Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/ipjAIi87PXPkNmTwPHLd3FMpg_M.roa
File: ipjAIi87PXPkNmTwPHLd3FMpg_M.roa (raw, json)
Hash identifier: S1mBt2/eIg0s2uVjX36H25CIZ8HwJdT+WytfztMmmlA=
Subject key identifier: 8A:98:C0:22:2F:3B:3D:73:E4:36:64:F0:3C:72:DD:DC:53:29:83:F3
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 018EA3AECA670FD2FDC8453D2E8A8E4B0415
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/ipjAIi87PXPkNmTwPHLd3FMpg_M.roa
Signing time: Wed 03 Apr 2024 11:18:45 +0000
ROA not before: Wed 03 Apr 2024 11:18:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202468
IP address blocks: 37.32.0.0/19 maxlen: 24
37.32.0.0/22 maxlen: 22
37.32.4.0/22 maxlen: 22
37.32.8.0/22 maxlen: 22
37.32.12.0/22 maxlen: 22
37.32.16.0/24 maxlen: 24
37.32.17.0/24 maxlen: 24
37.32.18.0/24 maxlen: 24
37.32.19.0/24 maxlen: 24
37.32.20.0/22 maxlen: 22
37.32.24.0/22 maxlen: 22
37.32.28.0/22 maxlen: 24
37.152.176.0/20 maxlen: 24
37.152.184.0/24 maxlen: 24
94.101.176.0/20 maxlen: 24
94.101.180.0/23 maxlen: 23
94.101.180.0/24 maxlen: 24
94.101.182.0/24 maxlen: 24
94.101.184.0/21 maxlen: 24
185.97.116.0/22 maxlen: 24
185.143.232.0/22 maxlen: 24
185.206.92.0/22 maxlen: 24
185.220.224.0/22 maxlen: 22
185.220.224.0/24 maxlen: 24
185.220.225.0/24 maxlen: 24
185.220.226.0/24 maxlen: 24
185.220.227.0/24 maxlen: 24
185.226.116.0/22 maxlen: 24
185.228.236.0/22 maxlen: 22
185.228.236.0/24 maxlen: 24
185.228.237.0/24 maxlen: 24
185.228.238.0/24 maxlen: 24
185.228.239.0/24 maxlen: 24
185.231.180.0/22 maxlen: 22
185.239.104.0/22 maxlen: 24
185.239.104.0/24 maxlen: 24
185.239.105.0/24 maxlen: 24
185.239.106.0/23 maxlen: 23
188.121.96.0/19 maxlen: 24
188.121.104.0/22 maxlen: 22
188.121.108.0/22 maxlen: 22
188.121.120.0/21 maxlen: 24
188.121.124.0/23 maxlen: 23
188.121.127.0/24 maxlen: 24
193.176.240.0/22 maxlen: 24
193.176.242.0/23 maxlen: 23
2a07:3900::/29 maxlen: 29
2a07:3900::/32 maxlen: 32
2a07:3900::/48 maxlen: 48
2a07:3900:1::/48 maxlen: 48
2a07:3901::/32 maxlen: 32
2a07:3902::/32 maxlen: 32
2a07:3902:100::/40 maxlen: 40
2a07:3902:200::/40 maxlen: 40
2a07:3902:300::/40 maxlen: 40
2a07:3902:400::/40 maxlen: 40
2a07:3902:500::/40 maxlen: 40
2a07:3903::/32 maxlen: 32
2a07:3904::/32 maxlen: 32
2a07:3905::/32 maxlen: 32
2a07:3906::/32 maxlen: 32
2a07:3907::/32 maxlen: 32
2a0c:a7c0::/29 maxlen: 29
2a0c:a7c0::/48 maxlen: 48
2a0c:a7c0:1::/48 maxlen: 48
2a0c:a7c0:2::/48 maxlen: 48
2a0c:a7c0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.mft
rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 19:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a3:ae:ca:67:0f:d2:fd:c8:45:3d:2e:8a:8e:4b:04:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: Apr 3 11:18:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a98c0222f3b3d73e43664f03c72dddc532983f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9d:6f:7d:8b:97:bc:10:b4:27:c5:51:26:54:
22:02:50:32:35:c5:5d:9b:50:c2:70:22:c4:99:46:
97:d1:2b:2f:45:63:50:3c:34:19:b7:c4:3a:b4:f2:
61:c5:97:a9:10:11:c1:db:e6:ef:f4:4b:60:17:3d:
ab:61:38:39:9d:da:48:d1:fd:66:9f:cf:f9:b8:c7:
62:4d:d5:3d:ad:2f:94:bb:a6:ba:08:d1:3b:e9:ff:
cb:fc:0d:10:5a:79:53:0b:cb:8d:97:bd:dd:ce:c3:
42:25:fd:b4:7c:7e:f9:1d:8f:41:28:87:4d:ac:6c:
c6:e4:89:53:23:6f:b6:21:cf:e9:b6:33:bc:79:da:
fe:76:bb:b0:d0:16:d7:dd:ff:72:c0:6c:bf:12:af:
e9:f0:9f:c9:47:22:2d:94:b2:c5:a0:de:db:62:52:
0b:a9:ef:24:0f:fe:5f:12:54:5d:ea:61:17:5e:20:
07:ba:1c:53:4e:c6:9e:ad:53:67:18:1e:3d:b1:a9:
18:a7:c0:ba:97:a5:e8:9b:f9:ab:34:9c:fb:43:e2:
27:74:8d:01:2a:4f:7d:31:6a:9c:cb:db:64:6d:17:
cc:4c:d7:b4:e3:7b:81:95:c3:b1:54:ee:de:e9:95:
10:ee:54:a0:14:0c:a5:f4:5a:40:9c:c6:69:dc:b8:
1c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:98:C0:22:2F:3B:3D:73:E4:36:64:F0:3C:72:DD:DC:53:29:83:F3
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/ipjAIi87PXPkNmTwPHLd3FMpg_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.0.0/19
37.152.176.0/20
94.101.176.0/20
185.97.116.0/22
185.143.232.0/22
185.206.92.0/22
185.220.224.0/22
185.226.116.0/22
185.228.236.0/22
185.231.180.0/22
185.239.104.0/22
188.121.96.0/19
193.176.240.0/22
IPv6:
2a07:3900::/29
2a0c:a7c0::/29
Signature Algorithm: sha256WithRSAEncryption
84:e0:23:3f:ee:a2:a2:c2:05:63:93:d0:88:82:24:2f:8f:30:
e9:1f:ea:fa:97:36:14:16:b6:2a:9f:aa:28:cf:5f:56:6b:89:
80:ec:40:87:1b:94:25:24:c8:96:32:68:a4:cb:12:4c:2f:6b:
4f:14:cf:7f:35:c3:a7:b4:37:95:96:f2:0d:31:09:6b:a9:b9:
31:3f:33:81:e0:f5:fd:ef:74:64:a9:1a:68:d6:4c:cc:d7:17:
de:5e:5d:c9:1f:67:ed:4d:43:51:00:fa:dc:e3:7a:c8:bc:b1:
60:f4:e4:c0:7d:f0:74:33:38:be:ba:9e:cf:5f:71:eb:9e:95:
08:c3:a5:b4:12:55:f2:96:e2:cc:c2:b1:7b:19:94:84:68:52:
0b:50:2a:4b:72:2f:cf:0b:6c:ea:c0:d7:b2:56:f8:fa:84:cc:
3f:64:1a:65:3c:ce:1f:f6:21:28:49:3c:00:c5:7d:a2:42:b5:
01:b9:75:1c:d8:fa:95:19:d3:a4:63:9e:20:62:19:c8:2a:80:
ec:23:68:72:5d:d6:f7:80:56:a6:d7:12:ad:1e:90:ef:96:83:
4a:5b:ba:53:d8:a5:b6:9f:75:32:e1:f7:33:0b:9b:71:59:92:
0f:09:18:85:86:4a:73:d4:24:8f:f7:5e:55:9c:61:65:58:47:
8f:4c:7d:56
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAY6jrspnD9L9yEU9LoqOSwQVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw
N2VjMDIwHhcNMjQwNDAzMTExODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTk4YzAyMjJmM2IzZDczZTQzNjY0ZjAzYzcyZGRkYzUzMjk4M2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZ1vfYuXvBC0J8VRJlQiAlAyNcVd
m1DCcCLEmUaX0SsvRWNQPDQZt8Q6tPJhxZepEBHB2+bv9EtgFz2rYTg5ndpI0f1m
n8/5uMdiTdU9rS+Uu6a6CNE76f/L/A0QWnlTC8uNl73dzsNCJf20fH75HY9BKIdN
rGzG5IlTI2+2Ic/ptjO8edr+druw0BbX3f9ywGy/Eq/p8J/JRyItlLLFoN7bYlIL
qe8kD/5fElRd6mEXXiAHuhxTTsaerVNnGB49sakYp8C6l6Xom/mrNJz7Q+IndI0B
Kk99MWqcy9tkbRfMTNe043uBlcOxVO7e6ZUQ7lSgFAyl9FpAnMZp3LgcBQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFIqYwCIvOz1z5DZk8Dxy3dxTKYPzMB8GA1UdIwQY
MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt
MWJiMTdhOGIyNmZlLzEvaXBqQUlpODdQWFBrTm1Ud1BITGQzRk1wZ19NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl
LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQFJSAAAwQE
JZiwAwQEXmWwAwQCuWF0AwQCuY/oAwQCuc5cAwQCudzgAwQCueJ0AwQCueTsAwQC
uee0AwQCue9oAwQFvHlgAwQCwbDwMBQEAgACMA4DBQMqBzkAAwUDKgynwDANBgkq
hkiG9w0BAQsFAAOCAQEAhOAjP+6iosIFY5PQiIIkL48w6R/q+pc2FBa2Kp+qKM9f
VmuJgOxAhxuUJSTIljJopMsSTC9rTxTPfzXDp7Q3lZbyDTEJa6m5MT8zgeD1/e90
ZKkaaNZMzNcX3l5dyR9n7U1DUQD63ON6yLyxYPTkwH3wdDM4vrqez19x656VCMOl
tBJV8pbizMKxexmUhGhSC1AqS3Ivzwts6sDXslb4+oTMP2QaZTzOH/YhKEk8AMV9
okK1Abl1HNj6lRnTpGOeIGIZyCqA7CNocl3W94BWptcSrR6Q75aDSlu6U9iltp91
MuH3MwubcVmSDwkYhYZKc9Qkj/deVZxhZVhHj0x9Vg==
-----END CERTIFICATE-----
Generated at Fri May 17 01:15:51 2024 by rpki-client on console-ams.rpki-client.org