Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/xM2WiQcPmi2xieicHHI5ljgl8Pw.roa
File: xM2WiQcPmi2xieicHHI5ljgl8Pw.roa (raw, json)
Hash identifier: FfZn5AYD8IG/RFIANCsv0UTVCodDAgWU5WBfvciwcRQ=
Subject key identifier: C4:CD:96:89:07:0F:9A:2D:B1:89:E8:9C:1C:72:39:96:38:25:F0:FC
Certificate issuer: /CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Certificate serial: 018CC86F0A094B7C842454DB0604E5CCD3EA
Authority key identifier: D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/xM2WiQcPmi2xieicHHI5ljgl8Pw.roa
Signing time: Tue 02 Jan 2024 04:29:29 +0000
ROA not before: Tue 02 Jan 2024 04:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49544
IP address blocks: 185.41.140.0/22 maxlen: 22
213.179.192.0/19 maxlen: 19
213.179.192.0/22 maxlen: 22
213.179.196.0/22 maxlen: 22
91.216.207.0/24 maxlen: 24
188.122.64.0/19 maxlen: 24
91.198.152.0/24 maxlen: 24
185.52.12.0/22 maxlen: 24
213.163.64.0/19 maxlen: 24
185.50.104.0/22 maxlen: 22
162.245.204.0/22 maxlen: 22
5.200.0.0/19 maxlen: 24
185.179.202.0/23 maxlen: 24
213.179.204.0/22 maxlen: 22
213.179.200.0/22 maxlen: 22
185.179.200.0/23 maxlen: 24
213.179.210.0/23 maxlen: 23
213.179.209.0/24 maxlen: 24
213.179.212.0/22 maxlen: 22
213.179.216.0/22 maxlen: 22
213.179.220.0/22 maxlen: 22
212.19.224.0/22 maxlen: 22
146.247.76.0/22 maxlen: 22
109.200.192.0/19 maxlen: 24
109.200.194.0/23 maxlen: 23
109.200.208.0/22 maxlen: 22
162.244.52.0/22 maxlen: 23
185.197.24.0/22 maxlen: 23
193.43.218.0/23 maxlen: 23
104.153.84.0/22 maxlen: 22
5.180.218.0/23 maxlen: 23
5.180.216.0/23 maxlen: 23
31.204.132.0/22 maxlen: 22
31.204.128.0/19 maxlen: 24
31.204.136.0/23 maxlen: 23
138.128.136.0/22 maxlen: 22
91.195.234.0/23 maxlen: 23
138.128.140.0/22 maxlen: 22
2a01:9580::/32 maxlen: 34
2a01:9580:c000::/34 maxlen: 34
2a04:c600::/29 maxlen: 34
2a00:1630::/29 maxlen: 32
2a00:1631::/32 maxlen: 32
2a00:1637::/32 maxlen: 32
2a00:1d26::/32 maxlen: 34
2a00:1630::/32 maxlen: 48
2a00:1632::/32 maxlen: 32
2a00:1d20::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.mft
rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 10:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:0a:09:4b:7c:84:24:54:db:06:04:e5:cc:d3:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Validity
Not Before: Jan 2 04:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4cd9689070f9a2db189e89c1c7239963825f0fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6d:6c:4b:8f:a0:30:d0:f7:9b:ed:86:c5:55:
1a:63:6a:e7:10:ad:45:b7:da:89:78:e0:2b:9e:5e:
c8:af:a2:a3:f7:d1:19:8c:2b:45:8e:db:56:93:0c:
27:33:e3:41:69:2d:9d:d3:5f:7d:9d:6b:e8:39:3f:
dc:1d:89:85:ac:fe:dd:48:be:b3:61:bd:79:21:ba:
99:31:28:aa:67:da:cb:70:c6:d6:98:d3:63:73:eb:
1c:c7:49:40:d7:1f:f5:7d:8a:53:f0:e2:8a:f7:94:
c0:c2:3b:24:bd:b3:5a:54:22:cc:d1:a2:ee:a4:50:
2f:85:e3:d9:8c:0e:c8:81:53:3d:81:66:02:49:20:
fa:8b:33:34:36:7b:5e:1a:68:07:34:3d:8e:1c:af:
59:31:07:b2:28:6d:c5:e5:c7:27:b6:da:2e:f1:27:
7d:61:31:06:6e:70:e2:af:ef:dd:7c:6a:7a:fe:63:
75:2f:f1:59:59:88:90:bc:c0:a7:d4:6a:78:e6:7f:
3c:f5:e3:4c:b4:1e:24:3f:5f:e1:22:be:3a:5f:46:
bf:d4:d4:f9:ae:bf:f3:d6:99:2e:f3:17:8c:fb:2f:
2c:f2:7c:60:28:08:7a:0b:53:07:eb:3c:2e:02:12:
6a:38:aa:03:05:67:7d:2a:3a:d4:3f:45:17:c8:e2:
84:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:CD:96:89:07:0F:9A:2D:B1:89:E8:9C:1C:72:39:96:38:25:F0:FC
X509v3 Authority Key Identifier:
keyid:D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/xM2WiQcPmi2xieicHHI5ljgl8Pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.216.0/22
5.200.0.0/19
31.204.128.0/19
91.195.234.0/23
91.198.152.0/24
91.216.207.0/24
104.153.84.0/22
109.200.192.0/19
138.128.136.0/21
146.247.76.0/22
162.244.52.0/22
162.245.204.0/22
185.41.140.0/22
185.50.104.0/22
185.52.12.0/22
185.179.200.0/22
185.197.24.0/22
188.122.64.0/19
193.43.218.0/23
212.19.224.0/22
213.163.64.0/19
213.179.192.0/19
IPv6:
2a00:1630::/29
2a00:1d20::/29
2a01:9580::/32
2a04:c600::/29
Signature Algorithm: sha256WithRSAEncryption
8d:8b:1d:de:3a:55:56:20:ee:ea:d6:01:7a:85:99:49:02:ee:
72:dd:bc:5d:9d:43:ea:81:13:53:fa:c0:96:9b:e1:d3:01:42:
55:4b:9b:40:6f:b8:ad:c4:30:83:19:71:3a:6a:41:37:46:bc:
51:16:69:0e:d7:a6:33:c6:7e:7f:bd:88:6a:52:83:3d:5d:6a:
c0:31:f1:ae:09:aa:5c:8d:88:5e:88:4b:eb:b3:82:76:0c:f0:
58:2d:10:4e:15:1b:50:e7:58:c4:27:42:b9:35:fc:a0:1d:d3:
af:fb:57:69:a4:aa:c2:22:41:4e:56:1f:d0:33:e9:b6:27:5d:
07:7b:e4:7e:64:ca:74:e9:3c:2f:f7:a2:15:9f:5e:5e:52:9b:
41:25:55:b6:dc:70:0c:67:e1:23:61:1d:d9:d0:de:d6:23:be:
50:fb:af:38:fe:ba:57:28:74:51:0a:4b:06:d3:d3:42:97:cb:
06:47:d5:87:df:ca:c5:be:9a:9a:23:5b:b3:84:ac:7a:5e:2c:
84:a8:07:4a:05:29:48:f8:03:a5:89:64:de:f0:51:81:46:15:
f8:bf:b9:b6:96:8d:b3:e7:fe:11:b1:08:ad:ca:29:36:96:15:
39:c7:33:c5:b0:bc:43:c5:e2:2f:b7:fd:20:b0:f1:5a:68:8a:
cf:f1:d1:79
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYzIbwoJS3yEJFTbBgTlzNPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTcwM2RiMzAyMGNjMWVmMmZkNzEwOTFhNDY4ZjRhNjQ5
YzIzOGYwHhcNMjQwMTAyMDQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGNkOTY4OTA3MGY5YTJkYjE4OWU4OWMxYzcyMzk5NjM4MjVmMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlW1sS4+gMND3m+2GxVUaY2rnEK1F
t9qJeOArnl7Ir6Kj99EZjCtFjttWkwwnM+NBaS2d0199nWvoOT/cHYmFrP7dSL6z
Yb15IbqZMSiqZ9rLcMbWmNNjc+scx0lA1x/1fYpT8OKK95TAwjskvbNaVCLM0aLu
pFAvhePZjA7IgVM9gWYCSSD6izM0NnteGmgHND2OHK9ZMQeyKG3F5ccnttou8Sd9
YTEGbnDir+/dfGp6/mN1L/FZWYiQvMCn1Gp45n889eNMtB4kP1/hIr46X0a/1NT5
rr/z1pku8xeM+y8s8nxgKAh6C1MH6zwuAhJqOKoDBWd9KjrUP0UXyOKEgQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFMTNlokHD5otsYnonBxyOZY4JfD8MB8GA1UdIwQY
MBaAFNQXA9swIMwe8v1xCRpGj0pknCOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYt
NDhkMzFjNzVmMzFlLzEveE0yV2lRY1BtaTJ4aWVpY0hISTVsamdsOFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYtNDhkMzFjNzVmMzFl
LzEvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBiwQCAAEwgYQDBAIF
tNgDBAUFyAADBAUfzIADBAFbw+oDBABbxpgDBABb2M8DBAJomVQDBAVtyMADBAOK
gIgDBAKS90wDBAKi9DQDBAKi9cwDBAK5KYwDBAK5MmgDBAK5NAwDBAK5s8gDBAK5
xRgDBAW8ekADBAHBK9oDBALUE+ADBAXVo0ADBAXVs8AwIgQCAAIwHAMFAyoAFjAD
BQMqAB0gAwUAKgGVgAMFAyoExgAwDQYJKoZIhvcNAQELBQADggEBAI2LHd46VVYg
7urWAXqFmUkC7nLdvF2dQ+qBE1P6wJab4dMBQlVLm0BvuK3EMIMZcTpqQTdGvFEW
aQ7XpjPGfn+9iGpSgz1dasAx8a4JqlyNiF6IS+uzgnYM8FgtEE4VG1DnWMQnQrk1
/KAd06/7V2mkqsIiQU5WH9Az6bYnXQd75H5kynTpPC/3ohWfXl5Sm0ElVbbccAxn
4SNhHdnQ3tYjvlD7rzj+ulcodFEKSwbT00KXywZH1YffysW+mpojW7OErHpeLISo
B0oFKUj4A6WJZN7wUYFGFfi/ubaWjbPn/hGxCK3KKTaWFTnHM8WwvEPF4i+3/SCw
8Vpois/x0Xk=
-----END CERTIFICATE-----
Generated at Fri May 24 15:42:49 2024 by rpki-client on console-ams.rpki-client.org