Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NBHMnZuQNpNWDArGuAEh0mpPXrU.roa
File: NBHMnZuQNpNWDArGuAEh0mpPXrU.roa (raw, json)
Hash identifier: oJsRlAs0ixivH0izd0STV0PJqb3b9TW5Jl1RHzcEYFA=
Subject key identifier: 34:11:CC:9D:9B:90:36:93:56:0C:0A:C6:B8:01:21:D2:6A:4F:5E:B5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019422200ACC40BDD091B31A39578FCF2210
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NBHMnZuQNpNWDArGuAEh0mpPXrU.roa
Signing time: Wed 01 Jan 2025 13:48:32 +0000
ROA not before: Wed 01 Jan 2025 13:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7393
IP address blocks: 5.180.178.0/24 maxlen: 24
37.72.136.0/24 maxlen: 24
37.140.222.0/24 maxlen: 24
45.86.37.0/24 maxlen: 24
46.253.135.0/24 maxlen: 24
62.3.5.0/24 maxlen: 24
62.3.57.0/24 maxlen: 24
62.106.74.0/24 maxlen: 24
62.106.91.0/24 maxlen: 24
62.122.191.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
62.204.60.0/24 maxlen: 24
62.233.32.0/24 maxlen: 24
62.233.38.0/24 maxlen: 24
78.142.243.0/24 maxlen: 24
79.110.228.0/24 maxlen: 24
79.110.230.0/24 maxlen: 24
89.38.136.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
91.242.233.0/24 maxlen: 24
91.242.252.0/24 maxlen: 24
91.246.32.0/24 maxlen: 24
91.246.37.0/24 maxlen: 24
91.246.63.0/24 maxlen: 24
91.247.172.0/24 maxlen: 24
94.154.126.0/24 maxlen: 24
109.205.186.0/24 maxlen: 24
146.19.30.0/24 maxlen: 24
146.19.36.0/24 maxlen: 24
146.19.40.0/24 maxlen: 24
146.19.110.0/24 maxlen: 24
146.19.132.0/24 maxlen: 24
146.19.151.0/24 maxlen: 24
146.19.182.0/24 maxlen: 24
146.19.184.0/24 maxlen: 24
146.19.221.0/24 maxlen: 24
146.19.225.0/24 maxlen: 24
146.19.232.0/24 maxlen: 24
176.97.195.0/24 maxlen: 24
176.97.198.0/24 maxlen: 24
176.97.200.0/24 maxlen: 24
176.97.211.0/24 maxlen: 24
176.118.35.0/24 maxlen: 24
176.126.119.0/24 maxlen: 24
185.151.145.0/24 maxlen: 24
185.161.123.0/24 maxlen: 24
185.184.216.0/24 maxlen: 24
185.234.15.0/24 maxlen: 24
185.235.225.0/24 maxlen: 24
185.235.228.0/24 maxlen: 24
185.252.213.0/24 maxlen: 24
188.241.159.0/24 maxlen: 24
188.241.248.0/24 maxlen: 24
188.244.126.0/24 maxlen: 24
193.3.180.0/24 maxlen: 24
193.3.181.0/24 maxlen: 24
193.3.187.0/24 maxlen: 24
193.9.25.0/24 maxlen: 24
193.38.154.0/24 maxlen: 24
193.163.192.0/24 maxlen: 24
193.163.193.0/24 maxlen: 24
193.163.195.0/24 maxlen: 24
193.201.12.0/24 maxlen: 24
193.201.14.0/24 maxlen: 24
193.221.210.0/24 maxlen: 24
194.26.200.0/24 maxlen: 24
194.150.76.0/24 maxlen: 24
212.18.102.0/24 maxlen: 24
212.18.106.0/24 maxlen: 24
212.24.123.0/24 maxlen: 24
212.52.9.0/24 maxlen: 24
212.52.10.0/24 maxlen: 24
212.52.11.0/24 maxlen: 24
213.109.149.0/24 maxlen: 24
213.109.156.0/24 maxlen: 24
213.109.159.0/24 maxlen: 24
213.173.37.0/24 maxlen: 24
217.119.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:0a:cc:40:bd:d0:91:b3:1a:39:57:8f:cf:22:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 13:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3411cc9d9b903693560c0ac6b80121d26a4f5eb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c3:dc:4a:ea:8d:bb:b0:0a:ce:0a:0a:59:70:
78:da:0a:44:40:c6:17:7e:6b:f6:45:91:d5:02:0f:
d5:38:95:8e:5b:f5:f4:f9:a6:7f:54:88:bf:8f:ff:
2f:ac:23:36:e2:77:47:69:4f:2c:4e:4a:25:c7:55:
e4:f7:83:9d:05:71:45:31:2b:79:c5:29:76:ea:ce:
de:40:b3:c3:17:de:91:da:ca:c8:83:59:40:f1:cf:
60:9a:f5:89:1b:f5:43:97:23:2a:53:b5:74:42:5c:
1f:ba:72:93:ba:e6:eb:1d:5b:8e:c4:e2:61:ae:9c:
8e:e1:92:fa:86:4d:93:aa:ba:1a:57:ec:81:6f:f3:
2b:78:93:e1:52:cd:ce:65:bc:ed:1b:99:13:4b:09:
ec:50:a0:95:6d:fe:24:c4:3b:95:f9:79:db:e1:73:
97:c6:ca:3f:87:27:bb:e0:75:f3:5b:82:dd:84:46:
75:58:60:6b:e3:91:01:65:fc:13:fd:c6:03:f0:4d:
17:c5:ca:e9:3c:70:81:b1:d3:67:df:31:6b:b0:cf:
f6:4d:73:56:c2:ab:16:64:0d:68:8c:dc:30:23:98:
5f:af:11:02:99:9a:b6:63:6f:56:69:41:e5:3d:d8:
f3:d5:df:ca:78:2f:96:6d:57:2b:38:08:19:b5:f7:
3e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:11:CC:9D:9B:90:36:93:56:0C:0A:C6:B8:01:21:D2:6A:4F:5E:B5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NBHMnZuQNpNWDArGuAEh0mpPXrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.178.0/24
37.72.136.0/24
37.140.222.0/24
45.86.37.0/24
46.253.135.0/24
62.3.5.0/24
62.3.57.0/24
62.106.74.0/24
62.106.91.0/24
62.122.191.0/24
62.197.128.0/24
62.204.60.0/24
62.233.32.0/24
62.233.38.0/24
78.142.243.0/24
79.110.228.0/24
79.110.230.0/24
89.38.136.0/24
91.209.12.0/24
91.242.233.0/24
91.242.252.0/24
91.246.32.0/24
91.246.37.0/24
91.246.63.0/24
91.247.172.0/24
94.154.126.0/24
109.205.186.0/24
146.19.30.0/24
146.19.36.0/24
146.19.40.0/24
146.19.110.0/24
146.19.132.0/24
146.19.151.0/24
146.19.182.0/24
146.19.184.0/24
146.19.221.0/24
146.19.225.0/24
146.19.232.0/24
176.97.195.0/24
176.97.198.0/24
176.97.200.0/24
176.97.211.0/24
176.118.35.0/24
176.126.119.0/24
185.151.145.0/24
185.161.123.0/24
185.184.216.0/24
185.234.15.0/24
185.235.225.0/24
185.235.228.0/24
185.252.213.0/24
188.241.159.0/24
188.241.248.0/24
188.244.126.0/24
193.3.180.0/23
193.3.187.0/24
193.9.25.0/24
193.38.154.0/24
193.163.192.0/23
193.163.195.0/24
193.201.12.0/24
193.201.14.0/24
193.221.210.0/24
194.26.200.0/24
194.150.76.0/24
212.18.102.0/24
212.18.106.0/24
212.24.123.0/24
212.52.9.0-212.52.11.255
213.109.149.0/24
213.109.156.0/24
213.109.159.0/24
213.173.37.0/24
217.119.135.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:dd:7b:df:6c:32:22:0d:9e:e8:9a:4c:bb:c0:4e:08:40:94:
2d:6c:43:79:38:aa:30:0d:d5:ce:c0:81:26:4d:98:99:4f:6f:
ef:b6:b4:e6:da:53:34:c2:18:3a:97:fb:4b:c2:da:28:f9:37:
69:0f:e9:99:61:07:6e:a1:69:f0:af:bf:6c:8f:cd:10:71:8f:
d8:e2:07:58:9c:a7:57:98:d3:42:88:05:11:14:d7:dc:ef:7a:
06:69:93:fb:17:26:a0:4b:da:c6:b2:93:a5:18:47:33:b7:1e:
5b:41:6d:37:81:ab:82:e4:84:09:54:d5:1f:28:62:9f:3e:31:
78:c7:d4:e7:0c:c1:e3:10:58:0e:1a:7c:f1:a4:f2:65:ac:d8:
ee:75:35:da:62:2d:04:08:cd:09:e7:3e:1d:d0:06:a3:56:ca:
06:61:df:67:ec:a2:e6:89:9c:a9:71:fa:4e:35:71:e1:c2:16:
e7:5f:62:f0:02:88:7f:b5:51:fe:54:90:f6:68:63:07:db:f7:
84:0b:dd:c7:df:cb:57:d4:df:b5:df:21:af:d0:4f:e3:0e:b8:
65:88:45:9e:ac:1b:d3:57:bb:9f:d7:59:d8:57:58:d0:58:c5:
24:88:8f:00:8a:07:76:27:f5:0f:eb:fd:5a:d6:0f:75:1f:34:
db:49:b9:db
-----BEGIN CERTIFICATE-----
MIIGxTCCBa2gAwIBAgISAZQiIArMQL3QkbMaOVePzyIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwMTAxMTM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDExY2M5ZDliOTAzNjkzNTYwYzBhYzZiODAxMjFkMjZhNGY1ZWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcPcSuqNu7AKzgoKWXB42gpEQMYX
fmv2RZHVAg/VOJWOW/X0+aZ/VIi/j/8vrCM24ndHaU8sTkolx1Xk94OdBXFFMSt5
xSl26s7eQLPDF96R2srIg1lA8c9gmvWJG/VDlyMqU7V0QlwfunKTuubrHVuOxOJh
rpyO4ZL6hk2TqroaV+yBb/MreJPhUs3OZbztG5kTSwnsUKCVbf4kxDuV+Xnb4XOX
xso/hye74HXzW4LdhEZ1WGBr45EBZfwT/cYD8E0XxcrpPHCBsdNn3zFrsM/2TXNW
wqsWZA1ojNwwI5hfrxECmZq2Y29WaUHlPdjz1d/KeC+WbVcrOAgZtfc+0wIDAQAB
o4ID0TCCA80wHQYDVR0OBBYEFDQRzJ2bkDaTVgwKxrgBIdJqT161MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTkJITW5adVFOcE5XREFyR3VBRWgwbXBQWHJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB5QYIKwYBBQUHAQcBAf8EggHUMIIB0DCCAcwEAgABMIIB
xAMEAAW0sgMEACVIiAMEACWM3gMEAC1WJQMEAC79hwMEAD4DBQMEAD4DOQMEAD5q
SgMEAD5qWwMEAD56vwMEAD7FgAMEAD7MPAMEAD7pIAMEAD7pJgMEAE6O8wMEAE9u
5AMEAE9u5gMEAFkmiAMEAFvRDAMEAFvy6QMEAFvy/AMEAFv2IAMEAFv2JQMEAFv2
PwMEAFv3rAMEAF6afgMEAG3NugMEAJITHgMEAJITJAMEAJITKAMEAJITbgMEAJIT
hAMEAJITlwMEAJITtgMEAJITuAMEAJIT3QMEAJIT4QMEAJIT6AMEALBhwwMEALBh
xgMEALBhyAMEALBh0wMEALB2IwMEALB+dwMEALmXkQMEALmhewMEALm42AMEALnq
DwMEALnr4QMEALnr5AMEALn81QMEALzxnwMEALzx+AMEALz0fgMEAcEDtAMEAMED
uwMEAMEJGQMEAMEmmgMEAcGjwAMEAMGjwwMEAMHJDAMEAMHJDgMEAMHd0gMEAMIa
yAMEAMKWTAMEANQSZgMEANQSagMEANQYezAMAwQA1DQJAwQC1DQIAwQA1W2VAwQA
1W2cAwQA1W2fAwQA1a0lAwQA2XeHMA0GCSqGSIb3DQEBCwUAA4IBAQAM3XvfbDIi
DZ7omky7wE4IQJQtbEN5OKowDdXOwIEmTZiZT2/vtrTm2lM0whg6l/tLwtoo+Tdp
D+mZYQduoWnwr79sj80QcY/Y4gdYnKdXmNNCiAURFNfc73oGaZP7FyagS9rGspOl
GEcztx5bQW03gauC5IQJVNUfKGKfPjF4x9TnDMHjEFgOGnzxpPJlrNjudTXaYi0E
CM0J5z4d0AajVsoGYd9n7KLmiZypcfpONXHhwhbnX2LwAoh/tVH+VJD2aGMH2/eE
C93H38tX1N+13yGv0E/jDrhliEWerBvTV7uf11nYV1jQWMUkiI8Aigd2J/UP6/1a
1g91HzTbSbnb
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:47:18 2025 by rpki-client