Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/pLxraMGdusqRgDUPmIqQpTjC5rg.roa
File: pLxraMGdusqRgDUPmIqQpTjC5rg.roa (raw, json)
Hash identifier: oQP9uooU1SmBPrFPPbMEGdSjQ4ZgaWwwD2HyEpBZRok=
Subject key identifier: A4:BC:6B:68:C1:9D:BA:CA:91:80:35:0F:98:8A:90:A5:38:C2:E6:B8
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 018CC64AAF53C9CD5A96AAFDE398A7F6C414
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/pLxraMGdusqRgDUPmIqQpTjC5rg.roa
Signing time: Mon 01 Jan 2024 18:30:32 +0000
ROA not before: Mon 01 Jan 2024 18:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199967
IP address blocks: 45.66.133.0/24 maxlen: 24
185.159.70.0/24 maxlen: 24
185.159.69.0/24 maxlen: 24
185.159.68.0/24 maxlen: 24
185.187.239.0/24 maxlen: 24
185.187.238.0/24 maxlen: 24
185.187.237.0/24 maxlen: 24
45.12.205.0/24 maxlen: 24
45.12.204.0/24 maxlen: 24
45.134.19.0/24 maxlen: 24
81.90.191.0/24 maxlen: 24
188.119.101.0/24 maxlen: 24
188.119.100.0/24 maxlen: 24
185.126.70.0/24 maxlen: 24
185.126.69.0/24 maxlen: 24
185.126.71.0/24 maxlen: 24
185.105.189.0/24 maxlen: 24
185.105.190.0/24 maxlen: 24
185.168.23.0/24 maxlen: 24
185.168.22.0/24 maxlen: 24
185.168.21.0/24 maxlen: 24
185.171.121.0/24 maxlen: 24
185.126.139.0/24 maxlen: 24
185.126.138.0/24 maxlen: 24
91.217.121.0/24 maxlen: 24
91.217.120.0/24 maxlen: 24
194.156.228.0/24 maxlen: 24
185.175.141.0/24 maxlen: 24
185.175.140.0/24 maxlen: 24
45.144.240.0/24 maxlen: 24
45.144.241.0/24 maxlen: 24
45.82.166.0/24 maxlen: 24
5.183.178.0/24 maxlen: 24
185.160.27.0/24 maxlen: 24
185.160.25.0/24 maxlen: 24
185.126.118.0/24 maxlen: 24
185.126.119.0/24 maxlen: 24
5.181.6.0/24 maxlen: 24
5.181.7.0/24 maxlen: 24
45.66.132.0/24 maxlen: 24
185.120.19.0/24 maxlen: 24
185.120.18.0/24 maxlen: 24
152.89.209.0/24 maxlen: 24
152.89.208.0/24 maxlen: 24
217.197.163.0/24 maxlen: 24
147.78.15.0/24 maxlen: 24
45.128.154.0/24 maxlen: 24
2a0c:8a40:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:af:53:c9:cd:5a:96:aa:fd:e3:98:a7:f6:c4:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: Jan 1 18:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4bc6b68c19dbaca9180350f988a90a538c2e6b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0b:2f:19:fb:1f:9e:b0:e5:e8:4e:d6:cc:e2:
c4:58:98:b2:d1:0d:4c:be:c5:f1:ad:30:86:b0:5b:
be:c1:01:a7:f2:f9:95:7c:2d:95:8b:6f:09:af:8a:
4f:34:21:45:07:07:e4:80:65:16:f6:42:21:34:6e:
24:aa:04:62:ee:c3:a6:58:54:13:ba:43:19:00:d6:
c0:af:ec:75:4d:14:6d:0a:6b:1b:43:a4:10:4c:83:
40:ad:07:e7:b0:48:41:ff:54:a8:54:cb:34:79:1f:
f5:bd:16:af:91:fd:d5:98:89:73:39:50:89:06:f8:
16:e2:5c:a4:9b:b2:08:49:aa:ea:5e:8e:76:f1:07:
7b:92:c5:5d:48:9c:d4:2b:d6:51:95:c9:35:3d:31:
f1:8e:9a:00:cf:55:6f:ec:a2:ad:5a:86:c1:62:73:
2a:cd:cd:9b:3b:72:f4:ea:f2:43:01:46:30:8c:3f:
56:3f:ec:07:a9:27:88:29:5c:24:e5:33:71:9a:6f:
21:1f:0f:33:47:92:82:70:00:4f:b2:8c:da:39:24:
bd:6e:98:3f:53:7a:56:f6:89:41:fb:da:28:7d:a1:
a5:41:7e:d0:d8:95:65:9a:07:9c:d8:af:a0:ab:de:
a9:91:a8:75:26:48:cb:d2:bf:ad:79:76:36:fb:5f:
fd:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:BC:6B:68:C1:9D:BA:CA:91:80:35:0F:98:8A:90:A5:38:C2:E6:B8
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/pLxraMGdusqRgDUPmIqQpTjC5rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.6.0/23
5.183.178.0/24
45.12.204.0/23
45.66.132.0/23
45.82.166.0/24
45.128.154.0/24
45.134.19.0/24
45.144.240.0/23
81.90.191.0/24
91.217.120.0/23
147.78.15.0/24
152.89.208.0/23
185.105.189.0-185.105.190.255
185.120.18.0/23
185.126.69.0-185.126.71.255
185.126.118.0/23
185.126.138.0/23
185.159.68.0-185.159.70.255
185.160.25.0/24
185.160.27.0/24
185.168.21.0-185.168.23.255
185.171.121.0/24
185.175.140.0/23
185.187.237.0-185.187.239.255
188.119.100.0/23
194.156.228.0/24
217.197.163.0/24
IPv6:
2a0c:8a40:1::/48
Signature Algorithm: sha256WithRSAEncryption
06:af:54:67:66:0e:a3:0e:5a:0d:ee:0a:ea:8e:17:e9:e8:ef:
da:8e:48:49:25:b4:c7:a9:e1:4e:9a:0b:b9:72:ab:ad:62:0b:
b0:b8:5c:ae:93:df:af:9b:cd:08:6f:d7:55:b7:37:89:7a:2c:
e4:78:de:36:44:37:1d:cf:0d:ae:0b:12:56:cc:3f:e0:3d:79:
fd:43:e7:1c:b8:83:ce:cc:cb:5e:9f:32:2a:63:83:1b:fa:8f:
fd:59:6d:88:f7:50:ba:cf:99:6c:96:a9:8f:d6:a6:ec:e2:d2:
02:21:8a:a8:da:30:37:b9:26:05:65:a3:91:cc:c6:40:6b:48:
24:53:b2:aa:a1:8b:b1:a1:c7:8b:14:f7:09:24:25:7b:cb:dc:
c1:92:55:11:c9:23:e4:ba:12:5c:2c:99:d5:a4:f2:21:0d:ec:
34:8d:ac:8c:f9:17:08:5c:78:9c:d9:65:16:e1:af:8a:64:98:
20:92:e3:9c:5f:f7:5c:ee:1d:e9:d5:f6:b4:3f:08:c0:a7:b6:
b7:b0:49:8b:27:bd:ca:04:ab:7e:f8:f9:aa:65:3e:19:d1:10:
c6:d9:1b:ca:42:a3:22:dd:bf:e8:cd:eb:8a:eb:39:2f:50:6a:
cb:bb:01:ce:55:94:f2:87:a9:21:56:88:a6:7e:90:b9:2c:08:
c7:09:7f:99
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgISAYzGSq9Tyc1alqr945in9sQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjQwMTAxMTgzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGJjNmI2OGMxOWRiYWNhOTE4MDM1MGY5ODhhOTBhNTM4YzJlNmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQsvGfsfnrDl6E7WzOLEWJiy0Q1M
vsXxrTCGsFu+wQGn8vmVfC2Vi28Jr4pPNCFFBwfkgGUW9kIhNG4kqgRi7sOmWFQT
ukMZANbAr+x1TRRtCmsbQ6QQTINArQfnsEhB/1SoVMs0eR/1vRavkf3VmIlzOVCJ
BvgW4lykm7IISarqXo528Qd7ksVdSJzUK9ZRlck1PTHxjpoAz1Vv7KKtWobBYnMq
zc2bO3L06vJDAUYwjD9WP+wHqSeIKVwk5TNxmm8hHw8zR5KCcABPsozaOSS9bpg/
U3pW9olB+9oofaGlQX7Q2JVlmgec2K+gq96pkah1JkjL0r+teXY2+1/9jQIDAQAB
o4IC4zCCAt8wHQYDVR0OBBYEFKS8a2jBnbrKkYA1D5iKkKU4wua4MB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvcEx4cmFNR2R1c3FSZ0RVUG1JcVFwVGpDNXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH4BggrBgEFBQcBBwEB/wSB6DCB5TCB0QQCAAEwgcoDBAEF
tQYDBAAFt7IDBAEtDMwDBAEtQoQDBAAtUqYDBAAtgJoDBAAthhMDBAEtkPADBABR
Wr8DBAFb2XgDBACTTg8DBAGYWdAwDAMEALlpvQMEALlpvgMEAbl4EjAMAwQAuX5F
AwQDuX5AAwQBuX52AwQBuX6KMAwDBAK5n0QDBAC5n0YDBAC5oBkDBAC5oBswDAME
ALmoFQMEA7moEAMEALmreQMEAbmvjDAMAwQAubvtAwQEubvgAwQBvHdkAwQAwpzk
AwQA2cWjMA8EAgACMAkDBwAqDIpAAAEwDQYJKoZIhvcNAQELBQADggEBAAavVGdm
DqMOWg3uCuqOF+no79qOSEkltMep4U6aC7lyq61iC7C4XK6T36+bzQhv11W3N4l6
LOR43jZENx3PDa4LElbMP+A9ef1D5xy4g87My16fMipjgxv6j/1ZbYj3ULrPmWyW
qY/Wpuzi0gIhiqjaMDe5JgVlo5HMxkBrSCRTsqqhi7Ghx4sU9wkkJXvL3MGSVRHJ
I+S6ElwsmdWk8iEN7DSNrIz5FwhceJzZZRbhr4pkmCCS45xf91zuHenV9rQ/CMCn
trewSYsnvcoEq374+aplPhnREMbZG8pCoyLdv+jN64rrOS9Qasu7Ac5VlPKHqSFW
iKZ+kLksCMcJf5k=
-----END CERTIFICATE-----
Generated at Wed Jun 26 09:34:48 2024 by rpki-client on console-ams.rpki-client.org