Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/Nd5lQA3WrMonE0kfxhm4SJGwS64.roa
File: Nd5lQA3WrMonE0kfxhm4SJGwS64.roa (raw, json)
Hash identifier: 5HYJkZQCEswBAIjnfrh1B5F2cBrpYSuuZeP4bcEjvTA=
Subject key identifier: 35:DE:65:40:0D:D6:AC:CA:27:13:49:1F:C6:19:B8:48:91:B0:4B:AE
Certificate issuer: /CN=662f55d377127f28ce26b78fd83becf41becad4b
Certificate serial: 018CC7261886E16088EC3FBCA85F0B75338A
Authority key identifier: 66:2F:55:D3:77:12:7F:28:CE:26:B7:8F:D8:3B:EC:F4:1B:EC:AD:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/Nd5lQA3WrMonE0kfxhm4SJGwS64.roa
Signing time: Mon 01 Jan 2024 22:30:11 +0000
ROA not before: Mon 01 Jan 2024 22:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49683
IP address blocks: 185.122.164.0/24 maxlen: 24
185.122.165.0/24 maxlen: 24
185.122.166.0/24 maxlen: 24
185.122.167.0/24 maxlen: 24
185.168.192.0/24 maxlen: 24
185.168.193.0/24 maxlen: 24
185.168.194.0/24 maxlen: 24
185.168.195.0/24 maxlen: 24
185.85.240.0/24 maxlen: 24
185.85.243.0/24 maxlen: 24
185.85.241.0/24 maxlen: 24
185.85.242.0/24 maxlen: 24
31.25.234.0/24 maxlen: 24
185.184.68.0/24 maxlen: 24
185.184.69.0/24 maxlen: 24
185.184.70.0/24 maxlen: 24
185.184.71.0/24 maxlen: 24
185.116.236.0/24 maxlen: 24
185.116.237.0/24 maxlen: 24
185.116.239.0/24 maxlen: 24
185.44.64.0/24 maxlen: 24
185.44.65.0/24 maxlen: 24
185.44.66.0/24 maxlen: 24
185.44.67.0/24 maxlen: 24
185.189.58.0/24 maxlen: 24
185.189.56.0/24 maxlen: 24
185.189.57.0/24 maxlen: 24
185.189.59.0/24 maxlen: 24
2a0a:2f00:1::/48 maxlen: 48
2a0a:2f00:3::/48 maxlen: 48
2a0a:2f00:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/Zi9V03cSfyjOJreP2Dvs9BvsrUs.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/Zi9V03cSfyjOJreP2Dvs9BvsrUs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:18:86:e1:60:88:ec:3f:bc:a8:5f:0b:75:33:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=662f55d377127f28ce26b78fd83becf41becad4b
Validity
Not Before: Jan 1 22:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35de65400dd6acca2713491fc619b84891b04bae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:fc:3f:67:bd:2f:be:7a:09:30:9a:02:85:40:
8e:60:8d:ca:a8:05:60:6b:7a:93:0d:9e:b8:51:4d:
4a:ad:86:60:1f:e7:7a:d0:38:01:e4:4b:5f:37:54:
e2:ad:11:d5:e4:6b:83:82:76:bf:e4:b8:40:ae:36:
70:2c:e7:33:14:02:57:7a:a3:5e:1f:5b:62:96:cd:
58:68:30:13:31:33:56:c2:25:7e:e1:95:8c:5f:7b:
d0:20:d3:1b:17:c5:ca:c0:b1:fd:7b:80:77:bb:89:
70:ef:d6:d1:38:5a:58:86:7b:dd:41:33:af:36:5b:
0d:b3:c0:1d:8b:37:62:3c:a6:2d:aa:74:6e:b2:8b:
73:c4:f3:20:36:a2:77:c8:39:5a:48:6f:24:79:58:
5e:b8:17:09:77:f0:33:4d:3b:99:43:cc:c6:3d:66:
72:f3:02:cf:cb:a4:e9:3f:96:55:e1:cc:07:63:02:
2c:5f:90:5a:bb:c9:32:4e:b7:46:e1:c7:6d:28:e2:
92:41:03:2e:0e:62:c6:36:8d:eb:98:84:cd:82:ce:
a2:01:3d:80:9d:02:b9:64:7d:be:d0:79:b1:73:41:
e2:53:84:4c:9c:45:ad:38:4a:68:b0:db:e0:50:f0:
34:96:e1:87:4c:6b:97:d3:a5:d1:0f:7a:e6:1a:c6:
cb:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DE:65:40:0D:D6:AC:CA:27:13:49:1F:C6:19:B8:48:91:B0:4B:AE
X509v3 Authority Key Identifier:
keyid:66:2F:55:D3:77:12:7F:28:CE:26:B7:8F:D8:3B:EC:F4:1B:EC:AD:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/Nd5lQA3WrMonE0kfxhm4SJGwS64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/Zi9V03cSfyjOJreP2Dvs9BvsrUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.234.0/24
185.44.64.0/22
185.85.240.0/22
185.116.236.0/23
185.116.239.0/24
185.122.164.0/22
185.168.192.0/22
185.184.68.0/22
185.189.56.0/22
IPv6:
2a0a:2f00:1::-2a0a:2f00:3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a8:45:c9:fa:19:24:36:7b:67:fa:b2:d0:c3:f7:d5:08:7f:d6:
c8:7d:09:f5:ef:00:24:ea:a9:22:3e:6c:f2:75:52:d6:c2:8b:
0b:f9:90:e4:27:1d:2a:b3:94:6b:9b:78:0f:cd:68:a4:86:ac:
f0:43:a9:ff:07:17:2b:38:cf:d3:e4:87:9c:96:f9:d4:0c:2c:
a0:d1:59:9d:6c:28:f7:12:5a:e3:6c:98:ce:10:5b:92:7a:8c:
3b:d0:65:24:9e:45:37:7f:3c:ae:07:51:9e:b3:12:0c:83:af:
13:1a:22:e7:b7:df:97:23:bd:1f:c5:90:c1:60:c0:05:35:8c:
af:91:35:c0:43:2e:07:bd:3c:e5:22:c6:dd:42:d2:69:f3:6f:
7b:34:9a:5f:be:12:a3:c2:d9:ad:56:12:73:4c:49:42:aa:c0:
55:4f:75:61:01:e7:74:76:30:34:61:36:a9:a6:5f:70:02:d7:
e2:7a:d0:73:27:69:02:c3:e2:ec:44:67:30:d3:87:6f:f7:0f:
ce:1d:8e:3f:8a:aa:49:81:30:06:6a:5e:e7:6f:53:72:71:ef:
86:81:d0:bf:10:1f:8d:e8:9d:78:0e:21:d8:c9:44:f2:98:36:
1f:68:4f:d7:20:76:ff:7d:20:e9:2e:97:8b:f2:29:e0:f7:77:
d9:22:41:b8
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYzHJhiG4WCI7D+8qF8LdTOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MmY1NWQzNzcxMjdmMjhjZTI2Yjc4ZmQ4M2JlY2Y0MWJl
Y2FkNGIwHhcNMjQwMTAxMjIzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWRlNjU0MDBkZDZhY2NhMjcxMzQ5MWZjNjE5Yjg0ODkxYjA0YmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Pw/Z70vvnoJMJoChUCOYI3KqAVg
a3qTDZ64UU1KrYZgH+d60DgB5EtfN1TirRHV5GuDgna/5LhArjZwLOczFAJXeqNe
H1tils1YaDATMTNWwiV+4ZWMX3vQINMbF8XKwLH9e4B3u4lw79bROFpYhnvdQTOv
NlsNs8AdizdiPKYtqnRusotzxPMgNqJ3yDlaSG8keVheuBcJd/AzTTuZQ8zGPWZy
8wLPy6TpP5ZV4cwHYwIsX5Bau8kyTrdG4cdtKOKSQQMuDmLGNo3rmITNgs6iAT2A
nQK5ZH2+0Hmxc0HiU4RMnEWtOEposNvgUPA0luGHTGuX06XRD3rmGsbLcQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFDXeZUAN1qzKJxNJH8YZuEiRsEuuMB8GA1UdIwQY
MBaAFGYvVdN3En8ozia3j9g77PQb7K1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmk5VjAzY1NmeWpPSnJlUDJEdnM5QnZzclVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zODhjNzAtZTRjNy00MjBkLTgxODgt
OGJlMTQ2MjUzMzU2LzEvTmQ1bFFBM1dyTW9uRTBrZnhobTRTSkd3UzY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zODhjNzAtZTRjNy00MjBkLTgxODgtOGJlMTQ2MjUzMzU2
LzEvWmk5VjAzY1NmeWpPSnJlUDJEdnM5QnZzclVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjA8BAIAATA2AwQAHxnqAwQC
uSxAAwQCuVXwAwQBuXTsAwQAuXTvAwQCuXqkAwQCuajAAwQCubhEAwQCub04MBoE
AgACMBQwEgMHACoKLwAAAQMHAioKLwAAADANBgkqhkiG9w0BAQsFAAOCAQEAqEXJ
+hkkNntn+rLQw/fVCH/WyH0J9e8AJOqpIj5s8nVS1sKLC/mQ5CcdKrOUa5t4D81o
pIas8EOp/wcXKzjP0+SHnJb51AwsoNFZnWwo9xJa42yYzhBbknqMO9BlJJ5FN388
rgdRnrMSDIOvExoi57fflyO9H8WQwWDABTWMr5E1wEMuB7085SLG3ULSafNvezSa
X74So8LZrVYSc0xJQqrAVU91YQHndHYwNGE2qaZfcALX4nrQcydpAsPi7ERnMNOH
b/cPzh2OP4qqSYEwBmpe529TcnHvhoHQvxAfjeideA4h2MlE8pg2H2hP1yB2/30g
6S6Xi/Ip4Pd32SJBuA==
-----END CERTIFICATE-----
Generated at Mon May 20 05:21:42 2024 by rpki-client on console-ams.rpki-client.org