Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/365c3f-415e-4cd5-9a4b-66d3a89152ac/1/aCkH_ISt0OMHilFKWIpSCv0P-8U.roa
File: aCkH_ISt0OMHilFKWIpSCv0P-8U.roa (raw, json)
Hash identifier: Um/O/0avpYydbG4rvniaZkW7ZOIvg53LjEU/5pFSHH8=
Subject key identifier: 68:29:07:FC:84:AD:D0:E3:07:8A:51:4A:58:8A:52:0A:FD:0F:FB:C5
Certificate issuer: /CN=e74ee1868f96dd37a6b81cb1f6d28d6c2f7e746f
Certificate serial: 018CC64A638E30149799D451A8129D553353
Authority key identifier: E7:4E:E1:86:8F:96:DD:37:A6:B8:1C:B1:F6:D2:8D:6C:2F:7E:74:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/507hho-W3TemuByx9tKNbC9-dG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/365c3f-415e-4cd5-9a4b-66d3a89152ac/1/aCkH_ISt0OMHilFKWIpSCv0P-8U.roa
Signing time: Mon 01 Jan 2024 18:30:12 +0000
ROA not before: Mon 01 Jan 2024 18:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31463
IP address blocks: 185.167.231.0/24 maxlen: 24
185.167.230.0/24 maxlen: 24
185.167.229.0/24 maxlen: 24
185.167.228.0/22 maxlen: 24
185.167.228.0/24 maxlen: 24
109.74.21.0/24 maxlen: 24
109.74.20.0/22 maxlen: 22
109.74.22.0/24 maxlen: 24
185.160.165.0/24 maxlen: 24
185.160.164.0/24 maxlen: 24
185.160.164.0/22 maxlen: 22
185.160.167.0/24 maxlen: 24
45.140.139.0/24 maxlen: 24
45.140.137.0/24 maxlen: 24
45.140.136.0/24 maxlen: 24
45.140.136.0/22 maxlen: 22
45.140.138.0/24 maxlen: 24
94.228.36.0/24 maxlen: 24
94.228.35.0/24 maxlen: 24
94.228.38.0/24 maxlen: 24
94.228.37.0/24 maxlen: 24
94.228.32.0/20 maxlen: 24
94.228.32.0/24 maxlen: 24
94.228.34.0/24 maxlen: 24
94.228.33.0/24 maxlen: 24
94.228.39.0/24 maxlen: 24
94.228.41.0/24 maxlen: 24
94.228.40.0/24 maxlen: 24
94.228.43.0/24 maxlen: 24
94.228.42.0/24 maxlen: 24
94.228.44.0/24 maxlen: 24
94.228.46.0/24 maxlen: 24
94.228.45.0/24 maxlen: 24
94.228.47.0/24 maxlen: 24
185.4.130.0/24 maxlen: 24
185.4.129.0/24 maxlen: 24
185.4.131.0/24 maxlen: 24
185.4.128.0/22 maxlen: 24
185.4.128.0/24 maxlen: 24
79.99.64.0/21 maxlen: 24
79.99.64.0/24 maxlen: 24
79.99.69.0/24 maxlen: 24
79.99.71.0/24 maxlen: 24
79.99.70.0/24 maxlen: 24
79.99.66.0/24 maxlen: 24
79.99.65.0/24 maxlen: 24
79.99.68.0/24 maxlen: 24
79.99.67.0/24 maxlen: 24
178.17.35.0/24 maxlen: 24
178.17.37.0/24 maxlen: 24
178.17.36.0/24 maxlen: 24
178.17.32.0/24 maxlen: 24
178.17.34.0/24 maxlen: 24
178.17.33.0/24 maxlen: 24
178.17.32.0/20 maxlen: 24
178.17.38.0/24 maxlen: 24
178.17.42.0/24 maxlen: 24
178.17.44.0/24 maxlen: 24
178.17.43.0/24 maxlen: 24
178.17.39.0/24 maxlen: 24
178.17.41.0/24 maxlen: 24
178.17.40.0/24 maxlen: 24
178.17.46.0/24 maxlen: 24
178.17.45.0/24 maxlen: 24
178.17.47.0/24 maxlen: 24
46.245.249.0/24 maxlen: 24
46.245.248.0/24 maxlen: 24
46.245.248.0/21 maxlen: 24
46.245.251.0/24 maxlen: 24
46.245.250.0/24 maxlen: 24
46.245.253.0/24 maxlen: 24
46.245.252.0/24 maxlen: 24
46.245.255.0/24 maxlen: 24
46.245.254.0/24 maxlen: 24
178.251.34.0/24 maxlen: 24
178.251.32.0/21 maxlen: 21
185.34.209.0/24 maxlen: 24
185.34.208.0/22 maxlen: 22
37.209.213.0/24 maxlen: 24
37.209.212.0/24 maxlen: 24
37.209.209.0/24 maxlen: 24
37.209.208.0/24 maxlen: 24
37.209.208.0/20 maxlen: 24
37.209.211.0/24 maxlen: 24
37.209.210.0/24 maxlen: 24
37.209.219.0/24 maxlen: 24
37.209.216.0/24 maxlen: 24
37.209.215.0/24 maxlen: 24
37.209.218.0/24 maxlen: 24
37.209.217.0/24 maxlen: 24
37.209.214.0/24 maxlen: 24
37.209.223.0/24 maxlen: 24
37.209.222.0/24 maxlen: 24
37.209.220.0/24 maxlen: 24
37.209.221.0/24 maxlen: 24
2a00:1c18::/32 maxlen: 48
2a00:1c18::/29 maxlen: 48
2a0d:4140::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/365c3f-415e-4cd5-9a4b-66d3a89152ac/1/507hho-W3TemuByx9tKNbC9-dG8.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/365c3f-415e-4cd5-9a4b-66d3a89152ac/1/507hho-W3TemuByx9tKNbC9-dG8.mft
rsync://rpki.ripe.net/repository/DEFAULT/507hho-W3TemuByx9tKNbC9-dG8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:02:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:63:8e:30:14:97:99:d4:51:a8:12:9d:55:33:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e74ee1868f96dd37a6b81cb1f6d28d6c2f7e746f
Validity
Not Before: Jan 1 18:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=682907fc84add0e3078a514a588a520afd0ffbc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9b:a2:32:0b:fb:fd:34:fe:82:ee:7a:c1:80:
3e:e3:e6:76:99:c0:f3:1f:4b:97:a1:77:2c:67:69:
7d:af:37:91:e2:19:f5:44:fe:0b:d3:d2:b2:3b:41:
d5:05:2c:c4:8b:e5:5c:be:69:9b:a5:1a:5c:81:59:
01:85:1d:ed:0c:2d:a7:0a:75:ab:ae:64:b7:c7:2c:
74:cc:0a:1c:f0:a2:f6:f7:97:bd:cb:b7:cc:ac:e7:
d7:a4:8b:d3:54:8c:66:ad:73:2c:0b:a2:98:09:d5:
d2:69:1d:65:5c:1b:9f:68:55:05:ad:b5:fd:16:61:
b6:d3:67:b0:23:bc:37:1e:a3:67:ef:be:22:27:65:
f0:ec:62:3e:e7:94:a0:a0:21:e9:d0:44:7a:10:c4:
d9:72:4a:29:f4:c7:10:2c:6e:ad:cc:1e:d4:14:b6:
65:f8:57:ae:10:db:db:e3:8c:fb:38:ec:d1:dd:de:
fc:71:79:24:26:9a:9b:d4:09:eb:7b:b7:23:39:5d:
de:f4:7c:f5:44:ef:68:14:10:34:6f:52:68:19:dd:
ad:90:4a:50:8f:23:b4:4e:0d:de:b5:f7:01:fd:e6:
9b:da:90:30:f0:ab:13:e4:fe:2e:8a:1d:e3:08:28:
a9:0c:30:d9:89:93:96:1b:4c:16:4b:7e:3e:fd:38:
0d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:29:07:FC:84:AD:D0:E3:07:8A:51:4A:58:8A:52:0A:FD:0F:FB:C5
X509v3 Authority Key Identifier:
keyid:E7:4E:E1:86:8F:96:DD:37:A6:B8:1C:B1:F6:D2:8D:6C:2F:7E:74:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/507hho-W3TemuByx9tKNbC9-dG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/365c3f-415e-4cd5-9a4b-66d3a89152ac/1/aCkH_ISt0OMHilFKWIpSCv0P-8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/365c3f-415e-4cd5-9a4b-66d3a89152ac/1/507hho-W3TemuByx9tKNbC9-dG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.208.0/20
45.140.136.0/22
46.245.248.0/21
79.99.64.0/21
94.228.32.0/20
109.74.20.0/22
178.17.32.0/20
178.251.32.0/21
185.4.128.0/22
185.34.208.0/22
185.160.164.0/22
185.167.228.0/22
IPv6:
2a00:1c18::/29
2a0d:4140::/32
Signature Algorithm: sha256WithRSAEncryption
2a:68:72:3c:9a:5a:4c:35:45:43:2a:65:a2:57:b9:fa:73:ed:
e1:bc:3c:c2:8a:aa:2a:ce:db:ac:ec:97:e1:18:b8:56:b8:8e:
7d:1c:96:97:d6:75:47:64:79:a3:06:45:1c:43:45:b2:31:72:
4f:b2:58:a1:4e:bb:29:b3:7d:c1:71:fe:26:e9:11:9e:0c:4c:
24:a5:06:dd:3e:6e:d8:f9:2a:5b:1c:08:e7:6d:81:9c:db:cf:
75:9a:23:4a:33:b0:84:3b:a3:fd:65:2f:0f:37:58:2c:8c:d6:
2f:94:ba:2f:08:b4:c6:d6:7f:25:f0:63:82:b7:f2:7a:1e:c0:
fe:27:e1:a0:cc:85:c4:7a:22:c7:10:06:17:5c:c9:49:89:16:
98:22:82:ce:dc:4d:3f:8c:ef:18:73:bd:de:e2:bc:cc:2f:46:
28:e8:d6:61:b8:98:0a:f3:75:10:69:77:79:72:c3:9e:9e:c4:
8a:9d:2e:dd:f4:72:db:4a:34:2f:d3:f9:a2:4d:67:b2:eb:18:
01:90:68:c4:57:3e:54:c0:0c:4f:98:35:68:6e:80:4b:ec:0d:
ae:6d:bc:bf:b2:97:07:8f:36:9e:b0:6e:73:6e:28:db:f8:b7:
77:c4:75:f0:12:26:1d:6e:78:88:fb:7f:7b:48:70:5e:be:1f:
4b:35:37:00
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYzGSmOOMBSXmdRRqBKdVTNTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NGVlMTg2OGY5NmRkMzdhNmI4MWNiMWY2ZDI4ZDZjMmY3
ZTc0NmYwHhcNMjQwMTAxMTgzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODI5MDdmYzg0YWRkMGUzMDc4YTUxNGE1ODhhNTIwYWZkMGZmYmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpuiMgv7/TT+gu56wYA+4+Z2mcDz
H0uXoXcsZ2l9rzeR4hn1RP4L09KyO0HVBSzEi+VcvmmbpRpcgVkBhR3tDC2nCnWr
rmS3xyx0zAoc8KL295e9y7fMrOfXpIvTVIxmrXMsC6KYCdXSaR1lXBufaFUFrbX9
FmG202ewI7w3HqNn774iJ2Xw7GI+55SgoCHp0ER6EMTZckop9McQLG6tzB7UFLZl
+FeuENvb44z7OOzR3d78cXkkJpqb1Anre7cjOV3e9Hz1RO9oFBA0b1JoGd2tkEpQ
jyO0Tg3etfcB/eab2pAw8KsT5P4uih3jCCipDDDZiZOWG0wWS34+/TgN7wIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFGgpB/yErdDjB4pRSliKUgr9D/vFMB8GA1UdIwQY
MBaAFOdO4YaPlt03prgcsfbSjWwvfnRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTA3aGhvLVczVGVtdUJ5eDl0S05iQzktZEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zNjVjM2YtNDE1ZS00Y2Q1LTlhNGIt
NjZkM2E4OTE1MmFjLzEvYUNrSF9JU3QwT01IaWxGS1dJcFNDdjBQLThVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zNjVjM2YtNDE1ZS00Y2Q1LTlhNGItNjZkM2E4OTE1MmFj
LzEvNTA3aGhvLVczVGVtdUJ5eDl0S05iQzktZEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQEJdHQAwQC
LYyIAwQDLvX4AwQDT2NAAwQEXuQgAwQCbUoUAwQEshEgAwQDsvsgAwQCuQSAAwQC
uSLQAwQCuaCkAwQCuafkMBQEAgACMA4DBQMqABwYAwUAKg1BQDANBgkqhkiG9w0B
AQsFAAOCAQEAKmhyPJpaTDVFQyplole5+nPt4bw8woqqKs7brOyX4Ri4VriOfRyW
l9Z1R2R5owZFHENFsjFyT7JYoU67KbN9wXH+JukRngxMJKUG3T5u2PkqWxwI522B
nNvPdZojSjOwhDuj/WUvDzdYLIzWL5S6Lwi0xtZ/JfBjgrfyeh7A/ifhoMyFxHoi
xxAGF1zJSYkWmCKCztxNP4zvGHO93uK8zC9GKOjWYbiYCvN1EGl3eXLDnp7Eip0u
3fRy20o0L9P5ok1nsusYAZBoxFc+VMAMT5g1aG6AS+wNrm28v7KXB482nrBuc24o
2/i3d8R18BImHW54iPt/e0hwXr4fSzU3AA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:07:07 2024 by rpki-client on console-ams.rpki-client.org