Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/4WMythd9byBtqHogySXdhHFy3iM.roa
File: 4WMythd9byBtqHogySXdhHFy3iM.roa (raw, json)
Hash identifier: MLR1uRnn9jfmRgg1amYygQazEQrjo8CGsQ/Kf/rY4vA=
Subject key identifier: E1:63:32:B6:17:7D:6F:20:6D:A8:7A:20:C9:25:DD:84:71:72:DE:23
Certificate issuer: /CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Certificate serial: 018CC26D46E178A5607EA7DA8E37AA2CB9C7
Authority key identifier: D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/4WMythd9byBtqHogySXdhHFy3iM.roa
Signing time: Mon 01 Jan 2024 00:29:50 +0000
ROA not before: Mon 01 Jan 2024 00:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207990
IP address blocks: 194.41.120.0/22 maxlen: 32
80.240.98.0/23 maxlen: 32
217.194.136.0/23 maxlen: 32
217.194.139.0/24 maxlen: 32
217.194.144.0/24 maxlen: 32
193.31.56.0/22 maxlen: 32
212.107.0.0/22 maxlen: 32
217.194.152.0/24 maxlen: 32
217.194.151.0/24 maxlen: 32
213.255.204.0/24 maxlen: 32
213.255.207.0/24 maxlen: 32
185.4.226.0/24 maxlen: 32
78.138.8.0/24 maxlen: 32
83.229.0.0/23 maxlen: 32
83.229.7.0/24 maxlen: 32
91.196.180.0/22 maxlen: 32
194.31.176.0/22 maxlen: 32
213.255.194.0/24 maxlen: 32
213.255.193.0/24 maxlen: 32
213.255.199.0/24 maxlen: 32
213.255.196.0/24 maxlen: 32
83.229.66.0/24 maxlen: 32
83.229.92.0/24 maxlen: 32
83.229.110.0/24 maxlen: 32
83.229.116.0/22 maxlen: 32
83.229.114.0/24 maxlen: 32
83.229.12.0/23 maxlen: 32
78.138.41.0/24 maxlen: 32
83.229.27.0/24 maxlen: 32
83.229.30.0/24 maxlen: 32
188.190.104.0/22 maxlen: 32
83.229.36.0/23 maxlen: 32
193.42.56.0/22 maxlen: 32
78.138.53.0/24 maxlen: 32
78.138.54.0/23 maxlen: 32
78.138.63.0/24 maxlen: 32
195.3.136.0/22 maxlen: 32
83.229.58.0/23 maxlen: 32
188.190.120.0/22 maxlen: 32
194.187.36.0/22 maxlen: 32
83.229.60.0/24 maxlen: 32
217.194.130.0/23 maxlen: 32
31.40.228.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.mft
rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:46:e1:78:a5:60:7e:a7:da:8e:37:aa:2c:b9:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Validity
Not Before: Jan 1 00:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e16332b6177d6f206da87a20c925dd847172de23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4b:36:d1:f3:f1:3e:98:74:d5:c8:7a:b8:b4:
87:ec:b5:2b:ce:5a:08:ac:d5:53:fa:a8:7a:cb:80:
f0:fc:7b:5f:bf:54:f5:db:78:7d:7c:89:07:3d:42:
7b:a5:b1:ef:12:86:1d:97:06:65:83:f2:dc:3d:13:
0b:a9:3d:dc:0c:4a:52:9b:47:d7:ac:a2:ad:9a:27:
3b:95:f2:81:c6:2c:b5:9e:ea:e9:9c:92:b1:e4:2a:
2f:6f:ec:16:cb:5d:b5:7f:ac:1a:79:71:c5:37:18:
7e:2a:08:67:84:37:65:91:6b:6e:3a:01:5e:e1:89:
59:b9:77:21:ab:a8:da:5f:4c:49:76:54:da:f9:63:
39:80:14:f0:bc:44:b1:f1:c6:12:c7:ea:22:76:f6:
2e:48:0d:fa:9b:4d:87:a2:e1:a7:3a:27:05:94:ef:
2e:7e:62:b5:98:d9:4a:61:27:7f:f5:4d:b6:23:28:
bb:8f:e8:a9:d6:63:33:e2:28:91:52:11:11:d9:e8:
b9:61:ca:2f:12:e9:a8:b6:05:5a:70:11:df:55:88:
f3:7b:bc:ad:17:19:be:c8:88:93:f8:94:86:1e:96:
ae:ee:44:34:5a:ac:94:48:79:b6:87:52:c2:7e:f6:
41:bf:d7:63:69:1f:24:d5:fc:de:39:0e:b6:65:18:
a3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:63:32:B6:17:7D:6F:20:6D:A8:7A:20:C9:25:DD:84:71:72:DE:23
X509v3 Authority Key Identifier:
keyid:D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/4WMythd9byBtqHogySXdhHFy3iM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.228.0/22
78.138.8.0/24
78.138.41.0/24
78.138.53.0-78.138.55.255
78.138.63.0/24
80.240.98.0/23
83.229.0.0/23
83.229.7.0/24
83.229.12.0/23
83.229.27.0/24
83.229.30.0/24
83.229.36.0/23
83.229.58.0-83.229.60.255
83.229.66.0/24
83.229.92.0/24
83.229.110.0/24
83.229.114.0/24
83.229.116.0/22
91.196.180.0/22
185.4.226.0/24
188.190.104.0/22
188.190.120.0/22
193.31.56.0/22
193.42.56.0/22
194.31.176.0/22
194.41.120.0/22
194.187.36.0/22
195.3.136.0/22
212.107.0.0/22
213.255.193.0-213.255.194.255
213.255.196.0/24
213.255.199.0/24
213.255.204.0/24
213.255.207.0/24
217.194.130.0/23
217.194.136.0/23
217.194.139.0/24
217.194.144.0/24
217.194.151.0-217.194.152.255
Signature Algorithm: sha256WithRSAEncryption
3d:01:ff:f5:96:91:d6:7d:67:73:d4:f3:ad:a1:c0:cd:71:46:
42:2b:d7:a0:95:b4:3e:17:f3:44:ac:3f:eb:c0:f2:38:50:86:
ba:ad:32:48:dc:d3:25:0f:20:16:89:e2:7c:26:8d:7a:3b:3f:
62:a1:20:8c:ae:6e:d8:91:a3:32:69:10:93:5e:07:6e:e2:41:
4f:bd:95:1e:72:6d:0f:8b:4b:56:d7:4f:ab:7b:95:87:79:17:
dd:d0:51:96:25:a5:4b:41:30:b4:5c:aa:f0:ab:0b:00:f2:06:
60:c8:e8:c9:39:22:8d:48:09:b2:e1:d8:07:c6:be:4f:da:3c:
09:1d:6f:04:71:22:c8:79:de:8c:25:32:32:2b:8f:90:6d:d4:
72:3a:39:e5:fa:50:81:8d:a8:57:95:1d:c0:1b:62:5c:40:ee:
a2:8e:96:de:79:53:9e:3f:07:29:16:be:23:e5:29:d3:f1:41:
bf:2c:9b:aa:9b:b1:a8:18:28:35:61:3c:48:39:71:dd:c1:d2:
c3:e3:39:c0:db:88:bb:46:be:1d:08:26:91:77:24:ee:ce:2c:
a6:f8:63:32:f6:e7:22:08:1f:f0:d7:99:27:10:75:92:71:a9:
8e:a7:b4:39:45:72:fe:d4:6d:53:26:08:03:09:69:20:63:d1:
58:39:b5:4d
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAYzCbUbheKVgfqfajjeqLLnHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDYzMTU2YzE4MzZmMTZjM2I0MzBlZmZiYjcyYWM2OTkz
MmVhOWIwHhcNMjQwMTAxMDAyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTYzMzJiNjE3N2Q2ZjIwNmRhODdhMjBjOTI1ZGQ4NDcxNzJkZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwks20fPxPph01ch6uLSH7LUrzloI
rNVT+qh6y4Dw/Htfv1T123h9fIkHPUJ7pbHvEoYdlwZlg/LcPRMLqT3cDEpSm0fX
rKKtmic7lfKBxiy1nurpnJKx5Covb+wWy121f6waeXHFNxh+KghnhDdlkWtuOgFe
4YlZuXchq6jaX0xJdlTa+WM5gBTwvESx8cYSx+oidvYuSA36m02HouGnOicFlO8u
fmK1mNlKYSd/9U22Iyi7j+ip1mMz4iiRUhER2ei5YcovEumotgVacBHfVYjze7yt
Fxm+yIiT+JSGHpau7kQ0WqyUSHm2h1LCfvZBv9djaR8k1fzeOQ62ZRijAQIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFOFjMrYXfW8gbah6IMkl3YRxct4jMB8GA1UdIwQY
MBaAFNnWMVbBg28Ww7Qw7/u3KsaZMuqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMt
ZmRhMDExZTVjOTcyLzEvNFdNeXRoZDlieUJ0cUhvZ3lTWGRoSEZ5M2lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMtZmRhMDExZTVjOTcy
LzEvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCCARIEAgABMIIB
CgMEAh8o5AMEAE6KCAMEAE6KKTAMAwQAToo1AwQDToowAwQAToo/AwQBUPBiAwQB
U+UAAwQAU+UHAwQBU+UMAwQAU+UbAwQAU+UeAwQBU+UkMAwDBAFT5ToDBABT5TwD
BABT5UIDBABT5VwDBABT5W4DBABT5XIDBAJT5XQDBAJbxLQDBAC5BOIDBAK8vmgD
BAK8vngDBALBHzgDBALBKjgDBALCH7ADBALCKXgDBALCuyQDBALDA4gDBALUawAw
DAMEANX/wQMEANX/wgMEANX/xAMEANX/xwMEANX/zAMEANX/zwMEAdnCggMEAdnC
iAMEANnCiwMEANnCkDAMAwQA2cKXAwQA2cKYMA0GCSqGSIb3DQEBCwUAA4IBAQA9
Af/1lpHWfWdz1POtocDNcUZCK9eglbQ+F/NErD/rwPI4UIa6rTJI3NMlDyAWieJ8
Jo16Oz9ioSCMrm7YkaMyaRCTXgdu4kFPvZUecm0Pi0tW10+re5WHeRfd0FGWJaVL
QTC0XKrwqwsA8gZgyOjJOSKNSAmy4dgHxr5P2jwJHW8EcSLIed6MJTIyK4+QbdRy
Ojnl+lCBjahXlR3AG2JcQO6ijpbeeVOePwcpFr4j5SnT8UG/LJuqm7GoGCg1YTxI
OXHdwdLD4znA24i7Rr4dCCaRdyTuziym+GMy9uciCB/w15knEHWScamOp7Q5RXL+
1G1TJggDCWkgY9FYObVN
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:43:50 2024 by rpki-client on console-ams.rpki-client.org