Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8GxwMJPLabMsCmLGBlnqB2ggWXs.roa
File: 8GxwMJPLabMsCmLGBlnqB2ggWXs.roa (raw, json)
Hash identifier: WSx5+iepCl1VsaAJ6293es7b6g4d8ukSUs3x4AeEqdE=
Subject key identifier: F0:6C:70:30:93:CB:69:B3:2C:0A:62:C6:06:59:EA:07:68:20:59:7B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018EF65F5272D9FFD83255D8F430CD54D64F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8GxwMJPLabMsCmLGBlnqB2ggWXs.roa
Signing time: Fri 19 Apr 2024 12:40:25 +0000
ROA not before: Fri 19 Apr 2024 12:40:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33922
IP address blocks: 84.32.0.0/22 maxlen: 22
84.32.2.0/23 maxlen: 23
84.32.3.0/24 maxlen: 24
84.32.36.0/24 maxlen: 24
84.32.37.0/24 maxlen: 24
84.32.38.0/24 maxlen: 24
84.32.80.0/23 maxlen: 23
84.32.114.0/23 maxlen: 24
84.32.116.0/23 maxlen: 24
84.32.120.0/22 maxlen: 22
84.32.124.0/24 maxlen: 24
84.32.125.0/24 maxlen: 24
84.32.132.0/24 maxlen: 24
84.32.134.0/24 maxlen: 24
84.32.140.0/22 maxlen: 22
84.32.140.0/24 maxlen: 24
84.32.142.0/24 maxlen: 24
84.32.165.0/24 maxlen: 24
84.32.166.0/24 maxlen: 24
84.32.167.0/24 maxlen: 24
84.32.171.0/24 maxlen: 24
84.32.180.0/24 maxlen: 24
84.32.181.0/24 maxlen: 24
84.32.182.0/24 maxlen: 24
84.32.183.0/24 maxlen: 24
88.216.24.0/23 maxlen: 24
88.216.26.0/23 maxlen: 24
88.216.28.0/22 maxlen: 24
88.216.68.0/22 maxlen: 24
88.216.76.0/22 maxlen: 24
88.216.82.0/23 maxlen: 23
88.216.84.0/24 maxlen: 24
88.216.85.0/24 maxlen: 24
88.216.86.0/24 maxlen: 24
88.216.112.0/21 maxlen: 21
88.216.112.0/24 maxlen: 24
88.216.113.0/24 maxlen: 24
88.216.114.0/24 maxlen: 24
88.216.115.0/24 maxlen: 24
88.216.116.0/24 maxlen: 24
88.216.117.0/24 maxlen: 24
88.216.118.0/24 maxlen: 24
88.216.119.0/24 maxlen: 24
88.216.120.0/22 maxlen: 22
88.216.120.0/24 maxlen: 24
88.216.121.0/24 maxlen: 24
88.216.122.0/24 maxlen: 24
88.216.123.0/24 maxlen: 24
88.216.124.0/24 maxlen: 24
88.216.125.0/24 maxlen: 24
88.216.126.0/23 maxlen: 23
88.216.136.0/21 maxlen: 21
88.216.136.0/24 maxlen: 24
88.216.137.0/24 maxlen: 24
88.216.147.0/24 maxlen: 24
88.216.148.0/24 maxlen: 24
88.216.150.0/24 maxlen: 24
88.216.153.0/24 maxlen: 24
88.216.154.0/24 maxlen: 24
88.216.155.0/24 maxlen: 24
88.216.156.0/24 maxlen: 24
88.216.157.0/24 maxlen: 24
88.216.158.0/24 maxlen: 24
88.216.159.0/24 maxlen: 24
88.216.160.0/23 maxlen: 23
88.216.162.0/24 maxlen: 24
88.216.164.0/22 maxlen: 22
88.216.164.0/24 maxlen: 24
88.216.165.0/24 maxlen: 24
88.216.166.0/24 maxlen: 24
88.216.167.0/24 maxlen: 24
88.216.168.0/23 maxlen: 23
88.216.170.0/23 maxlen: 23
88.216.170.0/24 maxlen: 24
88.216.171.0/24 maxlen: 24
88.216.173.0/24 maxlen: 24
88.216.174.0/24 maxlen: 24
88.216.175.0/24 maxlen: 24
88.216.176.0/24 maxlen: 24
88.216.177.0/24 maxlen: 24
88.216.178.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f6:5f:52:72:d9:ff:d8:32:55:d8:f4:30:cd:54:d6:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 19 12:40:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f06c703093cb69b32c0a62c60659ea076820597b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8f:c8:08:36:9d:a3:67:b2:03:65:0e:ac:59:
79:a0:b4:c8:2e:b8:5b:95:41:2c:ef:11:79:9e:e4:
d5:27:91:de:7a:a1:b2:ae:f6:24:0e:41:81:9a:7c:
bb:c4:03:91:9a:64:5d:df:c5:a3:b2:ca:ec:4a:06:
7a:6e:49:2f:e8:56:a8:70:9e:a3:73:22:1e:d9:31:
1b:d0:a4:df:81:dc:f2:de:28:e9:6e:e5:59:81:a5:
45:3e:ab:f5:d4:13:ee:29:04:e5:9d:0d:d1:35:d2:
57:f0:46:ba:e2:f0:37:de:db:8f:f3:44:c2:52:5b:
29:b4:cf:17:b0:c5:ac:82:82:b3:b9:2c:e9:17:e8:
78:45:52:05:84:06:75:dd:fd:6f:c7:f5:48:83:a3:
e8:e6:b4:22:eb:46:e4:df:40:79:81:96:a0:cd:26:
e9:6c:b5:00:8c:3f:c9:4a:f4:fb:e3:49:59:63:90:
74:44:26:f3:de:92:8f:16:ef:14:2f:a6:69:11:92:
51:c0:0c:d5:37:df:5b:fe:e8:18:fb:57:cb:c2:15:
31:fd:0a:f2:68:f8:07:c3:03:df:a1:aa:12:16:13:
9f:d5:14:b1:5b:ff:d7:32:f7:9a:8e:03:27:6a:cd:
46:88:8c:a8:44:b9:72:4e:8a:8d:7b:1b:79:04:75:
1c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:6C:70:30:93:CB:69:B3:2C:0A:62:C6:06:59:EA:07:68:20:59:7B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8GxwMJPLabMsCmLGBlnqB2ggWXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.0.0/22
84.32.36.0-84.32.38.255
84.32.80.0/23
84.32.114.0-84.32.117.255
84.32.120.0-84.32.125.255
84.32.132.0/24
84.32.134.0/24
84.32.140.0/22
84.32.165.0-84.32.167.255
84.32.171.0/24
84.32.180.0/22
88.216.24.0/21
88.216.68.0/22
88.216.76.0/22
88.216.82.0-88.216.86.255
88.216.112.0/20
88.216.136.0/21
88.216.147.0-88.216.148.255
88.216.150.0/24
88.216.153.0-88.216.162.255
88.216.164.0-88.216.171.255
88.216.173.0-88.216.179.255
Signature Algorithm: sha256WithRSAEncryption
40:29:c1:5c:ef:d4:8d:5e:3e:73:7a:03:31:7f:9d:ad:d3:d5:
4c:fc:b1:f0:33:c9:78:dd:5c:91:93:78:5d:dc:90:69:b1:f6:
b6:90:16:49:c1:b4:09:44:1f:03:e2:d6:fd:31:bd:69:e4:65:
f6:e6:05:4d:db:0c:67:38:0b:7a:a7:e3:eb:c1:4f:4a:ac:50:
47:48:b6:e0:9b:11:5f:76:57:c0:a8:9a:80:1c:7a:91:6f:ef:
12:76:1b:9f:be:e6:c3:3d:36:ee:9a:2f:40:9d:7f:22:a3:21:
b8:82:f4:f4:ef:dd:95:18:f4:2f:61:82:9f:01:5a:56:aa:7b:
3f:da:60:4e:99:de:41:15:3f:ff:9c:23:ed:d9:be:f4:ee:66:
32:d7:fc:ea:a1:02:d6:5c:b8:6d:3b:2f:13:1e:3f:13:f8:9a:
16:35:28:95:ae:91:0b:40:a2:76:66:a3:88:95:84:41:fa:49:
3e:79:2a:02:59:af:ba:dd:b2:79:57:87:64:79:d6:7d:e2:9e:
59:b8:78:ac:70:b3:f7:6d:48:fa:0e:c0:8f:71:1c:99:a8:20:
ec:4e:f7:3b:02:64:3d:b1:3f:d6:56:29:3a:63:ea:db:f6:ba:
90:b2:0f:e9:9c:64:22:52:f6:48:f3:5d:0a:be:a3:e1:da:01:
39:8c:09:92
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAY72X1Jy2f/YMlXY9DDNVNZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwNDE5MTI0MDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDZjNzAzMDkzY2I2OWIzMmMwYTYyYzYwNjU5ZWEwNzY4MjA1OTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqo/ICDado2eyA2UOrFl5oLTILrhb
lUEs7xF5nuTVJ5HeeqGyrvYkDkGBmny7xAORmmRd38WjssrsSgZ6bkkv6FaocJ6j
cyIe2TEb0KTfgdzy3ijpbuVZgaVFPqv11BPuKQTlnQ3RNdJX8Ea64vA33tuP80TC
UlsptM8XsMWsgoKzuSzpF+h4RVIFhAZ13f1vx/VIg6Po5rQi60bk30B5gZagzSbp
bLUAjD/JSvT740lZY5B0RCbz3pKPFu8UL6ZpEZJRwAzVN99b/ugY+1fLwhUx/Qry
aPgHwwPfoaoSFhOf1RSxW//XMveajgMnas1GiIyoRLlyToqNext5BHUc7wIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFPBscDCTy2mzLApixgZZ6gdoIFl7MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOEd4d01KUExhYk1zQ21MR0JsbnFCMmdnV1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwDBAJU
IAAwDAMEAlQgJAMEAFQgJgMEAVQgUDAMAwQBVCByAwQBVCB0MAwDBANUIHgDBAFU
IHwDBABUIIQDBABUIIYDBAJUIIwwDAMEAFQgpQMEA1QgoAMEAFQgqwMEAlQgtAME
A1jYGAMEAljYRAMEAljYTDAMAwQBWNhSAwQAWNhWAwQEWNhwAwQDWNiIMAwDBABY
2JMDBABY2JQDBABY2JYwDAMEAFjYmQMEAFjYojAMAwQCWNikAwQCWNioMAwDBABY
2K0DBAJY2LAwDQYJKoZIhvcNAQELBQADggEBAEApwVzv1I1ePnN6AzF/na3T1Uz8
sfAzyXjdXJGTeF3ckGmx9raQFknBtAlEHwPi1v0xvWnkZfbmBU3bDGc4C3qn4+vB
T0qsUEdItuCbEV92V8ComoAcepFv7xJ2G5++5sM9Nu6aL0CdfyKjIbiC9PTv3ZUY
9C9hgp8BWlaqez/aYE6Z3kEVP/+cI+3ZvvTuZjLX/OqhAtZcuG07LxMePxP4mhY1
KJWukQtAonZmo4iVhEH6ST55KgJZr7rdsnlXh2R51n3inlm4eKxws/dtSPoOwI9x
HJmoIOxO9zsCZD2xP9ZWKTpj6tv2upCyD+mcZCJS9kjzXQq+o+HaATmMCZI=
-----END CERTIFICATE-----
Generated at Tue May 7 20:55:41 2024 by rpki-client on console-fra.rpki-client.org