Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mtz6LZbCldPl0c18TyvsmzU2tCY.roa
File: mtz6LZbCldPl0c18TyvsmzU2tCY.roa (raw, json)
Hash identifier: bb7sQ+U6lSBihZ5gRFReNBFpyttxduKJLAbvdAgE7UY=
Subject key identifier: 9A:DC:FA:2D:96:C2:95:D3:E5:D1:CD:7C:4F:2B:EC:9B:35:36:B4:26
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01906B0C7D029B57989279C89E8ADC38C2D3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mtz6LZbCldPl0c18TyvsmzU2tCY.roa
Signing time: Sun 30 Jun 2024 21:28:18 +0000
ROA not before: Sun 30 Jun 2024 21:28:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8851
IP address blocks: 37.98.144.0/21 maxlen: 24
37.98.144.0/22 maxlen: 24
37.252.24.0/21 maxlen: 24
77.107.64.0/18 maxlen: 24
79.99.72.0/21 maxlen: 24
80.240.80.0/20 maxlen: 20
81.5.128.0/18 maxlen: 18
81.168.0.0/17 maxlen: 17
82.152.0.0/15 maxlen: 15
82.152.0.0/16 maxlen: 16
82.163.0.0/19 maxlen: 24
85.159.128.0/21 maxlen: 24
89.31.232.0/21 maxlen: 24
89.213.48.0/20 maxlen: 24
89.213.64.0/18 maxlen: 24
89.213.192.0/18 maxlen: 24
109.176.0.0/16 maxlen: 16
185.20.32.0/22 maxlen: 24
185.20.34.0/24 maxlen: 24
185.20.35.0/24 maxlen: 24
185.24.84.0/22 maxlen: 24
194.105.64.0/19 maxlen: 24
195.128.138.0/24 maxlen: 24
212.38.64.0/19 maxlen: 24
213.130.128.0/19 maxlen: 24
213.152.32.0/19 maxlen: 19
213.210.0.0/18 maxlen: 24
213.218.208.0/20 maxlen: 24
213.218.224.0/19 maxlen: 24
217.144.144.0/20 maxlen: 24
217.145.64.0/20 maxlen: 24
2001:1a90::/32 maxlen: 32
2a00:c60::/32 maxlen: 32
2a02:21f8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6b:0c:7d:02:9b:57:98:92:79:c8:9e:8a:dc:38:c2:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 30 21:28:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9adcfa2d96c295d3e5d1cd7c4f2bec9b3536b426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:52:52:5e:63:00:a3:5b:d4:02:ef:07:1b:7a:
b8:c5:1b:6e:ab:31:a4:94:fa:0e:76:30:21:0a:e5:
d5:88:a0:e0:94:97:a2:24:6f:0a:0f:08:6e:f0:66:
59:18:97:f1:5b:2c:04:f9:f9:05:8d:3c:33:f9:94:
e4:50:08:32:10:16:47:45:11:85:e5:5e:be:5c:c3:
ea:de:6b:75:5a:49:27:4b:92:54:b9:54:0d:d8:e3:
c3:35:13:12:bd:a3:68:99:2b:db:55:bd:d6:f5:f3:
93:81:61:44:55:da:87:68:60:23:80:2e:6a:0c:3e:
94:b4:d0:29:71:59:9f:3d:69:c8:35:d0:3a:19:30:
9b:fe:f7:10:fc:d9:68:6a:c5:4d:f9:f7:69:73:c4:
a9:67:6a:f1:ae:1f:af:79:03:2e:64:cd:2e:ae:d5:
b9:5b:e5:b5:25:17:2b:51:85:69:d8:16:c5:33:d2:
92:cb:ee:cc:a3:ab:fb:8e:3f:0f:07:7d:b3:44:c4:
8c:ba:18:f5:fe:3a:07:1e:4a:66:22:35:56:2a:bf:
52:bc:61:94:09:28:31:6f:07:a9:15:68:52:8a:7c:
b6:6a:93:85:7e:2c:8f:60:fb:a5:9f:70:cd:e2:ef:
72:d3:90:d5:40:8c:2b:c4:1b:f5:db:8f:ea:63:a5:
00:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:DC:FA:2D:96:C2:95:D3:E5:D1:CD:7C:4F:2B:EC:9B:35:36:B4:26
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mtz6LZbCldPl0c18TyvsmzU2tCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.144.0/21
37.252.24.0/21
77.107.64.0/18
79.99.72.0/21
80.240.80.0/20
81.5.128.0/18
81.168.0.0/17
82.152.0.0/15
82.163.0.0/19
85.159.128.0/21
89.31.232.0/21
89.213.48.0-89.213.127.255
89.213.192.0/18
109.176.0.0/16
185.20.32.0/22
185.24.84.0/22
194.105.64.0/19
195.128.138.0/24
212.38.64.0/19
213.130.128.0/19
213.152.32.0/19
213.210.0.0/18
213.218.208.0-213.218.255.255
217.144.144.0/20
217.145.64.0/20
IPv6:
2001:1a90::/32
2a00:c60::/32
2a02:21f8::/32
Signature Algorithm: sha256WithRSAEncryption
7b:c2:63:ee:41:56:da:78:5e:8f:06:d5:dc:b2:57:15:17:19:
71:d5:26:83:e8:1a:15:5c:c9:4f:15:7b:ff:b3:45:00:48:95:
17:ab:b7:32:92:0b:2f:66:69:62:ed:25:1a:23:ab:cd:26:1e:
4d:be:4d:42:f9:71:8a:18:39:ed:9c:5f:da:86:47:40:9a:8d:
39:72:98:96:1e:b5:27:34:ac:00:24:70:44:9e:f8:da:f7:3f:
d7:7d:bd:e8:c5:f1:e4:62:b8:04:f4:7c:cc:7c:a6:b4:fd:21:
28:7d:02:b8:f2:a2:dc:80:7d:9b:6e:b9:58:8c:63:c3:04:44:
d0:e8:71:00:cb:02:f3:62:5f:7a:2f:5f:28:25:d0:1c:21:91:
00:b7:9f:b6:ae:98:e7:bb:74:18:c6:79:dc:5b:ff:44:08:34:
02:37:a4:5a:ec:c7:bd:54:a9:22:f9:5e:ae:f3:3e:96:54:8f:
99:35:74:da:3d:96:2f:22:19:b8:c4:5d:a2:57:a5:f4:5c:0f:
05:c1:f1:66:d9:f5:48:5f:c0:96:5a:cd:ee:0c:95:80:30:55:
85:38:78:76:5b:f1:7d:71:95:e6:a2:25:31:af:9b:d4:b3:da:
ee:e0:e7:bc:a6:89:da:eb:38:b4:70:96:b6:e4:fe:46:6f:0e:
09:50:d3:0c
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZBrDH0Cm1eYknnInorcOMLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjMwMjEyODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWRjZmEyZDk2YzI5NWQzZTVkMWNkN2M0ZjJiZWM5YjM1MzZiNDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01JSXmMAo1vUAu8HG3q4xRtuqzGk
lPoOdjAhCuXViKDglJeiJG8KDwhu8GZZGJfxWywE+fkFjTwz+ZTkUAgyEBZHRRGF
5V6+XMPq3mt1WkknS5JUuVQN2OPDNRMSvaNomSvbVb3W9fOTgWFEVdqHaGAjgC5q
DD6UtNApcVmfPWnINdA6GTCb/vcQ/NloasVN+fdpc8SpZ2rxrh+veQMuZM0urtW5
W+W1JRcrUYVp2BbFM9KSy+7Mo6v7jj8PB32zRMSMuhj1/joHHkpmIjVWKr9SvGGU
CSgxbwepFWhSiny2apOFfiyPYPuln3DN4u9y05DVQIwrxBv124/qY6UAQQIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFJrc+i2WwpXT5dHNfE8r7Js1NrQmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbXR6NkxaYkNsZFBsMGMxOFR5dnNtelUydENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBqgQCAAEwgaMDBAMl
YpADBAMl/BgDBAZNa0ADBANPY0gDBARQ8FADBAZRBYADBAdRqAADAwFSmAMEBVKj
AAMEA1WfgAMEA1kf6DAMAwQEWdUwAwQHWdUAAwQGWdXAAwMAbbADBAK5FCADBAK5
GFQDBAXCaUADBADDgIoDBAXUJkADBAXVgoADBAXVmCADBAbV0gAwCwMEBNXa0AMD
ANXaAwQE2ZCQAwQE2ZFAMBsEAgACMBUDBQAgARqQAwUAKgAMYAMFACoCIfgwDQYJ
KoZIhvcNAQELBQADggEBAHvCY+5BVtp4Xo8G1dyyVxUXGXHVJoPoGhVcyU8Ve/+z
RQBIlRertzKSCy9maWLtJRojq80mHk2+TUL5cYoYOe2cX9qGR0CajTlymJYetSc0
rAAkcESe+Nr3P9d9vejF8eRiuAT0fMx8prT9ISh9ArjyotyAfZtuuViMY8MERNDo
cQDLAvNiX3ovXygl0BwhkQC3n7aumOe7dBjGedxb/0QINAI3pFrsx71UqSL5Xq7z
PpZUj5k1dNo9li8iGbjEXaJXpfRcDwXB8WbZ9UhfwJZaze4MlYAwVYU4eHZb8X1x
leaiJTGvm9Sz2u7g57ymidrrOLRwlrbk/kZvDglQ0ww=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:57:16 2024 by rpki-client on console-fra.rpki-client.org