Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/mszZ0NxOUsi-4y5MykbSSLU96UQ.roa
File: mszZ0NxOUsi-4y5MykbSSLU96UQ.roa (raw, json)
Hash identifier: ILdaP7j+Wl/SwoVOzfg5jFP+E8260ASeRXF4LRdFqlE=
Subject key identifier: 9A:CC:D9:D0:DC:4E:52:C8:BE:E3:2E:4C:CA:46:D2:48:B5:3D:E9:44
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 018FBE3DA776BC9A925367F5EC77A2F82593
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/mszZ0NxOUsi-4y5MykbSSLU96UQ.roa
Signing time: Tue 28 May 2024 08:07:42 +0000
ROA not before: Tue 28 May 2024 08:07:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57433
IP address blocks: 37.114.32.0/19 maxlen: 32
37.114.32.0/24 maxlen: 24
37.114.37.0/24 maxlen: 24
37.114.44.0/24 maxlen: 24
37.114.46.0/24 maxlen: 24
37.114.50.0/24 maxlen: 24
37.114.54.0/24 maxlen: 24
43.251.160.0/22 maxlen: 32
43.251.160.0/24 maxlen: 24
43.251.161.0/24 maxlen: 24
43.251.162.0/24 maxlen: 24
43.251.163.0/24 maxlen: 24
94.154.48.0/21 maxlen: 32
94.154.48.0/24 maxlen: 24
94.154.49.0/24 maxlen: 24
94.154.50.0/24 maxlen: 24
94.154.51.0/24 maxlen: 24
94.154.52.0/24 maxlen: 24
94.154.53.0/24 maxlen: 24
94.154.54.0/24 maxlen: 24
94.154.55.0/24 maxlen: 24
103.252.88.0/22 maxlen: 32
176.100.32.0/21 maxlen: 32
176.100.32.0/24 maxlen: 24
176.100.38.0/24 maxlen: 24
176.100.39.0/24 maxlen: 24
185.14.92.0/22 maxlen: 32
185.14.92.0/24 maxlen: 24
185.14.93.0/24 maxlen: 24
2a00:ccc0::/29 maxlen: 128
2a00:ccc0::/32 maxlen: 32
2a00:ccc1::/32 maxlen: 48
2a00:ccc1::/48 maxlen: 48
2a00:ccc1:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:be:3d:a7:76:bc:9a:92:53:67:f5:ec:77:a2:f8:25:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: May 28 08:07:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9accd9d0dc4e52c8bee32e4cca46d248b53de944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a0:44:2a:ac:2b:e6:8f:4c:52:36:c1:79:d8:
76:26:9d:1c:5c:de:23:4f:e6:89:c0:e3:be:8b:d4:
39:0f:df:6b:3d:56:4e:e2:75:fa:6f:45:95:a9:40:
f6:87:13:d1:e6:22:12:5b:d4:43:41:2b:67:37:72:
10:57:0d:f6:bb:26:d2:92:c0:37:64:ef:0b:f3:03:
65:46:f3:05:41:11:84:76:8a:8b:50:d0:ee:8d:09:
e5:47:22:1a:23:62:de:e8:8f:23:8f:dd:f3:0e:d4:
52:e4:50:06:c2:c2:1e:6a:68:58:1b:6b:e1:f7:d5:
cf:7c:a2:6e:21:4e:c7:92:9a:f8:28:41:14:06:aa:
69:fb:e9:61:80:33:5b:8d:2b:8b:5e:f4:d1:af:f8:
cc:67:44:a1:79:34:47:63:e6:b2:79:0a:4c:cf:b0:
84:b9:52:c2:99:b7:94:27:86:0b:7c:4d:20:16:49:
ab:97:95:05:81:25:11:24:42:c9:26:dc:a0:e4:da:
38:09:7c:61:9e:39:8b:7c:ac:6c:20:40:ed:aa:d9:
fc:c9:2a:52:50:c2:d6:b1:e4:71:c7:39:a6:9f:d3:
63:02:5e:72:5b:6c:e1:07:c4:18:9d:cf:ca:98:76:
93:7e:85:0e:80:68:40:52:b8:81:a1:1e:90:43:b3:
0d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:CC:D9:D0:DC:4E:52:C8:BE:E3:2E:4C:CA:46:D2:48:B5:3D:E9:44
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/mszZ0NxOUsi-4y5MykbSSLU96UQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.32.0/19
43.251.160.0/22
94.154.48.0/21
103.252.88.0/22
176.100.32.0/21
185.14.92.0/22
IPv6:
2a00:ccc0::/29
Signature Algorithm: sha256WithRSAEncryption
6c:72:4f:16:04:51:2c:37:f8:15:5b:d3:46:a4:8d:0f:1e:72:
fb:d1:4d:91:7c:d4:92:45:0e:9e:9e:f0:41:06:53:d0:4f:ea:
b3:f1:1d:13:90:22:70:ff:16:da:b0:9d:80:f6:ac:ab:c9:d3:
36:59:65:25:7b:26:26:ce:51:8f:db:35:60:f9:68:8b:61:18:
4a:e1:bd:f4:fd:5f:28:93:41:bc:53:d6:47:d1:49:e6:c1:33:
76:d6:4f:c6:39:fb:cc:0b:5b:63:e5:09:4e:5c:e4:c3:dc:14:
85:ba:6e:38:8e:bd:36:46:ac:63:e9:73:1b:70:8c:4e:8a:51:
cd:40:2c:20:e2:3a:79:fe:d4:c7:89:2b:f6:b9:c0:0c:87:33:
c6:9f:ee:d9:d1:8d:76:bb:ef:20:55:65:27:8b:72:94:0a:17:
27:c5:6b:92:6f:f7:ce:43:b2:95:0d:84:63:11:dd:7b:58:bb:
1e:fb:d8:ad:62:15:5a:88:18:04:ad:29:72:c5:74:89:ba:ac:
53:8b:05:71:f7:38:63:07:fb:b2:79:36:f3:73:3b:21:5a:53:
c1:6b:d3:28:d0:e2:9a:6c:4a:97:4e:af:89:d3:f7:49:5e:3c:
47:df:5b:58:dc:48:85:0f:4b:a8:a8:43:91:ce:9a:a0:be:d9:
29:46:01:ea
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY++Pad2vJqSU2f17Hei+CWTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjQwNTI4MDgwNzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWNjZDlkMGRjNGU1MmM4YmVlMzJlNGNjYTQ2ZDI0OGI1M2RlOTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKBEKqwr5o9MUjbBedh2Jp0cXN4j
T+aJwOO+i9Q5D99rPVZO4nX6b0WVqUD2hxPR5iISW9RDQStnN3IQVw32uybSksA3
ZO8L8wNlRvMFQRGEdoqLUNDujQnlRyIaI2Le6I8jj93zDtRS5FAGwsIeamhYG2vh
99XPfKJuIU7Hkpr4KEEUBqpp++lhgDNbjSuLXvTRr/jMZ0SheTRHY+ayeQpMz7CE
uVLCmbeUJ4YLfE0gFkmrl5UFgSURJELJJtyg5No4CXxhnjmLfKxsIEDtqtn8ySpS
UMLWseRxxzmmn9NjAl5yW2zhB8QYnc/KmHaTfoUOgGhAUriBoR6QQ7MNQQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJrM2dDcTlLIvuMuTMpG0ki1PelEMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvbXN6WjBOeE9Vc2ktNHk1TXlrYlNTTFU5NlVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFJXIgAwQC
K/ugAwQDXpowAwQCZ/xYAwQDsGQgAwQCuQ5cMA0EAgACMAcDBQMqAMzAMA0GCSqG
SIb3DQEBCwUAA4IBAQBsck8WBFEsN/gVW9NGpI0PHnL70U2RfNSSRQ6envBBBlPQ
T+qz8R0TkCJw/xbasJ2A9qyrydM2WWUleyYmzlGP2zVg+WiLYRhK4b30/V8ok0G8
U9ZH0UnmwTN21k/GOfvMC1tj5QlOXOTD3BSFum44jr02Rqxj6XMbcIxOilHNQCwg
4jp5/tTHiSv2ucAMhzPGn+7Z0Y12u+8gVWUni3KUChcnxWuSb/fOQ7KVDYRjEd17
WLse+9itYhVaiBgErSlyxXSJuqxTiwVx9zhjB/uyeTbzczshWlPBa9Mo0OKabEqX
Tq+J0/dJXjxH31tY3EiFD0uoqEORzpqgvtkpRgHq
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:52:06 2024 by rpki-client on console-fra.rpki-client.org