Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/2ihxRmHIoJvXsLRJl9UnuklhTss.roa
File: 2ihxRmHIoJvXsLRJl9UnuklhTss.roa (raw, json)
Hash identifier: Qy8rAi+HinoFZjghLieHk4xlEgqzEhcsZEASXcskWk0=
Subject key identifier: DA:28:71:46:61:C8:A0:9B:D7:B0:B4:49:97:D5:27:BA:49:61:4E:CB
Certificate issuer: /CN=0c90c356e2864f43894857443555d8b5c0352819
Certificate serial: 018E4D6986665670CC55767ADD83A5CA9310
Authority key identifier: 0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/2ihxRmHIoJvXsLRJl9UnuklhTss.roa
Signing time: Sun 17 Mar 2024 17:15:45 +0000
ROA not before: Sun 17 Mar 2024 17:15:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44395
IP address blocks: 5.77.128.0/17 maxlen: 24
37.157.208.0/20 maxlen: 24
37.157.208.0/22 maxlen: 24
37.157.209.0/24 maxlen: 24
37.157.210.0/24 maxlen: 24
37.157.212.0/22 maxlen: 24
37.157.216.0/21 maxlen: 24
37.157.216.0/22 maxlen: 24
37.157.220.0/22 maxlen: 24
37.252.64.0/19 maxlen: 24
46.36.112.0/20 maxlen: 24
46.162.192.0/18 maxlen: 24
46.162.240.0/20 maxlen: 24
46.241.128.0/17 maxlen: 24
81.16.0.0/20 maxlen: 24
82.199.192.0/20 maxlen: 24
92.43.136.0/21 maxlen: 24
92.43.136.0/22 maxlen: 24
92.43.140.0/22 maxlen: 24
109.75.34.0/23 maxlen: 24
109.75.36.0/22 maxlen: 24
109.75.40.0/21 maxlen: 24
141.136.64.0/19 maxlen: 24
178.78.128.0/18 maxlen: 24
185.59.68.0/22 maxlen: 24
185.86.195.0/24 maxlen: 24
188.115.192.0/18 maxlen: 24
212.34.224.0/19 maxlen: 24
212.34.232.0/21 maxlen: 24
212.34.240.0/20 maxlen: 24
212.34.240.0/21 maxlen: 24
2a00:cc40::/29 maxlen: 48
2a00:cc40::/32 maxlen: 32
2a00:cc40::/48 maxlen: 48
2a01:4a00::/32 maxlen: 32
2a03:1080::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4d:69:86:66:56:70:cc:55:76:7a:dd:83:a5:ca:93:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c90c356e2864f43894857443555d8b5c0352819
Validity
Not Before: Mar 17 17:15:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da28714661c8a09bd7b0b44997d527ba49614ecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f2:28:3c:ad:c7:2f:66:44:b4:32:67:9e:c3:
5c:11:84:db:96:a1:f6:b4:f5:c7:61:ab:8d:03:6f:
fa:2c:e6:8b:08:f4:5f:13:5c:c6:2c:4f:2a:92:8e:
d0:6b:a0:3c:04:2d:74:cc:d7:89:7c:a5:ee:9b:86:
99:e7:d1:b6:ec:87:c8:0a:31:d4:6f:4a:02:e0:e0:
81:d7:49:45:a1:ce:89:3b:62:63:34:2c:55:36:1a:
19:2f:fb:08:52:90:6c:f1:2e:d4:51:fe:f0:cb:61:
4c:fa:c9:11:3c:0e:e0:c9:86:d9:f0:13:44:5f:50:
69:4d:c6:24:81:db:56:b8:8f:e5:ea:4e:32:ea:c3:
07:8d:49:c7:1a:a9:67:f9:63:31:86:71:65:00:b6:
e5:c0:21:d8:a5:8b:86:df:b2:15:d5:3a:ba:b1:ed:
fa:e1:ed:aa:ac:b2:be:b1:72:e3:a9:a1:8a:ee:a2:
db:84:6d:56:ef:10:65:84:ad:94:84:9d:88:89:7d:
61:96:40:ff:6d:8f:80:81:24:55:29:6f:2a:f4:25:
53:b3:5d:bf:14:24:10:78:69:22:91:b0:81:72:63:
52:d3:b2:a8:5c:e5:95:3e:df:f9:1b:35:5b:fb:50:
84:66:12:95:3b:99:51:0d:90:10:d5:4c:87:6e:60:
ab:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:28:71:46:61:C8:A0:9B:D7:B0:B4:49:97:D5:27:BA:49:61:4E:CB
X509v3 Authority Key Identifier:
keyid:0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/2ihxRmHIoJvXsLRJl9UnuklhTss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.77.128.0/17
37.157.208.0/20
37.252.64.0/19
46.36.112.0/20
46.162.192.0/18
46.241.128.0/17
81.16.0.0/20
82.199.192.0/20
92.43.136.0/21
109.75.34.0-109.75.47.255
141.136.64.0/19
178.78.128.0/18
185.59.68.0/22
185.86.195.0/24
188.115.192.0/18
212.34.224.0/19
IPv6:
2a00:cc40::/29
2a01:4a00::/32
2a03:1080::/32
Signature Algorithm: sha256WithRSAEncryption
ae:8c:7b:50:47:37:8e:94:54:92:9a:c0:e2:ae:8c:dc:b6:ac:
07:09:04:8e:f8:b7:34:8d:bb:51:71:ae:36:1a:35:42:59:a4:
30:5a:46:0b:7e:a4:b3:d3:d0:6b:94:67:67:0d:15:d2:f7:8e:
29:95:ff:c7:e0:c8:05:a6:b2:76:9a:ca:63:7c:44:8c:83:2a:
44:1a:a1:dd:d3:b2:47:29:c9:a6:f8:92:36:34:82:f0:8c:46:
b5:2c:63:42:22:da:ca:76:48:b7:42:3b:5e:31:bf:08:bb:61:
6a:31:90:3b:1e:b1:e5:99:20:c8:39:76:88:cb:8f:83:65:c3:
56:61:58:07:08:f1:f2:3f:3a:4f:ae:f0:9a:40:b6:98:d2:44:
96:89:87:70:20:18:07:a1:5e:15:4d:cd:57:3f:1a:b5:22:81:
c7:a2:a0:5d:8a:05:2e:c6:cc:f7:59:4b:33:22:06:7a:63:38:
ab:1c:9f:ed:f9:a0:c4:1d:04:77:06:80:e8:33:a2:5c:95:82:
c4:f2:b7:33:71:fb:3f:27:bf:ed:21:f2:22:aa:f2:1d:86:0a:
94:e0:52:b7:65:07:90:f3:21:50:6e:93:f2:05:d3:6d:3b:8b:
b7:10:50:e3:74:57:e9:41:ea:f5:86:b9:8f:38:a9:fd:7d:a2:
4c:9e:12:be
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAY5NaYZmVnDMVXZ63YOlypMQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOTBjMzU2ZTI4NjRmNDM4OTQ4NTc0NDM1NTVkOGI1YzAz
NTI4MTkwHhcNMjQwMzE3MTcxNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTI4NzE0NjYxYzhhMDliZDdiMGI0NDk5N2Q1MjdiYTQ5NjE0ZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/IoPK3HL2ZEtDJnnsNcEYTblqH2
tPXHYauNA2/6LOaLCPRfE1zGLE8qko7Qa6A8BC10zNeJfKXum4aZ59G27IfICjHU
b0oC4OCB10lFoc6JO2JjNCxVNhoZL/sIUpBs8S7UUf7wy2FM+skRPA7gyYbZ8BNE
X1BpTcYkgdtWuI/l6k4y6sMHjUnHGqln+WMxhnFlALblwCHYpYuG37IV1Tq6se36
4e2qrLK+sXLjqaGK7qLbhG1W7xBlhK2UhJ2IiX1hlkD/bY+AgSRVKW8q9CVTs12/
FCQQeGkikbCBcmNS07KoXOWVPt/5GzVb+1CEZhKVO5lRDZAQ1UyHbmCrtQIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFNoocUZhyKCb17C0SZfVJ7pJYU7LMB8GA1UdIwQY
MBaAFAyQw1bihk9DiUhXRDVV2LXANSgZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDct
ZTM3OTlhZGU5ZGZlLzEvMmloeFJtSElvSnZYc0xSSmw5VW51a2xoVHNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDctZTM3OTlhZGU5ZGZl
LzEvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTBuBAIAATBoAwQHBU2A
AwQEJZ3QAwQFJfxAAwQELiRwAwQGLqLAAwQHLvGAAwQEURAAAwQEUsfAAwQDXCuI
MAwDBAFtSyIDBARtSyADBAWNiEADBAayToADBAK5O0QDBAC5VsMDBAa8c8ADBAXU
IuAwGwQCAAIwFQMFAyoAzEADBQAqAUoAAwUAKgMQgDANBgkqhkiG9w0BAQsFAAOC
AQEArox7UEc3jpRUkprA4q6M3LasBwkEjvi3NI27UXGuNho1QlmkMFpGC36ks9PQ
a5RnZw0V0veOKZX/x+DIBaaydprKY3xEjIMqRBqh3dOyRynJpviSNjSC8IxGtSxj
QiLaynZIt0I7XjG/CLthajGQOx6x5ZkgyDl2iMuPg2XDVmFYBwjx8j86T67wmkC2
mNJElomHcCAYB6FeFU3NVz8atSKBx6KgXYoFLsbM91lLMyIGemM4qxyf7fmgxB0E
dwaA6DOiXJWCxPK3M3H7Pye/7SHyIqryHYYKlOBSt2UHkPMhUG6T8gXTbTuLtxBQ
43RX6UHq9Ya5jzip/X2iTJ4Svg==
-----END CERTIFICATE-----
Generated at Sun May 12 05:55:46 2024 by rpki-client on console-ams.rpki-client.org