa (raw, json)
Hash identifier: UjAEKDI5xzL1nuMOj1BOWTOHlorYkoDFIfG4jVJdnHU=
Subject key identifier: 52:B5:6E:99:CE:BB:65:F4:10:C5:8E:1C:0E:A0:C4:C3:90:F9:1B:F6
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 018CC7270BAA81EB9A9FCCFF804517FB3686
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/UrVumc67ZfQQxY4cDqDEw5D5G_Y.roa
Signing time: Mon 01 Jan 2024 22:31:14 +0000
ROA not before: Mon 01 Jan 2024 22:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23764
IP address blocks: 5.10.136.112/29 maxlen: 29
95.130.192.0/24 maxlen: 24
95.130.199.0/24 maxlen: 24
95.130.194.0/24 maxlen: 24
5.154.128.0/24 maxlen: 24
5.154.129.0/24 maxlen: 24
5.10.141.8/30 maxlen: 30
5.10.141.136/30 maxlen: 30
5.154.144.0/24 maxlen: 24
5.154.145.0/24 maxlen: 24
5.154.146.0/24 maxlen: 24
5.154.147.0/24 maxlen: 24
5.154.158.0/24 maxlen: 24
5.154.159.0/24 maxlen: 24
5.154.154.0/24 maxlen: 24
5.154.155.0/24 maxlen: 24
5.154.156.0/24 maxlen: 24
5.154.157.0/24 maxlen: 24
87.120.16.0/24 maxlen: 24
87.120.17.0/24 maxlen: 24
87.120.23.0/24 maxlen: 24
87.120.24.0/24 maxlen: 24
87.120.18.0/24 maxlen: 24
87.120.19.0/24 maxlen: 24
87.120.20.0/24 maxlen: 24
87.120.21.0/24 maxlen: 24
87.120.22.0/24 maxlen: 24
87.120.25.0/24 maxlen: 24
87.120.26.0/24 maxlen: 24
87.120.27.0/24 maxlen: 24
145.14.80.0/24 maxlen: 24
145.14.83.0/24 maxlen: 24
145.14.85.0/24 maxlen: 24
145.14.87.0/24 maxlen: 24
145.14.89.0/24 maxlen: 24
145.14.91.0/24 maxlen: 24
145.14.92.0/24 maxlen: 24
145.14.93.0/24 maxlen: 24
79.139.0.0/24 maxlen: 24
79.139.1.0/24 maxlen: 24
79.139.2.0/24 maxlen: 24
79.139.3.0/24 maxlen: 24
79.139.4.0/24 maxlen: 24
79.139.6.0/24 maxlen: 24
79.139.7.0/24 maxlen: 24
79.139.8.0/24 maxlen: 24
79.139.9.0/24 maxlen: 24
79.139.10.0/24 maxlen: 24
79.139.11.0/24 maxlen: 24
79.139.5.0/24 maxlen: 24
79.139.13.0/24 maxlen: 24
79.139.14.0/24 maxlen: 24
79.139.12.0/24 maxlen: 24
5.10.136.208/30 maxlen: 30
145.14.66.0/24 maxlen: 24
145.14.68.0/24 maxlen: 24
145.14.70.0/24 maxlen: 24
145.14.73.0/24 maxlen: 24
145.14.76.0/24 maxlen: 24
145.14.77.0/24 maxlen: 24
145.14.78.0/24 maxlen: 24
2a04:f581:a00e:a004::/64 maxlen: 64
2a04:f581:a00f::/48 maxlen: 48
2a04:f581:a00e:a003::/64 maxlen: 64
2a04:f581:110b::/48 maxlen: 48
2a04:f581:81b0::/48 maxlen: 48
2a04:f581:80b0::/48 maxlen: 48
2a04:f581:82b0::/48 maxlen: 48
2a04:f581:8170::/48 maxlen: 48
2a04:f581:8270::/48 maxlen: 48
2a04:f581:8070::/48 maxlen: 48
2a04:f580:9210::/48 maxlen: 48
2a04:f581:110a::/48 maxlen: 48
2a04:f581:8240::/48 maxlen: 48
2a04:f581:8040::/48 maxlen: 48
2a04:f581:8140::/48 maxlen: 48
2a04:f580:9030:100::/56 maxlen: 56
2a04:f581:a00e:a002::/64 maxlen: 64
2a04:f581:a00e:a001::/64 maxlen: 64
2a04:f581:8190::/48 maxlen: 48
2a04:f581:8290::/48 maxlen: 48
2a04:f581:8090::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:0b:aa:81:eb:9a:9f:cc:ff:80:45:17:fb:36:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Jan 1 22:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52b56e99cebb65f410c58e1c0ea0c4c390f91bf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:fd:31:51:8b:d6:09:cd:4f:d0:a7:1a:97:2a:
8c:4f:4a:5e:5d:37:d4:87:87:53:a7:9a:f8:57:b3:
ff:12:b1:ac:78:89:7c:d2:e1:ff:65:8a:e2:1d:c4:
69:95:d1:13:5c:fd:28:4d:8c:ce:0f:d8:29:6f:22:
93:57:64:28:a5:05:0c:c0:3e:86:f0:6e:20:1d:0c:
04:df:54:35:17:5b:7f:b0:08:d4:2a:9a:ee:99:18:
6b:67:cd:ea:64:67:1c:dd:0c:5c:c0:44:6f:6e:3d:
69:cd:68:50:5f:e4:88:a0:e9:76:32:e4:62:56:fd:
58:5a:6a:02:f0:20:e3:9a:30:be:d6:c4:0e:50:e5:
bc:38:37:4e:62:d1:aa:6e:e2:05:0f:be:d6:59:72:
b6:02:35:b0:76:6a:f9:cf:ac:5d:45:19:08:b5:4a:
ce:1a:da:37:6c:be:57:cd:fd:7d:26:26:99:0b:e3:
bf:1a:86:00:ea:59:62:d1:ef:4a:e4:53:c0:d3:50:
67:6b:13:a8:c1:17:15:28:c6:c7:b5:fa:25:9c:48:
b4:66:e2:a8:2f:17:95:99:78:7e:39:03:a6:b7:fb:
67:14:05:0a:f4:1a:c9:70:0e:0c:a7:67:cf:f5:7e:
ae:ac:42:2c:8f:2c:57:c2:aa:29:30:80:63:cd:72:
cf:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B5:6E:99:CE:BB:65:F4:10:C5:8E:1C:0E:A0:C4:C3:90:F9:1B:F6
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/UrVumc67ZfQQxY4cDqDEw5D5G_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.136.112/29
5.10.136.208/30
5.10.141.8/30
5.10.141.136/30
5.154.128.0/23
5.154.144.0/22
5.154.154.0-5.154.159.255
79.139.0.0-79.139.14.255
87.120.16.0-87.120.27.255
95.130.192.0/24
95.130.194.0/24
95.130.199.0/24
145.14.66.0/24
145.14.68.0/24
145.14.70.0/24
145.14.73.0/24
145.14.76.0-145.14.78.255
145.14.80.0/24
145.14.83.0/24
145.14.85.0/24
145.14.87.0/24
145.14.89.0/24
145.14.91.0-145.14.93.255
IPv6:
2a04:f580:9030:100::/56
2a04:f580:9210::/48
2a04:f581:110a::/47
2a04:f581:8040::/48
2a04:f581:8070::/48
2a04:f581:8090::/48
2a04:f581:80b0::/48
2a04:f581:8140::/48
2a04:f581:8170::/48
2a04:f581:8190::/48
2a04:f581:81b0::/48
2a04:f581:8240::/48
2a04:f581:8270::/48
2a04:f581:8290::/48
2a04:f581:82b0::/48
2a04:f581:a00e:a001::-2a04:f581:a00e:a004:ffff:ffff:ffff:ffff
2a04:f581:a00f::/48
Signature Algorithm: sha256WithRSAEncryption
bb:2b:89:0e:35:4b:3b:f9:d9:c2:8a:95:8b:c8:90:eb:4f:1e:
c9:01:45:31:5c:c4:62:34:99:51:2f:fc:c1:8d:eb:f0:89:85:
9d:4f:80:7b:52:3d:9a:a1:bf:26:2b:cf:e7:9c:b6:20:53:9b:
bf:cd:b6:26:3c:8a:e8:bb:85:93:c7:3b:c9:27:1c:8b:46:3d:
ca:1b:2a:ef:66:4f:d5:9b:42:6b:c3:4c:48:3c:15:0f:18:f9:
d4:62:cf:5b:69:47:0c:34:0e:25:67:82:cc:4c:73:66:68:62:
c2:4e:1c:2a:4f:49:61:ae:04:3e:f9:1b:4e:e4:de:59:34:06:
ab:58:a3:b4:6c:74:61:4c:f1:24:1a:bd:a9:0a:96:d0:a2:c2:
0a:ad:83:81:9e:7e:7b:83:da:f9:59:f8:ec:63:1b:73:d9:c6:
4c:5e:0e:20:16:f2:ec:f7:94:38:2a:92:91:f4:4e:a5:46:9c:
83:05:3c:6e:34:5d:20:45:5b:eb:b2:47:dd:33:9f:77:ae:60:
31:24:67:00:f3:8c:80:10:75:fb:bf:01:c9:5e:1a:1d:bc:c9:
69:82:37:d8:c9:e0:44:22:ce:47:4e:cf:cc:c3:d9:0d:ed:00:
b6:f4:03:a0:ea:6f:ad:ed:ee:e2:66:62:a6:a0:4f:3c:f7:c2:
45:79:90:ff
-----BEGIN CERTIFICATE-----
MIIGZzCCBU+gAwIBAgISAYzHJwuqgeuan8z/gEUX+zaGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjQwMTAxMjIzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmI1NmU5OWNlYmI2NWY0MTBjNThlMWMwZWEwYzRjMzkwZjkxYmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiP0xUYvWCc1P0KcalyqMT0peXTfU
h4dTp5r4V7P/ErGseIl80uH/ZYriHcRpldETXP0oTYzOD9gpbyKTV2QopQUMwD6G
8G4gHQwE31Q1F1t/sAjUKprumRhrZ83qZGcc3QxcwERvbj1pzWhQX+SIoOl2MuRi
Vv1YWmoC8CDjmjC+1sQOUOW8ODdOYtGqbuIFD77WWXK2AjWwdmr5z6xdRRkItUrO
Gto3bL5Xzf19JiaZC+O/GoYA6lli0e9K5FPA01BnaxOowRcVKMbHtfolnEi0ZuKo
LxeVmXh+OQOmt/tnFAUK9BrJcA4Mp2fP9X6urEIsjyxXwqopMIBjzXLPUQIDAQAB
o4IDczCCA28wHQYDVR0OBBYEFFK1bpnOu2X0EMWOHA6gxMOQ+Rv2MB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvVXJWdW1jNjdaZlFReFk0Y0RxREV3NUQ1R19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhwYIKwYBBQUHAQcBAf8EggF2MIIBcjCBvAQCAAEwgbUD
BQMFCohwAwUCBQqI0AMFAgUKjQgDBQIFCo2IAwQBBZqAAwQCBZqQMAwDBAEFmpoD
BAUFmoAwCwMDAE+LAwQAT4sOMAwDBARXeBADBAJXeBgDBABfgsADBABfgsIDBABf
gscDBACRDkIDBACRDkQDBACRDkYDBACRDkkwDAMEApEOTAMEAJEOTgMEAJEOUAME
AJEOUwMEAJEOVQMEAJEOVwMEAJEOWTAMAwQAkQ5bAwQBkQ5cMIGwBAIAAjCBqQMI
ACoE9YCQMAEDBwAqBPWAkhADBwEqBPWBEQoDBwAqBPWBgEADBwAqBPWBgHADBwAq
BPWBgJADBwAqBPWBgLADBwAqBPWBgUADBwAqBPWBgXADBwAqBPWBgZADBwAqBPWB
gbADBwAqBPWBgkADBwAqBPWBgnADBwAqBPWBgpADBwAqBPWBgrAwFgMJACoE9YGg
DqABAwkAKgT1gaAOoAQDBwAqBPWBoA8wDQYJKoZIhvcNAQELBQADggEBALsriQ41
Szv52cKKlYvIkOtPHskBRTFcxGI0mVEv/MGN6/CJhZ1PgHtSPZqhvyYrz+ectiBT
m7/NtiY8iui7hZPHO8knHItGPcobKu9mT9WbQmvDTEg8FQ8Y+dRiz1tpRww0DiVn
gsxMc2ZoYsJOHCpPSWGuBD75G07k3lk0BqtYo7RsdGFM8SQavakKltCiwgqtg4Ge
fnuD2vlZ+OxjG3PZxkxeDiAW8uz3lDgqkpH0TqVGnIMFPG40XSBFW+uyR90zn3eu
YDEkZwDzjIAQdfu/AcleGh28yWmCN9jJ4EQizkdOz8zD2Q3tALb0A6Dqb63t7uJm
YqagTzz3wkV5kP8=
-----END CERTIFICATE-----
Generated at Fri May 17 11:22:27 2024 by rpki-client on console-ams.rpki-client.org