Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/d15a62-e2ff-404d-a94c-7fdbf6fb0df8/1/hKEUlUG8saCwnDxMpQqR-ZQe6Ag.roa
File: hKEUlUG8saCwnDxMpQqR-ZQe6Ag.roa (raw, json)
Hash identifier: TzpW/VYGLKo7n1sHXS81ZRFVBjvmwSdMCFq2WTLGfpM=
Subject key identifier: 84:A1:14:95:41:BC:B1:A0:B0:9C:3C:4C:A5:0A:91:F9:94:1E:E8:08
Certificate issuer: /CN=78d778fe5754dc3e16d92270424be21b9281ec72
Certificate serial: 018CC348B56D91DCC887F12E053CB8DD32D6
Authority key identifier: 78:D7:78:FE:57:54:DC:3E:16:D9:22:70:42:4B:E2:1B:92:81:EC:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eNd4_ldU3D4W2SJwQkviG5KB7HI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/d15a62-e2ff-404d-a94c-7fdbf6fb0df8/1/hKEUlUG8saCwnDxMpQqR-ZQe6Ag.roa
Signing time: Mon 01 Jan 2024 04:29:31 +0000
ROA not before: Mon 01 Jan 2024 04:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51018
IP address blocks: 178.22.36.0/22 maxlen: 22
178.22.32.0/22 maxlen: 22
178.22.32.0/21 maxlen: 21
95.159.97.0/24 maxlen: 24
95.159.95.0/24 maxlen: 24
95.159.96.0/20 maxlen: 20
95.159.96.0/24 maxlen: 24
95.159.93.0/24 maxlen: 24
95.159.94.0/24 maxlen: 24
95.159.92.0/24 maxlen: 24
95.159.98.0/24 maxlen: 24
95.159.104.0/24 maxlen: 24
95.159.102.0/24 maxlen: 24
95.159.104.0/22 maxlen: 22
95.159.103.0/24 maxlen: 24
95.159.100.0/24 maxlen: 24
95.159.101.0/24 maxlen: 24
95.159.99.0/24 maxlen: 24
95.159.105.0/24 maxlen: 24
95.159.111.0/24 maxlen: 24
95.159.109.0/24 maxlen: 24
95.159.110.0/24 maxlen: 24
95.159.107.0/24 maxlen: 24
95.159.108.0/24 maxlen: 24
95.159.106.0/24 maxlen: 24
95.159.112.0/24 maxlen: 24
95.159.117.0/24 maxlen: 24
95.159.118.0/24 maxlen: 24
95.159.116.0/24 maxlen: 24
95.159.114.0/24 maxlen: 24
95.159.112.0/20 maxlen: 20
95.159.112.0/21 maxlen: 21
95.159.115.0/24 maxlen: 24
95.159.113.0/24 maxlen: 24
95.159.124.0/24 maxlen: 24
95.159.125.0/24 maxlen: 24
95.159.123.0/24 maxlen: 24
95.159.120.0/21 maxlen: 21
95.159.121.0/24 maxlen: 24
95.159.122.0/24 maxlen: 24
95.159.119.0/24 maxlen: 24
95.159.120.0/24 maxlen: 24
95.159.126.0/24 maxlen: 24
95.159.127.0/24 maxlen: 24
95.159.64.0/20 maxlen: 20
95.159.64.0/24 maxlen: 24
95.159.69.0/24 maxlen: 24
95.159.70.0/24 maxlen: 24
95.159.67.0/24 maxlen: 24
95.159.68.0/24 maxlen: 24
95.159.65.0/24 maxlen: 24
95.159.66.0/24 maxlen: 24
95.159.64.0/18 maxlen: 18
95.159.71.0/24 maxlen: 24
95.159.76.0/24 maxlen: 24
95.159.74.0/24 maxlen: 24
95.159.75.0/24 maxlen: 24
95.159.72.0/24 maxlen: 24
95.159.73.0/24 maxlen: 24
95.159.77.0/24 maxlen: 24
95.159.78.0/24 maxlen: 24
95.159.83.0/24 maxlen: 24
95.159.81.0/24 maxlen: 24
95.159.82.0/24 maxlen: 24
95.159.82.0/23 maxlen: 23
95.159.84.0/22 maxlen: 22
95.159.84.0/23 maxlen: 23
95.159.84.0/24 maxlen: 24
95.159.85.0/24 maxlen: 24
95.159.79.0/24 maxlen: 24
95.159.80.0/24 maxlen: 24
95.159.80.0/23 maxlen: 23
95.159.80.0/22 maxlen: 22
95.159.80.0/20 maxlen: 20
95.159.90.0/24 maxlen: 24
95.159.91.0/24 maxlen: 24
95.159.88.0/22 maxlen: 22
95.159.88.0/23 maxlen: 23
95.159.88.0/24 maxlen: 24
95.159.89.0/24 maxlen: 24
95.159.86.0/24 maxlen: 24
95.159.86.0/23 maxlen: 23
95.159.87.0/24 maxlen: 24
194.180.40.0/24 maxlen: 24
194.180.40.0/22 maxlen: 22
194.180.40.0/23 maxlen: 23
2a01:58a0::/32 maxlen: 32
2a01:58a0::/40 maxlen: 40
2a01:58a0:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/d15a62-e2ff-404d-a94c-7fdbf6fb0df8/1/eNd4_ldU3D4W2SJwQkviG5KB7HI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/d15a62-e2ff-404d-a94c-7fdbf6fb0df8/1/eNd4_ldU3D4W2SJwQkviG5KB7HI.mft
rsync://rpki.ripe.net/repository/DEFAULT/eNd4_ldU3D4W2SJwQkviG5KB7HI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 19:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:b5:6d:91:dc:c8:87:f1:2e:05:3c:b8:dd:32:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78d778fe5754dc3e16d92270424be21b9281ec72
Validity
Not Before: Jan 1 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84a1149541bcb1a0b09c3c4ca50a91f9941ee808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3a:7e:08:06:83:66:5f:4e:ea:a3:12:d7:fd:
32:91:d9:10:7b:5b:a9:78:ab:8a:63:28:d4:5a:87:
11:bc:42:eb:7e:8b:b1:8b:18:50:f9:2c:5f:27:a1:
af:12:57:7f:33:da:99:0d:cf:c0:da:0b:1a:d7:8e:
0f:2b:d7:01:4f:c0:9f:79:71:c1:52:9b:49:15:9e:
80:d3:f4:c2:17:5c:c3:9d:3e:41:fd:f5:2f:31:88:
97:1c:c5:ff:d7:9c:2d:37:12:72:a0:c5:b9:a5:d6:
57:79:63:78:fd:a2:4f:dd:03:9e:6f:1b:39:bf:6d:
ea:ce:b7:30:7c:04:4a:0e:de:7e:a0:f4:ff:91:f9:
8e:08:ac:c4:9d:12:0e:26:b2:2c:72:ef:5e:22:de:
ef:29:b0:6d:c4:2f:9e:e5:90:29:40:13:46:76:64:
d0:91:07:a4:ce:26:50:54:dd:c3:01:fb:5d:14:c4:
f7:52:b4:cd:2c:ae:b4:c1:0b:aa:ce:c5:93:9b:e6:
07:ab:50:34:6d:0f:57:e1:d3:b8:02:df:87:37:13:
9d:2c:60:e9:64:65:f3:05:7b:67:46:08:3f:b8:8e:
24:67:03:4c:f5:cd:fd:98:cd:fc:30:c9:dc:df:96:
9a:0d:fb:01:34:b9:3f:e3:0b:b8:84:e2:f2:81:dc:
d4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A1:14:95:41:BC:B1:A0:B0:9C:3C:4C:A5:0A:91:F9:94:1E:E8:08
X509v3 Authority Key Identifier:
keyid:78:D7:78:FE:57:54:DC:3E:16:D9:22:70:42:4B:E2:1B:92:81:EC:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eNd4_ldU3D4W2SJwQkviG5KB7HI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/d15a62-e2ff-404d-a94c-7fdbf6fb0df8/1/hKEUlUG8saCwnDxMpQqR-ZQe6Ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/d15a62-e2ff-404d-a94c-7fdbf6fb0df8/1/eNd4_ldU3D4W2SJwQkviG5KB7HI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.159.64.0/18
178.22.32.0/21
194.180.40.0/22
IPv6:
2a01:58a0::/32
Signature Algorithm: sha256WithRSAEncryption
5d:79:7d:8d:b8:33:07:c7:50:30:9e:98:5c:32:08:5e:a1:24:
dd:ac:1b:41:61:31:b0:7b:a8:9f:c1:59:7d:fb:85:d4:08:32:
e1:bd:f9:6d:6a:88:87:bf:15:7c:21:34:7e:f4:78:4a:26:2c:
85:90:e1:fd:22:89:01:22:27:e7:46:f8:18:f5:b9:0b:31:25:
71:97:41:b7:b6:33:df:5d:b1:2c:07:ba:7d:18:c5:3a:05:b7:
25:12:b1:96:dd:70:7d:54:cd:22:c9:f5:2d:2c:c9:95:73:fb:
85:95:9f:ca:03:eb:45:b4:89:c2:c5:32:c1:b5:38:fd:63:bf:
66:0c:61:ac:1d:a9:04:a3:02:e6:1e:12:ff:f3:c0:b9:f0:d1:
4f:84:3f:fc:7a:e8:38:d2:e0:92:e4:14:f2:1b:f7:7a:6a:69:
e5:22:a7:0c:0d:62:ae:57:33:81:8b:24:e6:36:2a:7a:91:6f:
a5:cd:38:75:bd:31:c4:a4:e6:b3:35:18:07:6d:fd:36:e5:05:
11:70:a7:75:6a:04:c1:72:cc:8c:fb:dd:8e:cf:b1:1d:a0:b4:
9b:26:4a:5a:16:21:7d:26:2d:bb:3f:74:c8:fd:34:86:4a:19:
fa:ad:7d:76:b6:0b:06:32:76:70:79:99:00:0c:d7:56:45:ee:
77:0b:12:21
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDSLVtkdzIh/EuBTy43TLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ZDc3OGZlNTc1NGRjM2UxNmQ5MjI3MDQyNGJlMjFiOTI4
MWVjNzIwHhcNMjQwMTAxMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGExMTQ5NTQxYmNiMWEwYjA5YzNjNGNhNTBhOTFmOTk0MWVlODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDp+CAaDZl9O6qMS1/0ykdkQe1up
eKuKYyjUWocRvELrfouxixhQ+SxfJ6GvEld/M9qZDc/A2gsa144PK9cBT8CfeXHB
UptJFZ6A0/TCF1zDnT5B/fUvMYiXHMX/15wtNxJyoMW5pdZXeWN4/aJP3QOebxs5
v23qzrcwfARKDt5+oPT/kfmOCKzEnRIOJrIscu9eIt7vKbBtxC+e5ZApQBNGdmTQ
kQekziZQVN3DAftdFMT3UrTNLK60wQuqzsWTm+YHq1A0bQ9X4dO4At+HNxOdLGDp
ZGXzBXtnRgg/uI4kZwNM9c39mM38MMnc35aaDfsBNLk/4wu4hOLygdzUcwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIShFJVBvLGgsJw8TKUKkfmUHugIMB8GA1UdIwQY
MBaAFHjXeP5XVNw+FtkicEJL4huSgexyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZU5kNF9sZFUzRDRXMlNKd1FrdmlHNUtCN0hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9kMTVhNjItZTJmZi00MDRkLWE5NGMt
N2ZkYmY2ZmIwZGY4LzEvaEtFVWxVRzhzYUN3bkR4TXBRcVItWlFlNkFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9kMTVhNjItZTJmZi00MDRkLWE5NGMtN2ZkYmY2ZmIwZGY4
LzEvZU5kNF9sZFUzRDRXMlNKd1FrdmlHNUtCN0hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGX59AAwQD
shYgAwQCwrQoMA0EAgACMAcDBQAqAVigMA0GCSqGSIb3DQEBCwUAA4IBAQBdeX2N
uDMHx1AwnphcMgheoSTdrBtBYTGwe6ifwVl9+4XUCDLhvfltaoiHvxV8ITR+9HhK
JiyFkOH9IokBIifnRvgY9bkLMSVxl0G3tjPfXbEsB7p9GMU6BbclErGW3XB9VM0i
yfUtLMmVc/uFlZ/KA+tFtInCxTLBtTj9Y79mDGGsHakEowLmHhL/88C58NFPhD/8
eug40uCS5BTyG/d6amnlIqcMDWKuVzOBiyTmNip6kW+lzTh1vTHEpOazNRgHbf02
5QURcKd1agTBcsyM+92Oz7EdoLSbJkpaFiF9Ji27P3TI/TSGShn6rX12tgsGMnZw
eZkADNdWRe53CxIh
-----END CERTIFICATE-----
Generated at Fri Sep 27 23:52:22 2024 by rpki-client on console-ams.rpki-client.org