Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/sTgh3U67qAWVceKiT2qonw901Y0.roa
File: sTgh3U67qAWVceKiT2qonw901Y0.roa (raw, json)
Hash identifier: IhQc1U2SMplrFwd6podfnZMKhS/U+amjAbLdV8ZwBEE=
Subject key identifier: B1:38:21:DD:4E:BB:A8:05:95:71:E2:A2:4F:6A:A8:9F:0F:74:D5:8D
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 018CC5DC4E67677CEB2E37528F9BAE38045A
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/sTgh3U67qAWVceKiT2qonw901Y0.roa
Signing time: Mon 01 Jan 2024 16:29:58 +0000
ROA not before: Mon 01 Jan 2024 16:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 195.208.52.0/24 maxlen: 24
195.208.55.0/24 maxlen: 24
195.208.54.0/24 maxlen: 24
195.208.53.0/24 maxlen: 24
195.208.61.0/24 maxlen: 24
195.208.60.0/24 maxlen: 24
195.208.3.0/24 maxlen: 24
195.208.2.0/24 maxlen: 24
195.208.169.0/24 maxlen: 24
195.208.168.0/24 maxlen: 24
195.208.181.0/24 maxlen: 24
195.208.189.0/24 maxlen: 24
195.19.209.0/24 maxlen: 24
195.19.213.0/24 maxlen: 24
195.208.118.0/24 maxlen: 24
195.208.122.0/24 maxlen: 24
195.208.121.0/24 maxlen: 24
195.208.120.0/24 maxlen: 24
195.208.125.0/24 maxlen: 24
195.208.124.0/24 maxlen: 24
195.208.123.0/24 maxlen: 24
195.208.119.0/24 maxlen: 24
195.208.127.0/24 maxlen: 24
195.208.126.0/24 maxlen: 24
193.232.42.0/24 maxlen: 24
193.232.41.0/24 maxlen: 24
193.232.40.0/24 maxlen: 24
193.232.43.0/24 maxlen: 24
194.190.171.0/24 maxlen: 24
194.190.170.0/24 maxlen: 24
194.190.179.0/24 maxlen: 24
194.190.178.0/24 maxlen: 24
212.193.182.0/24 maxlen: 24
212.193.181.0/24 maxlen: 24
212.193.180.0/24 maxlen: 24
194.190.91.0/24 maxlen: 24
194.190.90.0/24 maxlen: 24
212.193.183.0/24 maxlen: 24
194.190.112.0/24 maxlen: 24
62.76.147.0/24 maxlen: 24
62.76.146.0/24 maxlen: 24
62.76.153.0/24 maxlen: 24
194.190.190.0/24 maxlen: 24
195.19.1.0/24 maxlen: 24
195.19.0.0/24 maxlen: 24
195.19.2.0/24 maxlen: 24
195.19.7.0/24 maxlen: 24
195.209.179.0/24 maxlen: 24
195.209.178.0/24 maxlen: 24
194.226.142.0/24 maxlen: 24
194.226.160.0/24 maxlen: 24
194.226.185.0/24 maxlen: 24
212.193.136.0/21 maxlen: 24
212.192.36.0/22 maxlen: 24
193.232.145.0/24 maxlen: 24
193.232.144.0/24 maxlen: 24
195.209.132.0/24 maxlen: 24
195.209.133.0/24 maxlen: 24
212.192.201.0/24 maxlen: 24
212.192.200.0/24 maxlen: 24
193.232.228.0/24 maxlen: 24
195.209.102.0/24 maxlen: 24
195.209.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:4e:67:67:7c:eb:2e:37:52:8f:9b:ae:38:04:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 1 16:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b13821dd4ebba8059571e2a24f6aa89f0f74d58d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6c:69:e1:f9:25:5e:2b:51:06:ff:e0:8f:a5:
36:04:8b:8f:d1:95:fc:f4:e3:94:32:0b:47:38:58:
d1:44:af:31:a4:a3:d3:e3:7c:e2:65:e9:26:e4:61:
38:2a:69:d9:6b:a7:a6:4b:09:5c:ff:92:2e:42:9a:
95:79:ae:fb:ae:5b:2e:4a:42:7d:9e:c4:01:57:5d:
8e:fe:94:f0:6c:0f:fc:a5:d9:c0:e0:39:d7:20:55:
7e:77:3f:80:a8:9d:ad:8c:6d:66:36:9c:5c:ee:bc:
d0:ab:14:6b:84:1c:a7:a3:32:a7:55:dd:f6:15:d0:
20:bb:79:4e:8b:25:9a:24:5d:c1:8e:26:35:ae:95:
4d:23:56:fe:ee:12:b1:6f:f3:3b:78:28:27:92:2f:
e4:8b:75:da:3f:a0:6f:7c:49:0e:1c:dc:cc:60:5a:
f7:d2:c5:8f:c4:8d:a0:d8:59:f7:5e:de:75:d2:0c:
04:33:3d:79:f9:fc:3f:82:17:07:b3:1f:5b:0b:cf:
ae:fc:d0:05:dd:b2:53:9c:60:69:d9:61:df:f4:57:
34:c2:90:96:b0:db:e9:4c:f0:f9:e4:de:bd:5c:a2:
d4:b0:3f:24:41:af:dd:fb:01:8f:53:7b:4f:bc:17:
8d:39:be:d8:ae:d2:c1:dd:55:36:b6:75:8f:4b:b8:
5e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:38:21:DD:4E:BB:A8:05:95:71:E2:A2:4F:6A:A8:9F:0F:74:D5:8D
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/sTgh3U67qAWVceKiT2qonw901Y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.146.0/23
62.76.153.0/24
193.232.40.0/22
193.232.144.0/23
193.232.228.0/24
194.190.90.0/23
194.190.112.0/24
194.190.170.0/23
194.190.178.0/23
194.190.190.0/24
194.226.142.0/24
194.226.160.0/24
194.226.185.0/24
195.19.0.0-195.19.2.255
195.19.7.0/24
195.19.209.0/24
195.19.213.0/24
195.208.2.0/23
195.208.52.0/22
195.208.60.0/23
195.208.118.0-195.208.127.255
195.208.168.0/23
195.208.181.0/24
195.208.189.0/24
195.209.102.0/23
195.209.132.0/23
195.209.178.0/23
212.192.36.0/22
212.192.200.0/23
212.193.136.0/21
212.193.180.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:e0:81:1e:97:13:da:94:7f:ee:3a:8c:d9:4d:5c:48:48:a1:
35:6c:92:64:20:a9:4b:3e:26:9c:5c:6f:53:67:89:3a:68:f2:
9b:11:e9:83:3f:d9:4a:9f:01:da:3a:74:8e:3a:9d:8d:44:94:
66:09:02:14:5b:0c:1b:88:34:33:41:ef:42:09:0f:95:8b:40:
8a:5d:50:61:e9:9c:94:39:70:10:eb:c8:5a:69:44:a4:8d:8f:
f0:38:79:a8:f3:d6:d5:6e:af:91:31:0d:c9:bb:53:33:a3:98:
14:9d:95:4c:94:2f:70:d2:7f:f2:bf:df:1f:d3:99:ad:66:a2:
ff:cb:86:24:cb:a0:79:23:58:82:83:4e:c5:45:4e:e5:d1:8f:
6e:b8:ec:27:b7:0a:f7:ca:c3:e9:b1:b3:4c:32:77:b6:61:e3:
7b:f0:26:72:fb:6d:6b:eb:91:63:1a:17:fc:d6:e5:c3:42:0d:
4a:e7:ef:a5:e5:43:e2:87:0a:2d:fb:30:81:2c:46:05:a3:65:
4f:15:2c:1b:62:98:bb:1b:55:86:49:44:cf:28:06:fe:ff:b2:
b7:3f:a0:25:ca:de:a4:dc:96:18:ed:33:82:c5:6d:64:e8:9e:
26:60:1f:64:83:9e:cf:c4:ab:e6:d7:cb:d2:61:4c:52:7a:6d:
6c:98:38:64
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgISAYzF3E5nZ3zrLjdSj5uuOARaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjQwMTAxMTYyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTM4MjFkZDRlYmJhODA1OTU3MWUyYTI0ZjZhYTg5ZjBmNzRkNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmxp4fklXitRBv/gj6U2BIuP0ZX8
9OOUMgtHOFjRRK8xpKPT43ziZekm5GE4KmnZa6emSwlc/5IuQpqVea77rlsuSkJ9
nsQBV12O/pTwbA/8pdnA4DnXIFV+dz+AqJ2tjG1mNpxc7rzQqxRrhBynozKnVd32
FdAgu3lOiyWaJF3BjiY1rpVNI1b+7hKxb/M7eCgnki/ki3XaP6BvfEkOHNzMYFr3
0sWPxI2g2Fn3Xt510gwEMz15+fw/ghcHsx9bC8+u/NAF3bJTnGBp2WHf9Fc0wpCW
sNvpTPD55N69XKLUsD8kQa/d+wGPU3tPvBeNOb7YrtLB3VU2tnWPS7heDwIDAQAB
o4IC0TCCAs0wHQYDVR0OBBYEFLE4Id1Ou6gFlXHiok9qqJ8PdNWNMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvc1RnaDNVNjdxQVdWY2VLaVQycW9udzkwMVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHmBggrBgEFBQcBBwEB/wSB1jCB0zCB0AQCAAEwgckDBAE+
TJIDBAA+TJkDBALB6CgDBAHB6JADBADB6OQDBAHCvloDBADCvnADBAHCvqoDBAHC
vrIDBADCvr4DBADC4o4DBADC4qADBADC4rkwCwMDAMMTAwQAwxMCAwQAwxMHAwQA
wxPRAwQAwxPVAwQBw9ACAwQCw9A0AwQBw9A8MAwDBAHD0HYDBAfD0AADBAHD0KgD
BADD0LUDBADD0L0DBAHD0WYDBAHD0YQDBAHD0bIDBALUwCQDBAHUwMgDBAPUwYgD
BALUwbQwDQYJKoZIhvcNAQELBQADggEBAKnggR6XE9qUf+46jNlNXEhIoTVskmQg
qUs+Jpxcb1NniTpo8psR6YM/2UqfAdo6dI46nY1ElGYJAhRbDBuINDNB70IJD5WL
QIpdUGHpnJQ5cBDryFppRKSNj/A4eajz1tVur5ExDcm7UzOjmBSdlUyUL3DSf/K/
3x/Tma1mov/LhiTLoHkjWIKDTsVFTuXRj2647Ce3CvfKw+mxs0wyd7Zh43vwJnL7
bWvrkWMaF/zW5cNCDUrn76XlQ+KHCi37MIEsRgWjZU8VLBtimLsbVYZJRM8oBv7/
src/oCXK3qTclhjtM4LFbWToniZgH2SDns/Eq+bXy9JhTFJ6bWyYOGQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:26:33 2024 by rpki-client on console-ams.rpki-client.org