Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/megyW4U_lL8RTz9E0KvaPBh1Ow4.roa
File: megyW4U_lL8RTz9E0KvaPBh1Ow4.roa (raw, json)
Hash identifier: slCglNmExux2MjDSrCc4xKZ3bgDlhaC9sZ2n2FnWPz0=
Subject key identifier: 99:E8:32:5B:85:3F:94:BF:11:4F:3F:44:D0:AB:DA:3C:18:75:3B:0E
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018CC8DFA9755A4AB79AE2FCDCB417D58E4D
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/megyW4U_lL8RTz9E0KvaPBh1Ow4.roa
Signing time: Tue 02 Jan 2024 06:32:30 +0000
ROA not before: Tue 02 Jan 2024 06:32:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205090
IP address blocks: 185.112.102.0/24 maxlen: 24
185.112.101.0/24 maxlen: 24
185.112.103.0/24 maxlen: 24
45.9.73.0/24 maxlen: 24
45.9.75.0/24 maxlen: 24
193.162.143.0/24 maxlen: 24
185.233.83.0/24 maxlen: 24
185.105.90.0/24 maxlen: 24
185.105.88.0/24 maxlen: 24
185.105.91.0/24 maxlen: 24
185.105.89.0/24 maxlen: 24
185.221.162.0/24 maxlen: 24
45.95.202.0/24 maxlen: 24
185.102.139.0/24 maxlen: 24
45.95.203.0/24 maxlen: 24
45.90.216.0/24 maxlen: 24
45.90.218.0/24 maxlen: 24
45.90.217.0/24 maxlen: 24
45.90.219.0/24 maxlen: 24
84.252.73.0/24 maxlen: 24
84.252.75.0/24 maxlen: 24
84.252.74.0/24 maxlen: 24
185.233.200.0/24 maxlen: 24
185.232.169.0/24 maxlen: 24
185.128.105.0/24 maxlen: 24
45.89.65.0/24 maxlen: 24
85.209.2.0/24 maxlen: 24
185.103.109.0/24 maxlen: 24
185.128.107.0/24 maxlen: 24
185.128.106.0/24 maxlen: 24
193.168.227.0/24 maxlen: 24
185.217.198.0/24 maxlen: 24
185.217.199.0/24 maxlen: 24
185.104.251.0/24 maxlen: 24
2a09:5302:ffff::/48 maxlen: 48
2a09:5302::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:a9:75:5a:4a:b7:9a:e2:fc:dc:b4:17:d5:8e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 06:32:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99e8325b853f94bf114f3f44d0abda3c18753b0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9a:14:a8:1c:ff:df:dd:ea:73:76:c7:48:93:
d3:df:d1:3c:9e:e7:53:21:0e:04:d9:09:80:65:8c:
b4:f2:77:65:ed:b8:3f:ff:75:2d:af:ca:56:bf:30:
82:44:bf:18:38:dd:85:3d:65:a8:7b:aa:ba:0a:8c:
54:2c:83:b5:74:a1:da:df:ae:bf:cb:55:b3:3f:ff:
dd:9c:ad:74:85:57:a1:0a:28:21:05:31:f9:47:f8:
d2:69:ea:89:6f:ad:7e:e3:09:14:3d:32:c5:9c:65:
fe:79:10:0c:50:a3:e8:15:89:fe:0b:00:e0:ae:f3:
c8:40:d5:6f:47:d6:dc:58:54:5e:9a:ea:f5:a2:d9:
70:0e:1c:eb:86:ae:fd:fd:da:3c:61:50:ee:a3:69:
58:6f:4c:c1:91:5b:0d:ad:70:e4:5b:14:9b:e0:da:
fb:b7:49:dc:b3:8f:43:5d:1c:fa:25:1f:c0:48:fc:
ae:ab:b0:d1:f5:74:6b:a7:b9:00:98:83:e8:0e:e8:
af:e0:aa:0d:7e:c0:de:ad:ae:84:b1:04:6e:bb:8e:
0f:82:7c:d7:9b:f2:ba:7b:6b:2c:eb:32:49:ed:50:
73:98:e3:5b:6e:f6:ed:37:91:c8:72:5f:64:90:27:
21:21:09:e8:a2:e5:bb:42:b2:87:40:92:46:8c:1a:
c0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:E8:32:5B:85:3F:94:BF:11:4F:3F:44:D0:AB:DA:3C:18:75:3B:0E
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/megyW4U_lL8RTz9E0KvaPBh1Ow4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.73.0/24
45.9.75.0/24
45.89.65.0/24
45.90.216.0/22
45.95.202.0/23
84.252.73.0-84.252.75.255
85.209.2.0/24
185.102.139.0/24
185.103.109.0/24
185.104.251.0/24
185.105.88.0/22
185.112.101.0-185.112.103.255
185.128.105.0-185.128.107.255
185.217.198.0/23
185.221.162.0/24
185.232.169.0/24
185.233.83.0/24
185.233.200.0/24
193.162.143.0/24
193.168.227.0/24
IPv6:
2a09:5302::/32
Signature Algorithm: sha256WithRSAEncryption
13:06:0d:1d:ea:e6:f6:72:2e:f8:76:8f:16:c5:79:af:5a:fd:
ae:d2:25:f5:5d:16:11:68:f5:51:cc:9b:80:d0:d1:c1:04:7b:
aa:32:94:e8:63:df:e7:97:bb:b6:b5:38:ce:39:5a:f2:18:9c:
2a:5d:cc:9b:fe:69:43:05:82:c0:24:6e:41:82:02:e4:a0:a1:
59:4e:a5:53:de:ec:4a:a3:c3:44:c6:d3:e8:58:38:2b:6a:0a:
35:7f:b7:7b:12:4c:f8:75:09:30:bd:1b:1a:90:ab:86:bb:7f:
70:c6:cc:8a:05:40:cd:7d:92:38:41:87:9a:76:62:49:98:b5:
56:3f:90:3b:cb:74:3f:d8:62:59:fd:17:63:76:21:ca:7e:4e:
fe:72:c9:38:a9:16:bf:ba:3f:5d:11:ad:fb:79:06:34:a1:45:
11:b8:09:0f:2f:ec:57:78:9a:24:bc:92:13:7b:45:86:f4:f2:
36:63:d6:64:58:89:92:1b:c4:c3:af:16:1b:67:63:4c:9f:3c:
06:27:67:49:51:db:01:dd:cc:e2:46:d0:57:f2:16:91:cd:c3:
ef:b0:95:d9:48:cb:ac:b6:48:07:f5:03:46:76:aa:b3:de:95:
76:b8:2d:dc:12:b7:22:3c:29:80:5a:4d:7a:58:28:73:68:07:
4e:e6:82:46
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAYzI36l1Wkq3muL83LQX1Y5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWU4MzI1Yjg1M2Y5NGJmMTE0ZjNmNDRkMGFiZGEzYzE4NzUzYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZoUqBz/393qc3bHSJPT39E8nudT
IQ4E2QmAZYy08ndl7bg//3Utr8pWvzCCRL8YON2FPWWoe6q6CoxULIO1dKHa366/
y1WzP//dnK10hVehCighBTH5R/jSaeqJb61+4wkUPTLFnGX+eRAMUKPoFYn+CwDg
rvPIQNVvR9bcWFRemur1otlwDhzrhq79/do8YVDuo2lYb0zBkVsNrXDkWxSb4Nr7
t0ncs49DXRz6JR/ASPyuq7DR9XRrp7kAmIPoDuiv4KoNfsDera6EsQRuu44PgnzX
m/K6e2ss6zJJ7VBzmONbbvbtN5HIcl9kkCchIQnoouW7QrKHQJJGjBrAmwIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFJnoMluFP5S/EU8/RNCr2jwYdTsOMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvbWVneVc0VV9sTDhSVHo5RTBLdmFQQmgxT3c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBlwQCAAEwgZADBAAt
CUkDBAAtCUsDBAAtWUEDBAItWtgDBAEtX8owDAMEAFT8SQMEAlT8SAMEAFXRAgME
ALlmiwMEALlnbQMEALlo+wMEArlpWDAMAwQAuXBlAwQDuXBgMAwDBAC5gGkDBAK5
gGgDBAG52cYDBAC53aIDBAC56KkDBAC56VMDBAC56cgDBADBoo8DBADBqOMwDQQC
AAIwBwMFACoJUwIwDQYJKoZIhvcNAQELBQADggEBABMGDR3q5vZyLvh2jxbFea9a
/a7SJfVdFhFo9VHMm4DQ0cEEe6oylOhj3+eXu7a1OM45WvIYnCpdzJv+aUMFgsAk
bkGCAuSgoVlOpVPe7Eqjw0TG0+hYOCtqCjV/t3sSTPh1CTC9GxqQq4a7f3DGzIoF
QM19kjhBh5p2YkmYtVY/kDvLdD/YYln9F2N2Icp+Tv5yyTipFr+6P10Rrft5BjSh
RRG4CQ8v7Fd4miS8khN7RYb08jZj1mRYiZIbxMOvFhtnY0yfPAYnZ0lR2wHdzOJG
0FfyFpHNw++wldlIy6y2SAf1A0Z2qrPelXa4LdwStyI8KYBaTXpYKHNoB07mgkY=
-----END CERTIFICATE-----
Generated at Wed May 29 08:58:09 2024 by rpki-client on console-ams.rpki-client.org