Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/408667-0b39-4da0-9aa0-3cc11bc9d594/1/x39qnzs02y47G1ShkhVGs_sXytk.roa
File: x39qnzs02y47G1ShkhVGs_sXytk.roa (raw, json)
Hash identifier: 1Tt9jhYfaHE1e23w0ws+tA+J7p3u13ih0BAoZNO+j6E=
Subject key identifier: C7:7F:6A:9F:3B:34:DB:2E:3B:1B:54:A1:92:15:46:B3:FB:17:CA:D9
Certificate issuer: /CN=d00ba633f1e9824076d161a983d8b8e881263982
Certificate serial: 018CCA99D8F5D68160FC56ED13059310379C
Authority key identifier: D0:0B:A6:33:F1:E9:82:40:76:D1:61:A9:83:D8:B8:E8:81:26:39:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0AumM_HpgkB20WGpg9i46IEmOYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/408667-0b39-4da0-9aa0-3cc11bc9d594/1/x39qnzs02y47G1ShkhVGs_sXytk.roa
Signing time: Tue 02 Jan 2024 14:35:29 +0000
ROA not before: Tue 02 Jan 2024 14:35:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8818
IP address blocks: 46.243.151.0/24 maxlen: 24
128.0.70.0/24 maxlen: 24
185.57.160.0/22 maxlen: 22
178.170.132.0/22 maxlen: 22
37.230.214.0/23 maxlen: 23
37.230.216.0/22 maxlen: 22
37.230.220.0/23 maxlen: 23
194.177.224.0/19 maxlen: 19
178.170.199.0/24 maxlen: 24
188.72.71.0/24 maxlen: 24
178.170.202.0/24 maxlen: 24
178.170.200.0/22 maxlen: 22
178.170.203.0/24 maxlen: 24
178.170.204.0/23 maxlen: 23
178.170.210.0/23 maxlen: 23
178.170.212.0/22 maxlen: 22
37.230.164.0/22 maxlen: 22
178.170.216.0/24 maxlen: 24
88.83.0.0/19 maxlen: 19
37.18.44.0/22 maxlen: 22
178.170.147.0/24 maxlen: 24
178.170.160.0/22 maxlen: 22
88.83.24.0/21 maxlen: 21
2a00:1fa8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/408667-0b39-4da0-9aa0-3cc11bc9d594/1/0AumM_HpgkB20WGpg9i46IEmOYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/408667-0b39-4da0-9aa0-3cc11bc9d594/1/0AumM_HpgkB20WGpg9i46IEmOYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/0AumM_HpgkB20WGpg9i46IEmOYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 07:02:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:d8:f5:d6:81:60:fc:56:ed:13:05:93:10:37:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00ba633f1e9824076d161a983d8b8e881263982
Validity
Not Before: Jan 2 14:35:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c77f6a9f3b34db2e3b1b54a1921546b3fb17cad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:04:ec:e4:f0:20:2e:63:2a:4c:c8:9f:69:a1:
50:57:bd:21:db:fc:ed:0c:d0:fa:ec:c8:bc:1f:fd:
ee:b0:78:63:3e:61:68:0f:24:fa:69:49:ac:d4:41:
b8:39:20:8f:71:3d:32:0f:0f:a6:b9:80:a4:e7:a3:
39:68:bd:47:b3:c8:55:0c:2f:ac:21:3b:bd:f9:87:
2e:cc:88:4a:13:80:1f:17:f3:e2:0d:ac:a5:56:00:
18:d0:08:c0:a2:44:05:1b:3a:ea:ff:25:cc:0a:0b:
45:a0:7d:19:5d:29:9c:7d:e4:09:c6:53:2c:53:28:
cf:6d:ee:2c:d4:23:25:07:7e:26:a4:b1:42:12:29:
ed:d4:7c:8f:29:a8:be:ac:cb:10:75:76:7e:9f:7a:
d9:8b:d5:ee:4b:3f:f1:bf:c6:2a:09:c9:72:0a:e0:
05:0a:ee:93:81:2e:81:8a:79:eb:1f:a4:8e:46:de:
7d:eb:0d:62:8d:d8:bf:2e:0b:4d:11:64:56:48:9f:
9a:d1:dd:39:3d:61:4b:93:12:75:bb:aa:22:59:b3:
d6:87:da:9b:48:a7:cb:9b:a3:4b:89:53:bf:c4:97:
2c:ff:50:9c:f2:10:7a:d0:a9:9e:22:9c:38:21:32:
37:d7:d8:58:b5:c5:61:8a:2c:43:b2:21:05:e6:ef:
be:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:7F:6A:9F:3B:34:DB:2E:3B:1B:54:A1:92:15:46:B3:FB:17:CA:D9
X509v3 Authority Key Identifier:
keyid:D0:0B:A6:33:F1:E9:82:40:76:D1:61:A9:83:D8:B8:E8:81:26:39:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AumM_HpgkB20WGpg9i46IEmOYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/408667-0b39-4da0-9aa0-3cc11bc9d594/1/x39qnzs02y47G1ShkhVGs_sXytk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/408667-0b39-4da0-9aa0-3cc11bc9d594/1/0AumM_HpgkB20WGpg9i46IEmOYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.44.0/22
37.230.164.0/22
37.230.214.0-37.230.221.255
46.243.151.0/24
88.83.0.0/19
128.0.70.0/24
178.170.132.0/22
178.170.147.0/24
178.170.160.0/22
178.170.199.0-178.170.205.255
178.170.210.0-178.170.216.255
185.57.160.0/22
188.72.71.0/24
194.177.224.0/19
IPv6:
2a00:1fa8::/32
Signature Algorithm: sha256WithRSAEncryption
4c:86:83:7c:cb:89:18:5d:98:95:06:10:e2:83:58:6a:0e:0a:
2b:8f:49:cc:64:9a:fb:30:28:26:f3:29:a2:3e:78:03:e6:2f:
c6:69:0a:68:b6:d4:51:e8:59:63:d7:ee:8f:03:67:cf:1e:53:
e4:1b:a6:9c:6d:bb:9a:a7:46:3e:8b:2e:3f:c8:66:fe:9f:16:
6d:8c:64:3c:a8:bf:57:2a:25:6b:b9:3e:f1:ea:75:50:07:a2:
4e:eb:11:32:73:d2:a9:4f:11:2e:04:e4:5c:b6:8e:ca:bd:4d:
2b:23:7c:f6:06:00:cf:3d:5e:aa:69:14:cf:f0:05:d5:79:0a:
60:5f:8b:0d:ce:1e:93:14:7c:77:0a:f0:fb:cb:3a:ab:1e:d1:
6f:19:31:20:67:b0:40:42:92:0d:d2:24:98:e8:b3:19:83:c6:
aa:e2:14:ce:63:bd:77:9a:4f:d5:ae:a5:54:9a:b9:4e:f4:8e:
d8:2b:06:e1:4c:c9:e8:fb:41:b5:5b:6a:4a:80:d5:cf:37:87:
d6:f4:94:11:d5:b5:44:95:be:94:01:cb:b3:b2:b3:cf:97:13:
68:26:00:d1:cc:fc:8a:a1:b4:12:98:de:9d:d6:48:0b:7d:b2:
00:06:80:82:1c:53:3d:a9:4c:ce:70:9a:e9:6e:41:5b:b9:76:
91:fc:63:f1
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYzKmdj11oFg/FbtEwWTEDecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGJhNjMzZjFlOTgyNDA3NmQxNjFhOTgzZDhiOGU4ODEy
NjM5ODIwHhcNMjQwMTAyMTQzNTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzdmNmE5ZjNiMzRkYjJlM2IxYjU0YTE5MjE1NDZiM2ZiMTdjYWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQTs5PAgLmMqTMifaaFQV70h2/zt
DND67Mi8H/3usHhjPmFoDyT6aUms1EG4OSCPcT0yDw+muYCk56M5aL1Hs8hVDC+s
ITu9+YcuzIhKE4AfF/PiDaylVgAY0AjAokQFGzrq/yXMCgtFoH0ZXSmcfeQJxlMs
UyjPbe4s1CMlB34mpLFCEint1HyPKai+rMsQdXZ+n3rZi9XuSz/xv8YqCclyCuAF
Cu6TgS6BinnrH6SORt596w1ijdi/LgtNEWRWSJ+a0d05PWFLkxJ1u6oiWbPWh9qb
SKfLm6NLiVO/xJcs/1Cc8hB60KmeIpw4ITI319hYtcVhiixDsiEF5u++lQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFMd/ap87NNsuOxtUoZIVRrP7F8rZMB8GA1UdIwQY
MBaAFNALpjPx6YJAdtFhqYPYuOiBJjmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEF1bU1fSHBna0IyMFdHcGc5aTQ2SUVtT1lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80MDg2NjctMGIzOS00ZGEwLTlhYTAt
M2NjMTFiYzlkNTk0LzEveDM5cW56czAyeTQ3RzFTaGtoVkdzX3NYeXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80MDg2NjctMGIzOS00ZGEwLTlhYTAtM2NjMTFiYzlkNTk0
LzEvMEF1bU1fSHBna0IyMFdHcGc5aTQ2SUVtT1lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQCJRIs
AwQCJeakMAwDBAEl5tYDBAEl5twDBAAu85cDBAVYUwADBACAAEYDBAKyqoQDBACy
qpMDBAKyqqAwDAMEALKqxwMEAbKqzDAMAwQBsqrSAwQAsqrYAwQCuTmgAwQAvEhH
AwQFwrHgMA0EAgACMAcDBQAqAB+oMA0GCSqGSIb3DQEBCwUAA4IBAQBMhoN8y4kY
XZiVBhDig1hqDgorj0nMZJr7MCgm8ymiPngD5i/GaQpottRR6Flj1+6PA2fPHlPk
G6acbbuap0Y+iy4/yGb+nxZtjGQ8qL9XKiVruT7x6nVQB6JO6xEyc9KpTxEuBORc
to7KvU0rI3z2BgDPPV6qaRTP8AXVeQpgX4sNzh6TFHx3CvD7yzqrHtFvGTEgZ7BA
QpIN0iSY6LMZg8aq4hTOY713mk/VrqVUmrlO9I7YKwbhTMno+0G1W2pKgNXPN4fW
9JQR1bVElb6UAcuzsrPPlxNoJgDRzPyKobQSmN6d1kgLfbIABoCCHFM9qUzOcJrp
bkFbuXaR/GPx
-----END CERTIFICATE-----
Generated at Thu May 23 14:07:36 2024 by rpki-client on console-ams.rpki-client.org