Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/wowRn3YX1fDITSBmxewG8MyaeOk.roa
File: wowRn3YX1fDITSBmxewG8MyaeOk.roa (raw, json)
Hash identifier: vFTWAb/0jRbs61O1w/d1b5VxxbHU40Fsa5Z6rQJjiuA=
Subject key identifier: C2:8C:11:9F:76:17:D5:F0:C8:4D:20:66:C5:EC:06:F0:CC:9A:78:E9
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018E652F0949AB517371C75E7F739B65E1A2
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/wowRn3YX1fDITSBmxewG8MyaeOk.roa
Signing time: Fri 22 Mar 2024 08:02:45 +0000
ROA not before: Fri 22 Mar 2024 08:02:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42473
IP address blocks: 37.235.3.0/24 maxlen: 24
37.235.4.0/24 maxlen: 24
37.235.5.0/24 maxlen: 24
37.252.224.0/19 maxlen: 32
37.252.226.0/24 maxlen: 24
37.252.228.0/24 maxlen: 32
37.252.234.0/24 maxlen: 24
37.252.243.0/24 maxlen: 24
37.252.244.0/24 maxlen: 24
37.252.251.0/24 maxlen: 24
37.252.253.0/24 maxlen: 24
45.132.61.0/24 maxlen: 24
45.132.62.0/23 maxlen: 24
94.16.98.0/24 maxlen: 24
94.16.100.0/24 maxlen: 24
94.16.125.0/24 maxlen: 24
94.16.126.0/24 maxlen: 24
144.208.192.0/18 maxlen: 32
144.208.204.0/24 maxlen: 24
144.208.205.0/24 maxlen: 24
144.208.206.0/24 maxlen: 24
144.208.207.0/24 maxlen: 24
144.208.212.0/22 maxlen: 32
144.208.216.0/24 maxlen: 24
144.208.217.0/24 maxlen: 24
144.208.219.0/24 maxlen: 24
144.208.221.0/24 maxlen: 24
144.208.222.0/24 maxlen: 24
144.208.223.0/24 maxlen: 24
144.208.224.0/24 maxlen: 24
144.208.225.0/24 maxlen: 24
144.208.226.0/24 maxlen: 24
144.208.228.0/24 maxlen: 24
144.208.229.0/24 maxlen: 24
144.208.230.0/24 maxlen: 24
144.208.231.0/24 maxlen: 24
144.208.232.0/24 maxlen: 24
144.208.233.0/24 maxlen: 24
144.208.235.0/24 maxlen: 24
144.208.236.0/24 maxlen: 24
144.208.237.0/24 maxlen: 24
144.208.238.0/24 maxlen: 24
144.208.240.0/24 maxlen: 24
144.208.244.0/24 maxlen: 24
176.123.54.0/23 maxlen: 23
178.255.152.0/21 maxlen: 32
185.2.176.0/22 maxlen: 32
185.2.176.0/24 maxlen: 24
185.50.232.0/23 maxlen: 23
185.50.235.0/24 maxlen: 24
185.81.206.0/24 maxlen: 24
185.81.209.0/24 maxlen: 24
185.116.96.0/24 maxlen: 24
185.116.97.0/24 maxlen: 24
185.116.98.0/24 maxlen: 24
185.116.99.0/24 maxlen: 24
185.228.148.0/22 maxlen: 22
188.65.72.0/21 maxlen: 32
188.172.192.0/18 maxlen: 32
188.172.208.0/24 maxlen: 24
188.172.230.0/23 maxlen: 23
188.172.247.0/24 maxlen: 24
188.172.249.0/24 maxlen: 24
188.172.254.0/24 maxlen: 24
193.33.114.0/23 maxlen: 32
194.1.206.0/24 maxlen: 32
213.227.160.0/19 maxlen: 32
213.227.184.0/24 maxlen: 24
217.146.0.0/19 maxlen: 24
217.146.6.0/24 maxlen: 24
217.146.7.0/24 maxlen: 24
2a00:11c0::/32 maxlen: 128
2a00:11c0:13::/48 maxlen: 48
2a00:11c0:19::/48 maxlen: 48
2a00:11c0:22::/48 maxlen: 48
2a00:11c0:24::/48 maxlen: 48
2a00:11c0:29::/48 maxlen: 48
2a00:11c0:40::/48 maxlen: 48
2a00:11c0:41::/48 maxlen: 48
2a00:11c0:42::/48 maxlen: 48
2a00:11c0:43::/48 maxlen: 48
2a00:11c0:46::/48 maxlen: 48
2a00:11c0:4a::/48 maxlen: 48
2a00:11c0:66::/48 maxlen: 48
2a00:11c0:79::/48 maxlen: 48
2a00:11c0:80::/48 maxlen: 48
2a00:11c0:83::/48 maxlen: 48
2a00:11c0:84::/48 maxlen: 48
2a00:11c0:86::/48 maxlen: 48
2a00:11c0:87::/48 maxlen: 48
2a00:11c0:88::/48 maxlen: 48
2a00:11c0:96::/48 maxlen: 48
2a00:11c0:97::/48 maxlen: 48
2a00:11c0:98::/48 maxlen: 48
2a00:11c0:99::/48 maxlen: 48
2a00:11c0:9a::/48 maxlen: 48
2a00:11c0:dc::/48 maxlen: 48
2a00:11c0:dd::/48 maxlen: 48
2a00:11c0:de::/48 maxlen: 48
2a00:11c0:1334::/48 maxlen: 48
2a00:11c0:1335::/48 maxlen: 48
2a00:11c0:1798::/48 maxlen: 48
2a00:11c0:179a::/48 maxlen: 48
2a00:11c0:179b::/48 maxlen: 48
2a00:11c0:9021::/48 maxlen: 48
2a01:aea0::/32 maxlen: 32
2a01:aea0::/40 maxlen: 40
2a01:aea0:dd1::/48 maxlen: 48
2a01:aea0:df1::/48 maxlen: 48
2a05:8900:28::/48 maxlen: 48
2a05:8900:36::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:65:2f:09:49:ab:51:73:71:c7:5e:7f:73:9b:65:e1:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Mar 22 08:02:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c28c119f7617d5f0c84d2066c5ec06f0cc9a78e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:10:db:7c:fd:3c:53:df:99:b0:1f:bc:7b:8f:
26:a8:4f:4e:0f:42:88:ee:25:17:c9:c4:8c:8f:bb:
68:bf:41:23:95:ef:25:b8:fb:67:70:91:32:fd:92:
72:b2:ac:d4:3c:85:8f:b2:46:1c:84:44:b9:80:6f:
69:e7:76:12:8f:1e:5e:59:89:62:cd:1e:be:2b:58:
2d:6e:91:74:46:dd:84:a2:2e:fd:d5:a6:fd:a3:01:
63:fc:32:52:91:55:43:37:21:92:c7:8f:f0:55:84:
44:12:e7:b9:95:2f:dd:9a:ef:ad:2f:dc:c2:36:5a:
1f:6e:1d:8c:89:ee:16:e8:30:d6:82:7c:32:b8:79:
21:fc:91:a5:6e:55:2a:55:f4:e7:c1:61:a1:09:a7:
6f:f7:66:4f:fe:4d:72:07:fd:f5:6d:22:64:ac:8f:
4d:0e:a3:ef:35:2a:22:28:89:45:d3:a6:b3:f9:57:
66:43:0e:ec:0f:b1:92:73:8c:99:56:1a:c3:5c:80:
cc:5f:34:c4:8c:b5:2f:0c:0b:e0:c4:c0:d8:e7:a3:
e0:98:b2:cc:ab:44:fa:00:bf:4d:87:9e:d8:9d:62:
92:58:db:8a:95:b7:01:dc:8e:c1:ca:16:74:e3:10:
dd:7e:ab:93:f0:6f:e9:34:a1:68:69:45:ce:33:22:
af:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:8C:11:9F:76:17:D5:F0:C8:4D:20:66:C5:EC:06:F0:CC:9A:78:E9
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/wowRn3YX1fDITSBmxewG8MyaeOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.3.0-37.235.5.255
37.252.224.0/19
45.132.61.0-45.132.63.255
94.16.98.0/24
94.16.100.0/24
94.16.125.0-94.16.126.255
144.208.192.0/18
176.123.54.0/23
178.255.152.0/21
185.2.176.0/22
185.50.232.0/23
185.50.235.0/24
185.81.206.0/24
185.81.209.0/24
185.116.96.0/22
185.228.148.0/22
188.65.72.0/21
188.172.192.0/18
193.33.114.0/23
194.1.206.0/24
213.227.160.0/19
217.146.0.0/19
IPv6:
2a00:11c0::/32
2a01:aea0::/32
2a05:8900:28::/48
2a05:8900:36::/48
Signature Algorithm: sha256WithRSAEncryption
16:07:cd:b7:70:de:be:fe:03:72:14:3b:31:06:10:ec:c3:89:
f2:42:ab:ec:58:c3:7b:21:78:8d:71:22:1e:da:17:ed:46:f9:
22:bf:59:5d:29:1b:ca:88:93:d5:02:c4:62:bd:41:77:1c:bb:
ce:46:87:ed:2b:21:db:9b:bc:2e:2d:b3:92:86:a0:d6:d6:22:
d1:57:c0:06:5a:dc:8d:4c:ba:77:a6:8c:dc:58:ad:63:cc:43:
61:20:e7:d6:58:cc:1f:a6:39:ef:cb:ac:03:14:42:02:33:29:
43:34:3d:e3:1b:ca:35:7d:08:cb:58:a1:26:53:80:10:67:39:
d6:f7:bb:78:6e:9c:84:a6:57:2f:89:01:48:48:d9:da:8a:7e:
9b:94:67:87:0f:f4:5f:77:41:9c:20:7f:0c:fd:42:df:a4:da:
19:a4:8e:b4:46:dc:72:15:3e:5e:82:7e:00:1e:df:30:ad:36:
5b:2e:ba:3c:69:f9:b5:02:76:a9:0a:1c:cf:51:3e:0c:cf:23:
59:1c:58:90:03:d9:06:15:42:c0:d4:63:bf:77:cb:7e:f8:4a:
67:4d:e3:7f:e6:d0:c3:a4:66:d7:44:48:20:64:84:c8:f0:c5:
31:bf:65:18:1a:24:84:9e:a0:13:87:3c:38:a8:f1:ba:c7:e1:
fc:7c:96:86
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAY5lLwlJq1Fzccdef3ObZeGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjQwMzIyMDgwMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjhjMTE5Zjc2MTdkNWYwYzg0ZDIwNjZjNWVjMDZmMGNjOWE3OGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixDbfP08U9+ZsB+8e48mqE9OD0KI
7iUXycSMj7tov0Ejle8luPtncJEy/ZJysqzUPIWPskYchES5gG9p53YSjx5eWYli
zR6+K1gtbpF0Rt2Eoi791ab9owFj/DJSkVVDNyGSx4/wVYREEue5lS/dmu+tL9zC
Nlofbh2Mie4W6DDWgnwyuHkh/JGlblUqVfTnwWGhCadv92ZP/k1yB/31bSJkrI9N
DqPvNSoiKIlF06az+VdmQw7sD7GSc4yZVhrDXIDMXzTEjLUvDAvgxMDY56PgmLLM
q0T6AL9Nh57YnWKSWNuKlbcB3I7ByhZ04xDdfquT8G/pNKFoaUXOMyKvUQIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFMKMEZ92F9XwyE0gZsXsBvDMmnjpMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvd293Um4zWVgxZkRJVFNCbXhld0c4TXlhZU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBowQCAAEwgZwwDAME
ACXrAwMEASXrBAMEBSX84DAMAwQALYQ9AwQGLYQAAwQAXhBiAwQAXhBkMAwDBABe
EH0DBABeEH4DBAaQ0MADBAGwezYDBAOy/5gDBAK5ArADBAG5MugDBAC5MusDBAC5
Uc4DBAC5UdEDBAK5dGADBAK55JQDBAO8QUgDBAa8rMADBAHBIXIDBADCAc4DBAXV
46ADBAXZkgAwJgQCAAIwIAMFACoAEcADBQAqAa6gAwcAKgWJAAAoAwcAKgWJAAA2
MA0GCSqGSIb3DQEBCwUAA4IBAQAWB823cN6+/gNyFDsxBhDsw4nyQqvsWMN7IXiN
cSIe2hftRvkiv1ldKRvKiJPVAsRivUF3HLvORoftKyHbm7wuLbOShqDW1iLRV8AG
WtyNTLp3pozcWK1jzENhIOfWWMwfpjnvy6wDFEICMylDND3jG8o1fQjLWKEmU4AQ
ZznW97t4bpyEplcviQFISNnain6blGeHD/Rfd0GcIH8M/ULfpNoZpI60RtxyFT5e
gn4AHt8wrTZbLro8afm1AnapChzPUT4MzyNZHFiQA9kGFULA1GO/d8t++EpnTeN/
5tDDpGbXREggZITI8MUxv2UYGiSEnqAThzw4qPG6x+H8fJaG
-----END CERTIFICATE-----
Generated at Wed May 8 15:43:25 2024 by rpki-client on console-ams.rpki-client.org