Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/cLUo_2VhPxkq0M0Z6ddXrv-jO2I.roa
File: cLUo_2VhPxkq0M0Z6ddXrv-jO2I.roa (raw, json)
Hash identifier: bGLgXGDM0rPSzEjiIvttzeM9TwFiFW3XOo6CXAxMLqg=
Subject key identifier: 70:B5:28:FF:65:61:3F:19:2A:D0:CD:19:E9:D7:57:AE:FF:A3:3B:62
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 018DA64B7F725A801288437E9EE745A592B1
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/cLUo_2VhPxkq0M0Z6ddXrv-jO2I.roa
Signing time: Wed 14 Feb 2024 06:26:22 +0000
ROA not before: Wed 14 Feb 2024 06:26:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59504
IP address blocks: 45.142.208.0/24 maxlen: 24
45.142.209.0/24 maxlen: 24
45.142.211.0/24 maxlen: 24
45.151.136.0/22 maxlen: 22
45.151.136.0/24 maxlen: 24
45.151.137.0/24 maxlen: 24
80.76.40.0/24 maxlen: 24
84.54.37.0/24 maxlen: 24
84.54.39.0/24 maxlen: 24
95.215.108.0/23 maxlen: 23
95.215.110.0/23 maxlen: 23
185.118.64.0/22 maxlen: 22
185.118.64.0/24 maxlen: 24
185.118.65.0/24 maxlen: 24
185.118.66.0/23 maxlen: 23
185.118.66.0/24 maxlen: 24
185.118.67.0/24 maxlen: 24
185.156.176.0/22 maxlen: 22
185.156.176.0/24 maxlen: 24
185.156.177.0/24 maxlen: 24
185.156.178.0/23 maxlen: 23
185.156.178.0/24 maxlen: 24
185.156.179.0/24 maxlen: 24
185.177.113.0/24 maxlen: 24
185.177.115.0/24 maxlen: 24
185.197.72.0/24 maxlen: 24
185.197.73.0/24 maxlen: 24
185.220.32.0/24 maxlen: 24
185.220.33.0/24 maxlen: 24
185.220.34.0/24 maxlen: 24
185.220.35.0/24 maxlen: 24
185.230.140.0/23 maxlen: 23
185.230.142.0/24 maxlen: 24
185.246.116.0/24 maxlen: 24
185.246.117.0/24 maxlen: 24
185.246.119.0/24 maxlen: 24
185.254.188.0/24 maxlen: 24
185.254.189.0/24 maxlen: 24
185.254.190.0/24 maxlen: 24
193.38.232.0/23 maxlen: 23
193.38.234.0/24 maxlen: 24
194.113.104.0/24 maxlen: 24
194.113.104.114/32 maxlen: 32
194.113.107.0/24 maxlen: 24
2a05:fb41::/32 maxlen: 32
2a05:fb42::/32 maxlen: 32
2a05:fb44::/32 maxlen: 32
2a05:fb45::/32 maxlen: 32
2a07:14c0::/48 maxlen: 48
2a07:14c0:1::/48 maxlen: 48
2a07:14c0:1000::/36 maxlen: 36
2a07:14c0:3000::/36 maxlen: 36
2a07:14c0:4000::/36 maxlen: 36
2a07:14c0:5000::/36 maxlen: 36
2a07:14c0:6000::/36 maxlen: 36
2a07:14c0:d000::/36 maxlen: 36
2a07:14c1::/32 maxlen: 32
2a07:14c2::/32 maxlen: 32
2a07:14c6::/32 maxlen: 32
2a07:14c7::/32 maxlen: 32
2a0a:4780::/32 maxlen: 32
2a0a:4781::/32 maxlen: 32
2a0a:4782::/32 maxlen: 32
2a0a:4783::/32 maxlen: 32
2a0a:4784::/32 maxlen: 32
2a0a:4785::/32 maxlen: 32
2a0c:2103::/32 maxlen: 32
2a0c:5241::/32 maxlen: 32
2a0c:5245::/32 maxlen: 32
2a0c:5247:7000::/36 maxlen: 36
2a0c:5247:c000::/36 maxlen: 36
2a0c:5247:d000::/36 maxlen: 36
2a0c:5247:e000::/36 maxlen: 36
2a0c:5247:f000::/36 maxlen: 36
2a0d:60c0::/32 maxlen: 32
2a0d:60c1::/32 maxlen: 32
2a0d:60c3::/32 maxlen: 32
2a0d:7740::/32 maxlen: 32
2a0d:7747::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a6:4b:7f:72:5a:80:12:88:43:7e:9e:e7:45:a5:92:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Feb 14 06:26:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70b528ff65613f192ad0cd19e9d757aeffa33b62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fe:84:33:85:dd:32:53:cd:c3:f8:7f:1e:bd:
15:33:40:d3:c5:98:d9:07:83:df:91:37:cb:d7:60:
a7:f7:66:a6:32:f0:ce:0e:92:6c:4f:ad:31:7f:a4:
31:6c:48:9c:67:b0:dd:bc:49:c8:19:df:dd:26:ad:
63:13:04:ea:2e:a0:9f:39:27:a7:bf:30:1f:00:01:
3f:1e:69:14:1c:b6:6d:1a:b5:2a:57:50:c5:13:1a:
8b:2a:87:4c:b1:1a:c0:46:b2:bd:98:ec:30:f5:03:
92:c8:e2:aa:ee:88:c6:68:18:d3:14:b9:a9:37:0e:
2d:ae:97:82:9c:ac:fc:b4:96:b4:d8:a6:86:0f:00:
6c:1d:87:31:70:58:11:61:83:3a:43:ac:4c:6d:15:
22:7c:f7:0d:b9:bb:87:9c:0c:8d:32:4a:da:dc:fc:
6c:2b:e6:c5:eb:b6:5c:f2:60:fa:08:f9:f1:4f:1a:
6f:be:ce:b1:ee:f3:22:73:8c:13:42:b7:bd:3f:d8:
54:88:3c:f2:56:eb:5b:0b:2a:9f:46:02:ac:f7:a8:
2b:40:0b:fb:0d:ae:88:ee:78:d8:39:3c:6f:53:e0:
ac:50:18:07:5a:23:7b:0a:78:67:54:86:24:1f:b9:
00:38:42:64:d6:23:da:70:18:41:bf:c4:32:af:a9:
51:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B5:28:FF:65:61:3F:19:2A:D0:CD:19:E9:D7:57:AE:FF:A3:3B:62
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/cLUo_2VhPxkq0M0Z6ddXrv-jO2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.208.0/23
45.142.211.0/24
45.151.136.0/22
80.76.40.0/24
84.54.37.0/24
84.54.39.0/24
95.215.108.0/22
185.118.64.0/22
185.156.176.0/22
185.177.113.0/24
185.177.115.0/24
185.197.72.0/23
185.220.32.0/22
185.230.140.0-185.230.142.255
185.246.116.0/23
185.246.119.0/24
185.254.188.0-185.254.190.255
193.38.232.0-193.38.234.255
194.113.104.0/24
194.113.107.0/24
IPv6:
2a05:fb41::-2a05:fb42:ffff:ffff:ffff:ffff:ffff:ffff
2a05:fb44::/31
2a07:14c0::/47
2a07:14c0:1000::/36
2a07:14c0:3000::-2a07:14c0:6fff:ffff:ffff:ffff:ffff:ffff
2a07:14c0:d000::/36
2a07:14c1::-2a07:14c2:ffff:ffff:ffff:ffff:ffff:ffff
2a07:14c6::/31
2a0a:4780::-2a0a:4785:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:2103::/32
2a0c:5241::/32
2a0c:5245::/32
2a0c:5247:7000::/36
2a0c:5247:c000::/34
2a0d:60c0::/31
2a0d:60c3::/32
2a0d:7740::/32
2a0d:7747::/32
Signature Algorithm: sha256WithRSAEncryption
96:dc:e0:64:29:77:6b:96:1c:c0:7d:65:d4:76:df:c0:a4:16:
24:ab:af:2d:9b:cb:1d:2d:07:9a:f5:5f:ca:01:aa:9b:b9:d5:
cc:ac:22:85:b5:79:ca:63:1e:57:d6:87:55:51:47:38:21:bf:
e5:36:7e:73:c3:0a:d7:9b:23:6e:db:1c:47:02:16:c1:a0:2e:
f4:d6:36:7e:c6:6d:ab:62:66:73:1e:25:fc:da:4a:70:8a:65:
2e:be:82:35:90:12:00:57:0c:25:f7:71:16:e6:b4:cd:f1:c7:
9e:dd:2b:ac:b4:8e:22:c3:b4:d9:59:0c:a8:06:0b:26:44:6a:
53:4e:8c:e8:71:e3:88:64:f8:99:5d:65:34:b5:05:ed:58:3c:
9c:b8:f7:75:ed:65:02:56:a5:df:95:3b:cb:a9:1e:a0:e3:12:
b2:6e:be:ef:fa:3a:33:a6:9f:7d:bc:ff:6e:34:8b:0c:9c:e8:
77:b1:df:cd:0e:07:80:4e:4b:00:9d:2b:d5:35:be:08:77:66:
3e:3c:81:40:e2:22:31:a8:d4:19:87:0a:5b:2b:89:a1:31:12:
20:4e:b2:5d:de:9d:c7:e8:78:35:e1:2f:82:73:8c:b0:83:fe:
70:3c:32:f9:93:63:6c:18:55:1e:da:65:d0:4e:5c:23:23:4b:
ed:96:e2:7e
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgISAY2mS39yWoASiEN+nudFpZKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQwMjE0MDYyNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGI1MjhmZjY1NjEzZjE5MmFkMGNkMTllOWQ3NTdhZWZmYTMzYjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/6EM4XdMlPNw/h/Hr0VM0DTxZjZ
B4PfkTfL12Cn92amMvDODpJsT60xf6QxbEicZ7DdvEnIGd/dJq1jEwTqLqCfOSen
vzAfAAE/HmkUHLZtGrUqV1DFExqLKodMsRrARrK9mOww9QOSyOKq7ojGaBjTFLmp
Nw4trpeCnKz8tJa02KaGDwBsHYcxcFgRYYM6Q6xMbRUifPcNubuHnAyNMkra3Pxs
K+bF67Zc8mD6CPnxTxpvvs6x7vMic4wTQre9P9hUiDzyVutbCyqfRgKs96grQAv7
Da6I7njYOTxvU+CsUBgHWiN7CnhnVIYkH7kAOEJk1iPacBhBv8Qyr6lRxwIDAQAB
o4IDTzCCA0swHQYDVR0OBBYEFHC1KP9lYT8ZKtDNGenXV67/oztiMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvY0xVb18yVmhQeGtxME0wWjZkZFhydi1qTzJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYwYIKwYBBQUHAQcBAf8EggFSMIIBTjCBlwQCAAEwgZAD
BAEtjtADBAAtjtMDBAItl4gDBABQTCgDBABUNiUDBABUNicDBAJf12wDBAK5dkAD
BAK5nLADBAC5sXEDBAC5sXMDBAG5xUgDBAK53CAwDAMEArnmjAMEALnmjgMEAbn2
dAMEALn2dzAMAwQCuf68AwQAuf6+MAwDBAPBJugDBADBJuoDBADCcWgDBADCcWsw
gbEEAgACMIGqMA4DBQAqBftBAwUAKgX7QgMFASoF+0QDBwEqBxTAAAADBgQqBxTA
EDAQAwYEKgcUwDADBgQqBxTAYAMGBCoHFMDQMA4DBQAqBxTBAwUAKgcUwgMFASoH
FMYwDgMFByoKR4ADBQEqCkeEAwUAKgwhAwMFACoMUkEDBQAqDFJFAwYEKgxSR3AD
BgYqDFJHwAMFASoNYMADBQAqDWDDAwUAKg13QAMFACoNd0cwDQYJKoZIhvcNAQEL
BQADggEBAJbc4GQpd2uWHMB9ZdR238CkFiSrry2byx0tB5r1X8oBqpu51cysIoW1
ecpjHlfWh1VRRzghv+U2fnPDCtebI27bHEcCFsGgLvTWNn7GbatiZnMeJfzaSnCK
ZS6+gjWQEgBXDCX3cRbmtM3xx57dK6y0jiLDtNlZDKgGCyZEalNOjOhx44hk+Jld
ZTS1Be1YPJy493XtZQJWpd+VO8upHqDjErJuvu/6OjOmn328/240iwyc6Hex380O
B4BOSwCdK9U1vgh3Zj48gUDiIjGo1BmHClsriaExEiBOsl3encfoeDXhL4JzjLCD
/nA8MvmTY2wYVR7aZdBOXCMjS+2W4n4=
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:23:26 2024 by rpki-client on console-fra.rpki-client.org