Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/H2bDtkwfftiC1Y6tqE-HE2cdN3Y.roa
File: H2bDtkwfftiC1Y6tqE-HE2cdN3Y.roa (raw, json)
Hash identifier: 4/vGWf1uLPc4pnM7663q0gu32KePNEgaYYHoqd8ZgMA=
Subject key identifier: 1F:66:C3:B6:4C:1F:7E:D8:82:D5:8E:AD:A8:4F:87:13:67:1D:37:76
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 018CC3B74285C33018AB1A388350909BEDD4
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/H2bDtkwfftiC1Y6tqE-HE2cdN3Y.roa
Signing time: Mon 01 Jan 2024 06:30:16 +0000
ROA not before: Mon 01 Jan 2024 06:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15774
IP address blocks: 178.76.216.0/21 maxlen: 21
178.76.214.0/24 maxlen: 24
178.76.224.0/19 maxlen: 24
178.76.234.0/24 maxlen: 24
185.43.86.0/23 maxlen: 32
83.234.240.0/21 maxlen: 21
178.76.194.0/23 maxlen: 23
178.76.196.0/22 maxlen: 22
178.76.205.0/24 maxlen: 24
178.76.208.0/23 maxlen: 23
178.76.210.0/23 maxlen: 23
178.76.207.0/24 maxlen: 24
178.76.212.0/24 maxlen: 24
62.33.122.0/23 maxlen: 32
83.234.54.0/24 maxlen: 32
83.234.136.0/23 maxlen: 23
83.234.168.0/23 maxlen: 32
91.204.96.0/22 maxlen: 32
37.61.176.0/21 maxlen: 32
31.216.170.0/24 maxlen: 24
46.166.65.0/24 maxlen: 24
109.233.172.0/22 maxlen: 32
83.234.10.0/24 maxlen: 24
81.18.128.0/19 maxlen: 32
89.186.234.0/24 maxlen: 24
46.166.80.0/23 maxlen: 24
46.166.84.0/22 maxlen: 23
46.226.240.0/21 maxlen: 32
46.166.80.0/24 maxlen: 24
46.166.79.0/24 maxlen: 24
46.166.83.0/24 maxlen: 24
46.166.82.0/24 maxlen: 24
46.166.81.0/24 maxlen: 24
46.166.88.0/23 maxlen: 23
46.166.91.0/24 maxlen: 24
46.166.95.0/24 maxlen: 24
46.166.94.0/24 maxlen: 24
46.166.93.0/24 maxlen: 24
81.4.192.0/18 maxlen: 32
176.104.160.0/22 maxlen: 22
176.104.164.0/22 maxlen: 22
46.20.64.0/20 maxlen: 32
176.104.128.0/21 maxlen: 21
176.104.152.0/22 maxlen: 22
185.6.236.0/22 maxlen: 32
176.104.156.0/22 maxlen: 22
176.125.64.0/18 maxlen: 18
185.61.24.0/22 maxlen: 32
46.182.128.0/22 maxlen: 22
46.182.131.0/24 maxlen: 24
2a03:3700::/36 maxlen: 128
2a03:3700:2000::/36 maxlen: 128
2a03:3700:6000::/36 maxlen: 128
2a03:3700:1000::/36 maxlen: 128
2a03:3700:4000::/36 maxlen: 128
2a03:3700:3000::/36 maxlen: 128
2a03:3700:5000::/36 maxlen: 128
2a03:3700:7000::/36 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.mft
rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:42:85:c3:30:18:ab:1a:38:83:50:90:9b:ed:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: Jan 1 06:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f66c3b64c1f7ed882d58eada84f8713671d3776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:94:31:9f:1a:a6:9d:87:bf:a5:93:4a:5c:8d:
54:4d:83:2d:de:48:d3:ce:57:51:3b:79:5c:c2:d3:
d8:23:52:8e:a9:28:47:75:a3:97:6c:d4:c0:cc:b6:
82:17:05:95:06:c8:5d:c7:6b:15:d0:8e:18:88:b8:
e9:04:f8:2b:bd:0b:a3:7a:e9:8c:13:02:d0:31:4b:
20:56:19:0b:09:b6:68:fe:c4:79:f8:fb:f9:eb:5a:
55:25:19:2d:5d:68:3e:ad:c2:53:b8:b7:6c:de:18:
1d:fe:89:9b:91:f5:6c:46:d8:1a:59:27:3f:c5:11:
dd:a6:11:87:13:33:15:a6:85:3f:84:c7:1f:53:01:
dd:31:d8:89:8d:1e:d3:fc:57:b8:df:e7:4c:4f:e2:
73:5b:66:0a:64:91:48:e3:93:8e:5e:29:e9:b5:fa:
78:6c:e0:8b:2c:64:a7:e2:25:01:ca:93:46:1e:3a:
1a:0d:d4:d6:ad:32:77:c5:ff:82:ca:d2:ae:51:b7:
98:0f:29:31:ac:c5:49:59:ea:a8:72:08:04:f5:b3:
94:a4:c1:a6:29:13:e7:38:ac:e0:8f:1b:15:fc:5e:
f5:c2:45:64:d7:4e:cd:f8:6e:f9:c3:78:f4:80:23:
4d:e5:09:e8:13:a6:13:d3:14:62:41:b1:25:79:74:
8c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:66:C3:B6:4C:1F:7E:D8:82:D5:8E:AD:A8:4F:87:13:67:1D:37:76
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/H2bDtkwfftiC1Y6tqE-HE2cdN3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.170.0/24
37.61.176.0/21
46.20.64.0/20
46.166.65.0/24
46.166.79.0-46.166.89.255
46.166.91.0/24
46.166.93.0-46.166.95.255
46.182.128.0/22
46.226.240.0/21
62.33.122.0/23
81.4.192.0/18
81.18.128.0/19
83.234.10.0/24
83.234.54.0/24
83.234.136.0/23
83.234.168.0/23
83.234.240.0/21
89.186.234.0/24
91.204.96.0/22
109.233.172.0/22
176.104.128.0/21
176.104.152.0-176.104.167.255
176.125.64.0/18
178.76.194.0-178.76.199.255
178.76.205.0/24
178.76.207.0-178.76.212.255
178.76.214.0/24
178.76.216.0-178.76.255.255
185.6.236.0/22
185.43.86.0/23
185.61.24.0/22
IPv6:
2a03:3700::/33
Signature Algorithm: sha256WithRSAEncryption
b0:bd:60:3d:21:46:43:83:0b:9c:f5:25:47:81:9b:5a:54:33:
41:51:63:61:e0:2d:32:1c:b3:d1:70:4b:ce:8c:78:bf:fc:44:
4c:93:24:45:41:2f:dd:f0:dc:6f:5c:86:59:e1:d2:ae:34:1b:
34:b7:8c:a8:56:69:c0:4c:d7:dd:b3:90:24:82:db:88:3e:9d:
e2:e0:25:5c:91:82:90:64:de:32:eb:40:fa:63:1d:72:d6:f3:
7e:75:cd:07:4b:db:38:d3:4e:a7:21:63:5b:63:4a:70:9c:b3:
7b:28:23:1f:10:93:a3:cc:52:15:74:b4:e8:74:50:88:a7:0a:
06:c7:c2:cd:28:54:83:14:ce:da:bc:90:5a:57:b8:08:7f:6d:
21:f9:e9:e0:a8:8e:85:4a:cd:a0:e0:0b:fb:f4:9b:e9:1e:f6:
7a:3d:a1:51:80:ab:56:f3:c1:88:a2:72:95:ee:f3:ba:0e:b7:
5e:f3:41:c0:0e:cf:4a:89:5f:98:16:8a:56:30:64:70:c8:de:
69:59:9e:cf:ad:5a:32:ce:d8:df:bc:60:ab:0a:c2:20:07:b2:
30:47:b0:ae:69:f1:d6:12:74:ce:99:23:f2:a7:73:b4:57:f6:
59:d6:c6:2c:10:2e:51:76:8f:f6:37:67:42:a0:a0:cb:86:ba:
9b:11:0d:32
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgISAYzDt0KFwzAYqxo4g1CQm+3UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYWM4MzBjY2FhNzQ3ODNkZDk2MWZhYjI0MWEyMjhkN2Nj
NmY4MDgwHhcNMjQwMTAxMDYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjY2YzNiNjRjMWY3ZWQ4ODJkNThlYWRhODRmODcxMzY3MWQzNzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJQxnxqmnYe/pZNKXI1UTYMt3kjT
zldRO3lcwtPYI1KOqShHdaOXbNTAzLaCFwWVBshdx2sV0I4YiLjpBPgrvQujeumM
EwLQMUsgVhkLCbZo/sR5+Pv561pVJRktXWg+rcJTuLds3hgd/ombkfVsRtgaWSc/
xRHdphGHEzMVpoU/hMcfUwHdMdiJjR7T/Fe43+dMT+JzW2YKZJFI45OOXinptfp4
bOCLLGSn4iUBypNGHjoaDdTWrTJ3xf+CytKuUbeYDykxrMVJWeqocggE9bOUpMGm
KRPnOKzgjxsV/F71wkVk107N+G75w3j0gCNN5QnoE6YT0xRiQbEleXSMtQIDAQAB
o4IDBDCCAwAwHQYDVR0OBBYEFB9mw7ZMH37YgtWOrahPhxNnHTd2MB8GA1UdIwQY
MBaAFK2sgwzKp0eD3ZYfqyQaIo18xvgIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgt
OTI5ZjdkNjM1ZjRiLzEvSDJiRHRrd2ZmdGlDMVk2dHFFLUhFMmNkTjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgtOTI5ZjdkNjM1ZjRi
LzEvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGAYIKwYBBQUHAQcBAf8EggEHMIIBAzCB8AQCAAEwgekD
BAAf2KoDBAMlPbADBAQuFEADBAAupkEwDAMEAC6mTwMEAS6mWAMEAC6mWzAMAwQA
LqZdAwQFLqZAAwQCLraAAwQDLuLwAwQBPiF6AwQGUQTAAwQFURKAAwQAU+oKAwQA
U+o2AwQBU+qIAwQBU+qoAwQDU+rwAwQAWbrqAwQCW8xgAwQCbemsAwQDsGiAMAwD
BAOwaJgDBAOwaKADBAawfUAwDAMEAbJMwgMEA7JMwAMEALJMzTAMAwQAskzPAwQA
skzUAwQAskzWMAsDBAOyTNgDAwCyTAMEArkG7AMEAbkrVgMEArk9GDAOBAIAAjAI
AwYHKgM3AAAwDQYJKoZIhvcNAQELBQADggEBALC9YD0hRkODC5z1JUeBm1pUM0FR
Y2HgLTIcs9FwS86MeL/8REyTJEVBL93w3G9chlnh0q40GzS3jKhWacBM192zkCSC
24g+neLgJVyRgpBk3jLrQPpjHXLW8351zQdL2zjTTqchY1tjSnCcs3soIx8Qk6PM
UhV0tOh0UIinCgbHws0oVIMUztq8kFpXuAh/bSH56eCojoVKzaDgC/v0m+ke9no9
oVGAq1bzwYiicpXu87oOt17zQcAOz0qJX5gWilYwZHDI3mlZns+tWjLO2N+8YKsK
wiAHsjBHsK5p8dYSdM6ZI/Knc7RX9lnWxiwQLlF2j/Y3Z0KgoMuGupsRDTI=
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:59:29 2024 by rpki-client on console-ams.rpki-client.org