Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/AD73zcflifL_ZZqm4RNUMOYpEqw.roa
File: AD73zcflifL_ZZqm4RNUMOYpEqw.roa (raw, json)
Hash identifier: hFtilUw44DlpAq74gRsBa3y8kaHlO/y2zBKyKjlfHD8=
Subject key identifier: 00:3E:F7:CD:C7:E5:89:F2:FF:65:9A:A6:E1:13:54:30:E6:29:12:AC
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 018F1FDA896E2BBBF39A36DB8A1DE4141F7D
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/AD73zcflifL_ZZqm4RNUMOYpEqw.roa
Signing time: Sat 27 Apr 2024 13:59:26 +0000
ROA not before: Sat 27 Apr 2024 13:59:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 37.221.124.0/22 maxlen: 24
45.67.228.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.230.0/24 maxlen: 24
45.67.231.0/24 maxlen: 24
45.120.176.0/22 maxlen: 24
62.3.12.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
74.119.193.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.206.0/24 maxlen: 24
86.104.72.0/22 maxlen: 24
89.221.224.0/24 maxlen: 24
89.221.225.0/24 maxlen: 24
91.194.161.0/24 maxlen: 24
91.225.217.0/24 maxlen: 24
91.225.218.0/24 maxlen: 24
91.225.219.0/24 maxlen: 24
103.35.188.0/22 maxlen: 24
103.106.0.0/22 maxlen: 24
103.113.68.0/22 maxlen: 24
103.231.72.0/22 maxlen: 24
176.120.64.0/22 maxlen: 24
176.120.64.0/24 maxlen: 24
176.120.72.0/22 maxlen: 24
185.234.56.0/22 maxlen: 24
185.234.64.0/22 maxlen: 24
185.235.240.0/22 maxlen: 24
185.236.232.0/22 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.85.0/24 maxlen: 24
185.242.86.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
185.250.149.0/24 maxlen: 24
185.250.150.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
193.203.202.0/24 maxlen: 24
194.246.114.0/24 maxlen: 24
194.246.115.0/24 maxlen: 24
195.42.232.0/22 maxlen: 24
195.149.87.0/24 maxlen: 24
213.159.64.0/21 maxlen: 24
2a09:7c40::/32 maxlen: 32
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
2a09:7c43::/32 maxlen: 32
2a09:7c44::/32 maxlen: 32
2a09:7c45::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
2a09:7c47::/32 maxlen: 32
2a11:3805::/32 maxlen: 32
2a11:3c02::/32 maxlen: 32
2a11:3c03::/32 maxlen: 32
2a14:2d80::/32 maxlen: 32
2a14:2d81::/32 maxlen: 32
2a14:2d82::/32 maxlen: 32
2a14:2e80::/32 maxlen: 32
2a14:2f80::/32 maxlen: 32
2a14:3080::/32 maxlen: 32
2a14:3880::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1f:da:89:6e:2b:bb:f3:9a:36:db:8a:1d:e4:14:1f:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Apr 27 13:59:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=003ef7cdc7e589f2ff659aa6e1135430e62912ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:77:88:94:b7:62:c3:cf:e0:81:7e:01:e8:47:
18:0e:3a:a1:f0:b8:33:a7:bb:16:40:20:9b:ab:e1:
88:e4:41:52:92:1f:b0:56:19:0f:73:bf:d3:38:e4:
71:43:c2:7b:bf:a2:53:e2:46:2d:e8:77:e0:45:9e:
37:85:86:45:ab:8e:b4:04:6a:6b:f9:d0:1e:c6:55:
9e:7b:40:71:76:f3:c6:59:95:e4:81:05:ac:cb:d9:
8b:ed:e8:36:52:72:77:03:4b:83:53:19:4a:df:fb:
1d:36:a3:a3:16:95:db:3e:63:bd:86:79:ab:e7:a8:
87:56:c8:5e:d1:c4:f9:ef:be:1e:bf:12:ac:55:4d:
92:8b:a5:bd:a3:ad:2a:49:c9:5c:8e:35:da:12:8f:
d7:1b:54:74:4d:88:cf:63:5a:10:2c:ed:a1:95:ca:
7c:06:32:48:c0:c2:99:15:89:3a:e6:71:40:5d:42:
f8:74:2c:d0:b3:81:28:e2:a0:b8:8b:6c:b8:34:00:
d3:d3:8b:1c:ac:f1:5f:0a:e4:89:c8:3f:0c:0d:3a:
91:fb:34:08:5d:86:01:83:43:ce:97:68:dd:2e:6d:
a6:a4:84:a2:bd:c8:c7:d9:91:51:88:64:6c:a0:de:
41:39:d8:a3:bd:b8:ac:d9:0d:27:6e:63:c3:97:af:
f6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:3E:F7:CD:C7:E5:89:F2:FF:65:9A:A6:E1:13:54:30:E6:29:12:AC
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/AD73zcflifL_ZZqm4RNUMOYpEqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.124.0/22
45.67.228.0/22
45.120.176.0/22
62.3.12.0/24
74.119.192.0/22
80.92.204.0-80.92.206.255
86.104.72.0/22
89.221.224.0/23
91.194.161.0/24
91.225.217.0-91.225.219.255
103.35.188.0/22
103.106.0.0/22
103.113.68.0/22
103.231.72.0/22
176.120.64.0/22
176.120.72.0/22
185.234.56.0/22
185.234.64.0/22
185.235.240.0/22
185.236.232.0/22
185.242.84.0/22
185.250.148.0/22
193.203.202.0/24
194.246.114.0/23
195.42.232.0/22
195.149.87.0/24
213.159.64.0/21
IPv6:
2a09:7c40::/29
2a11:3805::/32
2a11:3c02::/31
2a14:2d80::-2a14:2d82:ffff:ffff:ffff:ffff:ffff:ffff
2a14:2e80::/32
2a14:2f80::/32
2a14:3080::/32
2a14:3880::/32
Signature Algorithm: sha256WithRSAEncryption
35:67:47:ff:42:80:38:16:83:a0:3f:e9:d7:87:7d:fc:0a:51:
06:3f:97:04:8c:5f:79:06:25:23:f4:f5:65:69:11:f6:54:ff:
ad:4a:27:3e:e4:9b:e5:5b:c7:aa:3d:72:d4:ff:d4:4a:9c:2c:
de:d1:9e:4b:26:01:d4:45:68:03:c0:2c:07:95:d3:c1:9b:c8:
44:98:0f:34:a8:f3:65:9e:38:eb:3d:d5:ba:cd:1c:24:f0:f7:
fe:c6:30:95:37:ac:7e:76:94:66:ed:b7:bf:da:54:a6:03:e4:
c4:2a:62:62:aa:14:25:2f:ed:58:6c:ab:0f:0f:59:cc:d6:54:
1a:e4:6e:38:04:4c:c1:c4:50:5b:c0:96:3b:2e:e3:8f:b1:4e:
08:bb:56:24:a3:2f:5d:dd:5a:05:b0:df:f9:ca:4e:d3:81:93:
04:4a:4c:7c:07:a6:87:c7:b8:08:05:9a:33:82:f9:6b:01:ff:
77:91:39:5e:ad:82:a1:17:56:c8:18:ce:d5:09:a2:7d:8d:2d:
cb:48:3d:68:6e:88:cf:a3:c4:90:fb:8f:fb:0c:cb:35:66:cc:
e9:26:2b:59:42:14:83:7b:24:9a:99:d3:a1:66:5a:3f:eb:43:
c2:56:d6:22:f9:d8:d3:d6:c2:ca:fe:95:39:06:19:4d:ae:06:
33:82:c7:aa
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAY8f2oluK7vzmjbbih3kFB99MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjQwNDI3MTM1OTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDNlZjdjZGM3ZTU4OWYyZmY2NTlhYTZlMTEzNTQzMGU2MjkxMmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1neIlLdiw8/ggX4B6EcYDjqh8Lgz
p7sWQCCbq+GI5EFSkh+wVhkPc7/TOORxQ8J7v6JT4kYt6HfgRZ43hYZFq460BGpr
+dAexlWee0BxdvPGWZXkgQWsy9mL7eg2UnJ3A0uDUxlK3/sdNqOjFpXbPmO9hnmr
56iHVshe0cT5774evxKsVU2Si6W9o60qSclcjjXaEo/XG1R0TYjPY1oQLO2hlcp8
BjJIwMKZFYk65nFAXUL4dCzQs4Eo4qC4i2y4NADT04scrPFfCuSJyD8MDTqR+zQI
XYYBg0POl2jdLm2mpISivcjH2ZFRiGRsoN5BOdijvbis2Q0nbmPDl6/2FQIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFAA+983H5Yny/2WapuETVDDmKRKsMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvQUQ3M3pjZmxpZkxfWlpxbTRSTlVNT1lwRXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCBuQQCAAEwgbID
BAIl3XwDBAItQ+QDBAIteLADBAA+AwwDBAJKd8AwDAMEAlBczAMEAFBczgMEAlZo
SAMEAVnd4AMEAFvCoTAMAwQAW+HZAwQCW+HYAwQCZyO8AwQCZ2oAAwQCZ3FEAwQC
Z+dIAwQCsHhAAwQCsHhIAwQCueo4AwQCuepAAwQCuevwAwQCuezoAwQCufJUAwQC
ufqUAwQAwcvKAwQBwvZyAwQCwyroAwQAw5VXAwQD1Z9AMEcEAgACMEEDBQMqCXxA
AwUAKhE4BQMFASoRPAIwDgMFByoULYADBQAqFC2CAwUAKhQugAMFACoUL4ADBQAq
FDCAAwUAKhQ4gDANBgkqhkiG9w0BAQsFAAOCAQEANWdH/0KAOBaDoD/p14d9/ApR
Bj+XBIxfeQYlI/T1ZWkR9lT/rUonPuSb5VvHqj1y1P/USpws3tGeSyYB1EVoA8As
B5XTwZvIRJgPNKjzZZ446z3Vus0cJPD3/sYwlTesfnaUZu23v9pUpgPkxCpiYqoU
JS/tWGyrDw9ZzNZUGuRuOARMwcRQW8CWOy7jj7FOCLtWJKMvXd1aBbDf+cpO04GT
BEpMfAemh8e4CAWaM4L5awH/d5E5Xq2CoRdWyBjO1QmifY0ty0g9aG6Iz6PEkPuP
+wzLNWbM6SYrWUIUg3skmpnToWZaP+tDwlbWIvnY09bCyv6VOQYZTa4GM4LHqg==
-----END CERTIFICATE-----
Generated at Sun May 19 21:27:11 2024 by rpki-client on console-ams.rpki-client.org