Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/m5jz9v1c2_0nPo_IeUNUrsCqdbE.roa
File: m5jz9v1c2_0nPo_IeUNUrsCqdbE.roa (raw, json)
Hash identifier: M4uXAhgFwIX/smnyP7I0hjpt0zbSKGzad7Ug+elD9kY=
Subject key identifier: 9B:98:F3:F6:FD:5C:DB:FD:27:3E:8F:C8:79:43:54:AE:C0:AA:75:B1
Certificate issuer: /CN=547841eeff20c78b33d411dae51a692adb892e31
Certificate serial: 018CC500121616F5EBAB9C4720A9B6573CCD
Authority key identifier: 54:78:41:EE:FF:20:C7:8B:33:D4:11:DA:E5:1A:69:2A:DB:89:2E:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHhB7v8gx4sz1BHa5RppKtuJLjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/m5jz9v1c2_0nPo_IeUNUrsCqdbE.roa
Signing time: Mon 01 Jan 2024 12:29:25 +0000
ROA not before: Mon 01 Jan 2024 12:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34977
IP address blocks: 89.39.152.0/21 maxlen: 21
89.39.156.0/24 maxlen: 24
89.39.158.0/23 maxlen: 23
89.39.16.0/21 maxlen: 21
89.39.22.0/24 maxlen: 24
89.39.24.0/21 maxlen: 21
89.39.25.0/24 maxlen: 24
89.39.26.0/24 maxlen: 24
89.39.27.0/24 maxlen: 24
89.39.31.0/24 maxlen: 24
89.39.28.0/24 maxlen: 24
89.39.29.0/24 maxlen: 24
86.106.64.0/21 maxlen: 21
89.32.118.0/24 maxlen: 24
89.32.112.0/21 maxlen: 21
89.38.16.0/24 maxlen: 24
89.38.17.0/24 maxlen: 24
89.38.16.0/21 maxlen: 21
89.38.23.0/24 maxlen: 24
89.38.20.0/24 maxlen: 24
89.38.21.0/24 maxlen: 24
89.38.22.0/24 maxlen: 24
89.38.18.0/24 maxlen: 24
89.38.19.0/24 maxlen: 24
86.106.0.0/21 maxlen: 21
46.37.69.0/24 maxlen: 24
46.37.70.0/23 maxlen: 23
46.37.76.0/23 maxlen: 23
89.37.74.0/24 maxlen: 24
212.225.236.0/24 maxlen: 24
212.225.240.0/23 maxlen: 23
46.37.78.0/23 maxlen: 23
89.37.72.0/24 maxlen: 24
212.225.234.0/24 maxlen: 24
89.37.73.0/24 maxlen: 24
89.37.72.0/21 maxlen: 21
46.37.84.0/24 maxlen: 24
212.225.246.0/24 maxlen: 24
46.37.81.0/24 maxlen: 24
46.37.80.0/24 maxlen: 24
212.225.250.0/24 maxlen: 24
212.225.252.0/24 maxlen: 24
212.225.248.0/24 maxlen: 24
212.225.255.0/24 maxlen: 24
46.37.94.0/24 maxlen: 24
46.37.92.0/23 maxlen: 23
212.225.176.0/24 maxlen: 24
212.225.174.0/23 maxlen: 23
212.225.178.0/23 maxlen: 23
212.225.182.0/23 maxlen: 23
212.225.184.0/24 maxlen: 24
212.225.185.0/24 maxlen: 24
212.225.180.0/23 maxlen: 23
212.225.186.0/24 maxlen: 24
212.225.190.0/24 maxlen: 24
212.225.191.0/24 maxlen: 24
212.225.187.0/24 maxlen: 24
212.225.188.0/24 maxlen: 24
212.225.189.0/24 maxlen: 24
212.225.196.0/24 maxlen: 24
212.225.197.0/24 maxlen: 24
212.225.198.0/24 maxlen: 24
212.225.199.0/24 maxlen: 24
212.225.200.0/22 maxlen: 22
212.225.204.0/24 maxlen: 24
212.225.208.0/23 maxlen: 23
212.225.218.0/24 maxlen: 24
212.225.219.0/24 maxlen: 24
212.225.216.0/23 maxlen: 23
212.225.215.0/24 maxlen: 24
46.37.64.0/19 maxlen: 19
212.225.222.0/24 maxlen: 24
212.225.220.0/24 maxlen: 24
212.225.221.0/24 maxlen: 24
88.212.188.0/24 maxlen: 24
88.212.190.0/24 maxlen: 24
91.151.97.0/24 maxlen: 24
91.151.96.0/24 maxlen: 24
91.151.96.0/20 maxlen: 20
212.225.128.0/17 maxlen: 17
212.225.132.0/24 maxlen: 24
91.151.105.0/24 maxlen: 24
212.225.130.0/23 maxlen: 23
91.151.99.0/24 maxlen: 24
212.225.128.0/23 maxlen: 23
212.225.138.0/23 maxlen: 23
91.151.111.0/24 maxlen: 24
212.225.134.0/23 maxlen: 23
91.151.108.0/24 maxlen: 24
91.151.109.0/24 maxlen: 24
212.225.137.0/24 maxlen: 24
91.151.110.0/24 maxlen: 24
212.225.133.0/24 maxlen: 24
212.225.144.0/24 maxlen: 24
212.225.142.0/23 maxlen: 23
212.225.145.0/24 maxlen: 24
212.225.152.0/24 maxlen: 24
212.225.148.0/22 maxlen: 22
212.225.146.0/24 maxlen: 24
212.225.156.0/22 maxlen: 22
212.225.163.0/24 maxlen: 24
212.225.164.0/22 maxlen: 22
212.225.162.0/24 maxlen: 24
212.225.168.0/22 maxlen: 22
212.225.172.0/23 maxlen: 23
89.35.136.0/21 maxlen: 21
89.35.137.0/24 maxlen: 24
89.35.138.0/23 maxlen: 23
89.35.142.0/23 maxlen: 23
89.35.140.0/23 maxlen: 23
89.36.4.0/23 maxlen: 23
89.36.2.0/23 maxlen: 23
89.36.0.0/23 maxlen: 23
89.36.6.0/24 maxlen: 24
89.36.7.0/24 maxlen: 24
37.61.144.0/20 maxlen: 20
37.61.144.0/23 maxlen: 23
37.61.146.0/23 maxlen: 23
37.61.159.0/24 maxlen: 24
37.61.155.0/24 maxlen: 24
195.82.101.0/24 maxlen: 24
195.82.100.0/22 maxlen: 22
195.82.102.0/24 maxlen: 24
195.82.100.0/24 maxlen: 24
195.82.112.0/21 maxlen: 21
195.82.113.0/24 maxlen: 24
195.82.126.0/23 maxlen: 23
195.82.126.0/24 maxlen: 24
171.33.232.0/21 maxlen: 21
185.13.203.0/24 maxlen: 24
185.13.200.0/22 maxlen: 22
93.114.144.0/24 maxlen: 24
93.114.144.0/20 maxlen: 20
93.114.146.0/24 maxlen: 24
93.114.147.0/24 maxlen: 24
93.114.148.0/24 maxlen: 24
93.114.149.0/24 maxlen: 24
93.114.157.0/24 maxlen: 24
93.114.158.0/24 maxlen: 24
93.114.153.0/24 maxlen: 24
93.114.154.0/24 maxlen: 24
93.114.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/VHhB7v8gx4sz1BHa5RppKtuJLjE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/VHhB7v8gx4sz1BHa5RppKtuJLjE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VHhB7v8gx4sz1BHa5RppKtuJLjE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:12:16:16:f5:eb:ab:9c:47:20:a9:b6:57:3c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=547841eeff20c78b33d411dae51a692adb892e31
Validity
Not Before: Jan 1 12:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b98f3f6fd5cdbfd273e8fc8794354aec0aa75b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:13:41:ad:61:a3:95:3a:14:0f:1d:d9:75:c1:
e5:dd:e8:ca:70:83:a2:c5:5c:4a:d7:2a:d3:b6:31:
7d:bd:63:e9:d4:01:3a:2c:3c:1d:58:23:9a:2b:0d:
f8:c2:aa:1d:8c:51:ab:4e:98:02:6c:cf:40:28:7c:
9a:4e:32:26:32:0e:f8:e3:e7:64:fb:a0:53:b5:71:
e6:d6:7a:a6:a6:ad:38:d8:22:2f:38:35:f9:60:8b:
d3:29:aa:65:94:2d:93:99:31:fa:1a:59:1b:7c:67:
03:c6:8f:04:9f:b2:3e:51:0f:50:78:01:82:1f:7a:
f3:81:e7:2d:96:38:f1:dd:cf:55:78:0f:14:ca:8d:
cc:d7:8f:bc:1b:1e:d7:ea:52:29:f4:0b:65:9b:db:
28:66:3f:8a:b3:53:28:d9:a9:d6:41:01:ef:0b:d3:
20:a6:5d:43:78:2c:5a:90:4c:dc:18:01:5c:24:f9:
20:02:f7:4c:ae:26:54:3e:9b:22:7c:ff:18:9f:e5:
16:2c:13:83:16:f6:d3:82:c5:1e:db:a9:2e:1c:ee:
b7:57:25:08:de:2b:15:8f:1c:99:2c:d5:f5:99:ff:
bc:29:67:1e:e0:ae:72:c9:59:7b:3b:4d:69:c9:20:
79:cc:b4:7c:37:63:21:d5:5d:a8:a4:f1:f5:57:7d:
da:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:98:F3:F6:FD:5C:DB:FD:27:3E:8F:C8:79:43:54:AE:C0:AA:75:B1
X509v3 Authority Key Identifier:
keyid:54:78:41:EE:FF:20:C7:8B:33:D4:11:DA:E5:1A:69:2A:DB:89:2E:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHhB7v8gx4sz1BHa5RppKtuJLjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/m5jz9v1c2_0nPo_IeUNUrsCqdbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/VHhB7v8gx4sz1BHa5RppKtuJLjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.144.0/20
46.37.64.0/19
86.106.0.0/21
86.106.64.0/21
88.212.188.0/24
88.212.190.0/24
89.32.112.0/21
89.35.136.0/21
89.36.0.0/21
89.37.72.0/21
89.38.16.0/21
89.39.16.0/20
89.39.152.0/21
91.151.96.0/20
93.114.144.0/20
171.33.232.0/21
185.13.200.0/22
195.82.100.0/22
195.82.112.0/21
195.82.126.0/23
212.225.128.0/17
Signature Algorithm: sha256WithRSAEncryption
ae:81:c8:4a:ae:ab:4c:55:fc:31:ef:4f:3c:54:c4:d2:e9:c0:
27:fe:93:19:d0:84:8e:f4:de:14:16:3c:c7:86:a8:70:10:68:
b8:78:d1:77:58:e0:e6:f9:0e:2c:bc:b1:82:6c:6f:6e:c0:fa:
d2:18:1c:10:45:6a:c4:e3:9f:ca:00:c0:01:68:ed:70:d4:1e:
97:c1:0d:9d:64:c6:39:68:15:f0:49:7b:d1:78:09:a3:a3:7c:
f7:d0:58:7d:57:b3:16:0f:ba:2a:c1:a1:bf:71:45:c9:62:03:
ec:61:bf:c1:df:cf:89:00:5a:dd:22:d1:4f:28:6a:9f:11:0f:
a1:99:7c:a9:ff:61:67:aa:a4:1d:ac:2f:cf:dd:f2:75:69:c1:
26:03:33:2d:89:fa:32:ee:b9:b7:94:63:e1:e2:7f:29:fb:bf:
ce:80:7b:d1:f3:69:11:e5:1d:87:3e:99:0e:60:4b:4d:f9:70:
89:ed:33:47:07:8f:de:9a:18:97:93:c9:63:32:dc:0d:e2:c1:
f5:12:77:a7:47:d5:1b:13:4b:29:bc:54:a3:6c:0f:94:30:18:
3b:4f:47:41:d5:88:c4:dd:73:90:3f:fc:a5:36:ca:b0:a8:4f:
58:1e:af:d5:36:0b:8a:11:1a:07:2d:34:24:3f:4e:96:20:cf:
2e:73:1f:78
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYzFABIWFvXrq5xHIKm2VzzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Nzg0MWVlZmYyMGM3OGIzM2Q0MTFkYWU1MWE2OTJhZGI4
OTJlMzEwHhcNMjQwMTAxMTIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjk4ZjNmNmZkNWNkYmZkMjczZThmYzg3OTQzNTRhZWMwYWE3NWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxNBrWGjlToUDx3ZdcHl3ejKcIOi
xVxK1yrTtjF9vWPp1AE6LDwdWCOaKw34wqodjFGrTpgCbM9AKHyaTjImMg744+dk
+6BTtXHm1nqmpq042CIvODX5YIvTKapllC2TmTH6GlkbfGcDxo8En7I+UQ9QeAGC
H3rzgectljjx3c9VeA8Uyo3M14+8Gx7X6lIp9Atlm9soZj+Ks1Mo2anWQQHvC9Mg
pl1DeCxakEzcGAFcJPkgAvdMriZUPpsifP8Yn+UWLBODFvbTgsUe26kuHO63VyUI
3isVjxyZLNX1mf+8KWce4K5yyVl7O01pySB5zLR8N2Mh1V2opPH1V33a3QIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFJuY8/b9XNv9Jz6PyHlDVK7AqnWxMB8GA1UdIwQY
MBaAFFR4Qe7/IMeLM9QR2uUaaSrbiS4xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhoQjd2OGd4NHN6MUJIYTVScHBLdHVKTGpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9jOGQzOTMtM2UyOC00ZjA3LTk5NmIt
MzY2YmExNzAwZmUwLzEvbTVqejl2MWMyXzBuUG9fSWVVTlVyc0NxZGJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9jOGQzOTMtM2UyOC00ZjA3LTk5NmItMzY2YmExNzAwZmUw
LzEvVkhoQjd2OGd4NHN6MUJIYTVScHBLdHVKTGpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEBCU9
kAMEBS4lQAMEA1ZqAAMEA1ZqQAMEAFjUvAMEAFjUvgMEA1kgcAMEA1kjiAMEA1kk
AAMEA1klSAMEA1kmEAMEBFknEAMEA1knmAMEBFuXYAMEBF1ykAMEA6sh6AMEArkN
yAMEAsNSZAMEA8NScAMEAcNSfgMEB9ThgDANBgkqhkiG9w0BAQsFAAOCAQEAroHI
Sq6rTFX8Me9PPFTE0unAJ/6TGdCEjvTeFBY8x4aocBBouHjRd1jg5vkOLLyxgmxv
bsD60hgcEEVqxOOfygDAAWjtcNQel8ENnWTGOWgV8El70XgJo6N899BYfVezFg+6
KsGhv3FFyWID7GG/wd/PiQBa3SLRTyhqnxEPoZl8qf9hZ6qkHawvz93ydWnBJgMz
LYn6Mu65t5Rj4eJ/Kfu/zoB70fNpEeUdhz6ZDmBLTflwie0zRweP3poYl5PJYzLc
DeLB9RJ3p0fVGxNLKbxUo2wPlDAYO09HQdWIxN1zkD/8pTbKsKhPWB6v1TYLihEa
By00JD9OliDPLnMfeA==
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:15:30 2024 by rpki-client on console-fra.rpki-client.org