Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/4182DbXhnidvHYsIY1la_46VfnM.roa
File: 4182DbXhnidvHYsIY1la_46VfnM.roa (raw, json)
Hash identifier: CD5W1lbEN9rx2MuDpr4dc4mx3Ow25km9Mp/r9MNpjhA=
Subject key identifier: E3:5F:36:0D:B5:E1:9E:27:6F:1D:8B:08:63:59:5A:FF:8E:95:7E:73
Certificate issuer: /CN=0a41a5a2a18339629cc1303e6dec8bb605ddca65
Certificate serial: 01911691E099302F472A7708D90A45B7CDB4
Authority key identifier: 0A:41:A5:A2:A1:83:39:62:9C:C1:30:3E:6D:EC:8B:B6:05:DD:CA:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/4182DbXhnidvHYsIY1la_46VfnM.roa
Signing time: Sat 03 Aug 2024 04:49:04 +0000
ROA not before: Sat 03 Aug 2024 04:49:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29182
IP address blocks: 37.46.128.0/23 maxlen: 23
37.46.130.0/23 maxlen: 23
37.46.132.0/23 maxlen: 23
37.46.134.0/23 maxlen: 23
62.109.0.0/20 maxlen: 20
62.109.0.0/21 maxlen: 21
62.109.8.0/21 maxlen: 21
62.109.16.0/21 maxlen: 21
62.109.24.0/22 maxlen: 22
62.109.28.0/22 maxlen: 22
77.246.156.0/22 maxlen: 22
77.246.156.0/23 maxlen: 23
77.246.158.0/23 maxlen: 23
80.87.192.0/23 maxlen: 23
80.87.194.0/23 maxlen: 23
80.87.196.0/23 maxlen: 23
80.87.198.0/23 maxlen: 23
80.87.200.0/23 maxlen: 23
80.87.202.0/24 maxlen: 24
80.87.203.0/24 maxlen: 24
82.146.32.0/21 maxlen: 21
82.146.32.0/23 maxlen: 23
82.146.34.0/23 maxlen: 23
82.146.36.0/23 maxlen: 23
82.146.38.0/23 maxlen: 23
82.146.40.0/21 maxlen: 21
82.146.48.0/23 maxlen: 23
82.146.50.0/23 maxlen: 23
82.146.52.0/23 maxlen: 23
82.146.54.0/23 maxlen: 23
82.146.56.0/21 maxlen: 21
82.202.160.0/23 maxlen: 23
82.202.162.0/23 maxlen: 23
82.202.165.0/24 maxlen: 24
82.202.166.0/23 maxlen: 23
82.202.168.0/23 maxlen: 23
82.202.170.0/23 maxlen: 23
82.202.172.0/23 maxlen: 23
82.202.174.0/23 maxlen: 23
83.220.168.0/23 maxlen: 23
83.220.170.0/23 maxlen: 23
83.220.172.0/23 maxlen: 23
83.220.174.0/23 maxlen: 23
85.198.72.0/23 maxlen: 23
85.198.74.0/23 maxlen: 23
85.198.116.0/23 maxlen: 23
85.198.118.0/23 maxlen: 23
91.240.84.0/23 maxlen: 23
91.240.86.0/23 maxlen: 23
92.63.96.0/21 maxlen: 21
92.63.104.0/22 maxlen: 22
92.63.108.0/22 maxlen: 22
92.63.108.0/24 maxlen: 24
92.63.109.0/24 maxlen: 24
92.63.110.0/23 maxlen: 23
185.43.4.0/23 maxlen: 23
185.43.6.0/23 maxlen: 23
185.63.188.0/22 maxlen: 22
185.146.156.0/23 maxlen: 23
185.146.158.0/23 maxlen: 23
185.246.64.0/23 maxlen: 23
185.246.66.0/23 maxlen: 23
185.253.32.0/23 maxlen: 23
185.253.34.0/23 maxlen: 23
195.140.144.0/23 maxlen: 23
195.140.146.0/23 maxlen: 23
212.109.192.0/22 maxlen: 22
212.109.196.0/23 maxlen: 23
212.109.198.0/23 maxlen: 23
212.109.216.0/23 maxlen: 23
212.109.218.0/23 maxlen: 23
212.109.220.0/23 maxlen: 23
212.109.222.0/24 maxlen: 24
212.109.223.0/24 maxlen: 24
213.159.208.0/23 maxlen: 23
213.159.210.0/23 maxlen: 23
213.159.212.0/23 maxlen: 23
213.159.214.0/23 maxlen: 23
2a09:f900::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:16:91:e0:99:30:2f:47:2a:77:08:d9:0a:45:b7:cd:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a41a5a2a18339629cc1303e6dec8bb605ddca65
Validity
Not Before: Aug 3 04:49:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e35f360db5e19e276f1d8b0863595aff8e957e73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e0:20:f0:2a:59:d0:49:4e:d5:67:bd:dd:d9:
3e:6c:a0:e5:cd:47:53:d2:c9:5b:36:95:08:99:e5:
a0:7b:7e:ed:46:01:a8:8c:68:81:47:98:d1:3a:44:
89:bc:75:08:0d:7d:96:8f:1d:b6:3a:62:0b:7a:f8:
b0:1d:16:a0:81:67:8d:10:17:3e:0d:2d:d8:af:bf:
6a:48:42:70:4e:26:cd:93:23:fe:72:d0:ee:1c:e2:
25:b0:a5:ca:2d:03:2a:f0:7f:a7:ec:c5:e3:9c:02:
a7:8c:32:a0:2d:d3:c7:cd:6c:ae:bd:f9:60:82:c4:
08:87:f1:44:89:ed:db:d5:0b:88:0d:9f:db:9d:56:
dd:a4:ab:b2:32:e8:37:cc:83:1c:94:fb:f7:5d:bc:
9c:02:55:6e:39:ca:93:a9:4c:e0:d4:87:e1:4d:f6:
db:14:0a:8a:36:02:af:58:aa:b5:73:44:76:25:e0:
03:5a:d7:56:2a:54:33:85:51:e2:78:a4:53:21:9c:
87:bd:a5:06:82:9b:0b:8e:e7:4f:9c:3c:d8:83:77:
9a:7c:8a:2f:b8:e7:f3:ee:e7:0a:da:fb:27:e2:06:
14:78:d5:79:11:23:1d:54:e3:0c:c4:d6:24:aa:88:
40:5d:b4:bb:65:0c:64:49:f2:06:35:bb:ac:12:2d:
b6:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:5F:36:0D:B5:E1:9E:27:6F:1D:8B:08:63:59:5A:FF:8E:95:7E:73
X509v3 Authority Key Identifier:
keyid:0A:41:A5:A2:A1:83:39:62:9C:C1:30:3E:6D:EC:8B:B6:05:DD:CA:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/4182DbXhnidvHYsIY1la_46VfnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.128.0/21
62.109.0.0/19
77.246.156.0/22
80.87.192.0-80.87.203.255
82.146.32.0/19
82.202.160.0/22
82.202.165.0-82.202.175.255
83.220.168.0/21
85.198.72.0/22
85.198.116.0/22
91.240.84.0/22
92.63.96.0/20
185.43.4.0/22
185.63.188.0/22
185.146.156.0/22
185.246.64.0/22
185.253.32.0/22
195.140.144.0/22
212.109.192.0/21
212.109.216.0/21
213.159.208.0/21
IPv6:
2a09:f900::/48
Signature Algorithm: sha256WithRSAEncryption
40:72:e8:eb:09:f5:d5:87:54:d7:86:cc:19:6c:9e:ec:2c:c9:
35:6c:52:d7:ea:fa:af:49:e6:49:3a:6d:33:c7:74:d1:e1:eb:
18:00:bd:6c:f0:42:10:fd:44:29:dd:91:18:c2:6b:59:e0:6b:
ac:37:a7:3b:4a:00:0c:b3:54:ff:0e:8e:1b:e7:fb:1a:f0:76:
0a:21:95:ef:ee:f9:27:14:35:12:b4:62:13:25:6b:5f:fb:7c:
84:a8:0e:f8:15:f5:e7:48:d4:a2:22:9f:e6:af:62:b9:99:07:
c3:23:82:bd:5d:18:91:65:36:51:52:2b:bb:29:1d:c2:01:36:
09:72:97:64:87:5d:7c:aa:22:6d:d3:0c:36:7e:a4:79:de:5c:
c3:96:f1:ed:25:c4:45:64:27:83:d9:68:86:ef:89:8e:ae:c5:
ce:f7:f0:45:f5:c7:b9:da:b9:4d:7f:a7:6c:3e:bb:64:01:e0:
bf:51:d2:bb:a9:b3:96:88:73:4c:4c:2a:7d:c0:bc:c5:88:b7:
29:74:49:75:74:68:a0:9f:24:b9:7f:5b:93:d9:70:68:93:25:
79:39:1c:85:03:08:db:13:df:f7:c1:92:cb:5c:ee:27:94:0f:
59:44:80:da:92:d2:fe:39:af:e4:54:fc:62:62:ae:80:bb:10:
e7:b9:64:4d
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAZEWkeCZMC9HKncI2QpFt820MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNDFhNWEyYTE4MzM5NjI5Y2MxMzAzZTZkZWM4YmI2MDVk
ZGNhNjUwHhcNMjQwODAzMDQ0OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzVmMzYwZGI1ZTE5ZTI3NmYxZDhiMDg2MzU5NWFmZjhlOTU3ZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+Ag8CpZ0ElO1We93dk+bKDlzUdT
0slbNpUImeWge37tRgGojGiBR5jROkSJvHUIDX2Wjx22OmILeviwHRaggWeNEBc+
DS3Yr79qSEJwTibNkyP+ctDuHOIlsKXKLQMq8H+n7MXjnAKnjDKgLdPHzWyuvflg
gsQIh/FEie3b1QuIDZ/bnVbdpKuyMug3zIMclPv3XbycAlVuOcqTqUzg1IfhTfbb
FAqKNgKvWKq1c0R2JeADWtdWKlQzhVHieKRTIZyHvaUGgpsLjudPnDzYg3eafIov
uOfz7ucK2vsn4gYUeNV5ESMdVOMMxNYkqohAXbS7ZQxkSfIGNbusEi22qwIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFONfNg214Z4nbx2LCGNZWv+OlX5zMB8GA1UdIwQY
MBaAFApBpaKhgzlinMEwPm3si7YF3cplMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2tHbG9xR0RPV0tjd1RBLWJleUx0Z1hkeW1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kNDNjMmMtNzRlOS00N2Q0LWJmNjIt
ODBmN2ZkNmVhOWM5LzEvNDE4MkRiWGhuaWR2SFlzSVkxbGFfNDZWZm5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kNDNjMmMtNzRlOS00N2Q0LWJmNjItODBmN2ZkNmVhOWM5
LzEvQ2tHbG9xR0RPV0tjd1RBLWJleUx0Z1hkeW1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBlQQCAAEwgY4DBAMl
LoADBAU+bQADBAJN9pwwDAMEBlBXwAMEAlBXyAMEBVKSIAMEAlLKoDAMAwQAUsql
AwQEUsqgAwQDU9yoAwQCVcZIAwQCVcZ0AwQCW/BUAwQEXD9gAwQCuSsEAwQCuT+8
AwQCuZKcAwQCufZAAwQCuf0gAwQCw4yQAwQD1G3AAwQD1G3YAwQD1Z/QMA8EAgAC
MAkDBwAqCfkAAAAwDQYJKoZIhvcNAQELBQADggEBAEBy6OsJ9dWHVNeGzBlsnuws
yTVsUtfq+q9J5kk6bTPHdNHh6xgAvWzwQhD9RCndkRjCa1nga6w3pztKAAyzVP8O
jhvn+xrwdgohle/u+ScUNRK0YhMla1/7fISoDvgV9edI1KIin+avYrmZB8Mjgr1d
GJFlNlFSK7spHcIBNglyl2SHXXyqIm3TDDZ+pHneXMOW8e0lxEVkJ4PZaIbviY6u
xc738EX1x7nauU1/p2w+u2QB4L9R0rups5aIc0xMKn3AvMWItyl0SXV0aKCfJLl/
W5PZcGiTJXk5HIUDCNsT3/fBkstc7ieUD1lEgNqS0v45r+RU/GJiroC7EOe5ZE0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:42:09 2024 by rpki-client on console-fra.rpki-client.org