Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/AdtMRb4NpawraVHI4pDua9Jtbgs.roa
File: AdtMRb4NpawraVHI4pDua9Jtbgs.roa (raw, json)
Hash identifier: VGw1Lr2or2lT8UnCm7Vk0UQkS2TIHcmD1YI5hvO8M90=
Subject key identifier: 01:DB:4C:45:BE:0D:A5:AC:2B:69:51:C8:E2:90:EE:6B:D2:6D:6E:0B
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 01935410D6D78DADFDBA99D1EA309E7F33A9
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/AdtMRb4NpawraVHI4pDua9Jtbgs.roa
Signing time: Fri 22 Nov 2024 13:30:09 +0000
ROA not before: Fri 22 Nov 2024 13:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 5.45.64.0/21 maxlen: 21
5.45.72.0/22 maxlen: 22
5.45.76.0/22 maxlen: 22
5.45.84.0/22 maxlen: 22
5.45.88.0/22 maxlen: 22
5.45.92.0/22 maxlen: 22
5.61.48.0/22 maxlen: 22
5.61.52.0/22 maxlen: 22
5.61.56.0/22 maxlen: 22
37.1.200.0/21 maxlen: 21
37.1.216.0/21 maxlen: 21
37.252.3.0/24 maxlen: 24
37.252.13.0/24 maxlen: 24
37.252.14.0/23 maxlen: 23
45.136.48.0/22 maxlen: 22
45.137.212.0/24 maxlen: 24
45.137.213.0/24 maxlen: 24
45.137.214.0/24 maxlen: 24
46.102.106.0/24 maxlen: 24
62.197.45.0/24 maxlen: 24
62.197.48.0/23 maxlen: 23
82.117.242.0/23 maxlen: 23
85.90.208.0/24 maxlen: 24
89.187.73.0/24 maxlen: 24
176.97.79.0/24 maxlen: 24
176.98.40.0/24 maxlen: 24
185.109.48.0/24 maxlen: 24
185.238.168.0/23 maxlen: 23
185.238.170.0/23 maxlen: 23
188.116.21.0/24 maxlen: 24
188.116.23.0/24 maxlen: 24
188.116.24.0/24 maxlen: 24
188.116.25.0/24 maxlen: 24
188.116.26.0/24 maxlen: 24
188.116.27.0/24 maxlen: 24
195.54.174.0/23 maxlen: 23
213.142.146.0/23 maxlen: 23
2a02:c6c1:2::/48 maxlen: 48
2a02:c6c1:3::/48 maxlen: 48
2a02:c6c1:10::/48 maxlen: 48
2a02:c6c1:151::/48 maxlen: 48
2a02:c6c1:152::/48 maxlen: 48
2a02:c6c1:153::/48 maxlen: 48
2a02:c6c1:154::/48 maxlen: 48
2a02:c6c1:155::/48 maxlen: 48
2a02:c6c1:156::/48 maxlen: 48
2a02:c6c2::/32 maxlen: 32
2a02:c6c3::/32 maxlen: 32
2a02:c6c7::/32 maxlen: 32
2a0c:6740::/29 maxlen: 29
2a0c:6741::/32 maxlen: 32
2a0e:92c0::/29 maxlen: 29
2a0e:9a40::/29 maxlen: 29
2a0e:a7c0::/29 maxlen: 29
2a0f:4b40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:54:10:d6:d7:8d:ad:fd:ba:99:d1:ea:30:9e:7f:33:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Nov 22 13:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01db4c45be0da5ac2b6951c8e290ee6bd26d6e0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e9:77:e2:e6:25:f3:4b:05:97:65:3a:de:92:
5b:12:79:4a:fe:06:da:0e:9c:e5:1e:3c:fe:05:2e:
0a:f2:4d:af:45:40:8a:a0:31:7c:da:95:a1:8b:f7:
b2:b4:2b:5a:99:d0:22:d7:b6:76:08:e4:6f:76:b5:
dd:f0:70:39:56:7b:ed:d7:6c:f0:fc:2d:d8:27:c8:
c0:ed:19:7b:5e:27:90:dc:81:70:f0:40:8f:4c:f8:
3b:be:91:29:38:6e:45:ab:c6:5a:0a:a0:91:ac:aa:
1f:e2:28:ca:f0:2d:e5:60:26:7c:87:3f:69:36:69:
a7:c6:5c:0d:96:50:40:0e:39:1a:87:df:b7:6e:3e:
7e:9c:7f:35:b4:ab:6e:6a:43:be:4f:59:a6:92:73:
f8:86:e5:52:0c:52:6f:49:59:fd:76:e2:0f:56:81:
c8:58:06:19:4e:06:8c:79:7b:87:2f:6d:87:c0:db:
12:5e:b0:cd:84:76:23:37:92:c5:b8:f3:e9:9a:58:
7c:81:4c:e5:06:a5:3b:ab:d9:86:fb:32:ca:2f:b4:
cd:35:e5:04:5d:ae:11:2e:a4:81:24:00:4a:15:a0:
46:e2:8b:64:f7:ba:63:99:b2:46:6f:2c:70:ba:9f:
e2:a7:9e:cd:20:c9:a6:ae:b1:3b:62:03:b6:fc:a6:
2c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:DB:4C:45:BE:0D:A5:AC:2B:69:51:C8:E2:90:EE:6B:D2:6D:6E:0B
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/AdtMRb4NpawraVHI4pDua9Jtbgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.64.0/20
5.45.84.0-5.45.95.255
5.61.48.0-5.61.59.255
37.1.200.0/21
37.1.216.0/21
37.252.3.0/24
37.252.13.0-37.252.15.255
45.136.48.0/22
45.137.212.0-45.137.214.255
46.102.106.0/24
62.197.45.0/24
62.197.48.0/23
82.117.242.0/23
85.90.208.0/24
89.187.73.0/24
176.97.79.0/24
176.98.40.0/24
185.109.48.0/24
185.238.168.0/22
188.116.21.0/24
188.116.23.0-188.116.27.255
195.54.174.0/23
213.142.146.0/23
IPv6:
2a02:c6c1:2::/47
2a02:c6c1:10::/48
2a02:c6c1:151::-2a02:c6c1:156:ffff:ffff:ffff:ffff:ffff
2a02:c6c2::/31
2a02:c6c7::/32
2a0c:6740::/29
2a0e:92c0::/29
2a0e:9a40::/29
2a0e:a7c0::/29
2a0f:4b40::/29
Signature Algorithm: sha256WithRSAEncryption
0c:50:2f:94:55:88:b0:e5:48:26:30:d4:d7:bb:4c:cc:40:54:
b5:33:72:9d:1d:64:92:ff:63:e9:40:bc:ca:6e:dd:76:a9:11:
3b:76:66:65:93:de:c5:e9:19:c9:e4:48:d9:90:2a:b0:30:7e:
f7:d2:c3:54:b6:34:4a:f9:2d:89:24:62:70:fd:7c:6b:53:f0:
57:94:27:83:79:eb:33:be:7c:5a:b3:a1:09:4e:0d:8e:5e:cf:
6b:b1:9b:18:cd:f4:17:2b:c8:4e:6e:c3:df:4b:fb:59:11:76:
48:2c:ce:ec:a0:1c:a6:02:bd:63:8c:7d:91:b4:a7:f9:5c:6e:
8c:a5:12:71:5e:69:17:86:f3:8a:71:07:e5:fe:3f:6d:73:72:
eb:c5:b3:7f:c8:45:0a:b3:86:e0:23:99:a4:5d:84:db:c9:47:
d7:1d:e6:8e:5e:ae:97:87:51:ce:bd:c8:92:7e:41:f2:22:f4:
8a:a5:30:e1:70:d2:a6:97:c6:02:73:a0:21:ea:56:08:89:02:
60:2c:f2:a9:54:aa:da:67:92:06:59:ed:01:16:42:82:1f:46:
18:cc:43:7b:2c:ad:10:9d:b0:d0:66:49:aa:64:34:09:d7:eb:
22:48:3f:84:21:73:72:34:21:97:ea:94:52:6a:b5:3c:18:2a:
06:d8:60:3d
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgISAZNUENbXja39upnR6jCefzOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjQxMTIyMTMzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWRiNGM0NWJlMGRhNWFjMmI2OTUxYzhlMjkwZWU2YmQyNmQ2ZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ul34uYl80sFl2U63pJbEnlK/gba
DpzlHjz+BS4K8k2vRUCKoDF82pWhi/eytCtamdAi17Z2CORvdrXd8HA5Vnvt12zw
/C3YJ8jA7Rl7XieQ3IFw8ECPTPg7vpEpOG5Fq8ZaCqCRrKof4ijK8C3lYCZ8hz9p
NmmnxlwNllBADjkah9+3bj5+nH81tKtuakO+T1mmknP4huVSDFJvSVn9duIPVoHI
WAYZTgaMeXuHL22HwNsSXrDNhHYjN5LFuPPpmlh8gUzlBqU7q9mG+zLKL7TNNeUE
Xa4RLqSBJABKFaBG4otk97pjmbJGbyxwup/ip57NIMmmrrE7YgO2/KYsQwIDAQAB
o4IDHDCCAxgwHQYDVR0OBBYEFAHbTEW+DaWsK2lRyOKQ7mvSbW4LMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvQWR0TVJiNE5wYXdyYVZISTRwRHVhOUp0YmdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMAYIKwYBBQUHAQcBAf8EggEfMIIBGzCBuQQCAAEwgbID
BAQFLUAwDAMEAgUtVAMEBQUtQDAMAwQEBT0wAwQCBT04AwQDJQHIAwQDJQHYAwQA
JfwDMAwDBAAl/A0DBAQl/AADBAItiDAwDAMEAi2J1AMEAC2J1gMEAC5magMEAD7F
LQMEAT7FMAMEAVJ18gMEAFVa0AMEAFm7SQMEALBhTwMEALBiKAMEALltMAMEArnu
qAMEALx0FTAMAwQAvHQXAwQCvHQYAwQBwzauAwQB1Y6SMF0EAgACMFcDBwEqAsbB
AAIDBwAqAsbBABAwEgMHACoCxsEBUQMHACoCxsEBVgMFASoCxsIDBQAqAsbHAwUD
KgxnQAMFAyoOksADBQMqDppAAwUDKg6nwAMFAyoPS0AwDQYJKoZIhvcNAQELBQAD
ggEBAAxQL5RViLDlSCYw1Ne7TMxAVLUzcp0dZJL/Y+lAvMpu3XapETt2ZmWT3sXp
GcnkSNmQKrAwfvfSw1S2NEr5LYkkYnD9fGtT8FeUJ4N56zO+fFqzoQlODY5ez2ux
mxjN9BcryE5uw99L+1kRdkgszuygHKYCvWOMfZG0p/lcboylEnFeaReG84pxB+X+
P21zcuvFs3/IRQqzhuAjmaRdhNvJR9cd5o5erpeHUc69yJJ+QfIi9IqlMOFw0qaX
xgJzoCHqVgiJAmAs8qlUqtpnkgZZ7QEWQoIfRhjMQ3ssrRCdsNBmSapkNAnX6yJI
P4Qhc3I0IZfqlFJqtTwYKgbYYD0=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:03:17 2024 by rpki-client on console-ams.rpki-client.org