Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/E447xklzn3XSiBzvhzph4YMYKis.roa
File: E447xklzn3XSiBzvhzph4YMYKis.roa (raw, json)
Hash identifier: 76Taa8Yrit6lb7gxjuoCTkUHizs+MBlUjXiPCqx9T40=
Subject key identifier: 13:8E:3B:C6:49:73:9F:75:D2:88:1C:EF:87:3A:61:E1:83:18:2A:2B
Certificate issuer: /CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Certificate serial: 018CC649BF1826DAD5494D24BD918EF8D7E3
Authority key identifier: A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/E447xklzn3XSiBzvhzph4YMYKis.roa
Signing time: Mon 01 Jan 2024 18:29:30 +0000
ROA not before: Mon 01 Jan 2024 18:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48854
IP address blocks: 185.134.28.0/22 maxlen: 22
185.235.52.0/24 maxlen: 24
185.235.52.0/22 maxlen: 22
195.178.14.0/23 maxlen: 23
91.197.248.0/22 maxlen: 22
80.70.0.0/23 maxlen: 23
80.70.6.0/23 maxlen: 23
80.70.7.0/24 maxlen: 24
212.97.132.0/22 maxlen: 22
212.97.143.0/24 maxlen: 24
212.97.140.0/24 maxlen: 24
212.97.140.0/22 maxlen: 22
212.97.142.0/24 maxlen: 24
212.97.141.0/24 maxlen: 24
185.154.240.0/22 maxlen: 22
93.191.152.0/21 maxlen: 21
93.191.152.0/22 maxlen: 22
93.191.156.0/24 maxlen: 24
93.191.158.0/24 maxlen: 24
93.191.157.0/24 maxlen: 24
89.188.72.0/21 maxlen: 21
46.36.204.0/22 maxlen: 22
46.36.208.0/21 maxlen: 21
185.25.140.0/24 maxlen: 24
185.25.142.0/24 maxlen: 24
185.25.141.0/24 maxlen: 24
185.25.143.0/24 maxlen: 24
178.251.0.0/21 maxlen: 21
178.251.1.0/24 maxlen: 24
94.231.96.0/20 maxlen: 20
94.231.103.0/24 maxlen: 24
195.69.128.0/22 maxlen: 22
185.221.36.0/22 maxlen: 22
212.237.248.0/23 maxlen: 23
91.217.201.0/24 maxlen: 24
194.150.112.0/22 maxlen: 22
185.21.40.0/22 maxlen: 22
77.243.128.0/20 maxlen: 20
94.143.8.0/21 maxlen: 21
81.95.240.0/20 maxlen: 20
81.95.249.0/24 maxlen: 24
217.61.236.0/22 maxlen: 22
193.239.96.0/22 maxlen: 22
185.223.24.0/22 maxlen: 22
109.71.56.0/21 maxlen: 21
185.20.204.0/22 maxlen: 22
185.20.205.0/24 maxlen: 24
185.20.206.0/23 maxlen: 23
2a06:eac0::/29 maxlen: 48
2a02:2338::/32 maxlen: 48
2a03:2740::/47 maxlen: 48
2a02:2339:4000::/34 maxlen: 48
2a02:2339::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:bf:18:26:da:d5:49:4d:24:bd:91:8e:f8:d7:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Validity
Not Before: Jan 1 18:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=138e3bc649739f75d2881cef873a61e183182a2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f3:92:39:07:bd:15:04:db:0d:58:cb:b2:1e:
f7:93:b0:fe:9f:06:4f:e8:94:ed:99:de:ca:c8:e9:
86:52:c8:f0:71:9e:13:a9:aa:5d:0b:72:04:d6:79:
a7:bd:3e:72:6e:38:95:dc:e4:79:70:74:00:36:04:
1d:8b:d0:4b:7d:0f:c9:ce:8f:39:f6:dc:e6:c1:fb:
a5:0c:3a:e8:21:3c:a5:2e:12:26:a6:cd:13:7c:24:
f4:e6:ff:75:25:f7:cd:85:df:f9:79:e8:6d:3e:21:
04:cb:f4:61:59:ed:c7:86:7b:48:b1:de:58:cd:90:
15:e2:c0:a7:f2:8f:6c:32:24:d7:29:83:7a:35:26:
05:0a:f7:15:04:10:fa:02:0c:b8:6b:c9:b1:95:2c:
68:26:86:a3:84:b7:6d:f6:87:f6:ed:23:ef:4c:98:
99:0c:6a:ae:2a:d5:24:73:4a:c9:73:80:4e:08:05:
c3:a4:e9:cc:26:89:16:69:48:5a:be:a0:5a:fa:c0:
f7:c1:98:92:ab:6f:02:c9:65:ce:8c:bb:9d:4a:75:
b2:d4:cd:d1:c0:d1:7f:75:a5:38:95:fd:ed:7a:8f:
fa:a9:e1:7e:e9:48:55:c8:18:1f:a7:52:7b:e5:f1:
2e:cd:8a:36:b3:d1:e7:fe:e9:51:01:94:c8:5b:19:
5e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:8E:3B:C6:49:73:9F:75:D2:88:1C:EF:87:3A:61:E1:83:18:2A:2B
X509v3 Authority Key Identifier:
keyid:A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/E447xklzn3XSiBzvhzph4YMYKis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.204.0-46.36.215.255
77.243.128.0/20
80.70.0.0/23
80.70.6.0/23
81.95.240.0/20
89.188.72.0/21
91.197.248.0/22
91.217.201.0/24
93.191.152.0/21
94.143.8.0/21
94.231.96.0/20
109.71.56.0/21
178.251.0.0/21
185.20.204.0/22
185.21.40.0/22
185.25.140.0/22
185.134.28.0/22
185.154.240.0/22
185.221.36.0/22
185.223.24.0/22
185.235.52.0/22
193.239.96.0/22
194.150.112.0/22
195.69.128.0/22
195.178.14.0/23
212.97.132.0/22
212.97.140.0/22
212.237.248.0/23
217.61.236.0/22
IPv6:
2a02:2338::-2a02:2339:fff:ffff:ffff:ffff:ffff:ffff
2a02:2339:4000::/34
2a03:2740::/47
2a06:eac0::/29
Signature Algorithm: sha256WithRSAEncryption
69:85:bc:15:f7:ad:77:ca:f2:5a:dc:29:c9:b4:44:59:2d:15:
36:2f:fe:20:f6:5a:ba:aa:92:3b:00:08:ff:20:6a:d0:a1:b2:
5d:2d:27:82:c2:2a:98:a4:e2:48:86:09:99:cf:26:ec:08:ea:
02:a7:5e:0c:d8:03:fa:3c:d8:ed:dd:6c:4b:07:46:4f:a4:f3:
2b:2f:27:5a:8d:9c:4e:7c:77:13:4d:d6:bf:da:e3:37:e7:24:
71:c3:f8:9e:f3:0a:c8:85:83:59:09:2d:af:77:f7:f1:fe:67:
e8:9d:18:02:19:32:22:52:2a:49:00:b5:c6:0a:f0:9c:20:22:
84:68:03:e7:fe:5a:90:fb:03:9e:6f:f1:c7:46:90:81:d9:e9:
e6:17:25:0e:5e:09:ff:5e:6d:ad:5e:38:26:8b:16:df:ed:c1:
6d:ef:c7:87:d6:70:73:46:4b:b0:b6:ce:af:0b:84:8a:e6:92:
23:8f:f1:76:bc:61:7a:8d:1a:00:23:75:2d:0c:64:1e:ad:27:
82:c8:15:34:80:78:3a:45:5e:49:e9:88:17:a0:6c:29:e7:a4:
c3:3f:d8:b9:c3:42:93:c8:76:36:3d:94:3f:1f:60:aa:3d:b6:
50:03:68:81:0f:8c:d4:81:55:42:01:4b:3e:ea:35:b2:3f:79:
5d:0f:97:a8
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAYzGSb8YJtrVSU0kvZGO+NfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTcyMDVmNWQ0MTI1N2E2YmI5NWY5MDBlZWMwYTExMjNl
NzUxNjQwHhcNMjQwMTAxMTgyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzhlM2JjNjQ5NzM5Zjc1ZDI4ODFjZWY4NzNhNjFlMTgzMTgyYTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovOSOQe9FQTbDVjLsh73k7D+nwZP
6JTtmd7KyOmGUsjwcZ4TqapdC3IE1nmnvT5ybjiV3OR5cHQANgQdi9BLfQ/Jzo85
9tzmwfulDDroITylLhImps0TfCT05v91JffNhd/5eehtPiEEy/RhWe3HhntIsd5Y
zZAV4sCn8o9sMiTXKYN6NSYFCvcVBBD6Agy4a8mxlSxoJoajhLdt9of27SPvTJiZ
DGquKtUkc0rJc4BOCAXDpOnMJokWaUhavqBa+sD3wZiSq28CyWXOjLudSnWy1M3R
wNF/daU4lf3teo/6qeF+6UhVyBgfp1J75fEuzYo2s9Hn/ulRAZTIWxleCQIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFBOOO8ZJc5910ogc74c6YeGDGCorMB8GA1UdIwQY
MBaAFKTnIF9dQSV6a7lfkA7sChEj51FkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDkt
M2U1OWNlNDQ1YjFjLzEvRTQ0N3hrbHpuM1hTaUJ6dmh6cGg0WU1ZS2lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDktM2U1OWNlNDQ1YjFj
LzEvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwgb0EAgABMIG2MAwD
BAIuJMwDBAMuJNADBARN84ADBAFQRgADBAFQRgYDBARRX/ADBANZvEgDBAJbxfgD
BABb2ckDBANdv5gDBANejwgDBARe52ADBANtRzgDBAOy+wADBAK5FMwDBAK5FSgD
BAK5GYwDBAK5hhwDBAK5mvADBAK53SQDBAK53xgDBAK56zQDBALB72ADBALClnAD
BALDRYADBAHDsg4DBALUYYQDBALUYYwDBAHU7fgDBALZPewwLwQCAAIwKTAPAwUD
KgIjOAMGBCoCIzkAAwYGKgIjOUADBwEqAydAAAADBQMqBurAMA0GCSqGSIb3DQEB
CwUAA4IBAQBphbwV9613yvJa3CnJtERZLRU2L/4g9lq6qpI7AAj/IGrQobJdLSeC
wiqYpOJIhgmZzybsCOoCp14M2AP6PNjt3WxLB0ZPpPMrLydajZxOfHcTTda/2uM3
5yRxw/ie8wrIhYNZCS2vd/fx/mfonRgCGTIiUipJALXGCvCcICKEaAPn/lqQ+wOe
b/HHRpCB2enmFyUOXgn/Xm2tXjgmixbf7cFt78eH1nBzRkuwts6vC4SK5pIjj/F2
vGF6jRoAI3UtDGQerSeCyBU0gHg6RV5J6YgXoGwp56TDP9i5w0KTyHY2PZQ/H2Cq
PbZQA2iBD4zUgVVCAUs+6jWyP3ldD5eo
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:20:14 2024 by rpki-client on console-ams.rpki-client.org