Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/VfQMGJnUPps_APgM0vmJzkrjqoc.roa
File: VfQMGJnUPps_APgM0vmJzkrjqoc.roa (raw, json)
Hash identifier: MCpsScLI0I8aeLtldsOQ402lcvmoWaLrA/LtBeNyG/s=
Subject key identifier: 55:F4:0C:18:99:D4:3E:9B:3F:00:F8:0C:D2:F9:89:CE:4A:E3:AA:87
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 018F318BADEF876E6A034F906D381BAF87BD
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/VfQMGJnUPps_APgM0vmJzkrjqoc.roa
Signing time: Wed 01 May 2024 00:26:28 +0000
ROA not before: Wed 01 May 2024 00:26:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44285
IP address blocks: 37.32.32.0/21 maxlen: 21
37.32.32.0/22 maxlen: 22
37.32.32.0/24 maxlen: 24
37.32.33.0/24 maxlen: 24
37.32.34.0/24 maxlen: 24
37.32.35.0/24 maxlen: 24
37.32.37.0/24 maxlen: 24
37.32.38.0/24 maxlen: 24
37.32.39.0/24 maxlen: 24
37.75.243.0/24 maxlen: 24
37.75.244.0/22 maxlen: 22
37.75.244.0/24 maxlen: 24
37.75.245.0/24 maxlen: 24
37.75.246.0/24 maxlen: 24
37.75.247.0/24 maxlen: 24
45.9.252.0/22 maxlen: 24
45.9.252.0/24 maxlen: 24
45.9.253.0/24 maxlen: 24
45.9.254.0/24 maxlen: 24
45.87.4.0/22 maxlen: 22
45.140.224.0/22 maxlen: 22
46.28.72.0/21 maxlen: 24
46.28.72.0/24 maxlen: 24
46.28.73.0/24 maxlen: 24
46.28.74.0/24 maxlen: 24
78.110.120.0/22 maxlen: 24
84.47.224.0/21 maxlen: 21
84.47.224.0/22 maxlen: 22
84.47.224.0/24 maxlen: 24
84.47.225.0/24 maxlen: 24
84.47.226.0/24 maxlen: 24
84.47.227.0/24 maxlen: 24
84.47.228.0/22 maxlen: 22
84.47.228.0/24 maxlen: 24
84.47.229.0/24 maxlen: 24
84.47.230.0/24 maxlen: 24
84.47.231.0/24 maxlen: 24
85.198.24.0/22 maxlen: 24
86.57.96.0/20 maxlen: 20
86.57.112.0/23 maxlen: 23
86.57.114.0/23 maxlen: 23
86.57.116.0/22 maxlen: 22
86.57.120.0/23 maxlen: 23
86.57.122.0/23 maxlen: 23
88.135.37.0/24 maxlen: 24
88.135.38.0/24 maxlen: 24
88.135.39.0/24 maxlen: 24
91.236.168.0/23 maxlen: 23
91.236.168.0/24 maxlen: 24
91.236.169.0/24 maxlen: 24
185.18.212.0/22 maxlen: 22
185.18.212.0/24 maxlen: 24
185.18.213.0/24 maxlen: 24
185.18.214.0/24 maxlen: 24
185.18.215.0/24 maxlen: 24
185.51.200.0/24 maxlen: 24
185.51.201.0/24 maxlen: 24
185.51.202.0/24 maxlen: 24
185.51.203.0/24 maxlen: 24
185.121.128.0/22 maxlen: 24
185.121.128.0/24 maxlen: 24
185.121.129.0/24 maxlen: 24
185.121.130.0/24 maxlen: 24
185.121.131.0/24 maxlen: 24
185.128.136.0/24 maxlen: 24
185.128.137.0/24 maxlen: 24
185.128.138.0/24 maxlen: 24
185.128.139.0/24 maxlen: 24
185.141.132.0/24 maxlen: 24
185.141.133.0/24 maxlen: 24
185.141.134.0/24 maxlen: 24
185.141.135.0/24 maxlen: 24
185.182.248.0/22 maxlen: 22
185.182.248.0/23 maxlen: 23
185.182.250.0/23 maxlen: 23
185.182.250.0/24 maxlen: 24
185.182.251.0/24 maxlen: 24
188.209.152.0/23 maxlen: 23
195.110.38.0/23 maxlen: 23
195.110.38.0/24 maxlen: 24
195.110.39.0/24 maxlen: 24
217.172.120.0/21 maxlen: 24
217.172.124.0/23 maxlen: 23
217.172.126.0/23 maxlen: 23
217.172.127.0/24 maxlen: 24
2a02:828::/29 maxlen: 29
2a02:828::/32 maxlen: 32
2a02:828::/48 maxlen: 48
2a02:828::/64 maxlen: 64
2a02:828:1::/48 maxlen: 48
2a02:829::/32 maxlen: 32
2a02:82a::/32 maxlen: 32
2a02:82b::/32 maxlen: 32
2a02:82c::/32 maxlen: 32
2a02:82d::/32 maxlen: 32
2a02:82e::/32 maxlen: 32
2a02:82f::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:31:8b:ad:ef:87:6e:6a:03:4f:90:6d:38:1b:af:87:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: May 1 00:26:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55f40c1899d43e9b3f00f80cd2f989ce4ae3aa87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:22:33:d4:06:31:ca:d2:d5:44:ac:e1:b2:47:
be:f8:51:30:4a:4c:82:2e:3e:d3:1d:4b:97:6b:75:
47:df:92:98:ac:36:92:87:fa:5f:93:2f:8c:01:de:
d2:a3:41:04:40:26:47:2c:33:c6:7f:9b:fe:8a:92:
a4:4f:8f:15:7e:92:06:f1:6b:9c:dc:dd:02:08:db:
4b:e3:24:22:d0:f2:68:20:f2:7a:9b:87:4e:87:8f:
aa:26:bd:d9:7b:6b:87:e8:66:b8:a1:49:36:62:d8:
b1:78:0a:f1:d1:f5:c3:67:fb:e0:8d:7b:df:1b:a3:
f3:9e:dd:58:11:56:50:cf:80:e1:fb:e0:f6:ec:47:
8c:ed:7c:02:4c:11:d5:66:ab:5d:27:f1:28:71:c7:
08:c7:de:2c:5e:e5:a3:20:12:4f:3f:2c:e5:60:76:
41:21:d9:a2:40:e4:b9:0d:d3:68:5b:5f:c1:91:c7:
10:0c:79:db:0c:5b:29:f5:79:fb:2f:72:1b:74:e0:
7e:a8:09:9a:e3:49:a2:55:5b:b9:88:cd:9d:24:8d:
21:93:d3:16:12:5d:7f:27:f6:27:3a:23:6c:71:20:
c3:a1:1c:cf:38:3c:96:4f:e9:c7:29:bb:78:f1:03:
cd:3b:65:a4:79:40:70:2d:2e:57:85:2c:8c:13:77:
26:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:F4:0C:18:99:D4:3E:9B:3F:00:F8:0C:D2:F9:89:CE:4A:E3:AA:87
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/VfQMGJnUPps_APgM0vmJzkrjqoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.32.0/21
37.75.243.0-37.75.247.255
45.9.252.0/22
45.87.4.0/22
45.140.224.0/22
46.28.72.0/21
78.110.120.0/22
84.47.224.0/21
85.198.24.0/22
86.57.96.0-86.57.123.255
88.135.37.0-88.135.39.255
91.236.168.0/23
185.18.212.0/22
185.51.200.0/22
185.121.128.0/22
185.128.136.0/22
185.141.132.0/22
185.182.248.0/22
188.209.152.0/23
195.110.38.0/23
217.172.120.0/21
IPv6:
2a02:828::/29
Signature Algorithm: sha256WithRSAEncryption
08:75:05:8f:cc:54:f6:61:f5:fd:ce:c5:3b:e0:84:50:ea:84:
f6:7a:f3:04:95:5e:28:e7:fc:ff:70:94:21:5c:02:c0:7d:36:
bc:05:34:ae:a1:51:dd:90:c1:59:04:21:88:32:b5:f1:e5:f6:
21:66:d5:6c:be:08:48:63:15:0d:6a:69:5b:97:8f:9a:88:0f:
59:c6:5b:82:6c:37:02:d8:46:cb:f9:2f:84:6d:05:f5:1b:72:
52:be:63:b9:40:92:a7:51:5e:e6:0d:ea:33:3c:82:ef:08:96:
bf:50:a5:d1:5f:ac:85:a1:58:33:18:76:04:59:a6:f5:2e:0e:
3d:8a:32:24:a0:3e:2b:21:06:e1:d5:74:ef:d0:73:96:d3:25:
d6:28:38:58:6c:0e:e0:16:66:1b:b9:2b:66:de:5b:71:b0:4c:
88:7b:e3:35:0e:c6:1d:5e:3b:53:ce:8f:f2:19:1d:45:b2:36:
d6:5f:cd:88:08:5a:6a:e2:64:72:cf:e3:68:e5:2a:49:84:62:
46:c2:20:99:98:b3:87:9a:b3:f2:56:ee:d7:38:a2:ed:da:31:
da:de:ba:39:29:3f:a0:2f:c7:4b:af:c8:ee:42:da:02:6b:36:
4b:b7:ad:16:fa:1a:a2:db:0f:91:8e:a6:df:48:89:30:4d:37:
25:98:1a:6e
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAY8xi63vh25qA0+QbTgbr4e9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjQwNTAxMDAyNjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWY0MGMxODk5ZDQzZTliM2YwMGY4MGNkMmY5ODljZTRhZTNhYTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyIz1AYxytLVRKzhske++FEwSkyC
Lj7THUuXa3VH35KYrDaSh/pfky+MAd7So0EEQCZHLDPGf5v+ipKkT48VfpIG8Wuc
3N0CCNtL4yQi0PJoIPJ6m4dOh4+qJr3Ze2uH6Ga4oUk2YtixeArx0fXDZ/vgjXvf
G6Pznt1YEVZQz4Dh++D27EeM7XwCTBHVZqtdJ/EocccIx94sXuWjIBJPPyzlYHZB
IdmiQOS5DdNoW1/BkccQDHnbDFsp9Xn7L3IbdOB+qAma40miVVu5iM2dJI0hk9MW
El1/J/YnOiNscSDDoRzPODyWT+nHKbt48QPNO2WkeUBwLS5XhSyME3cmCwIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFFX0DBiZ1D6bPwD4DNL5ic5K46qHMB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvVmZRTUdKblVQcHNfQVBnTTB2bUp6a3JqcW9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAMl
ICAwDAMEACVL8wMEAyVL8AMEAi0J/AMEAi1XBAMEAi2M4AMEAy4cSAMEAk5ueAME
A1Qv4AMEAlXGGDAMAwQFVjlgAwQCVjl4MAwDBABYhyUDBANYhyADBAFb7KgDBAK5
EtQDBAK5M8gDBAK5eYADBAK5gIgDBAK5jYQDBAK5tvgDBAG80ZgDBAHDbiYDBAPZ
rHgwDQQCAAIwBwMFAyoCCCgwDQYJKoZIhvcNAQELBQADggEBAAh1BY/MVPZh9f3O
xTvghFDqhPZ68wSVXijn/P9wlCFcAsB9NrwFNK6hUd2QwVkEIYgytfHl9iFm1Wy+
CEhjFQ1qaVuXj5qID1nGW4JsNwLYRsv5L4RtBfUbclK+Y7lAkqdRXuYN6jM8gu8I
lr9QpdFfrIWhWDMYdgRZpvUuDj2KMiSgPishBuHVdO/Qc5bTJdYoOFhsDuAWZhu5
K2beW3GwTIh74zUOxh1eO1POj/IZHUWyNtZfzYgIWmriZHLP42jlKkmEYkbCIJmY
s4eas/JW7tc4ou3aMdreujkpP6Avx0uvyO5C2gJrNku3rRb6GqLbD5GOpt9IiTBN
NyWYGm4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:16:21 2024 by rpki-client on console-fra.rpki-client.org