Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/OR-zFl2ZW9WrwEdypx5VnqmEjqU.roa
File: OR-zFl2ZW9WrwEdypx5VnqmEjqU.roa (raw, json)
Hash identifier: eHD9aszImfpFEOong+YF7Sl+sNkhyUDTmdp70f2hXro=
Subject key identifier: 39:1F:B3:16:5D:99:5B:D5:AB:C0:47:72:A7:1E:55:9E:A9:84:8E:A5
Certificate issuer: /CN=c1a190504b6d9ed9c18096840425b11d7b22dff4
Certificate serial: 018CC94ACCEAB479603082865A34BA2027BE
Authority key identifier: C1:A1:90:50:4B:6D:9E:D9:C1:80:96:84:04:25:B1:1D:7B:22:DF:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/waGQUEttntnBgJaEBCWxHXsi3_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/OR-zFl2ZW9WrwEdypx5VnqmEjqU.roa
Signing time: Tue 02 Jan 2024 08:29:31 +0000
ROA not before: Tue 02 Jan 2024 08:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42707
IP address blocks: 84.39.204.0/22 maxlen: 23
77.75.48.0/22 maxlen: 23
185.245.88.0/22 maxlen: 23
91.189.224.0/21 maxlen: 22
193.33.134.0/23 maxlen: 24
185.252.124.0/22 maxlen: 23
185.254.48.0/22 maxlen: 23
91.195.64.0/22 maxlen: 23
185.148.28.0/22 maxlen: 23
185.250.136.0/22 maxlen: 23
193.36.164.0/22 maxlen: 23
185.247.44.0/22 maxlen: 23
185.247.48.0/22 maxlen: 23
185.248.228.0/22 maxlen: 23
5.45.32.0/22 maxlen: 23
5.206.208.0/20 maxlen: 21
185.233.212.0/22 maxlen: 23
185.236.4.0/22 maxlen: 23
185.229.80.0/22 maxlen: 23
185.231.24.0/21 maxlen: 22
185.231.24.0/22 maxlen: 23
185.231.28.0/22 maxlen: 23
83.143.76.0/22 maxlen: 24
109.207.72.0/22 maxlen: 23
5.57.248.0/21 maxlen: 22
195.42.224.0/22 maxlen: 23
195.42.228.0/23 maxlen: 24
194.49.88.0/22 maxlen: 23
2a00:5140::/32 maxlen: 32
2a00:5141::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/waGQUEttntnBgJaEBCWxHXsi3_Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/waGQUEttntnBgJaEBCWxHXsi3_Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/waGQUEttntnBgJaEBCWxHXsi3_Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:cc:ea:b4:79:60:30:82:86:5a:34:ba:20:27:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1a190504b6d9ed9c18096840425b11d7b22dff4
Validity
Not Before: Jan 2 08:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=391fb3165d995bd5abc04772a71e559ea9848ea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e3:e7:af:e1:9d:ed:ee:8d:a5:d5:d9:67:63:
12:9c:3f:1e:31:6a:fa:6b:a8:07:9b:c2:0c:bc:9e:
ac:de:91:41:47:7c:17:4b:64:71:20:60:8f:eb:ec:
96:42:5c:eb:b7:4f:bf:71:62:90:60:46:74:82:f8:
8c:68:3d:ad:c8:e3:14:c9:d8:13:a6:bc:ae:2a:4b:
00:55:aa:cc:64:32:12:d2:d7:6b:64:c8:46:c0:fc:
9d:58:89:e0:5d:b3:3e:46:3f:27:a4:f7:fb:9c:40:
db:c8:43:e1:8a:79:77:67:fa:4e:b4:cc:e4:8e:fc:
e9:d7:b2:55:85:a1:04:21:9c:97:2a:f2:e6:3c:32:
98:77:dc:8c:fa:16:3d:9f:b6:52:4e:68:b3:61:97:
ce:aa:91:12:66:c6:f3:0c:3a:c3:d1:fa:f4:04:08:
15:1d:3f:20:6d:b7:75:0d:5a:cf:ec:cf:8b:51:b7:
af:f3:7c:3b:49:98:3e:c7:34:0f:2c:c0:bc:c9:6e:
da:b1:72:0d:89:c7:0a:22:64:57:e5:94:56:0b:4e:
26:10:4f:8b:ff:ba:87:f5:ab:d3:45:03:0e:15:2a:
eb:c4:b8:a5:1e:ec:1e:88:9e:af:cf:74:6f:1e:85:
50:db:ac:f9:4b:ad:ff:45:dc:e2:41:14:f3:62:77:
22:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:1F:B3:16:5D:99:5B:D5:AB:C0:47:72:A7:1E:55:9E:A9:84:8E:A5
X509v3 Authority Key Identifier:
keyid:C1:A1:90:50:4B:6D:9E:D9:C1:80:96:84:04:25:B1:1D:7B:22:DF:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/waGQUEttntnBgJaEBCWxHXsi3_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/OR-zFl2ZW9WrwEdypx5VnqmEjqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/waGQUEttntnBgJaEBCWxHXsi3_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.32.0/22
5.57.248.0/21
5.206.208.0/20
77.75.48.0/22
83.143.76.0/22
84.39.204.0/22
91.189.224.0/21
91.195.64.0/22
109.207.72.0/22
185.148.28.0/22
185.229.80.0/22
185.231.24.0/21
185.233.212.0/22
185.236.4.0/22
185.245.88.0/22
185.247.44.0-185.247.51.255
185.248.228.0/22
185.250.136.0/22
185.252.124.0/22
185.254.48.0/22
193.33.134.0/23
193.36.164.0/22
194.49.88.0/22
195.42.224.0-195.42.229.255
IPv6:
2a00:5140::/31
Signature Algorithm: sha256WithRSAEncryption
44:5d:a0:cc:f5:cd:92:75:74:92:9f:26:ee:1f:27:9d:bf:c8:
b5:85:f7:2d:bf:28:40:cc:99:08:02:2b:0d:ae:b1:7c:e9:82:
bb:b6:27:56:33:32:01:d0:71:6e:ae:df:0a:65:c2:13:53:23:
ec:93:1e:42:d2:7e:7c:ac:b8:cf:48:25:b4:b0:3b:7d:07:5a:
2a:9c:e4:d7:c6:bc:69:fd:95:71:54:a5:95:dd:7e:ed:4d:f7:
a6:26:83:36:03:37:34:80:2d:c7:63:8b:c4:40:a9:10:07:39:
6e:f8:f6:4f:fa:64:23:95:5d:9a:2b:bc:48:80:a7:de:87:84:
84:98:0f:97:92:dc:80:e1:c7:07:83:7f:93:2c:07:2a:23:29:
78:fb:96:31:1d:bd:9f:39:68:1d:fc:83:b5:61:25:3d:ec:55:
91:b1:cf:07:95:93:a1:97:82:c0:2b:e6:e1:2a:c9:ac:0f:76:
31:d4:e8:d5:4a:c0:10:65:ae:31:2a:74:ff:31:f6:d4:83:ac:
5b:f8:fb:79:ad:e6:34:ff:e8:fa:3f:c4:6f:74:3d:64:c6:6a:
a6:6c:25:7b:e5:8d:f1:c5:8a:2b:3e:d2:e7:ea:a7:af:20:37:
4c:3a:54:e8:43:76:78:fb:19:11:f0:12:5d:cf:9a:8f:a8:0a:
aa:1d:04:9c
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAYzJSszqtHlgMIKGWjS6ICe+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYTE5MDUwNGI2ZDllZDljMTgwOTY4NDA0MjViMTFkN2Iy
MmRmZjQwHhcNMjQwMTAyMDgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTFmYjMxNjVkOTk1YmQ1YWJjMDQ3NzJhNzFlNTU5ZWE5ODQ4ZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuPnr+Gd7e6NpdXZZ2MSnD8eMWr6
a6gHm8IMvJ6s3pFBR3wXS2RxIGCP6+yWQlzrt0+/cWKQYEZ0gviMaD2tyOMUydgT
pryuKksAVarMZDIS0tdrZMhGwPydWIngXbM+Rj8npPf7nEDbyEPhinl3Z/pOtMzk
jvzp17JVhaEEIZyXKvLmPDKYd9yM+hY9n7ZSTmizYZfOqpESZsbzDDrD0fr0BAgV
HT8gbbd1DVrP7M+LUbev83w7SZg+xzQPLMC8yW7asXINiccKImRX5ZRWC04mEE+L
/7qH9avTRQMOFSrrxLilHuweiJ6vz3RvHoVQ26z5S63/RdziQRTzYnci9QIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFDkfsxZdmVvVq8BHcqceVZ6phI6lMB8GA1UdIwQY
MBaAFMGhkFBLbZ7ZwYCWhAQlsR17It/0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2FHUVVFdHRudG5CZ0phRUJDV3hIWHNpM19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zODdmMjEtMTAxYi00ODdlLThhMGYt
MGI4MzhhNTk5NjYyLzEvT1ItekZsMlpXOVdyd0VkeXB4NVZucW1FanFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zODdmMjEtMTAxYi00ODdlLThhMGYtMGI4MzhhNTk5NjYy
LzEvd2FHUVVFdHRudG5CZ0phRUJDV3hIWHNpM19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBpwQCAAEwgaADBAIF
LSADBAMFOfgDBAQFztADBAJNSzADBAJTj0wDBAJUJ8wDBANbveADBAJbw0ADBAJt
z0gDBAK5lBwDBAK55VADBAO55xgDBAK56dQDBAK57AQDBAK59VgwDAMEArn3LAME
Arn3MAMEArn45AMEArn6iAMEArn8fAMEArn+MAMEAcEhhgMEAsEkpAMEAsIxWDAM
AwQFwyrgAwQBwyrkMA0EAgACMAcDBQEqAFFAMA0GCSqGSIb3DQEBCwUAA4IBAQBE
XaDM9c2SdXSSnybuHyedv8i1hfctvyhAzJkIAisNrrF86YK7tidWMzIB0HFurt8K
ZcITUyPskx5C0n58rLjPSCW0sDt9B1oqnOTXxrxp/ZVxVKWV3X7tTfemJoM2Azc0
gC3HY4vEQKkQBzlu+PZP+mQjlV2aK7xIgKfeh4SEmA+XktyA4ccHg3+TLAcqIyl4
+5YxHb2fOWgd/IO1YSU97FWRsc8HlZOhl4LAK+bhKsmsD3Yx1OjVSsAQZa4xKnT/
MfbUg6xb+Pt5reY0/+j6P8RvdD1kxmqmbCV75Y3xxYorPtLn6qevIDdMOlToQ3Z4
+xkR8BJdz5qPqAqqHQSc
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:36:54 2024 by rpki-client on console-ams.rpki-client.org