Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/MMAgcHrQ-TGROCUvSlTTs46saLc.roa
File: MMAgcHrQ-TGROCUvSlTTs46saLc.roa (raw, json)
Hash identifier: wzAa40QCYrgvluN6j8Nuk0TQrgVEs3jBPRJIFiRB5DA=
Subject key identifier: 30:C0:20:70:7A:D0:F9:31:91:38:25:2F:4A:54:D3:B3:8E:AC:68:B7
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 018EA3D28041A7D0F03B2430AF7F303B257E
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/MMAgcHrQ-TGROCUvSlTTs46saLc.roa
Signing time: Wed 03 Apr 2024 11:57:45 +0000
ROA not before: Wed 03 Apr 2024 11:57:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48715
IP address blocks: 78.110.120.0/22 maxlen: 24
80.71.149.0/24 maxlen: 24
88.135.36.0/22 maxlen: 22
88.135.36.0/24 maxlen: 24
88.135.37.0/24 maxlen: 24
88.135.38.0/24 maxlen: 24
88.135.39.0/24 maxlen: 24
91.236.168.0/23 maxlen: 23
91.236.168.0/24 maxlen: 24
91.236.169.0/24 maxlen: 24
91.247.171.0/24 maxlen: 24
130.193.77.0/24 maxlen: 24
152.89.44.0/22 maxlen: 22
152.89.44.0/24 maxlen: 24
152.89.45.0/24 maxlen: 24
152.89.46.0/24 maxlen: 24
152.89.47.0/24 maxlen: 24
185.18.212.0/22 maxlen: 22
185.18.212.0/24 maxlen: 24
185.18.213.0/24 maxlen: 24
185.18.214.0/24 maxlen: 24
185.18.215.0/24 maxlen: 24
185.36.228.0/24 maxlen: 24
185.51.200.0/22 maxlen: 22
185.51.200.0/24 maxlen: 24
185.51.201.0/24 maxlen: 24
185.51.202.0/24 maxlen: 24
185.51.203.0/24 maxlen: 24
185.58.240.0/22 maxlen: 24
185.112.149.0/24 maxlen: 24
185.112.150.0/23 maxlen: 23
185.112.150.0/24 maxlen: 24
185.112.151.0/24 maxlen: 24
185.121.130.0/23 maxlen: 23
185.121.130.0/24 maxlen: 24
185.121.131.0/24 maxlen: 24
185.128.136.0/22 maxlen: 24
185.128.136.0/24 maxlen: 24
185.128.137.0/24 maxlen: 24
185.128.138.0/24 maxlen: 24
185.128.139.0/24 maxlen: 24
185.141.104.0/22 maxlen: 22
185.141.104.0/24 maxlen: 24
185.141.105.0/24 maxlen: 24
185.141.106.0/24 maxlen: 24
185.141.107.0/24 maxlen: 24
185.141.132.0/22 maxlen: 22
185.141.132.0/24 maxlen: 24
185.141.133.0/24 maxlen: 24
185.141.134.0/24 maxlen: 24
185.141.135.0/24 maxlen: 24
185.170.8.0/24 maxlen: 24
185.173.129.0/24 maxlen: 24
185.173.130.0/24 maxlen: 24
185.206.231.0/24 maxlen: 24
185.213.195.0/24 maxlen: 24
185.233.131.0/24 maxlen: 24
185.234.14.0/24 maxlen: 24
185.235.245.0/24 maxlen: 24
185.252.200.0/24 maxlen: 24
188.209.152.0/23 maxlen: 23
188.209.152.0/24 maxlen: 24
188.209.153.0/24 maxlen: 24
194.56.148.0/24 maxlen: 24
195.110.38.0/23 maxlen: 23
195.211.44.0/22 maxlen: 22
195.211.44.0/24 maxlen: 24
195.211.45.0/24 maxlen: 24
195.211.46.0/24 maxlen: 24
195.211.47.0/24 maxlen: 24
213.109.199.0/24 maxlen: 24
2a0a:5e80::/29 maxlen: 29
2a0a:5e80::/48 maxlen: 48
2a0a:5e80::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a3:d2:80:41:a7:d0:f0:3b:24:30:af:7f:30:3b:25:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Apr 3 11:57:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30c020707ad0f9319138252f4a54d3b38eac68b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0f:03:7e:f0:35:1d:bc:cf:6c:28:d6:98:f3:
12:be:d9:5f:e1:7f:36:6b:04:5c:c1:33:1f:b8:da:
08:53:34:00:b7:78:61:54:cd:65:4d:c8:e9:c3:d8:
e7:13:76:e6:3a:1a:95:c2:b1:b7:f6:e8:e3:1e:f7:
7f:e7:8c:2e:fd:8c:84:0c:95:0f:91:fb:61:76:e5:
95:c0:9c:4a:9d:b5:7c:92:bc:a6:ac:c1:ec:5a:2b:
24:a0:50:9d:b5:56:39:da:35:a1:bc:70:d9:dd:07:
2d:bb:1d:c4:bc:1f:e6:54:50:45:e7:ef:aa:a8:0f:
47:1d:3f:7c:29:79:11:d1:e4:d0:40:9a:74:41:bc:
a5:7a:99:6f:c5:48:6a:36:30:95:50:12:0c:29:a0:
25:6c:cb:38:fc:e4:0e:fe:5a:99:42:6a:81:2d:2c:
68:66:62:61:ec:cb:6c:34:9f:fd:71:8c:2c:7d:a4:
bb:0d:27:8e:ce:d4:ae:64:1b:15:e1:c5:3d:11:bd:
6a:c4:d6:99:40:a0:84:ff:25:4b:5b:57:55:33:e7:
43:07:fc:91:c6:0f:f5:4c:14:55:bf:c2:0e:19:b4:
b9:c6:bc:41:dd:92:86:3d:a7:15:ce:46:1d:05:84:
93:f3:f4:09:a3:23:04:18:19:a6:60:ca:93:53:77:
85:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:C0:20:70:7A:D0:F9:31:91:38:25:2F:4A:54:D3:B3:8E:AC:68:B7
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/MMAgcHrQ-TGROCUvSlTTs46saLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.110.120.0/22
80.71.149.0/24
88.135.36.0/22
91.236.168.0/23
91.247.171.0/24
130.193.77.0/24
152.89.44.0/22
185.18.212.0/22
185.36.228.0/24
185.51.200.0/22
185.58.240.0/22
185.112.149.0-185.112.151.255
185.121.130.0/23
185.128.136.0/22
185.141.104.0/22
185.141.132.0/22
185.170.8.0/24
185.173.129.0-185.173.130.255
185.206.231.0/24
185.213.195.0/24
185.233.131.0/24
185.234.14.0/24
185.235.245.0/24
185.252.200.0/24
188.209.152.0/23
194.56.148.0/24
195.110.38.0/23
195.211.44.0/22
213.109.199.0/24
IPv6:
2a0a:5e80::/29
Signature Algorithm: sha256WithRSAEncryption
57:5b:9c:23:3e:c9:01:e2:73:2b:cc:2d:9e:7e:e6:33:f5:9b:
29:28:13:0f:ad:a4:d4:76:2d:57:4e:8a:46:e1:c2:23:4c:30:
2b:df:d1:28:36:21:10:e6:77:31:0a:ac:cb:e6:d0:1f:60:a8:
9b:42:60:fd:5d:f7:f7:44:34:d9:d9:d7:e4:33:c7:a7:b9:25:
2d:3a:ec:7a:46:9e:bf:21:77:9e:ae:aa:b8:e8:c5:e0:59:ca:
70:18:96:12:ca:54:ff:81:15:71:72:b5:86:6a:09:38:66:89:
89:89:dd:37:bd:1d:94:ac:bb:12:08:c2:bf:49:7b:b7:8a:50:
42:f0:a0:30:24:98:5c:b7:eb:c6:c3:a4:2a:ae:94:51:2b:85:
ac:c1:b1:08:f9:bb:66:c5:f1:cd:a3:82:52:29:0d:be:25:52:
f6:a7:60:a7:5c:46:bd:81:0d:da:f4:8a:80:c0:6b:c0:9f:cb:
b4:f2:27:2d:1b:cf:45:ec:5a:16:95:be:43:69:c6:46:69:d0:
52:e0:c4:99:c7:aa:5e:27:ef:0a:5f:c2:c5:76:53:54:6e:db:
0f:02:d5:59:41:48:a4:44:21:21:b5:97:29:45:e3:50:31:15:
9d:06:07:bb:3d:d6:04:30:ea:93:94:8b:7a:10:f8:91:7a:aa:
4c:ba:8a:67
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAY6j0oBBp9DwOyQwr38wOyV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjQwNDAzMTE1NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGMwMjA3MDdhZDBmOTMxOTEzODI1MmY0YTU0ZDNiMzhlYWM2OGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjA8DfvA1HbzPbCjWmPMSvtlf4X82
awRcwTMfuNoIUzQAt3hhVM1lTcjpw9jnE3bmOhqVwrG39ujjHvd/54wu/YyEDJUP
kfthduWVwJxKnbV8krymrMHsWiskoFCdtVY52jWhvHDZ3Qctux3EvB/mVFBF5++q
qA9HHT98KXkR0eTQQJp0QbyleplvxUhqNjCVUBIMKaAlbMs4/OQO/lqZQmqBLSxo
ZmJh7MtsNJ/9cYwsfaS7DSeOztSuZBsV4cU9Eb1qxNaZQKCE/yVLW1dVM+dDB/yR
xg/1TBRVv8IOGbS5xrxB3ZKGPacVzkYdBYST8/QJoyMEGBmmYMqTU3eFrwIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFDDAIHB60PkxkTglL0pU07OOrGi3MB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvTU1BZ2NIclEtVEdST0NVdlNsVFRzNDZzYUxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBxQQCAAEwgb4DBAJO
bngDBABQR5UDBAJYhyQDBAFb7KgDBABb96sDBACCwU0DBAKYWSwDBAK5EtQDBAC5
JOQDBAK5M8gDBAK5OvAwDAMEALlwlQMEA7lwkAMEAbl5ggMEArmAiAMEArmNaAME
ArmNhAMEALmqCDAMAwQAua2BAwQAua2CAwQAuc7nAwQAudXDAwQAuemDAwQAueoO
AwQAuev1AwQAufzIAwQBvNGYAwQAwjiUAwQBw24mAwQCw9MsAwQA1W3HMA0EAgAC
MAcDBQMqCl6AMA0GCSqGSIb3DQEBCwUAA4IBAQBXW5wjPskB4nMrzC2efuYz9Zsp
KBMPraTUdi1XTopG4cIjTDAr39EoNiEQ5ncxCqzL5tAfYKibQmD9Xff3RDTZ2dfk
M8enuSUtOux6Rp6/IXeerqq46MXgWcpwGJYSylT/gRVxcrWGagk4ZomJid03vR2U
rLsSCMK/SXu3ilBC8KAwJJhct+vGw6QqrpRRK4WswbEI+btmxfHNo4JSKQ2+JVL2
p2CnXEa9gQ3a9IqAwGvAn8u08ictG89F7FoWlb5DacZGadBS4MSZx6peJ+8KX8LF
dlNUbtsPAtVZQUikRCEhtZcpReNQMRWdBge7PdYEMOqTlIt6EPiReqpMuopn
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:40:20 2024 by rpki-client on console-fra.rpki-client.org