Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/fiuJ3M9Xd3SbC7lS2_K-QjTpXbE.roa
File: fiuJ3M9Xd3SbC7lS2_K-QjTpXbE.roa (raw, json)
Hash identifier: oGSO/es8lG5p1j+6//6P6n40UM6zrINSfX9PzV4yeDI=
Subject key identifier: 7E:2B:89:DC:CF:57:77:74:9B:0B:B9:52:DB:F2:BE:42:34:E9:5D:B1
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 019353317340D6936CCE499D3086A1B022A0
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/fiuJ3M9Xd3SbC7lS2_K-QjTpXbE.roa
Signing time: Fri 22 Nov 2024 09:26:09 +0000
ROA not before: Fri 22 Nov 2024 09:26:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58272
IP address blocks: 37.18.0.0/24 maxlen: 24
37.18.63.0/24 maxlen: 24
37.18.78.0/24 maxlen: 24
37.230.134.0/24 maxlen: 24
37.230.151.0/24 maxlen: 24
37.230.163.0/24 maxlen: 24
37.230.176.0/24 maxlen: 24
37.230.178.0/24 maxlen: 24
37.230.182.0/24 maxlen: 24
37.230.183.0/24 maxlen: 24
37.230.187.0/24 maxlen: 24
37.230.254.0/24 maxlen: 24
46.243.138.0/24 maxlen: 24
46.243.139.0/24 maxlen: 24
46.243.140.0/24 maxlen: 24
46.243.149.0/24 maxlen: 24
46.243.204.0/24 maxlen: 24
46.243.214.0/24 maxlen: 24
46.243.215.0/24 maxlen: 24
46.243.221.0/24 maxlen: 24
46.243.222.0/24 maxlen: 24
46.243.223.0/24 maxlen: 24
46.243.224.0/24 maxlen: 24
46.243.225.0/24 maxlen: 24
46.243.236.0/24 maxlen: 24
46.243.237.0/24 maxlen: 24
46.243.238.0/24 maxlen: 24
46.243.240.0/24 maxlen: 24
46.243.241.0/24 maxlen: 24
46.243.242.0/24 maxlen: 24
46.243.243.0/24 maxlen: 24
46.243.246.0/24 maxlen: 24
46.243.247.0/24 maxlen: 24
46.243.248.0/24 maxlen: 24
46.243.249.0/24 maxlen: 24
46.243.250.0/24 maxlen: 24
46.243.251.0/24 maxlen: 24
128.0.71.0/24 maxlen: 24
141.101.132.0/24 maxlen: 24
141.101.133.0/24 maxlen: 24
141.101.135.0/24 maxlen: 24
141.101.136.0/24 maxlen: 24
141.101.138.0/23 maxlen: 23
141.101.143.0/24 maxlen: 24
141.101.144.0/24 maxlen: 24
141.101.145.0/24 maxlen: 24
141.101.146.0/24 maxlen: 24
141.101.147.0/24 maxlen: 24
141.101.148.0/24 maxlen: 24
141.101.149.0/24 maxlen: 24
141.101.150.0/24 maxlen: 24
141.101.153.0/24 maxlen: 24
141.101.154.0/24 maxlen: 24
141.101.155.0/24 maxlen: 24
141.101.156.0/24 maxlen: 24
141.101.157.0/24 maxlen: 24
141.101.158.0/24 maxlen: 24
141.101.159.0/24 maxlen: 24
141.101.160.0/24 maxlen: 24
141.101.161.0/24 maxlen: 24
141.101.162.0/24 maxlen: 24
141.101.163.0/24 maxlen: 24
141.101.164.0/24 maxlen: 24
141.101.165.0/24 maxlen: 24
141.101.166.0/24 maxlen: 24
141.101.167.0/24 maxlen: 24
141.101.168.0/24 maxlen: 24
141.101.169.0/24 maxlen: 24
141.101.170.0/24 maxlen: 24
141.101.171.0/24 maxlen: 24
141.101.172.0/24 maxlen: 24
141.101.174.0/24 maxlen: 24
141.101.179.0/24 maxlen: 24
141.101.191.0/24 maxlen: 24
141.101.199.0/24 maxlen: 24
141.101.235.0/24 maxlen: 24
141.101.248.0/24 maxlen: 24
141.101.255.0/24 maxlen: 24
178.170.136.0/24 maxlen: 24
178.170.137.0/24 maxlen: 24
178.170.139.0/24 maxlen: 24
178.170.140.0/24 maxlen: 24
178.170.141.0/24 maxlen: 24
178.170.145.0/24 maxlen: 24
178.170.172.0/24 maxlen: 24
185.4.148.0/24 maxlen: 24
185.4.149.0/24 maxlen: 24
185.4.150.0/24 maxlen: 24
185.4.151.0/24 maxlen: 24
188.72.80.0/24 maxlen: 24
188.72.81.0/24 maxlen: 24
188.72.83.0/24 maxlen: 24
188.72.84.0/24 maxlen: 24
188.72.85.0/24 maxlen: 24
188.72.86.0/24 maxlen: 24
188.72.87.0/24 maxlen: 24
188.72.89.0/24 maxlen: 24
188.72.95.0/24 maxlen: 24
188.72.102.0/24 maxlen: 24
188.72.114.0/24 maxlen: 24
188.72.115.0/24 maxlen: 24
188.72.116.0/24 maxlen: 24
188.72.119.0/24 maxlen: 24
217.150.88.0/24 maxlen: 24
217.150.89.0/24 maxlen: 24
217.150.90.0/24 maxlen: 24
217.150.91.0/24 maxlen: 24
217.150.92.0/24 maxlen: 24
217.150.93.0/24 maxlen: 24
217.150.94.0/24 maxlen: 24
217.150.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:53:31:73:40:d6:93:6c:ce:49:9d:30:86:a1:b0:22:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Nov 22 09:26:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e2b89dccf5777749b0bb952dbf2be4234e95db1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c7:05:ea:1d:5d:b7:92:e2:57:85:b3:68:9b:
75:66:a2:9e:84:41:1c:c6:ba:3d:b7:2d:5c:36:72:
ba:d5:a5:ae:96:ca:fd:f1:58:56:4a:78:b2:e8:4b:
75:66:2c:a5:78:8f:66:07:0c:4d:57:b1:ef:b0:9b:
33:b5:e4:08:55:02:60:e2:e9:1c:29:8c:aa:a1:a7:
3d:d8:7f:29:7e:48:c4:2b:7e:ad:d3:99:57:db:e7:
64:9c:e4:6e:8b:a8:b9:3e:af:9a:31:94:96:76:1e:
e2:37:81:6f:36:e8:ea:08:66:13:2b:a7:04:5a:6b:
a6:6b:59:4b:66:44:86:ea:9b:e1:b7:c4:92:ac:a7:
18:76:56:ee:ba:7b:97:ef:0d:64:3a:50:5a:88:ac:
cf:ab:c6:16:80:03:ce:8b:27:b1:e2:f9:76:54:31:
de:de:b7:e5:cf:2e:9f:f3:c3:c1:19:46:26:86:8d:
4c:b0:f1:e9:cf:bb:43:46:bd:8a:d1:45:a9:5d:0f:
58:3c:3f:a8:f4:76:55:8f:69:6c:37:95:81:39:17:
4c:82:44:ba:0a:a3:35:ae:5b:57:2b:4c:04:be:f8:
b9:b3:da:c5:02:98:bc:91:a7:ba:14:50:e9:05:47:
0e:35:fa:ed:5b:ad:1b:28:b9:45:a7:8c:0c:1f:bd:
06:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:2B:89:DC:CF:57:77:74:9B:0B:B9:52:DB:F2:BE:42:34:E9:5D:B1
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/fiuJ3M9Xd3SbC7lS2_K-QjTpXbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.0.0/24
37.18.63.0/24
37.18.78.0/24
37.230.134.0/24
37.230.151.0/24
37.230.163.0/24
37.230.176.0/24
37.230.178.0/24
37.230.182.0/23
37.230.187.0/24
37.230.254.0/24
46.243.138.0-46.243.140.255
46.243.149.0/24
46.243.204.0/24
46.243.214.0/23
46.243.221.0-46.243.225.255
46.243.236.0-46.243.238.255
46.243.240.0/22
46.243.246.0-46.243.251.255
128.0.71.0/24
141.101.132.0/23
141.101.135.0-141.101.136.255
141.101.138.0/23
141.101.143.0-141.101.150.255
141.101.153.0-141.101.172.255
141.101.174.0/24
141.101.179.0/24
141.101.191.0/24
141.101.199.0/24
141.101.235.0/24
141.101.248.0/24
141.101.255.0/24
178.170.136.0/23
178.170.139.0-178.170.141.255
178.170.145.0/24
178.170.172.0/24
185.4.148.0/22
188.72.80.0/23
188.72.83.0-188.72.87.255
188.72.89.0/24
188.72.95.0/24
188.72.102.0/24
188.72.114.0-188.72.116.255
188.72.119.0/24
217.150.88.0/21
Signature Algorithm: sha256WithRSAEncryption
75:72:57:21:20:f7:b9:8b:71:8f:19:34:e9:45:6d:51:fc:7c:
db:5d:86:5c:5c:58:1a:07:e3:fe:da:c1:b1:a4:2b:9c:05:e9:
f4:9c:7a:20:30:4f:59:26:69:25:5e:f7:83:ec:d0:7f:68:f2:
61:7a:89:2d:40:f9:d0:7a:cf:c0:46:f9:3f:52:5e:29:23:fb:
d5:8c:ff:e9:43:17:a0:4f:b2:a6:a1:3b:00:d3:77:97:40:d0:
46:63:11:b6:29:77:2b:6e:f9:71:35:94:20:3d:99:ca:21:f3:
07:ac:1e:8b:83:78:bf:bf:43:75:5e:18:dd:66:ad:6f:a6:5a:
ea:36:f9:91:9c:f6:ae:e9:a0:72:05:4c:b8:1f:a9:7d:e1:99:
bf:60:1b:8a:2e:c7:84:3a:51:0c:d8:9f:c1:5e:f6:54:d8:b5:
cb:13:69:0f:aa:e3:6c:02:71:ba:50:15:bf:fd:db:01:89:3d:
ac:1c:3f:10:c3:87:e2:36:14:bb:07:6f:13:8b:a9:da:13:46:
ab:98:05:ed:95:6e:63:2e:aa:07:fe:73:04:9e:05:9e:71:91:
c3:eb:fd:af:17:41:54:17:76:19:5f:7f:b2:e8:3c:e8:21:72:
ae:af:4d:e0:75:cb:31:68:4f:88:a4:d2:4e:78:c6:de:6d:51:
ef:bf:c4:53
-----BEGIN CERTIFICATE-----
MIIGXzCCBUegAwIBAgISAZNTMXNA1pNszkmdMIahsCKgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjQxMTIyMDkyNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTJiODlkY2NmNTc3Nzc0OWIwYmI5NTJkYmYyYmU0MjM0ZTk1ZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMcF6h1dt5LiV4WzaJt1ZqKehEEc
xro9ty1cNnK61aWulsr98VhWSniy6Et1ZiyleI9mBwxNV7HvsJszteQIVQJg4ukc
KYyqoac92H8pfkjEK36t05lX2+dknORui6i5Pq+aMZSWdh7iN4FvNujqCGYTK6cE
Wmuma1lLZkSG6pvht8SSrKcYdlbuunuX7w1kOlBaiKzPq8YWgAPOiyex4vl2VDHe
3rflzy6f88PBGUYmho1MsPHpz7tDRr2K0UWpXQ9YPD+o9HZVj2lsN5WBORdMgkS6
CqM1rltXK0wEvvi5s9rFApi8kae6FFDpBUcONfrtW60bKLlFp4wMH70GYQIDAQAB
o4IDazCCA2cwHQYDVR0OBBYEFH4ridzPV3d0mwu5UtvyvkI06V2xMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvZml1SjNNOVhkM1NiQzdsUzJfSy1RalRwWGJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBfwYIKwYBBQUHAQcBAf8EggFuMIIBajCCAWYEAgABMIIB
XgMEACUSAAMEACUSPwMEACUSTgMEACXmhgMEACXmlwMEACXmowMEACXmsAMEACXm
sgMEASXmtgMEACXmuwMEACXm/jAMAwQBLvOKAwQALvOMAwQALvOVAwQALvPMAwQB
LvPWMAwDBAAu890DBAEu8+AwDAMEAi7z7AMEAC7z7gMEAi7z8DAMAwQBLvP2AwQC
LvP4AwQAgABHAwQBjWWEMAwDBACNZYcDBACNZYgDBAGNZYowDAMEAI1ljwMEAI1l
ljAMAwQAjWWZAwQAjWWsAwQAjWWuAwQAjWWzAwQAjWW/AwQAjWXHAwQAjWXrAwQA
jWX4AwQAjWX/AwQBsqqIMAwDBACyqosDBAGyqowDBACyqpEDBACyqqwDBAK5BJQD
BAG8SFAwDAMEALxIUwMEA7xIUAMEALxIWQMEALxIXwMEALxIZjAMAwQBvEhyAwQA
vEh0AwQAvEh3AwQD2ZZYMA0GCSqGSIb3DQEBCwUAA4IBAQB1clchIPe5i3GPGTTp
RW1R/HzbXYZcXFgaB+P+2sGxpCucBen0nHogME9ZJmklXveD7NB/aPJheoktQPnQ
es/ARvk/Ul4pI/vVjP/pQxegT7KmoTsA03eXQNBGYxG2KXcrbvlxNZQgPZnKIfMH
rB6Lg3i/v0N1XhjdZq1vplrqNvmRnPau6aByBUy4H6l94Zm/YBuKLseEOlEM2J/B
XvZU2LXLE2kPquNsAnG6UBW//dsBiT2sHD8Qw4fiNhS7B28Ti6naE0armAXtlW5j
LqoH/nMEngWecZHD6/2vF0FUF3YZX3+y6DzoIXKur03gdcsxaE+IpNJOeMbebVHv
v8RT
-----END CERTIFICATE-----
Generated at Tue Nov 26 05:36:03 2024 by rpki-client on console-ams.rpki-client.org