Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/guLSC5KTI9wzEJ2Xs0p_oQuXtZs.roa
File: guLSC5KTI9wzEJ2Xs0p_oQuXtZs.roa (raw, json)
Hash identifier: /jWxp+cpyQYE76iwfcsMXO9EOc4zH55O4XGOYSxH71I=
Subject key identifier: 82:E2:D2:0B:92:93:23:DC:33:10:9D:97:B3:4A:7F:A1:0B:97:B5:9B
Certificate issuer: /CN=598fa4201344d4107f792eee2566c62d65714e2d
Certificate serial: 018DF47C122EF12A6887236E539582F62942
Authority key identifier: 59:8F:A4:20:13:44:D4:10:7F:79:2E:EE:25:66:C6:2D:65:71:4E:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/guLSC5KTI9wzEJ2Xs0p_oQuXtZs.roa
Signing time: Thu 29 Feb 2024 10:49:48 +0000
ROA not before: Thu 29 Feb 2024 10:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39020
IP address blocks: 5.145.168.0/24 maxlen: 24
5.145.169.0/24 maxlen: 24
5.145.170.0/24 maxlen: 24
5.145.171.0/24 maxlen: 24
5.145.172.0/24 maxlen: 24
5.145.173.0/24 maxlen: 24
5.145.174.0/24 maxlen: 24
5.145.175.0/24 maxlen: 24
45.80.12.0/24 maxlen: 24
45.80.14.0/24 maxlen: 24
45.80.15.0/24 maxlen: 24
77.81.112.0/24 maxlen: 24
77.81.113.0/24 maxlen: 24
77.81.114.0/24 maxlen: 24
77.81.115.0/24 maxlen: 24
77.81.116.0/24 maxlen: 24
77.81.117.0/24 maxlen: 24
77.81.118.0/24 maxlen: 24
77.81.119.0/24 maxlen: 24
91.192.108.0/24 maxlen: 24
91.192.109.0/24 maxlen: 24
91.192.110.0/24 maxlen: 24
91.192.111.0/24 maxlen: 24
93.93.64.0/24 maxlen: 24
93.93.65.0/24 maxlen: 24
93.93.66.0/24 maxlen: 24
93.93.67.0/24 maxlen: 24
93.93.68.0/24 maxlen: 24
93.93.69.0/24 maxlen: 24
93.93.70.0/24 maxlen: 24
93.93.71.0/24 maxlen: 24
93.113.160.0/24 maxlen: 24
93.113.161.0/24 maxlen: 24
93.113.162.0/24 maxlen: 24
93.113.163.0/24 maxlen: 24
185.50.196.0/22 maxlen: 22
185.50.196.0/24 maxlen: 24
185.50.197.0/24 maxlen: 24
185.50.198.0/24 maxlen: 24
185.50.199.0/24 maxlen: 24
195.78.228.0/24 maxlen: 24
195.78.229.0/24 maxlen: 24
195.78.230.0/24 maxlen: 24
195.78.231.0/24 maxlen: 24
217.61.128.0/24 maxlen: 24
217.61.129.0/24 maxlen: 24
217.61.130.0/24 maxlen: 24
217.61.131.0/24 maxlen: 24
217.61.133.0/24 maxlen: 24
217.61.134.0/24 maxlen: 24
217.61.135.0/24 maxlen: 24
217.61.136.0/24 maxlen: 24
217.61.137.0/24 maxlen: 24
217.61.138.0/24 maxlen: 24
217.61.139.0/24 maxlen: 24
217.61.140.0/24 maxlen: 24
217.61.141.0/24 maxlen: 24
217.61.142.0/24 maxlen: 24
217.61.143.0/24 maxlen: 24
2a00:1d70::/33 maxlen: 33
2a00:1d70:1ac1::/48 maxlen: 48
2a00:1d70:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.mft
rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 12:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f4:7c:12:2e:f1:2a:68:87:23:6e:53:95:82:f6:29:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=598fa4201344d4107f792eee2566c62d65714e2d
Validity
Not Before: Feb 29 10:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82e2d20b929323dc33109d97b34a7fa10b97b59b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:57:7e:a1:30:f2:fe:2e:fb:8b:73:01:05:cf:
67:a6:14:27:81:27:40:5a:06:92:0e:cb:9c:34:a7:
80:19:3a:03:20:f1:da:be:9c:bd:c1:be:7f:a4:8e:
48:96:33:22:05:6e:48:34:9f:70:7b:50:d1:ff:f4:
aa:d9:97:06:a3:c2:00:5f:2f:39:46:12:9f:56:be:
c6:c7:2f:fd:86:be:2c:63:61:8f:be:4a:5b:52:c4:
75:9d:9b:62:f5:9d:63:72:ce:8c:6b:3a:a6:04:a6:
5e:9f:47:16:42:4f:ff:de:0c:02:66:38:44:0f:78:
ee:cd:ee:8e:eb:f2:35:8c:b6:47:0d:85:f0:71:10:
8f:4b:ff:7a:85:37:5b:39:be:d9:13:52:32:bc:7d:
b0:05:79:11:9c:32:eb:9a:3d:83:7d:0d:94:47:8c:
d1:97:ad:81:98:98:06:b0:e6:d9:9a:db:42:95:be:
87:2f:55:63:21:9a:ae:5c:44:39:e4:4b:9b:e0:4f:
78:0d:03:83:08:82:79:6f:98:5e:34:d9:57:1c:dd:
9d:df:21:73:98:a0:8a:26:11:55:9e:25:85:33:ea:
e1:59:14:61:c9:19:9f:c6:22:c8:d9:f1:3f:31:17:
4c:4c:c9:94:cb:99:7e:f1:fb:99:9a:ec:46:eb:64:
d1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:E2:D2:0B:92:93:23:DC:33:10:9D:97:B3:4A:7F:A1:0B:97:B5:9B
X509v3 Authority Key Identifier:
keyid:59:8F:A4:20:13:44:D4:10:7F:79:2E:EE:25:66:C6:2D:65:71:4E:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/guLSC5KTI9wzEJ2Xs0p_oQuXtZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.168.0/21
45.80.12.0/24
45.80.14.0/23
77.81.112.0/21
91.192.108.0/22
93.93.64.0/21
93.113.160.0/22
185.50.196.0/22
195.78.228.0/22
217.61.128.0/22
217.61.133.0-217.61.143.255
IPv6:
2a00:1d70::/32
Signature Algorithm: sha256WithRSAEncryption
35:0b:42:81:61:1e:e5:9a:0f:fc:6f:c7:34:df:cd:83:cc:91:
28:7e:ef:07:71:c8:c8:df:cb:3f:1e:43:0d:26:09:0b:bd:d1:
eb:e1:9f:b3:96:56:c6:72:26:56:36:bc:35:41:cd:e2:9f:df:
2e:28:df:5f:0e:ac:f4:ef:09:80:10:92:eb:28:99:69:cd:06:
f2:d2:09:5d:07:37:2c:d0:fe:32:1b:d6:70:7c:f5:6a:70:a1:
57:39:96:ba:05:3c:cd:d1:e2:a4:9f:9b:42:29:47:be:3d:bf:
54:84:e2:ff:53:07:76:ce:83:f5:8c:d2:84:ec:87:4e:34:ee:
40:2e:79:a9:4c:b6:80:b5:f8:11:82:51:66:b8:da:81:b0:ae:
d6:cd:b9:90:98:e1:65:94:d3:f9:df:5b:1a:a8:88:1c:5a:37:
3c:03:b4:4a:98:72:1e:8a:dc:52:18:e6:9d:13:5b:3d:26:41:
bb:9a:ef:ff:d2:e9:1a:57:15:80:34:ec:55:49:45:5d:1d:0d:
68:7f:b9:6c:24:7a:18:40:b3:bd:10:cc:5c:f9:9b:d7:21:65:
c0:a8:e5:c4:79:01:43:0f:90:92:a4:a2:62:19:57:32:3b:8d:
81:ed:6a:03:3c:cb:c5:69:12:69:1b:84:9a:dd:4b:a5:40:92:
35:5d:cb:a6
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAY30fBIu8SpohyNuU5WC9ilCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5OGZhNDIwMTM0NGQ0MTA3Zjc5MmVlZTI1NjZjNjJkNjU3
MTRlMmQwHhcNMjQwMjI5MTA0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmUyZDIwYjkyOTMyM2RjMzMxMDlkOTdiMzRhN2ZhMTBiOTdiNTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwld+oTDy/i77i3MBBc9nphQngSdA
WgaSDsucNKeAGToDIPHavpy9wb5/pI5IljMiBW5INJ9we1DR//Sq2ZcGo8IAXy85
RhKfVr7Gxy/9hr4sY2GPvkpbUsR1nZti9Z1jcs6MazqmBKZen0cWQk//3gwCZjhE
D3juze6O6/I1jLZHDYXwcRCPS/96hTdbOb7ZE1IyvH2wBXkRnDLrmj2DfQ2UR4zR
l62BmJgGsObZmttClb6HL1VjIZquXEQ55Eub4E94DQODCIJ5b5heNNlXHN2d3yFz
mKCKJhFVniWFM+rhWRRhyRmfxiLI2fE/MRdMTMmUy5l+8fuZmuxG62TRiwIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFILi0guSkyPcMxCdl7NKf6ELl7WbMB8GA1UdIwQY
MBaAFFmPpCATRNQQf3ku7iVmxi1lcU4tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1kta0lCTkUxQkJfZVM3dUpXYkdMV1Z4VGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84MzhlZjEtNzM5My00ZmJkLWI2N2It
NjY0YjhmMDNkMTgwLzEvZ3VMU0M1S1RJOXd6RUoyWHMwcF9vUXVYdFpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84MzhlZjEtNzM5My00ZmJkLWI2N2ItNjY0YjhmMDNkMTgw
LzEvV1kta0lCTkUxQkJfZVM3dUpXYkdMV1Z4VGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQDBZGoAwQA
LVAMAwQBLVAOAwQDTVFwAwQCW8BsAwQDXV1AAwQCXXGgAwQCuTLEAwQCw07kAwQC
2T2AMAwDBADZPYUDBATZPYAwDQQCAAIwBwMFACoAHXAwDQYJKoZIhvcNAQELBQAD
ggEBADULQoFhHuWaD/xvxzTfzYPMkSh+7wdxyMjfyz8eQw0mCQu90evhn7OWVsZy
JlY2vDVBzeKf3y4o318OrPTvCYAQkusomWnNBvLSCV0HNyzQ/jIb1nB89WpwoVc5
lroFPM3R4qSfm0IpR749v1SE4v9TB3bOg/WM0oTsh0407kAuealMtoC1+BGCUWa4
2oGwrtbNuZCY4WWU0/nfWxqoiBxaNzwDtEqYch6K3FIY5p0TWz0mQbua7//S6RpX
FYA07FVJRV0dDWh/uWwkehhAs70QzFz5m9chZcCo5cR5AUMPkJKkomIZVzI7jYHt
agM8y8VpEmkbhJrdS6VAkjVdy6Y=
-----END CERTIFICATE-----
Generated at Sat Jun 22 20:55:31 2024 by rpki-client on console-ams.rpki-client.org