Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/ddiWfPNCeXdfgl5dwPDag1NmkHE.roa
File: ddiWfPNCeXdfgl5dwPDag1NmkHE.roa (raw, json)
Hash identifier: qUNNF6kTLXeVlWpMfyPieSTUv6Zida4rHy4r5EpD7MQ=
Subject key identifier: 75:D8:96:7C:F3:42:79:77:5F:82:5E:5D:C0:F0:DA:83:53:66:90:71
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 018CC5DCB0936CD8A346B212CE75C3759CBD
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/ddiWfPNCeXdfgl5dwPDag1NmkHE.roa
Signing time: Mon 01 Jan 2024 16:30:23 +0000
ROA not before: Mon 01 Jan 2024 16:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12430
IP address blocks: 81.60.0.0/15 maxlen: 18
89.141.0.0/16 maxlen: 16
62.100.96.0/19 maxlen: 19
2.154.192.0/18 maxlen: 18
84.127.229.0/24 maxlen: 24
212.97.160.0/19 maxlen: 19
81.202.0.0/15 maxlen: 15
213.37.0.0/16 maxlen: 16
62.117.128.0/17 maxlen: 17
5.40.0.0/16 maxlen: 16
82.158.0.0/15 maxlen: 16
62.57.0.0/16 maxlen: 16
89.140.0.0/16 maxlen: 16
212.22.32.0/19 maxlen: 20
95.39.0.0/16 maxlen: 19
212.79.128.0/19 maxlen: 19
80.224.0.0/16 maxlen: 16
83.173.128.0/18 maxlen: 18
85.251.0.0/16 maxlen: 17
212.183.192.0/18 maxlen: 18
84.120.0.0/13 maxlen: 19
194.140.128.0/18 maxlen: 18
2.154.0.0/16 maxlen: 16
81.184.0.0/16 maxlen: 16
213.231.64.0/18 maxlen: 18
80.174.0.0/16 maxlen: 17
213.201.0.0/17 maxlen: 17
62.174.0.0/15 maxlen: 19
212.122.96.0/19 maxlen: 19
62.82.0.0/15 maxlen: 16
80.173.0.0/16 maxlen: 17
212.78.128.0/19 maxlen: 19
194.149.192.0/19 maxlen: 19
194.106.0.0/19 maxlen: 19
213.254.64.0/18 maxlen: 18
62.42.0.0/15 maxlen: 16
212.21.224.0/19 maxlen: 19
82.213.128.0/18 maxlen: 18
213.227.0.0/18 maxlen: 18
85.136.0.0/15 maxlen: 15
212.95.192.0/19 maxlen: 19
81.172.0.0/17 maxlen: 17
79.108.0.0/15 maxlen: 18
85.219.0.0/17 maxlen: 17
85.155.0.0/16 maxlen: 16
62.81.0.0/16 maxlen: 24
83.138.192.0/18 maxlen: 18
85.155.174.0/24 maxlen: 24
212.40.224.0/24 maxlen: 24
212.40.224.0/19 maxlen: 19
2.152.0.0/16 maxlen: 16
217.216.0.0/15 maxlen: 15
185.128.128.0/22 maxlen: 24
2.152.0.0/14 maxlen: 17
62.101.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 01:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:b0:93:6c:d8:a3:46:b2:12:ce:75:c3:75:9c:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 1 16:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75d8967cf34279775f825e5dc0f0da8353669071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cb:fc:bf:e9:1b:64:27:51:c7:65:8d:b8:59:
63:19:d7:69:3c:91:b6:56:76:17:4f:a4:24:53:61:
92:0e:53:76:ca:b6:0e:9b:71:6f:a7:65:52:4e:f3:
31:24:68:1a:10:db:f0:a1:ae:c0:72:bc:4e:d7:5f:
4d:60:92:2d:ed:54:37:fc:c8:93:2f:9b:36:06:26:
7d:88:07:b1:4f:ff:51:38:ae:8b:80:63:47:de:4c:
0e:0c:3c:1a:b4:0d:ef:54:06:34:6c:54:43:53:e3:
f0:39:fb:09:3f:51:df:aa:f4:3a:ce:76:40:16:00:
13:b6:50:ee:7c:7d:c6:bc:d9:34:44:83:d0:41:22:
87:f9:48:35:96:2e:69:05:21:e0:b2:c6:31:46:b7:
33:87:6a:bb:5d:8a:eb:f4:8a:20:4f:34:7f:96:1a:
bf:a2:92:c6:50:35:03:5d:5a:97:88:05:e3:49:6e:
83:68:c9:70:27:c1:80:eb:3e:d0:4f:88:24:03:66:
95:ee:14:a7:13:18:e4:98:fb:c8:28:26:97:5f:02:
95:30:75:39:1d:3e:d3:f5:4d:fd:23:b8:77:a5:75:
b6:8f:f4:78:15:3e:8b:70:ff:4b:46:6b:1b:73:a1:
86:d2:25:c6:b1:ad:31:f9:74:94:ea:bb:2c:e1:d3:
43:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D8:96:7C:F3:42:79:77:5F:82:5E:5D:C0:F0:DA:83:53:66:90:71
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/ddiWfPNCeXdfgl5dwPDag1NmkHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.152.0.0/14
5.40.0.0/16
62.42.0.0/15
62.57.0.0/16
62.81.0.0-62.83.255.255
62.100.96.0/19
62.101.160.0/19
62.117.128.0/17
62.174.0.0/15
79.108.0.0/15
80.173.0.0-80.174.255.255
80.224.0.0/16
81.60.0.0/15
81.172.0.0/17
81.184.0.0/16
81.202.0.0/15
82.158.0.0/15
82.213.128.0/18
83.138.192.0/18
83.173.128.0/18
84.120.0.0/13
85.136.0.0/15
85.155.0.0/16
85.219.0.0/17
85.251.0.0/16
89.140.0.0/15
95.39.0.0/16
185.128.128.0/22
194.106.0.0/19
194.140.128.0/18
194.149.192.0/19
212.21.224.0/19
212.22.32.0/19
212.40.224.0/19
212.78.128.0/19
212.79.128.0/19
212.95.192.0/19
212.97.160.0/19
212.122.96.0/19
212.183.192.0/18
213.37.0.0/16
213.201.0.0/17
213.227.0.0/18
213.231.64.0/18
213.254.64.0/18
217.216.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0d:7c:2a:9c:a2:f7:10:69:c6:83:84:98:63:b8:b0:ce:b2:2b:
84:0f:75:1c:84:1d:f2:cf:d5:0c:cb:ac:25:7f:2e:1b:bf:a1:
ef:fb:5a:bc:37:bb:f8:4b:ac:a8:46:18:fd:fe:a9:c4:f2:6a:
3d:52:b3:e2:24:a2:4e:9f:28:32:7b:91:57:69:e9:bd:f3:52:
5a:28:8a:d6:46:5f:76:a0:dd:20:10:07:f3:d3:09:0a:d8:a1:
4c:cb:69:32:07:99:2e:f8:38:d7:52:5a:4b:ee:f3:65:55:4f:
34:8c:14:fa:72:68:7b:70:ea:d5:4c:fd:09:32:33:38:3b:60:
51:f1:3f:e5:1f:6d:e1:f6:55:66:78:f4:7c:58:42:fc:d1:b9:
36:2d:15:6e:43:34:85:e3:f7:78:66:b3:b7:e1:2d:5a:2d:df:
da:35:a6:e7:90:02:53:cc:39:f3:e7:ad:97:37:2c:3a:f2:65:
77:01:69:9d:39:a3:69:8e:9d:ca:83:05:44:e8:bb:59:ce:45:
67:a3:1f:66:be:df:e2:72:87:e2:da:5e:71:35:f4:5b:2d:fa:
ec:36:97:fe:26:42:32:11:2e:13:55:a9:d1:e9:2c:1e:2d:6c:
1e:b6:9d:56:cd:f6:80:e3:72:1d:1e:49:25:26:86:70:52:b5:
e3:3a:db:d5
-----BEGIN CERTIFICATE-----
MIIGDjCCBPagAwIBAgISAYzF3LCTbNijRrISznXDdZy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjQwMTAxMTYzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWQ4OTY3Y2YzNDI3OTc3NWY4MjVlNWRjMGYwZGE4MzUzNjY5MDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscv8v+kbZCdRx2WNuFljGddpPJG2
VnYXT6QkU2GSDlN2yrYOm3Fvp2VSTvMxJGgaENvwoa7AcrxO119NYJIt7VQ3/MiT
L5s2BiZ9iAexT/9ROK6LgGNH3kwODDwatA3vVAY0bFRDU+PwOfsJP1HfqvQ6znZA
FgATtlDufH3GvNk0RIPQQSKH+Ug1li5pBSHgssYxRrczh2q7XYrr9IogTzR/lhq/
opLGUDUDXVqXiAXjSW6DaMlwJ8GA6z7QT4gkA2aV7hSnExjkmPvIKCaXXwKVMHU5
HT7T9U39I7h3pXW2j/R4FT6LcP9LRmsbc6GG0iXGsa0x+XSU6rss4dND8wIDAQAB
o4IDGjCCAxYwHQYDVR0OBBYEFHXYlnzzQnl3X4JeXcDw2oNTZpBxMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvZGRpV2ZQTkNlWGRmZ2w1ZHdQRGFnMU5ta0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLgYIKwYBBQUHAQcBAf8EggEdMIIBGTCCARUEAgABMIIB
DQMDAgKYAwMABSgDAwE+KgMDAD45MAoDAwA+UQMDAj5QAwQFPmRgAwQFPmWgAwQH
PnWAAwMBPq4DAwFPbDAKAwMAUK0DAwBQrgMDAFDgAwMBUTwDBAdRrAADAwBRuAMD
AVHKAwMBUp4DBAZS1YADBAZTisADBAZTrYADAwNUeAMDAVWIAwMAVZsDBAdV2wAD
AwBV+wMDAVmMAwMAXycDBAK5gIADBAXCagADBAbCjIADBAXClcADBAXUFeADBAXU
FiADBAXUKOADBAXUToADBAXUT4ADBAXUX8ADBAXUYaADBAXUemADBAbUt8ADAwDV
JQMEB9XJAAMEBtXjAAMEBtXnQAMEBtX+QAMDAdnYMA0GCSqGSIb3DQEBCwUAA4IB
AQANfCqcovcQacaDhJhjuLDOsiuED3UchB3yz9UMy6wlfy4bv6Hv+1q8N7v4S6yo
Rhj9/qnE8mo9UrPiJKJOnygye5FXaem981JaKIrWRl92oN0gEAfz0wkK2KFMy2ky
B5ku+DjXUlpL7vNlVU80jBT6cmh7cOrVTP0JMjM4O2BR8T/lH23h9lVmePR8WEL8
0bk2LRVuQzSF4/d4ZrO34S1aLd/aNabnkAJTzDnz562XNyw68mV3AWmdOaNpjp3K
gwVE6LtZzkVnox9mvt/icofi2l5xNfRbLfrsNpf+JkIyES4TVanR6SweLWwetp1W
zfaA43IdHkklJoZwUrXjOtvV
-----END CERTIFICATE-----
Generated at Sun May 19 06:53:23 2024 by rpki-client on console-fra.rpki-client.org