Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/rdNFD20Kf87vQXj0hmGhJnjUfAQ.roa
File: rdNFD20Kf87vQXj0hmGhJnjUfAQ.roa (raw, json)
Hash identifier: oXejFOsvr2NC70+JiaQ8D/ghqY2e6fo0oLgAMqI7cd0=
Subject key identifier: AD:D3:45:0F:6D:0A:7F:CE:EF:41:78:F4:86:61:A1:26:78:D4:7C:04
Certificate issuer: /CN=e3f70706f6c0cfbd9c73a7f3d83023240a42f50d
Certificate serial: 018CC5001E151AC39C92DAF076E701F6A7A5
Authority key identifier: E3:F7:07:06:F6:C0:CF:BD:9C:73:A7:F3:D8:30:23:24:0A:42:F5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/rdNFD20Kf87vQXj0hmGhJnjUfAQ.roa
Signing time: Mon 01 Jan 2024 12:29:28 +0000
ROA not before: Mon 01 Jan 2024 12:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206564
IP address blocks: 95.174.137.0/24 maxlen: 24
95.174.138.0/24 maxlen: 24
95.174.139.0/24 maxlen: 24
95.174.133.0/24 maxlen: 24
95.174.134.0/24 maxlen: 24
95.174.135.0/24 maxlen: 24
95.174.136.0/24 maxlen: 24
95.174.144.0/24 maxlen: 24
95.174.145.0/24 maxlen: 24
95.174.140.0/24 maxlen: 24
95.174.141.0/24 maxlen: 24
95.174.142.0/24 maxlen: 24
95.174.143.0/24 maxlen: 24
95.174.151.0/24 maxlen: 24
95.174.152.0/24 maxlen: 24
95.174.147.0/24 maxlen: 24
95.174.148.0/24 maxlen: 24
95.174.149.0/24 maxlen: 24
95.174.150.0/24 maxlen: 24
95.174.146.0/24 maxlen: 24
95.174.158.0/24 maxlen: 24
95.174.159.0/24 maxlen: 24
95.174.154.0/24 maxlen: 24
95.174.155.0/24 maxlen: 24
95.174.156.0/24 maxlen: 24
95.174.157.0/24 maxlen: 24
95.174.153.0/24 maxlen: 24
95.174.130.0/24 maxlen: 24
95.174.131.0/24 maxlen: 24
95.174.132.0/24 maxlen: 24
95.174.128.0/24 maxlen: 24
95.174.129.0/24 maxlen: 24
217.10.79.0/24 maxlen: 24
217.10.64.0/24 maxlen: 24
217.10.69.0/24 maxlen: 24
217.10.70.0/24 maxlen: 24
217.10.71.0/24 maxlen: 24
217.10.66.0/24 maxlen: 24
217.10.67.0/24 maxlen: 24
217.10.68.0/24 maxlen: 24
217.10.65.0/24 maxlen: 24
217.10.74.0/24 maxlen: 24
217.10.77.0/24 maxlen: 24
217.10.76.0/24 maxlen: 24
217.10.78.0/24 maxlen: 24
217.10.73.0/24 maxlen: 24
217.10.75.0/24 maxlen: 24
217.10.72.0/24 maxlen: 24
82.116.110.0/24 maxlen: 24
82.116.111.0/24 maxlen: 24
217.116.112.0/24 maxlen: 24
82.116.112.0/24 maxlen: 24
82.116.106.0/24 maxlen: 24
82.116.107.0/24 maxlen: 24
82.116.108.0/24 maxlen: 24
82.116.109.0/24 maxlen: 24
82.116.118.0/24 maxlen: 24
217.116.117.0/24 maxlen: 24
217.116.116.0/24 maxlen: 24
82.116.117.0/24 maxlen: 24
82.116.116.0/24 maxlen: 24
217.116.118.0/24 maxlen: 24
217.116.113.0/24 maxlen: 24
82.116.113.0/24 maxlen: 24
82.116.114.0/24 maxlen: 24
217.116.114.0/24 maxlen: 24
217.116.115.0/24 maxlen: 24
82.116.115.0/24 maxlen: 24
82.116.124.0/24 maxlen: 24
217.116.124.0/24 maxlen: 24
82.116.125.0/24 maxlen: 24
82.116.123.0/24 maxlen: 24
217.116.125.0/24 maxlen: 24
217.116.123.0/24 maxlen: 24
217.116.120.0/24 maxlen: 24
217.116.119.0/24 maxlen: 24
82.116.120.0/24 maxlen: 24
82.116.121.0/24 maxlen: 24
217.116.121.0/24 maxlen: 24
217.116.122.0/24 maxlen: 24
82.116.122.0/24 maxlen: 24
82.116.119.0/24 maxlen: 24
217.116.127.0/24 maxlen: 24
82.116.127.0/24 maxlen: 24
82.116.126.0/24 maxlen: 24
217.116.126.0/24 maxlen: 24
82.116.96.0/24 maxlen: 24
82.116.97.0/24 maxlen: 24
82.116.98.0/24 maxlen: 24
82.116.99.0/24 maxlen: 24
82.116.100.0/24 maxlen: 24
82.116.101.0/24 maxlen: 24
82.116.102.0/24 maxlen: 24
82.116.103.0/24 maxlen: 24
82.116.104.0/24 maxlen: 24
82.116.105.0/24 maxlen: 24
212.9.36.0/24 maxlen: 24
212.9.37.0/24 maxlen: 24
212.9.38.0/24 maxlen: 24
212.9.33.0/24 maxlen: 24
212.9.34.0/24 maxlen: 24
212.9.35.0/24 maxlen: 24
212.9.32.0/24 maxlen: 24
212.9.43.0/24 maxlen: 24
212.9.44.0/24 maxlen: 24
212.9.40.0/24 maxlen: 24
212.9.41.0/24 maxlen: 24
212.9.42.0/24 maxlen: 24
212.9.39.0/24 maxlen: 24
212.9.50.0/24 maxlen: 24
212.9.51.0/24 maxlen: 24
212.9.47.0/24 maxlen: 24
212.9.48.0/24 maxlen: 24
212.9.49.0/24 maxlen: 24
212.9.45.0/24 maxlen: 24
212.9.46.0/24 maxlen: 24
212.9.57.0/24 maxlen: 24
212.9.58.0/24 maxlen: 24
212.9.54.0/24 maxlen: 24
212.9.55.0/24 maxlen: 24
212.9.56.0/24 maxlen: 24
212.9.52.0/24 maxlen: 24
212.9.53.0/24 maxlen: 24
212.9.61.0/24 maxlen: 24
212.9.62.0/24 maxlen: 24
212.9.63.0/24 maxlen: 24
212.9.59.0/24 maxlen: 24
212.9.60.0/24 maxlen: 24
2001:ab7:f001::/48 maxlen: 48
2001:ab7:3001::/48 maxlen: 48
2001:ab7:2001::/48 maxlen: 48
2001:ab7:1001::/48 maxlen: 48
2001:ab7:f004::/48 maxlen: 48
2001:ab7:3000::/48 maxlen: 48
2001:ab7::/48 maxlen: 48
2001:ab7:2000::/48 maxlen: 48
2001:ab7:4000::/48 maxlen: 48
2001:ab7:1000::/48 maxlen: 48
2001:ab7:f000::/48 maxlen: 48
2001:ab7:f003::/48 maxlen: 48
2001:ab0::/48 maxlen: 48
2001:ab7:f002::/48 maxlen: 48
2001:ab7:3002::/48 maxlen: 48
2001:ab7:2002::/48 maxlen: 48
2001:ab7:1002::/48 maxlen: 48
2001:ab7:f005::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/4_cHBvbAz72cc6fz2DAjJApC9Q0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/4_cHBvbAz72cc6fz2DAjJApC9Q0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:1e:15:1a:c3:9c:92:da:f0:76:e7:01:f6:a7:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3f70706f6c0cfbd9c73a7f3d83023240a42f50d
Validity
Not Before: Jan 1 12:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=add3450f6d0a7fceef4178f48661a12678d47c04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c4:09:59:79:db:86:3b:30:83:33:6c:4c:8f:
7b:d8:2d:78:78:0b:31:4f:ad:da:04:37:78:33:24:
5b:ba:69:34:2e:3a:f2:30:b2:ed:08:5b:a9:d7:a7:
c7:57:21:81:58:24:48:70:17:c0:2b:6a:94:e3:13:
23:3f:aa:99:23:7a:56:d3:bf:bb:91:3b:c3:60:ee:
8a:a5:6b:72:4f:2e:c9:86:f6:c6:d0:4d:ee:60:e8:
0c:06:c2:08:14:8e:cf:88:e7:6c:e1:8c:2f:c6:1e:
33:b2:53:a4:3b:9e:37:46:dc:30:ec:13:54:ad:05:
86:66:2f:02:71:69:a8:be:e3:c3:31:50:2e:8b:5b:
70:b3:d9:16:25:f6:cb:2f:c1:c3:ec:f3:1d:58:30:
41:c1:8e:19:8a:01:3b:f2:13:0d:2d:dc:e5:34:af:
d6:4a:73:da:f2:94:73:82:88:b6:ad:29:c8:96:f2:
a3:4b:24:88:32:f2:9e:e7:93:aa:8a:30:1a:74:32:
a0:56:cf:0b:60:1b:92:69:8c:99:d4:f1:03:00:18:
33:16:cf:1d:41:f3:07:19:1d:29:73:f9:cc:5d:4e:
84:81:43:67:d3:f0:eb:c6:96:50:9f:d5:0a:70:6b:
13:7e:b7:84:b0:0e:49:00:b5:d2:33:47:aa:9f:18:
48:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D3:45:0F:6D:0A:7F:CE:EF:41:78:F4:86:61:A1:26:78:D4:7C:04
X509v3 Authority Key Identifier:
keyid:E3:F7:07:06:F6:C0:CF:BD:9C:73:A7:F3:D8:30:23:24:0A:42:F5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/rdNFD20Kf87vQXj0hmGhJnjUfAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/4_cHBvbAz72cc6fz2DAjJApC9Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.116.96.0/19
95.174.128.0/19
212.9.32.0/19
217.10.64.0/20
217.116.112.0/20
IPv6:
2001:ab0::/48
2001:ab7::/48
2001:ab7:1000::-2001:ab7:1002:ffff:ffff:ffff:ffff:ffff
2001:ab7:2000::-2001:ab7:2002:ffff:ffff:ffff:ffff:ffff
2001:ab7:3000::-2001:ab7:3002:ffff:ffff:ffff:ffff:ffff
2001:ab7:4000::/48
2001:ab7:f000::-2001:ab7:f005:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
81:44:6f:f1:cb:82:99:b7:c8:34:e1:53:c0:6a:0b:a8:7a:55:
26:74:72:45:d7:cf:3b:5a:47:47:c7:97:92:e8:c1:e9:5b:9c:
e1:2c:48:fd:00:28:35:7c:18:f1:58:07:3d:ad:97:05:79:a4:
c5:1a:69:b2:03:1b:8f:a3:14:6a:b5:cb:e4:e4:37:75:0d:fe:
f2:9a:d7:89:e0:d5:9c:d0:b2:26:1e:1e:91:bb:3a:9d:9a:4c:
18:8c:5f:10:42:f1:d7:ca:79:85:4c:b7:f6:65:b4:3b:ac:99:
b8:71:69:a6:d7:f4:7d:dc:26:73:a3:8b:f9:3c:f6:8f:32:60:
73:ed:46:63:3e:31:f9:5a:96:be:c8:fa:43:4f:69:0e:55:b2:
e5:e8:0e:9b:1a:0b:f9:69:b3:14:93:54:78:86:69:fa:de:3c:
a0:a9:b3:07:3d:56:59:42:9e:2d:2f:a7:71:e5:09:cb:7b:31:
26:45:ba:d7:b3:75:9a:b5:af:2c:12:3d:3a:d1:84:b0:e0:0b:
16:ad:46:ec:1e:46:a6:d4:18:47:fe:15:fc:78:1c:96:18:b1:
91:b3:0e:aa:7a:16:4c:1b:b6:08:1a:0d:db:53:63:9a:81:d6:
a6:57:02:e6:be:01:87:e3:91:bc:36:18:35:f1:aa:94:b9:fc:
6e:5a:fd:4d
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzFAB4VGsOcktrwducB9qelMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZjcwNzA2ZjZjMGNmYmQ5YzczYTdmM2Q4MzAyMzI0MGE0
MmY1MGQwHhcNMjQwMTAxMTIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGQzNDUwZjZkMGE3ZmNlZWY0MTc4ZjQ4NjYxYTEyNjc4ZDQ3YzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6MQJWXnbhjswgzNsTI972C14eAsx
T63aBDd4MyRbumk0LjryMLLtCFup16fHVyGBWCRIcBfAK2qU4xMjP6qZI3pW07+7
kTvDYO6KpWtyTy7JhvbG0E3uYOgMBsIIFI7PiOds4Ywvxh4zslOkO543Rtww7BNU
rQWGZi8CcWmovuPDMVAui1tws9kWJfbLL8HD7PMdWDBBwY4ZigE78hMNLdzlNK/W
SnPa8pRzgoi2rSnIlvKjSySIMvKe55OqijAadDKgVs8LYBuSaYyZ1PEDABgzFs8d
QfMHGR0pc/nMXU6EgUNn0/DrxpZQn9UKcGsTfreEsA5JALXSM0eqnxhIHQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFK3TRQ9tCn/O70F49IZhoSZ41HwEMB8GA1UdIwQY
MBaAFOP3Bwb2wM+9nHOn89gwIyQKQvUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNF9jSEJ2YkF6NzJjYzZmejJEQWpKQXBDOVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yODZkNDctNjQzNC00MWJkLTlhYTIt
MDlmZjc5MzA4YmJlLzEvcmRORkQyMEtmODd2UVhqMGhtR2hKbmpVZkFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yODZkNDctNjQzNC00MWJkLTlhYTItMDlmZjc5MzA4YmJl
LzEvNF9jSEJ2YkF6NzJjYzZmejJEQWpKQXBDOVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGoBggrBgEFBQcBBwEB/wSBmDCBlTAkBAIAATAeAwQFUnRg
AwQFX66AAwQF1AkgAwQE2QpAAwQE2XRwMG0EAgACMGcDBwAgAQqwAAADBwAgAQq3
AAAwEQMGBCABCrcQAwcAIAEKtxACMBEDBgUgAQq3IAMHACABCrcgAjARAwYEIAEK
tzADBwAgAQq3MAIDBwAgAQq3QAAwEQMGBCABCrfwAwcBIAEKt/AEMA0GCSqGSIb3
DQEBCwUAA4IBAQCBRG/xy4KZt8g04VPAaguoelUmdHJF1887WkdHx5eS6MHpW5zh
LEj9ACg1fBjxWAc9rZcFeaTFGmmyAxuPoxRqtcvk5Dd1Df7ymteJ4NWc0LImHh6R
uzqdmkwYjF8QQvHXynmFTLf2ZbQ7rJm4cWmm1/R93CZzo4v5PPaPMmBz7UZjPjH5
Wpa+yPpDT2kOVbLl6A6bGgv5abMUk1R4hmn63jygqbMHPVZZQp4tL6dx5QnLezEm
RbrXs3Wata8sEj060YSw4AsWrUbsHkam1BhH/hX8eByWGLGRsw6qehZMG7YIGg3b
U2OagdamVwLmvgGH45G8Nhg18aqUufxuWv1N
-----END CERTIFICATE-----
Generated at Sun May 19 07:48:38 2024 by rpki-client on console-fra.rpki-client.org