Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/Ot4rDEZWlV0ANvCL_CQ4zMAPVnQ.roa
File: Ot4rDEZWlV0ANvCL_CQ4zMAPVnQ.roa (raw, json)
Hash identifier: 5c+isatC4cPn2lZvWrRx8IdQHRzfW5BlBzHYLXi+ISc=
Subject key identifier: 3A:DE:2B:0C:46:56:95:5D:00:36:F0:8B:FC:24:38:CC:C0:0F:56:74
Certificate issuer: /CN=b7f646de414072fc1ab76b1b2c9e08b9bd21a843
Certificate serial: 018CCFA70CBEE00F11190BC1CC83A67D53CF
Authority key identifier: B7:F6:46:DE:41:40:72:FC:1A:B7:6B:1B:2C:9E:08:B9:BD:21:A8:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/Ot4rDEZWlV0ANvCL_CQ4zMAPVnQ.roa
Signing time: Wed 03 Jan 2024 14:08:00 +0000
ROA not before: Wed 03 Jan 2024 14:08:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56485
IP address blocks: 185.252.24.0/22 maxlen: 22
43.252.24.0/22 maxlen: 22
176.114.4.0/22 maxlen: 22
88.151.12.0/24 maxlen: 24
176.114.0.0/22 maxlen: 22
45.154.116.0/22 maxlen: 22
176.114.8.0/22 maxlen: 22
176.114.12.0/22 maxlen: 22
88.218.188.0/22 maxlen: 22
194.110.248.0/24 maxlen: 24
194.110.254.0/24 maxlen: 24
77.87.127.0/24 maxlen: 24
185.230.88.0/22 maxlen: 22
91.223.180.0/24 maxlen: 24
194.113.32.0/24 maxlen: 24
194.113.58.0/24 maxlen: 24
91.234.32.0/22 maxlen: 22
37.72.129.0/24 maxlen: 24
185.166.216.0/22 maxlen: 22
91.247.189.0/24 maxlen: 24
146.19.45.0/24 maxlen: 24
188.93.118.0/24 maxlen: 24
2a0f:c100::/29 maxlen: 48
2a11:1280::/29 maxlen: 48
2a0c:f00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.mft
rsync://rpki.ripe.net/repository/DEFAULT/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cf:a7:0c:be:e0:0f:11:19:0b:c1:cc:83:a6:7d:53:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7f646de414072fc1ab76b1b2c9e08b9bd21a843
Validity
Not Before: Jan 3 14:08:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ade2b0c4656955d0036f08bfc2438ccc00f5674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:76:c6:19:a8:78:42:7d:f0:b6:a6:4a:ec:b8:
40:ac:e9:17:83:76:4e:d4:fd:a1:8f:88:42:25:1b:
2b:34:10:bf:96:9d:c8:00:e4:6d:fb:72:02:83:dd:
6d:c4:21:32:28:bb:ed:4c:d1:9c:7e:52:3c:de:69:
21:e6:38:db:ad:aa:ec:e1:45:f9:51:61:a9:57:a0:
bf:3e:3b:c2:f8:22:97:0d:f7:09:8f:b1:47:77:1c:
92:c1:c8:09:fc:a8:d0:5f:1f:9d:b9:4d:13:5a:a9:
23:54:19:d1:4e:6c:e0:e5:5f:dd:25:4a:da:1e:ba:
d9:7b:cb:2a:de:7b:72:d3:23:e6:0f:a5:01:5d:e4:
a4:b5:8e:83:be:b1:8b:0f:cc:2d:b2:ae:26:af:cf:
e2:0b:ba:56:56:fd:4b:08:cc:f3:83:7a:2c:f9:c3:
f0:18:6c:89:73:5e:c7:f1:c4:af:30:00:c3:ba:09:
f8:f4:b9:00:ab:16:33:ea:13:14:c6:32:47:85:92:
16:be:83:f8:88:88:ba:1e:eb:23:5d:ff:2c:68:f7:
4c:72:16:36:05:6c:8a:e2:63:55:16:0a:30:fe:52:
5b:6b:24:ae:55:91:d6:22:56:8a:2c:8e:b8:3b:6c:
16:d1:06:08:79:c5:77:b4:53:e7:52:22:e7:e4:79:
43:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:DE:2B:0C:46:56:95:5D:00:36:F0:8B:FC:24:38:CC:C0:0F:56:74
X509v3 Authority Key Identifier:
keyid:B7:F6:46:DE:41:40:72:FC:1A:B7:6B:1B:2C:9E:08:B9:BD:21:A8:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/Ot4rDEZWlV0ANvCL_CQ4zMAPVnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.129.0/24
43.252.24.0/22
45.154.116.0/22
77.87.127.0/24
88.151.12.0/24
88.218.188.0/22
91.223.180.0/24
91.234.32.0/22
91.247.189.0/24
146.19.45.0/24
176.114.0.0/20
185.166.216.0/22
185.230.88.0/22
185.252.24.0/22
188.93.118.0/24
194.110.248.0/24
194.110.254.0/24
194.113.32.0/24
194.113.58.0/24
IPv6:
2a0c:f00::/29
2a0f:c100::/29
2a11:1280::/29
Signature Algorithm: sha256WithRSAEncryption
09:44:0a:af:b6:1e:4a:75:fa:56:15:a9:83:b0:0d:2a:b7:2b:
aa:b9:31:35:b3:e0:68:61:cf:1b:b5:e9:d7:cf:40:26:b1:5e:
40:58:0f:ae:41:50:36:ee:2a:2f:b5:f7:5a:ce:d4:db:33:65:
89:71:22:eb:f9:da:d6:b3:35:4d:63:cf:a8:e0:e4:f4:e0:c4:
1c:d4:60:86:26:32:8b:7d:46:c7:8b:e5:b2:b8:4b:94:75:b0:
31:7d:27:57:70:2d:5c:e0:33:59:e9:f1:8c:e3:eb:ea:ec:bf:
ee:e2:ec:5d:d9:88:e6:11:a9:bb:d2:c5:0d:73:b3:39:d1:f9:
e6:56:08:22:2e:c7:2b:ad:e9:12:4f:a9:e5:75:5f:f3:be:c8:
97:4c:ed:46:8a:a0:63:92:9f:75:00:a5:5a:45:38:94:5b:31:
3a:20:77:b0:a2:8d:9c:92:37:86:15:0f:69:7a:d8:e4:b6:2e:
2b:72:2f:ec:2f:ca:16:9b:54:fc:c1:81:87:30:d1:3e:32:36:
bb:60:de:ed:b9:12:34:80:5f:f9:74:fb:9f:12:49:4a:34:df:
9c:19:ac:44:f4:21:ad:b3:02:a1:77:b0:e5:13:e6:40:6b:c7:
d8:39:78:8f:13:61:d2:22:c4:b0:06:7e:66:df:7f:b3:86:89:
f4:7a:4c:9c
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAYzPpwy+4A8RGQvBzIOmfVPPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZjY0NmRlNDE0MDcyZmMxYWI3NmIxYjJjOWUwOGI5YmQy
MWE4NDMwHhcNMjQwMTAzMTQwODAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWRlMmIwYzQ2NTY5NTVkMDAzNmYwOGJmYzI0MzhjY2MwMGY1Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXbGGah4Qn3wtqZK7LhArOkXg3ZO
1P2hj4hCJRsrNBC/lp3IAORt+3ICg91txCEyKLvtTNGcflI83mkh5jjbrars4UX5
UWGpV6C/PjvC+CKXDfcJj7FHdxySwcgJ/KjQXx+duU0TWqkjVBnRTmzg5V/dJUra
HrrZe8sq3nty0yPmD6UBXeSktY6DvrGLD8wtsq4mr8/iC7pWVv1LCMzzg3os+cPw
GGyJc17H8cSvMADDugn49LkAqxYz6hMUxjJHhZIWvoP4iIi6HusjXf8saPdMchY2
BWyK4mNVFgow/lJbaySuVZHWIlaKLI64O2wW0QYIecV3tFPnUiLn5HlDvwIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFDreKwxGVpVdADbwi/wkOMzAD1Z0MB8GA1UdIwQY
MBaAFLf2Rt5BQHL8GrdrGyyeCLm9IahDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdF9aRzNrRkFjdndhdDJzYkxKNEl1YjBocUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9lMmY5ZmYtYzQ2MC00MGEyLWEzNTct
NzdlZjg3YTczZTEzLzEvT3Q0ckRFWldsVjBBTnZDTF9DUTR6TUFQVm5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9lMmY5ZmYtYzQ2MC00MGEyLWEzNTctNzdlZjg3YTczZTEz
LzEvdF9aRzNrRkFjdndhdDJzYkxKNEl1YjBocUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGqBggrBgEFBQcBBwEB/wSBmjCBlzB4BAIAATByAwQAJUiB
AwQCK/wYAwQCLZp0AwQATVd/AwQAWJcMAwQCWNq8AwQAW9+0AwQCW+ogAwQAW/e9
AwQAkhMtAwQEsHIAAwQCuabYAwQCueZYAwQCufwYAwQAvF12AwQAwm74AwQAwm7+
AwQAwnEgAwQAwnE6MBsEAgACMBUDBQMqDA8AAwUDKg/BAAMFAyoREoAwDQYJKoZI
hvcNAQELBQADggEBAAlECq+2Hkp1+lYVqYOwDSq3K6q5MTWz4Ghhzxu16dfPQCax
XkBYD65BUDbuKi+191rO1NszZYlxIuv52tazNU1jz6jg5PTgxBzUYIYmMot9RseL
5bK4S5R1sDF9J1dwLVzgM1np8Yzj6+rsv+7i7F3ZiOYRqbvSxQ1zsznR+eZWCCIu
xyut6RJPqeV1X/O+yJdM7UaKoGOSn3UApVpFOJRbMTogd7CijZySN4YVD2l62OS2
LityL+wvyhabVPzBgYcw0T4yNrtg3u25EjSAX/l0+58SSUo035wZrET0Ia2zAqF3
sOUT5kBrx9g5eI8TYdIixLAGfmbff7OGifR6TJw=
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:55:00 2024 by rpki-client on console-fra.rpki-client.org