Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/VYFIyyrO4kgoQxX_6Qq6d3zm1gQ.roa
File: VYFIyyrO4kgoQxX_6Qq6d3zm1gQ.roa (raw, json)
Hash identifier: 6LbkYyPDK3vCIGS6C16Mpq2dnmdfDZI8YOFS2dh3leE=
Subject key identifier: 55:81:48:CB:2A:CE:E2:48:28:43:15:FF:E9:0A:BA:77:7C:E6:D6:04
Certificate issuer: /CN=ab8c6c58b607ff23ae7175a61682c75480f1e214
Certificate serial: 018CC8DCD66B1C36EDF41C0637E55E248D21
Authority key identifier: AB:8C:6C:58:B6:07:FF:23:AE:71:75:A6:16:82:C7:54:80:F1:E2:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4xsWLYH_yOucXWmFoLHVIDx4hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/VYFIyyrO4kgoQxX_6Qq6d3zm1gQ.roa
Signing time: Tue 02 Jan 2024 06:29:25 +0000
ROA not before: Tue 02 Jan 2024 06:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39737
IP address blocks: 77.93.176.0/20 maxlen: 20
89.46.160.0/22 maxlen: 22
77.93.160.0/23 maxlen: 23
77.93.162.0/24 maxlen: 24
77.93.164.0/22 maxlen: 22
77.93.168.0/22 maxlen: 22
86.107.183.0/24 maxlen: 24
89.43.193.0/24 maxlen: 24
94.177.32.0/21 maxlen: 21
188.247.226.0/23 maxlen: 23
94.177.40.0/21 maxlen: 21
188.247.238.0/24 maxlen: 24
188.247.239.0/24 maxlen: 24
188.247.240.0/21 maxlen: 21
188.247.248.0/21 maxlen: 21
188.247.252.0/22 maxlen: 22
193.58.243.0/24 maxlen: 24
92.55.152.0/24 maxlen: 24
92.55.153.0/24 maxlen: 24
92.55.154.0/24 maxlen: 24
194.102.221.0/24 maxlen: 24
193.254.242.0/23 maxlen: 23
89.44.232.0/22 maxlen: 22
89.18.0.0/21 maxlen: 21
89.18.1.0/24 maxlen: 24
89.18.2.0/24 maxlen: 24
89.18.0.0/20 maxlen: 20
89.18.0.0/24 maxlen: 24
89.18.4.0/24 maxlen: 24
89.18.3.0/24 maxlen: 24
89.18.5.0/24 maxlen: 24
89.18.8.0/24 maxlen: 24
89.18.9.0/24 maxlen: 24
89.18.6.0/24 maxlen: 24
89.18.7.0/24 maxlen: 24
89.18.11.0/24 maxlen: 24
89.18.10.0/24 maxlen: 24
89.18.12.0/24 maxlen: 24
89.18.15.0/24 maxlen: 24
89.18.13.0/24 maxlen: 24
89.18.14.0/24 maxlen: 24
89.38.140.0/22 maxlen: 22
188.247.129.0/24 maxlen: 24
89.35.74.0/23 maxlen: 23
188.247.132.0/23 maxlen: 23
92.55.131.0/24 maxlen: 24
92.55.132.0/24 maxlen: 24
92.55.134.0/24 maxlen: 24
92.55.135.0/24 maxlen: 24
92.55.144.0/21 maxlen: 21
89.18.31.0/24 maxlen: 24
86.105.181.0/24 maxlen: 24
195.20.145.0/24 maxlen: 24
89.47.224.0/21 maxlen: 21
89.37.120.0/21 maxlen: 21
87.243.0.0/21 maxlen: 21
89.34.72.0/23 maxlen: 23
2a00:1480:1::/48 maxlen: 48
2a00:1480:5::/48 maxlen: 48
2a00:1480::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/q4xsWLYH_yOucXWmFoLHVIDx4hQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/q4xsWLYH_yOucXWmFoLHVIDx4hQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/q4xsWLYH_yOucXWmFoLHVIDx4hQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:d6:6b:1c:36:ed:f4:1c:06:37:e5:5e:24:8d:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab8c6c58b607ff23ae7175a61682c75480f1e214
Validity
Not Before: Jan 2 06:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=558148cb2acee248284315ffe90aba777ce6d604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3b:ec:a4:2c:13:db:f7:60:c8:3d:dd:df:d2:
3a:5c:03:2e:99:81:15:6d:f0:7f:75:23:94:22:30:
bf:d6:1d:0a:12:d6:54:78:d7:7c:ca:4e:30:6b:e0:
18:37:65:6a:55:1f:01:c0:4e:ac:0b:bc:12:d4:c4:
fd:0f:21:26:a3:65:2e:de:18:06:df:77:37:77:ca:
d1:1f:2d:d3:37:8f:59:a9:d7:26:4c:71:80:0c:46:
2d:5d:21:bc:ad:94:b7:cc:21:eb:4f:4b:72:38:50:
3a:fa:80:aa:40:04:dc:99:a2:f4:ac:60:be:cf:ea:
24:11:86:a9:e7:64:5b:12:70:9c:85:98:bf:48:5b:
d0:ba:12:57:f9:8f:9f:d7:d0:f1:84:a4:d3:c9:58:
e9:1d:d1:eb:57:47:d3:76:cd:6a:f3:05:c1:1a:78:
3c:aa:fe:05:69:e8:c8:3e:0f:3f:07:ae:c2:9d:51:
a8:c0:48:cf:6b:bf:a1:4f:ad:05:63:03:fd:0e:51:
f2:a4:08:cc:1e:7c:67:1c:cf:32:69:4d:8f:fc:45:
2d:b0:4d:2b:13:9d:1f:9c:9d:aa:ae:1c:df:a1:0e:
e9:1d:0d:67:89:65:e7:3a:3c:e2:67:cf:2d:fc:87:
98:24:a0:83:a1:ca:42:f7:ab:01:aa:65:0f:f2:47:
ab:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:81:48:CB:2A:CE:E2:48:28:43:15:FF:E9:0A:BA:77:7C:E6:D6:04
X509v3 Authority Key Identifier:
keyid:AB:8C:6C:58:B6:07:FF:23:AE:71:75:A6:16:82:C7:54:80:F1:E2:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4xsWLYH_yOucXWmFoLHVIDx4hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/VYFIyyrO4kgoQxX_6Qq6d3zm1gQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/q4xsWLYH_yOucXWmFoLHVIDx4hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.160.0-77.93.162.255
77.93.164.0-77.93.171.255
77.93.176.0/20
86.105.181.0/24
86.107.183.0/24
87.243.0.0/21
89.18.0.0/20
89.18.31.0/24
89.34.72.0/23
89.35.74.0/23
89.37.120.0/21
89.38.140.0/22
89.43.193.0/24
89.44.232.0/22
89.46.160.0/22
89.47.224.0/21
92.55.131.0-92.55.132.255
92.55.134.0/23
92.55.144.0-92.55.154.255
94.177.32.0/20
188.247.129.0/24
188.247.132.0/23
188.247.226.0/23
188.247.238.0-188.247.255.255
193.58.243.0/24
193.254.242.0/23
194.102.221.0/24
195.20.145.0/24
IPv6:
2a00:1480::/47
2a00:1480:5::/48
Signature Algorithm: sha256WithRSAEncryption
00:71:70:9f:27:a9:b7:ba:cd:1f:ac:be:e2:fc:51:32:b2:b7:
7a:22:b1:10:88:05:12:99:95:e6:a0:3a:77:04:f2:4a:ba:e6:
12:a3:e4:ff:a9:96:31:c3:6e:d1:0a:98:90:18:d0:67:dc:56:
3f:d0:d0:9b:eb:f3:7e:5d:df:6f:b1:17:b2:76:4f:00:a7:3d:
15:fc:5f:76:64:02:10:4d:34:8e:5a:22:93:5f:76:31:f0:bf:
2f:65:b5:00:20:cc:16:cf:b6:ce:79:d9:97:ee:d3:01:97:34:
bb:53:e4:4b:c8:28:b8:27:91:bb:00:e9:90:b9:16:a6:2b:d7:
8c:07:d5:5d:1f:48:75:0a:31:81:bf:d6:be:d7:b4:f7:45:01:
d3:60:e6:2f:f7:c5:0b:4a:d4:b9:96:34:40:03:53:f2:ae:35:
35:d4:c0:5e:c5:9a:78:ef:47:1e:bb:f9:ec:de:ba:e7:fd:cb:
6e:37:7a:c5:26:23:c2:c0:2f:98:ae:b1:49:f3:30:99:cf:68:
a2:25:5b:e6:f0:e3:08:ce:d7:49:77:fe:8b:1e:a8:96:c4:a5:
72:2f:33:dc:db:9f:89:32:17:21:68:66:8d:de:e2:39:2b:1c:
d4:47:38:a4:3f:44:86:26:7b:96:0f:b0:da:b8:b7:43:0f:df:
74:b7:28:ca
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISAYzI3NZrHDbt9BwGN+VeJI0hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOGM2YzU4YjYwN2ZmMjNhZTcxNzVhNjE2ODJjNzU0ODBm
MWUyMTQwHhcNMjQwMTAyMDYyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTgxNDhjYjJhY2VlMjQ4Mjg0MzE1ZmZlOTBhYmE3NzdjZTZkNjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDvspCwT2/dgyD3d39I6XAMumYEV
bfB/dSOUIjC/1h0KEtZUeNd8yk4wa+AYN2VqVR8BwE6sC7wS1MT9DyEmo2Uu3hgG
33c3d8rRHy3TN49ZqdcmTHGADEYtXSG8rZS3zCHrT0tyOFA6+oCqQATcmaL0rGC+
z+okEYap52RbEnCchZi/SFvQuhJX+Y+f19DxhKTTyVjpHdHrV0fTds1q8wXBGng8
qv4FaejIPg8/B67CnVGowEjPa7+hT60FYwP9DlHypAjMHnxnHM8yaU2P/EUtsE0r
E50fnJ2qrhzfoQ7pHQ1niWXnOjziZ88t/IeYJKCDocpC96sBqmUP8kerSQIDAQAB
o4IC8jCCAu4wHQYDVR0OBBYEFFWBSMsqzuJIKEMV/+kKund85tYEMB8GA1UdIwQY
MBaAFKuMbFi2B/8jrnF1phaCx1SA8eIUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTR4c1dMWUhfeU91Y1hXbUZvTEhWSUR4NGhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lZmI4ZWUtYzVjNC00NDY3LWEwY2Mt
ODhhM2M0MWZhZWUyLzEvVllGSXl5ck80a2dvUXhYXzZRcTZkM3ptMWdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lZmI4ZWUtYzVjNC00NDY3LWEwY2MtODhhM2M0MWZhZWUy
LzEvcTR4c1dMWUhfeU91Y1hXbUZvTEhWSUR4NGhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBgYIKwYBBQUHAQcBAf8EgfYwgfMwgdYEAgABMIHPMAwD
BAVNXaADBABNXaIwDAMEAk1dpAMEAk1dqAMEBE1dsAMEAFZptQMEAFZrtwMEA1fz
AAMEBFkSAAMEAFkSHwMEAVkiSAMEAVkjSgMEA1kleAMEAlkmjAMEAFkrwQMEAlks
6AMEAlkuoAMEA1kv4DAMAwQAXDeDAwQAXDeEAwQBXDeGMAwDBARcN5ADBABcN5oD
BAResSADBAC894EDBAG894QDBAG89+IwCwMEAbz37gMDA7zwAwQAwTrzAwQBwf7y
AwQAwmbdAwQAwxSRMBgEAgACMBIDBwEqABSAAAADBwAqABSAAAUwDQYJKoZIhvcN
AQELBQADggEBAABxcJ8nqbe6zR+svuL8UTKyt3oisRCIBRKZleagOncE8kq65hKj
5P+pljHDbtEKmJAY0GfcVj/Q0Jvr835d32+xF7J2TwCnPRX8X3ZkAhBNNI5aIpNf
djHwvy9ltQAgzBbPts552Zfu0wGXNLtT5EvIKLgnkbsA6ZC5FqYr14wH1V0fSHUK
MYG/1r7XtPdFAdNg5i/3xQtK1LmWNEADU/KuNTXUwF7FmnjvRx67+ezeuuf9y243
esUmI8LAL5iusUnzMJnPaKIlW+bw4wjO10l3/oseqJbEpXIvM9zbn4kyFyFoZo3e
4jkrHNRHOKQ/RIYme5YPsNq4t0MP33S3KMo=
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:17:42 2024 by rpki-client on console-fra.rpki-client.org