Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/cd4af6-b742-4cdc-b3a0-67a87d8a3b9b/1/FZ4EyeZPgcLx8EWSjF_PgComLSA.roa
File: FZ4EyeZPgcLx8EWSjF_PgComLSA.roa (raw, json)
Hash identifier: wzk57mH1eQ++iAp9iqP2Glc4ZWew96fth2RQ3cubb2g=
Subject key identifier: 15:9E:04:C9:E6:4F:81:C2:F1:F0:45:92:8C:5F:CF:80:2A:26:2D:20
Certificate issuer: /CN=d4fdd596267d56f7ce56ebfaec86a32708fede00
Certificate serial: 018CC56EAA1DD0E6F1EC82D8FB98B7D5B49E
Authority key identifier: D4:FD:D5:96:26:7D:56:F7:CE:56:EB:FA:EC:86:A3:27:08:FE:DE:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P3VliZ9VvfOVuv67IajJwj-3gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/cd4af6-b742-4cdc-b3a0-67a87d8a3b9b/1/FZ4EyeZPgcLx8EWSjF_PgComLSA.roa
Signing time: Mon 01 Jan 2024 14:30:13 +0000
ROA not before: Mon 01 Jan 2024 14:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206206
IP address blocks: 213.32.252.0/23 maxlen: 24
213.32.254.0/23 maxlen: 24
185.187.77.0/24 maxlen: 24
185.187.76.0/22 maxlen: 24
185.187.76.0/24 maxlen: 24
185.187.78.0/24 maxlen: 24
185.187.79.0/24 maxlen: 24
185.244.152.0/22 maxlen: 24
185.244.152.0/24 maxlen: 24
185.244.152.0/23 maxlen: 24
185.244.155.0/24 maxlen: 24
185.244.154.0/23 maxlen: 24
185.244.154.0/24 maxlen: 24
185.244.153.0/24 maxlen: 24
212.237.120.0/23 maxlen: 24
212.237.122.0/23 maxlen: 24
212.237.122.0/24 maxlen: 24
212.237.121.0/24 maxlen: 24
212.237.120.0/22 maxlen: 24
212.237.120.0/24 maxlen: 24
212.237.119.0/24 maxlen: 24
212.237.125.0/24 maxlen: 24
185.106.30.0/23 maxlen: 24
212.237.123.0/24 maxlen: 24
185.106.28.0/23 maxlen: 24
212.237.124.0/22 maxlen: 24
212.237.124.0/24 maxlen: 24
212.237.127.0/24 maxlen: 24
212.237.126.0/24 maxlen: 24
185.136.150.0/24 maxlen: 24
185.136.150.0/23 maxlen: 24
185.136.149.0/24 maxlen: 24
185.136.148.0/23 maxlen: 24
185.136.148.0/24 maxlen: 24
185.136.151.0/24 maxlen: 24
37.156.107.0/24 maxlen: 24
37.156.106.0/24 maxlen: 24
212.237.112.0/24 maxlen: 24
212.237.112.0/23 maxlen: 24
212.237.113.0/24 maxlen: 24
212.237.118.0/24 maxlen: 24
212.237.118.0/23 maxlen: 24
212.237.112.0/21 maxlen: 24
212.237.117.0/24 maxlen: 24
212.237.116.0/24 maxlen: 24
212.237.116.0/23 maxlen: 24
212.237.115.0/24 maxlen: 24
212.237.114.0/24 maxlen: 24
212.237.114.0/23 maxlen: 24
37.156.105.0/24 maxlen: 24
37.156.104.0/24 maxlen: 24
37.156.104.0/22 maxlen: 24
185.24.60.0/23 maxlen: 24
185.24.60.0/22 maxlen: 24
185.24.60.0/24 maxlen: 24
185.24.63.0/24 maxlen: 24
185.24.62.0/23 maxlen: 24
185.24.62.0/24 maxlen: 24
185.24.61.0/24 maxlen: 24
2a06:fd80::/48 maxlen: 48
2a06:fd80::/64 maxlen: 64
2a06:fd80:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/cd4af6-b742-4cdc-b3a0-67a87d8a3b9b/1/1P3VliZ9VvfOVuv67IajJwj-3gA.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/cd4af6-b742-4cdc-b3a0-67a87d8a3b9b/1/1P3VliZ9VvfOVuv67IajJwj-3gA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1P3VliZ9VvfOVuv67IajJwj-3gA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 02:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:aa:1d:d0:e6:f1:ec:82:d8:fb:98:b7:d5:b4:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4fdd596267d56f7ce56ebfaec86a32708fede00
Validity
Not Before: Jan 1 14:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=159e04c9e64f81c2f1f045928c5fcf802a262d20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:63:71:e4:18:3b:48:98:b6:f2:18:48:ae:e7:
58:47:57:17:d3:a1:f3:a5:04:16:29:64:6d:52:41:
5c:66:c8:48:6f:77:15:c2:e3:7b:5d:12:c9:a0:1a:
a8:31:df:72:a9:55:20:75:77:d8:d5:e2:fa:f2:68:
9c:4b:fa:c6:63:bb:4a:00:05:65:10:47:e0:b3:db:
8b:2d:93:7d:8a:91:01:c2:16:a1:6f:c0:6c:12:35:
b7:78:3c:47:b5:ca:f0:48:c7:c4:01:7a:a2:94:5c:
c8:f3:cb:c7:ed:5f:ae:56:98:e6:f1:d5:00:4f:bf:
bc:ef:45:3c:f4:6f:9e:7b:e4:c8:5e:da:2c:01:3a:
fa:14:ee:ae:da:ca:20:fb:a7:44:a9:f6:ba:c4:12:
d4:58:71:3b:c4:35:69:2c:fe:f0:41:2b:f5:e9:b0:
4e:28:4d:0a:9a:24:ef:4f:c0:8c:93:84:7d:6c:d5:
99:1c:33:3e:11:3e:e7:53:c0:15:83:e9:26:f7:b8:
d6:58:de:32:82:94:42:ab:ee:f6:af:5a:c4:4a:6e:
80:7b:1e:c8:ce:16:9a:d2:d2:03:94:bf:ee:84:12:
1f:9c:9d:ef:b2:6b:d3:44:b0:44:2e:60:8a:54:5e:
37:aa:a5:1f:c8:5d:5b:b5:c0:85:42:66:ff:8e:54:
a6:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:9E:04:C9:E6:4F:81:C2:F1:F0:45:92:8C:5F:CF:80:2A:26:2D:20
X509v3 Authority Key Identifier:
keyid:D4:FD:D5:96:26:7D:56:F7:CE:56:EB:FA:EC:86:A3:27:08:FE:DE:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P3VliZ9VvfOVuv67IajJwj-3gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/cd4af6-b742-4cdc-b3a0-67a87d8a3b9b/1/FZ4EyeZPgcLx8EWSjF_PgComLSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/cd4af6-b742-4cdc-b3a0-67a87d8a3b9b/1/1P3VliZ9VvfOVuv67IajJwj-3gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.104.0/22
185.24.60.0/22
185.106.28.0/22
185.136.148.0/22
185.187.76.0/22
185.244.152.0/22
212.237.112.0/20
213.32.252.0/22
IPv6:
2a06:fd80::/47
Signature Algorithm: sha256WithRSAEncryption
d6:99:99:8f:d8:f8:40:79:4c:69:88:fb:d9:d1:21:d8:19:a4:
28:49:fc:8d:92:0b:7e:81:37:93:cf:be:25:42:6e:f1:15:b7:
69:64:bd:60:9e:dd:b0:2a:08:c1:c7:0d:96:97:18:d3:7a:59:
54:f0:26:8d:f5:48:57:2b:f7:9d:16:92:60:51:bb:bf:bf:3e:
08:c8:d3:83:41:7b:ca:12:65:01:7f:f5:ee:c1:a0:2d:fc:35:
49:54:04:3e:14:50:13:b6:f4:cf:76:57:f6:ef:82:02:d0:5c:
8b:b7:ce:d9:93:a6:ce:81:56:5a:a7:f8:6b:2a:fe:e1:f7:f8:
8f:fb:8d:ff:0e:c4:af:b4:34:3a:c3:8a:2f:2d:1b:8c:ec:99:
c7:d0:f9:f5:84:2e:9a:71:3e:d1:30:8f:b3:81:76:f9:1d:4c:
3f:2e:f7:f8:70:3e:12:b7:b4:a5:7b:f1:3d:51:8b:61:6f:50:
0a:22:fd:b7:dc:a3:18:2c:72:35:4b:80:f3:2c:fe:c7:7f:d0:
5a:bf:96:0d:74:46:55:fa:a2:d9:36:24:1f:c0:3b:2f:90:e4:
9d:7a:65:5e:28:4d:55:e5:2b:34:2a:24:aa:40:af:d3:ea:2f:
40:f5:8f:b5:5a:92:36:df:0b:01:b9:77:de:a2:4a:01:64:01:
6c:cc:ed:de
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYzFbqod0Obx7ILY+5i31bSeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZmRkNTk2MjY3ZDU2ZjdjZTU2ZWJmYWVjODZhMzI3MDhm
ZWRlMDAwHhcNMjQwMTAxMTQzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTllMDRjOWU2NGY4MWMyZjFmMDQ1OTI4YzVmY2Y4MDJhMjYyZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomNx5Bg7SJi28hhIrudYR1cX06Hz
pQQWKWRtUkFcZshIb3cVwuN7XRLJoBqoMd9yqVUgdXfY1eL68micS/rGY7tKAAVl
EEfgs9uLLZN9ipEBwhahb8BsEjW3eDxHtcrwSMfEAXqilFzI88vH7V+uVpjm8dUA
T7+870U89G+ee+TIXtosATr6FO6u2sog+6dEqfa6xBLUWHE7xDVpLP7wQSv16bBO
KE0KmiTvT8CMk4R9bNWZHDM+ET7nU8AVg+km97jWWN4ygpRCq+72r1rESm6Aex7I
zhaa0tIDlL/uhBIfnJ3vsmvTRLBELmCKVF43qqUfyF1btcCFQmb/jlSmVwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFBWeBMnmT4HC8fBFkoxfz4AqJi0gMB8GA1UdIwQY
MBaAFNT91ZYmfVb3zlbr+uyGoycI/t4AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVAzVmxpWjlWdmZPVnV2NjdJYWpKd2otM2dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jZDRhZjYtYjc0Mi00Y2RjLWIzYTAt
NjdhODdkOGEzYjliLzEvRlo0RXllWlBnY0x4OEVXU2pGX1BnQ29tTFNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jZDRhZjYtYjc0Mi00Y2RjLWIzYTAtNjdhODdkOGEzYjli
LzEvMVAzVmxpWjlWdmZPVnV2NjdJYWpKd2otM2dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA2BAIAATAwAwQCJZxoAwQC
uRg8AwQCuWocAwQCuYiUAwQCubtMAwQCufSYAwQE1O1wAwQC1SD8MA8EAgACMAkD
BwEqBv2AAAAwDQYJKoZIhvcNAQELBQADggEBANaZmY/Y+EB5TGmI+9nRIdgZpChJ
/I2SC36BN5PPviVCbvEVt2lkvWCe3bAqCMHHDZaXGNN6WVTwJo31SFcr950WkmBR
u7+/PgjI04NBe8oSZQF/9e7BoC38NUlUBD4UUBO29M92V/bvggLQXIu3ztmTps6B
Vlqn+Gsq/uH3+I/7jf8OxK+0NDrDii8tG4zsmcfQ+fWELppxPtEwj7OBdvkdTD8u
9/hwPhK3tKV78T1Ri2FvUAoi/bfcoxgscjVLgPMs/sd/0Fq/lg10RlX6otk2JB/A
Oy+Q5J16ZV4oTVXlKzQqJKpAr9PqL0D1j7VakjbfCwG5d96iSgFkAWzM7d4=
-----END CERTIFICATE-----
Generated at Fri May 17 11:22:30 2024 by rpki-client on console-ams.rpki-client.org