Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/ZNsRrGNHiAoap9veIM8QqchOWHc.roa
File: ZNsRrGNHiAoap9veIM8QqchOWHc.roa (raw, json)
Hash identifier: xvRDzjfywhfZNeH79QzgyDinhM8kE2ub5zRwR0rQSsQ=
Subject key identifier: 64:DB:11:AC:63:47:88:0A:1A:A7:DB:DE:20:CF:10:A9:C8:4E:58:77
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018EA2BE01CEC996677F0ED0D911AEC6F578
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/ZNsRrGNHiAoap9veIM8QqchOWHc.roa
Signing time: Wed 03 Apr 2024 06:55:45 +0000
ROA not before: Wed 03 Apr 2024 06:55:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 5.44.46.0/24 maxlen: 24
5.44.47.0/24 maxlen: 24
37.220.80.0/24 maxlen: 24
37.220.81.0/24 maxlen: 24
37.220.82.0/24 maxlen: 24
37.220.83.0/24 maxlen: 24
37.220.84.0/24 maxlen: 24
37.220.85.0/24 maxlen: 24
37.220.87.0/24 maxlen: 24
45.8.96.0/24 maxlen: 24
45.8.97.0/24 maxlen: 24
45.8.98.0/24 maxlen: 24
45.8.99.0/24 maxlen: 24
45.89.190.0/24 maxlen: 24
45.95.234.0/24 maxlen: 24
45.95.235.0/24 maxlen: 24
46.19.64.0/24 maxlen: 24
46.19.65.0/24 maxlen: 24
46.19.66.0/24 maxlen: 24
46.19.67.0/24 maxlen: 24
46.19.68.0/24 maxlen: 24
46.19.69.0/24 maxlen: 24
81.200.144.0/24 maxlen: 24
81.200.145.0/24 maxlen: 24
81.200.146.0/24 maxlen: 24
81.200.147.0/24 maxlen: 24
81.200.148.0/24 maxlen: 24
81.200.149.0/24 maxlen: 24
81.200.150.0/24 maxlen: 24
81.200.151.0/24 maxlen: 24
81.200.152.0/24 maxlen: 24
81.200.153.0/24 maxlen: 24
81.200.154.0/24 maxlen: 24
81.200.155.0/24 maxlen: 24
81.200.156.0/24 maxlen: 24
81.200.157.0/24 maxlen: 24
81.200.158.0/24 maxlen: 24
85.92.108.0/24 maxlen: 24
85.92.110.0/24 maxlen: 24
85.92.111.0/24 maxlen: 24
89.191.226.0/24 maxlen: 24
92.118.113.0/24 maxlen: 24
92.118.114.0/24 maxlen: 24
92.118.115.0/24 maxlen: 24
94.198.216.0/24 maxlen: 24
94.198.217.0/24 maxlen: 24
94.198.218.0/24 maxlen: 24
94.198.219.0/24 maxlen: 24
94.198.220.0/24 maxlen: 24
94.198.221.0/24 maxlen: 24
94.198.223.0/24 maxlen: 24
185.166.196.0/24 maxlen: 24
185.166.197.0/24 maxlen: 24
185.247.185.0/24 maxlen: 24
194.31.173.0/24 maxlen: 24
194.31.174.0/24 maxlen: 24
194.31.175.0/24 maxlen: 24
195.80.50.0/24 maxlen: 24
195.80.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 12:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a2:be:01:ce:c9:96:67:7f:0e:d0:d9:11:ae:c6:f5:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Apr 3 06:55:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64db11ac6347880a1aa7dbde20cf10a9c84e5877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:1f:a6:b7:20:0a:66:c1:ff:0d:86:74:00:71:
9f:0f:33:b6:42:43:85:7e:ec:71:85:3e:ed:d5:8f:
b7:f9:3f:a9:5d:d9:c3:fe:e7:d0:6d:08:bb:ca:53:
35:43:d1:7c:09:8c:2d:dd:8f:f8:d1:0f:94:17:0f:
61:4f:76:d0:fe:1e:41:2c:ad:a8:57:af:4e:92:b1:
60:cf:22:df:a5:fc:c6:64:e3:43:4f:46:4b:28:b1:
df:1e:bd:2c:ae:50:84:4e:7d:fa:44:5d:70:61:9b:
b8:80:dd:e7:09:fb:23:85:7d:da:07:a8:26:d7:bc:
59:8a:f7:8a:72:5c:da:dc:23:b2:8b:4b:40:20:0f:
15:bc:57:85:ef:11:77:c0:de:62:16:35:c1:4f:ef:
dc:25:4a:df:7b:bf:77:fb:83:14:b9:5a:19:fc:12:
d4:33:7f:de:1b:93:ca:6d:76:0c:85:05:f3:9a:31:
7a:2d:df:4c:6a:55:c8:37:9e:80:a0:1d:87:18:1a:
b5:67:44:c9:0f:11:22:ee:66:2f:97:dd:f5:d6:aa:
9f:3d:9f:84:40:c1:bf:64:dc:fa:05:49:01:ec:56:
a9:b0:88:15:06:2f:34:14:11:ac:f1:c2:aa:c4:98:
60:30:36:db:5d:e4:0a:15:77:e8:dd:f9:48:93:62:
42:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:DB:11:AC:63:47:88:0A:1A:A7:DB:DE:20:CF:10:A9:C8:4E:58:77
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/ZNsRrGNHiAoap9veIM8QqchOWHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.46.0/23
37.220.80.0-37.220.85.255
37.220.87.0/24
45.8.96.0/22
45.89.190.0/24
45.95.234.0/23
46.19.64.0-46.19.69.255
81.200.144.0-81.200.158.255
85.92.108.0/24
85.92.110.0/23
89.191.226.0/24
92.118.113.0-92.118.115.255
94.198.216.0-94.198.221.255
94.198.223.0/24
185.166.196.0/23
185.247.185.0/24
194.31.173.0-194.31.175.255
195.80.50.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:e6:d3:43:63:99:7b:4a:21:22:7c:94:37:f1:4e:26:3a:be:
f2:3c:16:1e:66:66:69:4b:80:d2:76:fb:eb:1a:b1:e8:3d:61:
73:63:91:77:cb:a9:15:cd:e8:24:a1:0b:59:25:95:8e:2a:5f:
1a:81:0f:e4:33:3f:bb:e6:06:bc:b0:34:39:b1:46:6a:11:c3:
6e:2f:4c:f6:7e:55:b7:ef:5f:6c:84:56:d0:42:f6:c8:39:41:
0b:00:4a:1f:f1:76:2f:a2:86:55:06:92:12:fd:1c:31:43:5e:
e4:77:db:36:55:57:16:62:0d:00:60:cf:a4:1b:f3:84:8b:9c:
fe:eb:cd:6e:2a:ac:ea:ae:11:d2:31:4e:5c:d4:8a:93:b5:8b:
fc:03:d3:34:36:21:86:22:73:cc:cb:80:11:c7:ea:d7:61:d9:
c0:1f:9f:d6:ee:9d:cf:b5:00:79:a6:77:ca:7b:59:86:c0:12:
7b:f0:87:c7:41:9e:55:65:c2:c3:d2:33:29:79:53:81:f7:98:
0f:8e:24:94:aa:01:a2:cb:65:d6:80:bb:29:a3:70:c6:6f:c8:
f5:cd:40:74:ec:35:a9:93:9e:e6:2d:db:38:e6:3a:f4:46:63:
4c:32:e9:52:75:6b:b5:05:a0:da:a6:cc:8a:94:20:d4:a5:2b:
9a:27:c1:40
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAY6ivgHOyZZnfw7Q2RGuxvV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQwNDAzMDY1NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGRiMTFhYzYzNDc4ODBhMWFhN2RiZGUyMGNmMTBhOWM4NGU1ODc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjR+mtyAKZsH/DYZ0AHGfDzO2QkOF
fuxxhT7t1Y+3+T+pXdnD/ufQbQi7ylM1Q9F8CYwt3Y/40Q+UFw9hT3bQ/h5BLK2o
V69OkrFgzyLfpfzGZONDT0ZLKLHfHr0srlCETn36RF1wYZu4gN3nCfsjhX3aB6gm
17xZiveKclza3COyi0tAIA8VvFeF7xF3wN5iFjXBT+/cJUrfe793+4MUuVoZ/BLU
M3/eG5PKbXYMhQXzmjF6Ld9MalXIN56AoB2HGBq1Z0TJDxEi7mYvl9311qqfPZ+E
QMG/ZNz6BUkB7FapsIgVBi80FBGs8cKqxJhgMDbbXeQKFXfo3flIk2JCiwIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFGTbEaxjR4gKGqfb3iDPEKnITlh3MB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvWk5zUnJHTkhpQW9hcDl2ZUlNOFFxY2hPV0hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAEF
LC4wDAMEBCXcUAMEASXcVAMEACXcVwMEAi0IYAMEAC1ZvgMEAS1f6jAMAwQGLhNA
AwQBLhNEMAwDBARRyJADBABRyJ4DBABVXGwDBAFVXG4DBABZv+IwDAMEAFx2cQME
Alx2cDAMAwQDXsbYAwQBXsbcAwQAXsbfAwQBuabEAwQAufe5MAwDBADCH60DBATC
H6ADBAHDUDIwDQYJKoZIhvcNAQELBQADggEBAF3m00NjmXtKISJ8lDfxTiY6vvI8
Fh5mZmlLgNJ2++saseg9YXNjkXfLqRXN6CShC1kllY4qXxqBD+QzP7vmBrywNDmx
RmoRw24vTPZ+VbfvX2yEVtBC9sg5QQsASh/xdi+ihlUGkhL9HDFDXuR32zZVVxZi
DQBgz6Qb84SLnP7rzW4qrOquEdIxTlzUipO1i/wD0zQ2IYYic8zLgBHH6tdh2cAf
n9bunc+1AHmmd8p7WYbAEnvwh8dBnlVlwsPSMyl5U4H3mA+OJJSqAaLLZdaAuymj
cMZvyPXNQHTsNamTnuYt2zjmOvRGY0wy6VJ1a7UFoNqmzIqUINSlK5onwUA=
-----END CERTIFICATE-----
Generated at Sun May 19 21:07:43 2024 by rpki-client on console-fra.rpki-client.org