Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/L44zdGdN0bNqIAKQ-6p-acxZy_c.roa
File: L44zdGdN0bNqIAKQ-6p-acxZy_c.roa (raw, json)
Hash identifier: BFDPXZfVIlTt/HpWJz3r4L2mrx6h0eYiwK7x+J1c8qg=
Subject key identifier: 2F:8E:33:74:67:4D:D1:B3:6A:20:02:90:FB:AA:7E:69:CC:59:CB:F7
Certificate issuer: /CN=0c2625bdffa9437dc2b96d8ae023100bc88e6fe3
Certificate serial: 018CC34904A35C31D1AD940A0F698F0253CE
Authority key identifier: 0C:26:25:BD:FF:A9:43:7D:C2:B9:6D:8A:E0:23:10:0B:C8:8E:6F:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCYlvf-pQ33CuW2K4CMQC8iOb-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/L44zdGdN0bNqIAKQ-6p-acxZy_c.roa
Signing time: Mon 01 Jan 2024 04:29:51 +0000
ROA not before: Mon 01 Jan 2024 04:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8680
IP address blocks: 89.33.15.0/24 maxlen: 24
89.43.49.0/24 maxlen: 24
85.204.192.0/24 maxlen: 24
217.19.128.0/20 maxlen: 24
89.40.64.0/24 maxlen: 24
86.104.64.0/24 maxlen: 24
89.43.172.0/23 maxlen: 24
86.104.12.0/24 maxlen: 24
212.30.4.0/24 maxlen: 24
92.114.55.0/24 maxlen: 24
212.30.0.0/19 maxlen: 24
212.30.9.0/24 maxlen: 24
212.30.8.0/24 maxlen: 24
212.30.16.0/24 maxlen: 24
188.241.17.0/24 maxlen: 24
91.190.160.0/21 maxlen: 24
89.42.115.0/24 maxlen: 24
188.214.59.0/24 maxlen: 24
37.72.152.0/21 maxlen: 24
37.72.158.0/24 maxlen: 24
37.72.156.0/23 maxlen: 23
85.204.135.0/24 maxlen: 24
85.204.144.0/24 maxlen: 24
89.32.207.0/24 maxlen: 24
85.204.71.0/24 maxlen: 24
89.42.174.0/23 maxlen: 24
89.42.179.0/24 maxlen: 24
93.187.144.0/21 maxlen: 24
84.247.1.0/24 maxlen: 24
89.35.82.0/23 maxlen: 24
62.68.160.0/19 maxlen: 24
62.68.160.0/21 maxlen: 21
62.68.168.0/23 maxlen: 23
62.68.170.0/24 maxlen: 24
62.68.172.0/22 maxlen: 22
62.68.178.0/23 maxlen: 23
62.68.176.0/23 maxlen: 23
62.68.176.0/20 maxlen: 20
62.68.185.0/24 maxlen: 24
62.68.184.0/24 maxlen: 24
62.68.181.0/24 maxlen: 24
62.68.183.0/24 maxlen: 24
62.68.182.0/24 maxlen: 24
62.68.180.0/24 maxlen: 24
62.68.188.0/22 maxlen: 22
46.102.107.0/24 maxlen: 24
93.114.188.0/23 maxlen: 24
185.3.100.0/22 maxlen: 24
89.37.59.0/24 maxlen: 24
89.44.107.0/24 maxlen: 24
88.81.128.0/19 maxlen: 24
88.81.157.0/24 maxlen: 24
89.47.253.0/24 maxlen: 24
89.47.248.0/24 maxlen: 24
77.81.75.0/24 maxlen: 24
78.111.192.0/20 maxlen: 24
86.105.10.0/23 maxlen: 24
2a02:7380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/DCYlvf-pQ33CuW2K4CMQC8iOb-M.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/DCYlvf-pQ33CuW2K4CMQC8iOb-M.mft
rsync://rpki.ripe.net/repository/DEFAULT/DCYlvf-pQ33CuW2K4CMQC8iOb-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:04:a3:5c:31:d1:ad:94:0a:0f:69:8f:02:53:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c2625bdffa9437dc2b96d8ae023100bc88e6fe3
Validity
Not Before: Jan 1 04:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f8e3374674dd1b36a200290fbaa7e69cc59cbf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:40:a0:c2:a6:16:af:49:17:7c:ab:63:28:ef:
57:c3:f8:61:73:29:a0:20:b3:35:e3:34:02:e1:62:
e9:b0:b6:6d:93:b7:0a:88:50:7b:9b:4f:19:8c:9d:
41:4e:d7:37:10:e6:07:55:e9:dc:48:fc:2f:45:c7:
3a:0d:ed:d4:45:3b:af:81:af:ca:9d:8d:ae:10:29:
75:c8:92:66:c1:18:69:61:2c:d0:35:0c:14:af:de:
0b:bd:0d:5b:81:28:95:5b:f2:6b:8e:5e:14:cc:49:
b7:1e:08:fa:e6:c1:93:d1:ca:b4:b5:f3:03:99:7a:
33:d5:88:21:2c:85:fc:34:30:ac:f3:0b:e1:6d:e8:
aa:f9:e7:b1:6a:e5:90:0c:68:33:93:08:3a:d7:09:
bb:31:35:17:30:da:1b:9a:22:60:30:0e:bd:5e:98:
f9:8d:f4:49:06:26:1d:75:6c:2b:a9:3c:59:96:b6:
c9:cb:d2:83:fc:65:b4:7a:b2:10:57:07:26:52:a9:
12:48:65:9c:6c:ee:20:90:1b:98:f7:0c:8b:f1:4a:
7d:21:2c:bb:03:f3:32:16:90:b3:af:a1:be:b2:10:
67:0e:60:fe:9a:ca:3e:3f:53:9c:ef:93:90:62:c9:
4f:29:93:92:0c:d9:4f:90:a9:63:42:88:e1:f5:ac:
3b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:8E:33:74:67:4D:D1:B3:6A:20:02:90:FB:AA:7E:69:CC:59:CB:F7
X509v3 Authority Key Identifier:
keyid:0C:26:25:BD:FF:A9:43:7D:C2:B9:6D:8A:E0:23:10:0B:C8:8E:6F:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCYlvf-pQ33CuW2K4CMQC8iOb-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/L44zdGdN0bNqIAKQ-6p-acxZy_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/DCYlvf-pQ33CuW2K4CMQC8iOb-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.152.0/21
46.102.107.0/24
62.68.160.0/19
77.81.75.0/24
78.111.192.0/20
84.247.1.0/24
85.204.71.0/24
85.204.135.0/24
85.204.144.0/24
85.204.192.0/24
86.104.12.0/24
86.104.64.0/24
86.105.10.0/23
88.81.128.0/19
89.32.207.0/24
89.33.15.0/24
89.35.82.0/23
89.37.59.0/24
89.40.64.0/24
89.42.115.0/24
89.42.174.0/23
89.42.179.0/24
89.43.49.0/24
89.43.172.0/23
89.44.107.0/24
89.47.248.0/24
89.47.253.0/24
91.190.160.0/21
92.114.55.0/24
93.114.188.0/23
93.187.144.0/21
185.3.100.0/22
188.214.59.0/24
188.241.17.0/24
212.30.0.0/19
217.19.128.0/20
IPv6:
2a02:7380::/32
Signature Algorithm: sha256WithRSAEncryption
47:f1:9b:05:74:6b:d2:8f:93:f1:9e:53:a8:13:52:31:51:63:
dc:25:1c:26:b1:0a:89:aa:36:1b:4f:57:8d:c5:be:1a:6e:b0:
bb:65:19:47:3c:fd:64:f8:95:ee:e4:9e:39:53:28:25:3f:1f:
fa:07:72:b5:ca:9b:88:73:ae:5b:32:b3:85:99:19:5a:c2:6d:
8b:2a:89:f3:28:09:8f:98:26:91:70:7a:41:c1:7f:ce:5f:39:
48:44:7d:67:61:d0:91:3a:7c:f2:2b:c3:0a:ce:f4:de:31:2a:
3b:f9:08:ff:19:10:90:48:d4:bb:a3:ca:f4:62:23:f9:3d:32:
72:02:fa:72:44:df:3c:57:5a:cd:47:92:69:5c:69:74:b6:fd:
9d:0e:87:18:07:cc:3a:f3:ef:8d:65:8e:bc:fb:97:31:a1:3f:
24:b4:c3:51:5c:05:95:9f:86:ba:53:97:8b:ba:f8:6a:f6:f1:
54:2c:7c:5d:6a:f6:63:04:91:dc:a3:77:d3:4a:85:f6:8c:ea:
12:87:72:14:66:5c:57:27:20:99:7d:04:17:6a:a3:82:78:12:
94:d3:07:1e:49:8f:65:5b:cd:6f:e5:15:4b:19:ce:aa:a1:b0:
e1:73:0c:bc:9e:12:20:50:00:86:d3:0c:8e:c9:36:8c:33:fe:
55:be:0e:6c
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAYzDSQSjXDHRrZQKD2mPAlPOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjYyNWJkZmZhOTQzN2RjMmI5NmQ4YWUwMjMxMDBiYzg4
ZTZmZTMwHhcNMjQwMTAxMDQyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjhlMzM3NDY3NGRkMWIzNmEyMDAyOTBmYmFhN2U2OWNjNTljYmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkCgwqYWr0kXfKtjKO9Xw/hhcymg
ILM14zQC4WLpsLZtk7cKiFB7m08ZjJ1BTtc3EOYHVencSPwvRcc6De3URTuvga/K
nY2uECl1yJJmwRhpYSzQNQwUr94LvQ1bgSiVW/Jrjl4UzEm3Hgj65sGT0cq0tfMD
mXoz1YghLIX8NDCs8wvhbeiq+eexauWQDGgzkwg61wm7MTUXMNobmiJgMA69Xpj5
jfRJBiYddWwrqTxZlrbJy9KD/GW0erIQVwcmUqkSSGWcbO4gkBuY9wyL8Up9ISy7
A/MyFpCzr6G+shBnDmD+mso+P1Oc75OQYslPKZOSDNlPkKljQojh9aw7uwIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFC+OM3RnTdGzaiACkPuqfmnMWcv3MB8GA1UdIwQY
MBaAFAwmJb3/qUN9wrltiuAjEAvIjm/jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENZbHZmLXBRMzNDdVcySzRDTVFDOGlPYi1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC85Yzc4YjktZGEzOS00NTBmLWJiOTYt
MDc4MDRhZmY0OTBmLzEvTDQ0emRHZE4wYk5xSUFLUS02cC1hY3haeV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC85Yzc4YjktZGEzOS00NTBmLWJiOTYtMDc4MDRhZmY0OTBm
LzEvRENZbHZmLXBRMzNDdVcySzRDTVFDOGlPYi1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwgd8EAgABMIHYAwQD
JUiYAwQALmZrAwQFPkSgAwQATVFLAwQETm/AAwQAVPcBAwQAVcxHAwQAVcyHAwQA
VcyQAwQAVczAAwQAVmgMAwQAVmhAAwQBVmkKAwQFWFGAAwQAWSDPAwQAWSEPAwQB
WSNSAwQAWSU7AwQAWShAAwQAWSpzAwQBWSquAwQAWSqzAwQAWSsxAwQBWSusAwQA
WSxrAwQAWS/4AwQAWS/9AwQDW76gAwQAXHI3AwQBXXK8AwQDXbuQAwQCuQNkAwQA
vNY7AwQAvPERAwQF1B4AAwQE2ROAMA0EAgACMAcDBQAqAnOAMA0GCSqGSIb3DQEB
CwUAA4IBAQBH8ZsFdGvSj5PxnlOoE1IxUWPcJRwmsQqJqjYbT1eNxb4abrC7ZRlH
PP1k+JXu5J45UyglPx/6B3K1ypuIc65bMrOFmRlawm2LKonzKAmPmCaRcHpBwX/O
XzlIRH1nYdCROnzyK8MKzvTeMSo7+Qj/GRCQSNS7o8r0YiP5PTJyAvpyRN88V1rN
R5JpXGl0tv2dDocYB8w68++NZY68+5cxoT8ktMNRXAWVn4a6U5eLuvhq9vFULHxd
avZjBJHco3fTSoX2jOoSh3IUZlxXJyCZfQQXaqOCeBKU0wceSY9lW81v5RVLGc6q
obDhcwy8nhIgUACG0wyOyTaMM/5Vvg5s
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:21:31 2024 by rpki-client on console-ams.rpki-client.org