Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/bfbe5f-97c8-4347-8a8c-e01bb48863a9/1/CGgk-ndKHVB72XM0fhQ2X4dwQ58.roa
File: CGgk-ndKHVB72XM0fhQ2X4dwQ58.roa (raw, json)
Hash identifier: E19AVaPK5sTegoRyhLs+xHczcNKkhrilGJo8qkL7K5c=
Subject key identifier: 08:68:24:FA:77:4A:1D:50:7B:D9:73:34:7E:14:36:5F:87:70:43:9F
Certificate issuer: /CN=ef8c33a8a6201d40a60220bd639b5d352212673e
Certificate serial: 018CC80112979EBA6DFE70EB142ED40DFAED
Authority key identifier: EF:8C:33:A8:A6:20:1D:40:A6:02:20:BD:63:9B:5D:35:22:12:67:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/74wzqKYgHUCmAiC9Y5tdNSISZz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/bfbe5f-97c8-4347-8a8c-e01bb48863a9/1/CGgk-ndKHVB72XM0fhQ2X4dwQ58.roa
Signing time: Tue 02 Jan 2024 02:29:22 +0000
ROA not before: Tue 02 Jan 2024 02:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21040
IP address blocks: 185.19.122.0/23 maxlen: 23
185.19.120.0/23 maxlen: 23
185.19.120.0/22 maxlen: 22
185.178.120.0/22 maxlen: 22
185.178.120.0/23 maxlen: 23
37.203.252.0/22 maxlen: 22
37.203.248.0/21 maxlen: 21
37.203.248.0/22 maxlen: 22
213.196.132.0/24 maxlen: 24
213.196.131.0/24 maxlen: 24
213.196.130.0/24 maxlen: 24
213.196.128.0/18 maxlen: 18
213.196.129.0/24 maxlen: 24
213.196.128.0/24 maxlen: 24
213.196.138.0/24 maxlen: 24
213.196.137.0/24 maxlen: 24
213.196.136.0/24 maxlen: 24
213.196.135.0/24 maxlen: 24
213.196.133.0/24 maxlen: 24
213.196.144.0/24 maxlen: 24
213.196.143.0/24 maxlen: 24
213.196.142.0/24 maxlen: 24
213.196.141.0/24 maxlen: 24
213.196.140.0/24 maxlen: 24
213.196.145.0/24 maxlen: 24
213.196.152.0/24 maxlen: 24
213.196.151.0/24 maxlen: 24
213.196.147.0/24 maxlen: 24
213.196.146.0/24 maxlen: 24
213.196.159.0/24 maxlen: 24
213.196.158.0/24 maxlen: 24
213.196.156.0/24 maxlen: 24
213.196.155.0/24 maxlen: 24
213.196.154.0/24 maxlen: 24
213.196.153.0/24 maxlen: 24
213.196.162.0/24 maxlen: 24
213.196.161.0/24 maxlen: 24
213.196.160.0/24 maxlen: 24
213.196.174.0/23 maxlen: 23
213.196.184.0/22 maxlen: 22
213.196.188.0/22 maxlen: 22
109.205.204.0/22 maxlen: 22
185.71.16.0/23 maxlen: 23
109.205.203.0/24 maxlen: 24
109.205.202.0/24 maxlen: 24
109.205.201.0/24 maxlen: 24
109.205.200.0/24 maxlen: 24
109.205.200.0/21 maxlen: 21
185.71.16.0/22 maxlen: 22
185.71.18.0/23 maxlen: 23
84.20.56.0/21 maxlen: 21
84.20.56.0/22 maxlen: 22
84.20.60.0/22 maxlen: 22
185.71.112.0/22 maxlen: 22
185.71.112.0/23 maxlen: 23
185.71.114.0/23 maxlen: 23
2a02:24e8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/bfbe5f-97c8-4347-8a8c-e01bb48863a9/1/74wzqKYgHUCmAiC9Y5tdNSISZz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/bfbe5f-97c8-4347-8a8c-e01bb48863a9/1/74wzqKYgHUCmAiC9Y5tdNSISZz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/74wzqKYgHUCmAiC9Y5tdNSISZz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:12:97:9e:ba:6d:fe:70:eb:14:2e:d4:0d:fa:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef8c33a8a6201d40a60220bd639b5d352212673e
Validity
Not Before: Jan 2 02:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=086824fa774a1d507bd973347e14365f8770439f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a8:74:2f:6c:44:76:fe:12:44:72:c5:5e:ea:
f5:f0:2f:4c:76:16:c9:47:2e:f5:d1:3b:67:b0:73:
a2:2e:b8:94:00:30:b9:8c:2c:e7:5e:d1:9a:cb:35:
9c:4a:97:4f:3d:e1:3e:db:3c:41:89:bf:a8:e0:05:
98:05:6d:ed:dc:24:27:cf:0d:59:cd:f9:32:3e:8a:
37:80:4c:b0:ab:9c:84:37:b5:0d:62:eb:52:af:69:
a1:13:a8:07:f3:34:5f:d5:bd:9f:e0:fe:16:fc:0f:
d5:69:9e:59:d1:54:05:6b:a1:a5:16:ea:55:b4:11:
97:5b:87:01:c8:db:31:7b:fb:75:a5:3e:57:94:c2:
1c:6e:3e:f1:e5:8a:da:5c:10:fe:d4:8e:b3:a3:c1:
28:f8:81:58:d0:d1:92:ee:99:ec:44:10:ab:a6:af:
69:b1:33:ee:f1:1c:4e:51:cd:c5:7b:5f:6e:15:ca:
87:e1:6c:9b:41:c9:f5:c8:8b:91:9a:0e:5b:85:41:
01:a5:ef:bd:a1:f1:6b:82:8d:6f:7f:3a:6c:c3:32:
f3:ee:9c:7c:d2:a7:e5:a1:cc:b6:56:1b:22:40:27:
a8:16:da:11:c7:b5:64:a7:70:09:b4:41:dc:b3:d6:
d6:30:ce:62:03:78:f5:0d:6e:4d:47:98:cd:80:96:
69:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:68:24:FA:77:4A:1D:50:7B:D9:73:34:7E:14:36:5F:87:70:43:9F
X509v3 Authority Key Identifier:
keyid:EF:8C:33:A8:A6:20:1D:40:A6:02:20:BD:63:9B:5D:35:22:12:67:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/74wzqKYgHUCmAiC9Y5tdNSISZz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/bfbe5f-97c8-4347-8a8c-e01bb48863a9/1/CGgk-ndKHVB72XM0fhQ2X4dwQ58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/bfbe5f-97c8-4347-8a8c-e01bb48863a9/1/74wzqKYgHUCmAiC9Y5tdNSISZz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.248.0/21
84.20.56.0/21
109.205.200.0/21
185.19.120.0/22
185.71.16.0/22
185.71.112.0/22
185.178.120.0/22
213.196.128.0/18
IPv6:
2a02:24e8::/29
Signature Algorithm: sha256WithRSAEncryption
be:c9:62:75:b5:06:bd:35:e0:c8:c8:ba:c5:e8:66:7c:ca:e0:
1b:6f:2d:02:84:9e:38:87:5e:22:20:e7:66:6f:a2:48:31:af:
03:1f:23:e6:10:c6:96:97:d8:c5:7c:12:3f:5d:b8:83:bd:7a:
11:9c:bd:fe:f5:b1:98:f5:7f:05:5f:9b:86:4f:f6:62:9b:ee:
15:ca:41:9b:2a:54:50:37:41:d8:58:96:f4:2f:12:3b:77:83:
9a:c2:ed:24:ad:2a:b7:26:30:dd:08:f4:8e:0f:86:9d:7e:95:
64:cc:b0:4f:2a:65:54:15:bd:c3:7f:37:e7:3d:71:10:42:25:
2d:d2:be:9f:b7:57:6b:90:c8:a1:14:fe:b9:09:6b:1b:2c:ff:
3f:e8:8a:91:65:d8:f8:48:fa:5c:4a:68:93:b6:44:57:41:05:
ea:87:1b:60:5b:1b:02:df:b0:0f:38:40:a6:8a:35:62:d5:86:
6a:89:15:77:51:bc:e9:c7:9b:24:e9:cc:0c:f0:7c:f9:b0:71:
4a:fb:79:77:ad:a1:a1:e3:84:cb:75:54:2a:e8:31:e3:e5:5a:
d7:da:21:9c:c9:f7:bd:9c:f3:64:94:25:82:0a:07:e4:f8:c4:
e0:23:c0:50:cd:ac:4c:9a:d4:4b:84:ab:59:04:6b:67:2c:9b:
67:91:c3:e6
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzIARKXnrpt/nDrFC7UDfrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmOGMzM2E4YTYyMDFkNDBhNjAyMjBiZDYzOWI1ZDM1MjIx
MjY3M2UwHhcNMjQwMTAyMDIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODY4MjRmYTc3NGExZDUwN2JkOTczMzQ3ZTE0MzY1Zjg3NzA0MzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqh0L2xEdv4SRHLFXur18C9MdhbJ
Ry710TtnsHOiLriUADC5jCznXtGayzWcSpdPPeE+2zxBib+o4AWYBW3t3CQnzw1Z
zfkyPoo3gEywq5yEN7UNYutSr2mhE6gH8zRf1b2f4P4W/A/VaZ5Z0VQFa6GlFupV
tBGXW4cByNsxe/t1pT5XlMIcbj7x5YraXBD+1I6zo8Eo+IFY0NGS7pnsRBCrpq9p
sTPu8RxOUc3Fe19uFcqH4WybQcn1yIuRmg5bhUEBpe+9ofFrgo1vfzpswzLz7px8
0qflocy2VhsiQCeoFtoRx7Vkp3AJtEHcs9bWMM5iA3j1DW5NR5jNgJZpKQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFAhoJPp3Sh1Qe9lzNH4UNl+HcEOfMB8GA1UdIwQY
MBaAFO+MM6imIB1ApgIgvWObXTUiEmc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzR3enFLWWdIVUNtQWlDOVk1dGROU0lTWno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9iZmJlNWYtOTdjOC00MzQ3LThhOGMt
ZTAxYmI0ODg2M2E5LzEvQ0dnay1uZEtIVkI3MlhNMGZoUTJYNGR3UTU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9iZmJlNWYtOTdjOC00MzQ3LThhOGMtZTAxYmI0ODg2M2E5
LzEvNzR3enFLWWdIVUNtQWlDOVk1dGROU0lTWno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJcv4AwQD
VBQ4AwQDbc3IAwQCuRN4AwQCuUcQAwQCuUdwAwQCubJ4AwQG1cSAMA0EAgACMAcD
BQMqAiToMA0GCSqGSIb3DQEBCwUAA4IBAQC+yWJ1tQa9NeDIyLrF6GZ8yuAbby0C
hJ44h14iIOdmb6JIMa8DHyPmEMaWl9jFfBI/XbiDvXoRnL3+9bGY9X8FX5uGT/Zi
m+4VykGbKlRQN0HYWJb0LxI7d4Oawu0krSq3JjDdCPSOD4adfpVkzLBPKmVUFb3D
fzfnPXEQQiUt0r6ft1drkMihFP65CWsbLP8/6IqRZdj4SPpcSmiTtkRXQQXqhxtg
WxsC37APOECmijVi1YZqiRV3Ubzpx5sk6cwM8Hz5sHFK+3l3raGh44TLdVQq6DHj
5VrX2iGcyfe9nPNklCWCCgfk+MTgI8BQzaxMmtRLhKtZBGtnLJtnkcPm
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:14:03 2024 by rpki-client on console-ams.rpki-client.org