Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/tQDSPsajomMY8QgDP8ZW0V9pymk.roa
File: tQDSPsajomMY8QgDP8ZW0V9pymk.roa (raw, json)
Hash identifier: f9Qw8/OWdHZlG03xENqobo/ODcdukaLu2QkZFWafNTI=
Subject key identifier: B5:00:D2:3E:C6:A3:A2:63:18:F1:08:03:3F:C6:56:D1:5F:69:CA:69
Certificate issuer: /CN=0a41a5a2a18339629cc1303e6dec8bb605ddca65
Certificate serial: 018D81B2CE0313E5874BA05139477D056330
Authority key identifier: 0A:41:A5:A2:A1:83:39:62:9C:C1:30:3E:6D:EC:8B:B6:05:DD:CA:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/tQDSPsajomMY8QgDP8ZW0V9pymk.roa
Signing time: Wed 07 Feb 2024 03:53:15 +0000
ROA not before: Wed 07 Feb 2024 03:53:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29182
IP address blocks: 37.46.128.0/23 maxlen: 23
37.46.130.0/23 maxlen: 23
37.46.132.0/23 maxlen: 23
37.46.134.0/23 maxlen: 23
77.246.156.0/22 maxlen: 22
77.246.156.0/23 maxlen: 23
77.246.158.0/23 maxlen: 23
80.87.192.0/23 maxlen: 23
80.87.194.0/23 maxlen: 23
80.87.196.0/23 maxlen: 23
80.87.198.0/23 maxlen: 23
80.87.200.0/23 maxlen: 23
80.87.202.0/24 maxlen: 24
80.87.203.0/24 maxlen: 24
82.202.160.0/23 maxlen: 23
82.202.162.0/23 maxlen: 23
82.202.165.0/24 maxlen: 24
82.202.166.0/23 maxlen: 23
82.202.168.0/23 maxlen: 23
82.202.170.0/23 maxlen: 23
82.202.172.0/23 maxlen: 23
82.202.174.0/23 maxlen: 23
83.220.168.0/23 maxlen: 23
83.220.170.0/23 maxlen: 23
83.220.172.0/23 maxlen: 23
83.220.174.0/23 maxlen: 23
91.240.84.0/23 maxlen: 23
91.240.86.0/23 maxlen: 23
185.43.4.0/23 maxlen: 23
185.43.6.0/23 maxlen: 23
185.63.188.0/22 maxlen: 22
185.146.156.0/23 maxlen: 23
185.146.158.0/23 maxlen: 23
185.246.64.0/23 maxlen: 23
185.246.66.0/23 maxlen: 23
185.253.32.0/23 maxlen: 23
185.253.34.0/23 maxlen: 23
195.140.144.0/23 maxlen: 23
195.140.146.0/23 maxlen: 23
212.109.192.0/22 maxlen: 22
212.109.196.0/23 maxlen: 23
212.109.198.0/23 maxlen: 23
212.109.216.0/23 maxlen: 23
212.109.218.0/23 maxlen: 23
212.109.220.0/23 maxlen: 23
212.109.222.0/24 maxlen: 24
212.109.223.0/24 maxlen: 24
213.159.208.0/23 maxlen: 23
213.159.210.0/23 maxlen: 23
213.159.212.0/23 maxlen: 23
213.159.214.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 19:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:b2:ce:03:13:e5:87:4b:a0:51:39:47:7d:05:63:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a41a5a2a18339629cc1303e6dec8bb605ddca65
Validity
Not Before: Feb 7 03:53:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b500d23ec6a3a26318f108033fc656d15f69ca69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0c:08:46:d7:48:88:fd:2d:93:bb:38:08:d9:
06:8d:c5:1a:2c:f3:b2:e0:89:f9:52:77:03:2e:d5:
f7:8c:f1:39:a4:8a:54:66:9f:b6:d7:c1:66:bf:25:
ea:6b:ae:ed:f6:4a:0a:ec:fa:dc:83:b9:1c:7e:fe:
b6:b4:4a:b5:cb:29:f7:62:78:24:74:90:54:42:51:
e7:75:e2:47:bf:f2:79:8e:69:83:d1:2f:3b:94:01:
bb:14:37:8b:d0:36:ab:c0:8f:dd:3d:20:82:fa:e4:
82:b5:df:c1:82:d7:a0:21:13:f4:23:d5:b2:d1:9b:
99:46:86:e1:45:a7:38:66:96:2c:d1:7f:7d:36:16:
85:74:ce:c2:0c:06:9a:4a:ad:cd:08:d4:c0:b1:78:
25:b0:32:b8:c5:c4:83:dc:f2:d7:f4:18:20:fc:f9:
74:a1:cf:a4:e2:b3:8f:a9:5f:6a:87:84:79:8d:44:
e1:a0:3b:4b:92:bf:23:a3:fb:c2:7e:a6:e3:64:63:
94:e4:14:a5:ed:ef:19:f4:31:15:bc:37:bb:9e:a7:
56:c8:a7:7b:2d:6b:32:13:78:a0:fd:40:14:58:fb:
5c:62:3b:aa:74:3a:bf:11:52:8f:2d:58:11:1a:af:
a2:25:86:04:17:58:33:4f:c5:0b:a1:88:f1:94:9f:
5e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:00:D2:3E:C6:A3:A2:63:18:F1:08:03:3F:C6:56:D1:5F:69:CA:69
X509v3 Authority Key Identifier:
keyid:0A:41:A5:A2:A1:83:39:62:9C:C1:30:3E:6D:EC:8B:B6:05:DD:CA:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/tQDSPsajomMY8QgDP8ZW0V9pymk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.128.0/21
77.246.156.0/22
80.87.192.0-80.87.203.255
82.202.160.0/22
82.202.165.0-82.202.175.255
83.220.168.0/21
91.240.84.0/22
185.43.4.0/22
185.63.188.0/22
185.146.156.0/22
185.246.64.0/22
185.253.32.0/22
195.140.144.0/22
212.109.192.0/21
212.109.216.0/21
213.159.208.0/21
Signature Algorithm: sha256WithRSAEncryption
4c:58:e5:67:b5:b6:52:8a:00:09:72:38:f8:ff:e8:6f:aa:54:
ac:da:a2:19:83:6c:17:10:d8:59:aa:e8:7e:6a:1b:20:1f:b6:
8e:0b:2f:58:0b:12:13:e5:52:94:69:1f:d5:37:4b:76:05:b7:
af:8c:79:5e:57:ec:8d:cc:2f:d8:f4:fa:55:5f:f6:fa:47:d0:
43:29:15:12:a7:ed:9c:b9:7e:54:bb:c8:b8:70:23:05:96:de:
48:46:d7:b3:db:68:bd:99:92:8d:c6:7f:c1:40:bb:46:34:ee:
f9:c3:0c:b0:28:e5:33:87:9d:3b:84:65:b0:7e:53:34:18:de:
bf:2d:8e:d8:f0:d0:b2:98:79:cb:a0:c2:94:86:19:cb:a3:00:
8d:8e:46:b3:67:e2:7a:2b:66:bf:99:b7:3c:61:d4:9f:24:b0:
c1:f3:b2:36:ff:d2:62:25:5c:3c:48:ee:80:8f:f2:51:b1:cf:
26:7a:34:b3:6b:86:e4:f6:1d:ed:87:02:e8:b6:d5:aa:fe:83:
48:3f:fc:3e:e3:06:5d:bc:9e:f8:8e:1c:ae:3e:b9:96:f1:bd:
01:c5:51:bd:44:77:b6:36:c3:04:a7:85:ae:5f:e9:53:d1:fc:
68:ce:9a:eb:ed:20:a7:96:7b:95:19:a6:de:cc:19:22:c4:0a:
fc:46:ea:94
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAY2Bss4DE+WHS6BROUd9BWMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNDFhNWEyYTE4MzM5NjI5Y2MxMzAzZTZkZWM4YmI2MDVk
ZGNhNjUwHhcNMjQwMjA3MDM1MzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTAwZDIzZWM2YTNhMjYzMThmMTA4MDMzZmM2NTZkMTVmNjljYTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwwIRtdIiP0tk7s4CNkGjcUaLPOy
4In5UncDLtX3jPE5pIpUZp+218FmvyXqa67t9koK7Prcg7kcfv62tEq1yyn3Yngk
dJBUQlHndeJHv/J5jmmD0S87lAG7FDeL0DarwI/dPSCC+uSCtd/BgtegIRP0I9Wy
0ZuZRobhRac4ZpYs0X99NhaFdM7CDAaaSq3NCNTAsXglsDK4xcSD3PLX9Bgg/Pl0
oc+k4rOPqV9qh4R5jUThoDtLkr8jo/vCfqbjZGOU5BSl7e8Z9DEVvDe7nqdWyKd7
LWsyE3ig/UAUWPtcYjuqdDq/EVKPLVgRGq+iJYYEF1gzT8ULoYjxlJ9euwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFLUA0j7Go6JjGPEIAz/GVtFfacppMB8GA1UdIwQY
MBaAFApBpaKhgzlinMEwPm3si7YF3cplMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2tHbG9xR0RPV0tjd1RBLWJleUx0Z1hkeW1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kNDNjMmMtNzRlOS00N2Q0LWJmNjIt
ODBmN2ZkNmVhOWM5LzEvdFFEU1BzYWpvbU1ZOFFnRFA4WlcwVjlweW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kNDNjMmMtNzRlOS00N2Q0LWJmNjItODBmN2ZkNmVhOWM5
LzEvQ2tHbG9xR0RPV0tjd1RBLWJleUx0Z1hkeW1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAyUugAME
Ak32nDAMAwQGUFfAAwQCUFfIAwQCUsqgMAwDBABSyqUDBARSyqADBANT3KgDBAJb
8FQDBAK5KwQDBAK5P7wDBAK5kpwDBAK59kADBAK5/SADBALDjJADBAPUbcADBAPU
bdgDBAPVn9AwDQYJKoZIhvcNAQELBQADggEBAExY5We1tlKKAAlyOPj/6G+qVKza
ohmDbBcQ2Fmq6H5qGyAfto4LL1gLEhPlUpRpH9U3S3YFt6+MeV5X7I3ML9j0+lVf
9vpH0EMpFRKn7Zy5flS7yLhwIwWW3khG17PbaL2Zko3Gf8FAu0Y07vnDDLAo5TOH
nTuEZbB+UzQY3r8tjtjw0LKYecugwpSGGcujAI2ORrNn4norZr+Ztzxh1J8ksMHz
sjb/0mIlXDxI7oCP8lGxzyZ6NLNrhuT2He2HAui21ar+g0g//D7jBl28nviOHK4+
uZbxvQHFUb1Ed7Y2wwSnha5f6VPR/GjOmuvtIKeWe5UZpt7MGSLECvxG6pQ=
-----END CERTIFICATE-----
Generated at Sat May 18 23:00:40 2024 by rpki-client on console-fra.rpki-client.org