Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/NwtU9zWF441DWUragzgs2ZkBTY4.roa
File: NwtU9zWF441DWUragzgs2ZkBTY4.roa (raw, json)
Hash identifier: kq9ccYEmxfhhb2yn3VW+YhKHfyB2GPF1SXPmqa88XMQ=
Subject key identifier: 37:0B:54:F7:35:85:E3:8D:43:59:4A:DA:83:38:2C:D9:99:01:4D:8E
Certificate issuer: /CN=dba12207af4d186c44da2533c0b8f1fd1f55d8db
Certificate serial: 018CC8DF1BD5E20320CEDF355227095C7C8E
Authority key identifier: DB:A1:22:07:AF:4D:18:6C:44:DA:25:33:C0:B8:F1:FD:1F:55:D8:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/NwtU9zWF441DWUragzgs2ZkBTY4.roa
Signing time: Tue 02 Jan 2024 06:31:54 +0000
ROA not before: Tue 02 Jan 2024 06:31:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41960
IP address blocks: 213.156.0.0/20 maxlen: 24
91.211.160.0/22 maxlen: 24
212.19.192.0/19 maxlen: 19
195.238.86.0/23 maxlen: 24
212.26.192.0/19 maxlen: 19
185.116.12.0/22 maxlen: 24
45.151.116.0/22 maxlen: 24
5.183.132.0/22 maxlen: 24
212.57.48.0/20 maxlen: 24
217.8.96.0/20 maxlen: 20
45.95.252.0/22 maxlen: 24
2.56.216.0/22 maxlen: 24
93.188.64.0/22 maxlen: 24
193.105.183.0/24 maxlen: 24
213.173.56.0/22 maxlen: 22
77.73.224.0/21 maxlen: 24
185.249.136.0/22 maxlen: 24
45.10.124.0/22 maxlen: 24
185.251.152.0/22 maxlen: 24
194.61.84.0/24 maxlen: 24
194.61.86.0/24 maxlen: 24
195.184.86.0/23 maxlen: 24
195.184.90.0/23 maxlen: 24
171.22.176.0/22 maxlen: 24
45.140.156.0/22 maxlen: 24
85.184.8.0/21 maxlen: 24
185.234.152.0/23 maxlen: 24
185.239.168.0/23 maxlen: 24
185.234.154.0/24 maxlen: 24
185.239.170.0/24 maxlen: 24
37.148.184.0/21 maxlen: 24
91.216.34.0/24 maxlen: 24
185.253.48.0/22 maxlen: 24
2a02:690::/29 maxlen: 32
2001:6e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/26EiB69NGGxE2iUzwLjx_R9V2Ns.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/26EiB69NGGxE2iUzwLjx_R9V2Ns.mft
rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:1b:d5:e2:03:20:ce:df:35:52:27:09:5c:7c:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dba12207af4d186c44da2533c0b8f1fd1f55d8db
Validity
Not Before: Jan 2 06:31:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=370b54f73585e38d43594ada83382cd999014d8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9f:5b:8f:56:de:1d:6b:56:9a:4b:e2:b2:d9:
0d:8a:79:fd:dd:e4:3a:38:8d:92:3f:e8:ca:c5:1c:
75:d6:8a:ac:32:22:e1:84:d4:33:0d:d4:2a:5c:7f:
9c:6f:b4:a3:20:13:c3:49:71:40:ee:a9:ba:06:c3:
dd:83:fd:36:96:2a:14:ac:31:6c:b0:86:e4:1a:8e:
1d:b1:72:92:26:f4:85:98:df:6c:56:43:d6:e2:7a:
fd:9e:45:0c:d9:9c:d3:aa:ba:38:00:68:8a:ae:90:
74:39:18:63:1f:1b:65:c2:a1:3e:aa:08:87:f4:78:
6b:9c:84:ce:0f:6b:f0:62:bf:e2:e8:82:01:92:f1:
be:02:78:aa:e4:ef:44:42:8d:69:32:eb:8d:73:f4:
f6:b9:4f:ad:44:16:3d:95:46:28:89:a0:4f:8e:e5:
8d:88:f3:a1:08:bd:38:0f:ae:04:80:0b:1a:71:55:
bf:0a:fa:24:cc:20:64:33:f5:48:94:c9:ef:f7:91:
7c:44:a4:87:e7:81:97:33:8d:a5:82:40:e8:ae:a1:
cd:10:ce:e2:da:a4:e5:aa:c2:02:2f:da:21:8d:66:
52:1c:09:52:e5:9a:a8:81:9d:7d:3a:7b:e1:14:58:
80:b3:58:b3:54:71:1e:64:94:6f:93:4d:c8:22:fb:
8a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:0B:54:F7:35:85:E3:8D:43:59:4A:DA:83:38:2C:D9:99:01:4D:8E
X509v3 Authority Key Identifier:
keyid:DB:A1:22:07:AF:4D:18:6C:44:DA:25:33:C0:B8:F1:FD:1F:55:D8:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/NwtU9zWF441DWUragzgs2ZkBTY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/26EiB69NGGxE2iUzwLjx_R9V2Ns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.216.0/22
5.183.132.0/22
37.148.184.0/21
45.10.124.0/22
45.95.252.0/22
45.140.156.0/22
45.151.116.0/22
77.73.224.0/21
85.184.8.0/21
91.211.160.0/22
91.216.34.0/24
93.188.64.0/22
171.22.176.0/22
185.116.12.0/22
185.234.152.0-185.234.154.255
185.239.168.0-185.239.170.255
185.249.136.0/22
185.251.152.0/22
185.253.48.0/22
193.105.183.0/24
194.61.84.0/24
194.61.86.0/24
195.184.86.0/23
195.184.90.0/23
195.238.86.0/23
212.19.192.0/19
212.26.192.0/19
212.57.48.0/20
213.156.0.0/20
213.173.56.0/22
217.8.96.0/20
IPv6:
2001:6e0::/32
2a02:690::/29
Signature Algorithm: sha256WithRSAEncryption
82:48:11:85:be:e7:ce:d9:9f:bb:42:63:a3:df:13:dd:a0:15:
90:a0:d9:ec:bc:76:17:27:5a:ad:5a:f0:0d:50:e6:a8:1a:b0:
b8:02:a4:8e:49:89:9c:2b:f4:dc:e6:23:b7:e9:da:61:d6:ff:
be:c4:5c:f7:f8:b0:7c:23:e0:e2:86:3b:d4:1c:ff:e3:f2:f5:
de:e6:d2:02:d3:9a:1f:eb:01:94:99:f2:a7:67:e4:ab:95:56:
1d:27:d9:31:0f:99:db:3b:30:e8:6b:38:60:13:f5:20:7c:f8:
1a:93:7c:5e:aa:de:20:92:9b:9f:0b:b3:04:d4:2d:38:80:d2:
72:6c:79:1f:21:a9:54:73:43:d2:74:49:a9:3a:81:ab:f9:cb:
d3:b4:f8:cb:1c:d1:b7:fd:24:72:46:6f:d3:9f:f3:27:0b:68:
38:cc:f6:f6:f1:23:12:79:a4:6f:a1:79:00:32:e5:53:a9:98:
9f:19:42:c4:77:f3:f9:71:db:db:f9:0c:b6:7f:99:98:8f:ad:
dc:55:55:57:c1:43:4e:0f:d1:04:ca:94:80:31:7c:29:14:90:
3c:f6:08:19:aa:e6:c2:f4:91:f6:be:b9:d7:51:61:66:4d:79:
b8:7f:12:18:34:61:68:80:d4:a5:ab:ee:0e:39:b2:37:56:a4:
41:aa:98:f8
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAYzI3xvV4gMgzt81UicJXHyOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYTEyMjA3YWY0ZDE4NmM0NGRhMjUzM2MwYjhmMWZkMWY1
NWQ4ZGIwHhcNMjQwMTAyMDYzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzBiNTRmNzM1ODVlMzhkNDM1OTRhZGE4MzM4MmNkOTk5MDE0ZDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZ9bj1beHWtWmkvistkNinn93eQ6
OI2SP+jKxRx11oqsMiLhhNQzDdQqXH+cb7SjIBPDSXFA7qm6BsPdg/02lioUrDFs
sIbkGo4dsXKSJvSFmN9sVkPW4nr9nkUM2ZzTqro4AGiKrpB0ORhjHxtlwqE+qgiH
9HhrnITOD2vwYr/i6IIBkvG+Aniq5O9EQo1pMuuNc/T2uU+tRBY9lUYoiaBPjuWN
iPOhCL04D64EgAsacVW/CvokzCBkM/VIlMnv95F8RKSH54GXM42lgkDorqHNEM7i
2qTlqsICL9ohjWZSHAlS5ZqogZ19OnvhFFiAs1izVHEeZJRvk03IIvuKKQIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFDcLVPc1heONQ1lK2oM4LNmZAU2OMB8GA1UdIwQY
MBaAFNuhIgevTRhsRNolM8C48f0fVdjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjZFaUI2OU5HR3hFMmlVendManhfUjlWMk5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9jODAxMGUtMzI4OS00YTM2LWEyYjgt
MTJiMmJjNTgwNTNhLzEvTnd0VTl6V0Y0NDFEV1VyYWd6Z3MyWmtCVFk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9jODAxMGUtMzI4OS00YTM2LWEyYjgtMTJiMmJjNTgwNTNh
LzEvMjZFaUI2OU5HR3hFMmlVendManhfUjlWMk5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCB0QQCAAEwgcoDBAIC
ONgDBAIFt4QDBAMllLgDBAItCnwDBAItX/wDBAItjJwDBAItl3QDBANNSeADBANV
uAgDBAJb06ADBABb2CIDBAJdvEADBAKrFrADBAK5dAwwDAMEA7nqmAMEALnqmjAM
AwQDue+oAwQAue+qAwQCufmIAwQCufuYAwQCuf0wAwQAwWm3AwQAwj1UAwQAwj1W
AwQBw7hWAwQBw7haAwQBw+5WAwQF1BPAAwQF1BrAAwQE1DkwAwQE1ZwAAwQC1a04
AwQE2QhgMBQEAgACMA4DBQAgAQbgAwUDKgIGkDANBgkqhkiG9w0BAQsFAAOCAQEA
gkgRhb7nztmfu0Jjo98T3aAVkKDZ7Lx2FydarVrwDVDmqBqwuAKkjkmJnCv03OYj
t+naYdb/vsRc9/iwfCPg4oY71Bz/4/L13ubSAtOaH+sBlJnyp2fkq5VWHSfZMQ+Z
2zsw6Gs4YBP1IHz4GpN8XqreIJKbnwuzBNQtOIDScmx5HyGpVHND0nRJqTqBq/nL
07T4yxzRt/0kckZv05/zJwtoOMz29vEjEnmkb6F5ADLlU6mYnxlCxHfz+XHb2/kM
tn+ZmI+t3FVVV8FDTg/RBMqUgDF8KRSQPPYIGarmwvSR9r6511FhZk15uH8SGDRh
aIDUpavuDjmyN1akQaqY+A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:05:42 2024 by rpki-client on console-fra.rpki-client.org