Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/0fv0bHcfEhi1Ku_oCSItEv8MwoU.roa
File: 0fv0bHcfEhi1Ku_oCSItEv8MwoU.roa (raw, json)
Hash identifier: MraVkJuJmNKOOJ/6G87QVrDqtob8GmTNfqTv9XoGp4A=
Subject key identifier: D1:FB:F4:6C:77:1F:12:18:B5:2A:EF:E8:09:22:2D:12:FF:0C:C2:85
Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b
Certificate serial: 018CC424793F1C807271D55250C93991D8BF
Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/0fv0bHcfEhi1Ku_oCSItEv8MwoU.roa
Signing time: Mon 01 Jan 2024 08:29:33 +0000
ROA not before: Mon 01 Jan 2024 08:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203020
IP address blocks: 188.241.249.0/24 maxlen: 32
185.66.136.0/22 maxlen: 32
92.255.52.0/24 maxlen: 32
92.255.64.0/24 maxlen: 32
212.70.3.0/24 maxlen: 32
188.241.200.0/21 maxlen: 32
119.12.192.0/20 maxlen: 32
212.70.8.0/21 maxlen: 32
92.255.80.0/22 maxlen: 32
89.46.242.0/24 maxlen: 32
92.114.81.0/24 maxlen: 32
180.235.160.0/20 maxlen: 32
86.104.76.0/22 maxlen: 32
89.40.81.0/24 maxlen: 32
180.235.176.0/20 maxlen: 32
110.238.192.0/19 maxlen: 32
92.114.60.0/22 maxlen: 32
91.92.216.0/23 maxlen: 32
188.241.15.0/24 maxlen: 32
91.92.218.0/24 maxlen: 32
94.177.14.0/23 maxlen: 32
93.113.52.0/23 maxlen: 24
188.240.214.0/23 maxlen: 32
91.92.178.0/23 maxlen: 32
94.139.224.0/20 maxlen: 24
188.241.0.0/23 maxlen: 32
92.255.0.0/24 maxlen: 32
85.217.190.0/23 maxlen: 32
193.56.24.0/22 maxlen: 32
89.32.132.0/22 maxlen: 32
188.211.24.0/23 maxlen: 32
86.106.176.0/23 maxlen: 32
85.217.220.0/23 maxlen: 32
176.223.104.0/22 maxlen: 32
94.139.48.0/21 maxlen: 32
94.139.56.0/22 maxlen: 32
91.92.17.0/24 maxlen: 32
91.92.20.0/24 maxlen: 32
91.92.22.0/23 maxlen: 32
94.139.60.0/23 maxlen: 32
94.176.0.0/23 maxlen: 32
193.142.103.0/24 maxlen: 32
176.223.68.0/22 maxlen: 32
188.240.48.0/23 maxlen: 32
94.176.172.0/22 maxlen: 32
89.38.155.0/24 maxlen: 32
91.92.138.0/24 maxlen: 32
193.200.104.0/23 maxlen: 32
91.92.64.0/24 maxlen: 32
176.223.182.0/23 maxlen: 32
188.212.136.0/21 maxlen: 32
93.114.236.0/22 maxlen: 32
93.114.136.0/23 maxlen: 32
188.94.84.0/22 maxlen: 32
2.57.76.0/22 maxlen: 32
89.104.122.0/23 maxlen: 32
31.14.26.0/24 maxlen: 32
89.223.22.0/23 maxlen: 32
91.192.212.0/22 maxlen: 32
93.115.4.0/23 maxlen: 32
77.81.92.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.mft
rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:79:3f:1c:80:72:71:d5:52:50:c9:39:91:d8:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b
Validity
Not Before: Jan 1 08:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1fbf46c771f1218b52aefe809222d12ff0cc285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:79:4c:bb:ba:15:ff:2c:f0:a8:06:35:9e:da:
9e:9d:db:89:1a:91:8f:d2:73:58:b0:76:e2:7d:e0:
d4:e8:c6:fa:8f:b5:8f:ac:20:d5:34:42:45:30:eb:
1a:24:84:a8:e4:0d:00:2a:83:4e:1c:89:c7:9d:c8:
42:f8:88:72:7e:89:1e:78:c3:fd:50:35:8e:df:9e:
0b:0f:07:a7:71:c3:0c:3c:f2:57:42:0a:60:e0:76:
8f:0e:ec:6f:ad:6a:bb:41:8b:f7:ca:93:29:1b:ba:
ed:19:41:a7:3d:3a:3b:81:2d:f9:0a:67:de:5b:83:
5c:fd:38:0a:4a:d7:6e:60:7b:76:4b:cc:f0:d5:a4:
58:b1:bb:8c:b0:47:89:39:9b:17:ce:cb:fa:6d:12:
99:7e:31:91:ab:f3:a8:9d:01:e4:ca:44:31:15:69:
1e:44:35:93:d7:e5:b1:17:5e:5a:7c:40:07:8a:04:
7d:d6:a9:d1:ed:56:f4:23:46:c2:65:71:16:72:f6:
32:13:04:9d:64:d9:61:73:44:fe:4d:c4:c3:13:66:
e4:b3:ab:e8:e4:9c:37:83:f8:05:e6:bd:e9:cb:f6:
ba:f1:a1:9b:4e:16:6a:9a:ec:eb:7a:d0:57:dd:15:
de:35:b9:d4:f7:f9:68:a3:c5:2d:bd:c8:20:1f:cc:
0a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:FB:F4:6C:77:1F:12:18:B5:2A:EF:E8:09:22:2D:12:FF:0C:C2:85
X509v3 Authority Key Identifier:
keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/0fv0bHcfEhi1Ku_oCSItEv8MwoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.76.0/22
31.14.26.0/24
77.81.92.0/22
85.217.190.0/23
85.217.220.0/23
86.104.76.0/22
86.106.176.0/23
89.32.132.0/22
89.38.155.0/24
89.40.81.0/24
89.46.242.0/24
89.104.122.0/23
89.223.22.0/23
91.92.17.0/24
91.92.20.0/24
91.92.22.0/23
91.92.64.0/24
91.92.138.0/24
91.92.178.0/23
91.92.216.0-91.92.218.255
91.192.212.0/22
92.114.60.0/22
92.114.81.0/24
92.255.0.0/24
92.255.52.0/24
92.255.64.0/24
92.255.80.0/22
93.113.52.0/23
93.114.136.0/23
93.114.236.0/22
93.115.4.0/23
94.139.48.0-94.139.61.255
94.139.224.0/20
94.176.0.0/23
94.176.172.0/22
94.177.14.0/23
110.238.192.0/19
119.12.192.0/20
176.223.68.0/22
176.223.104.0/22
176.223.182.0/23
180.235.160.0/19
185.66.136.0/22
188.94.84.0/22
188.211.24.0/23
188.212.136.0/21
188.240.48.0/23
188.240.214.0/23
188.241.0.0/23
188.241.15.0/24
188.241.200.0/21
188.241.249.0/24
193.56.24.0/22
193.142.103.0/24
193.200.104.0/23
212.70.3.0/24
212.70.8.0/21
Signature Algorithm: sha256WithRSAEncryption
5d:ab:fd:66:66:21:d1:e4:95:3b:68:d8:03:8a:89:f1:08:ca:
c6:45:cd:f5:79:16:9b:1f:c8:6d:89:c9:01:b5:a7:bf:ba:65:
9b:0b:00:ed:42:2b:2b:62:45:34:67:13:5b:9d:7a:a5:9f:18:
47:e9:8d:92:9b:5e:66:30:86:61:dc:4a:69:40:40:cc:ff:06:
69:52:97:d6:f6:58:d1:93:9b:9e:1c:ca:ad:1f:02:4e:35:2e:
75:51:f5:12:d5:9a:b6:36:86:c4:f5:e7:f9:e0:a9:fb:f1:b3:
fa:c9:4f:23:62:2a:0b:21:7e:72:59:93:44:5c:b0:2f:eb:20:
6d:4f:5d:30:95:a3:81:d5:ee:1a:99:92:14:c2:0a:67:79:ee:
7b:f3:80:96:33:7b:70:5f:37:69:37:97:7a:d9:d4:5e:7d:48:
72:a5:93:87:4e:71:92:64:e5:16:cf:3c:12:43:0c:7b:fd:86:
e4:b0:29:a5:2f:67:c5:e2:4c:29:4f:23:55:f2:b2:91:b1:3c:
12:1b:62:c1:8a:2c:0c:ec:85:24:e6:f8:f5:42:81:2d:ac:25:
38:6c:7e:de:cf:91:7b:5f:36:56:35:30:47:ea:ce:eb:b6:94:
95:c7:f0:0a:c4:b2:09:3c:4f:ca:13:b8:11:95:95:d0:7e:2d:
1a:ef:30:dd
-----BEGIN CERTIFICATE-----
MIIGZzCCBU+gAwIBAgISAYzEJHk/HIBycdVSUMk5kdi/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl
NzczNWIwHhcNMjQwMTAxMDgyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWZiZjQ2Yzc3MWYxMjE4YjUyYWVmZTgwOTIyMmQxMmZmMGNjMjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnlMu7oV/yzwqAY1ntqenduJGpGP
0nNYsHbifeDU6Mb6j7WPrCDVNEJFMOsaJISo5A0AKoNOHInHnchC+IhyfokeeMP9
UDWO354LDwenccMMPPJXQgpg4HaPDuxvrWq7QYv3ypMpG7rtGUGnPTo7gS35Cmfe
W4Nc/TgKStduYHt2S8zw1aRYsbuMsEeJOZsXzsv6bRKZfjGRq/OonQHkykQxFWke
RDWT1+WxF15afEAHigR91qnR7Vb0I0bCZXEWcvYyEwSdZNlhc0T+TcTDE2bks6vo
5Jw3g/gF5r3py/a68aGbThZqmuzretBX3RXeNbnU9/loo8UtvcggH8wKcwIDAQAB
o4IDczCCA28wHQYDVR0OBBYEFNH79Gx3HxIYtSrv6AkiLRL/DMKFMB8GA1UdIwQY
MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt
ZWVkZDk0ZWMxMjhjLzEvMGZ2MGJIY2ZFaGkxS3Vfb0NTSXRFdjhNd29VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj
LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhwYIKwYBBQUHAQcBAf8EggF2MIIBcjCCAW4EAgABMIIB
ZgMEAgI5TAMEAB8OGgMEAk1RXAMEAVXZvgMEAVXZ3AMEAlZoTAMEAVZqsAMEAlkg
hAMEAFkmmwMEAFkoUQMEAFku8gMEAVloegMEAVnfFgMEAFtcEQMEAFtcFAMEAVtc
FgMEAFtcQAMEAFtcigMEAVtcsjAMAwQDW1zYAwQAW1zaAwQCW8DUAwQCXHI8AwQA
XHJRAwQAXP8AAwQAXP80AwQAXP9AAwQCXP9QAwQBXXE0AwQBXXKIAwQCXXLsAwQB
XXMEMAwDBAReizADBAFeizwDBARei+ADBAFesAADBAJesKwDBAFesQ4DBAVu7sAD
BAR3DMADBAKw30QDBAKw32gDBAGw37YDBAW066ADBAK5QogDBAK8XlQDBAG80xgD
BAO81IgDBAG88DADBAG88NYDBAG88QADBAC88Q8DBAO88cgDBAC88fkDBALBOBgD
BADBjmcDBAHByGgDBADURgMDBAPURggwDQYJKoZIhvcNAQELBQADggEBAF2r/WZm
IdHklTto2AOKifEIysZFzfV5FpsfyG2JyQG1p7+6ZZsLAO1CKytiRTRnE1udeqWf
GEfpjZKbXmYwhmHcSmlAQMz/BmlSl9b2WNGTm54cyq0fAk41LnVR9RLVmrY2hsT1
5/ngqfvxs/rJTyNiKgshfnJZk0RcsC/rIG1PXTCVo4HV7hqZkhTCCmd57nvzgJYz
e3BfN2k3l3rZ1F59SHKlk4dOcZJk5RbPPBJDDHv9huSwKaUvZ8XiTClPI1XyspGx
PBIbYsGKLAzshSTm+PVCgS2sJThsft7PkXtfNlY1MEfqzuu2lJXH8ArEsgk8T8oT
uBGVldB+LRrvMN0=
-----END CERTIFICATE-----
Generated at Mon May 20 17:48:27 2024 by rpki-client on console-ams.rpki-client.org