Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/nwPeNLo1IA8DkU9FQsEL_ZUcdC8.roa
File: nwPeNLo1IA8DkU9FQsEL_ZUcdC8.roa (raw, json)
Hash identifier: F0+oqu0uTUKLz4z8oU7/CmMvG+kmgsKrOYE/RLvfQ5I=
Subject key identifier: 9F:03:DE:34:BA:35:20:0F:03:91:4F:45:42:C1:0B:FD:95:1C:74:2F
Certificate issuer: /CN=71949b47df313cbab9452da98fcc637608a909bd
Certificate serial: 018CCA293ED13497A580EB9897988B6F5580
Authority key identifier: 71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/nwPeNLo1IA8DkU9FQsEL_ZUcdC8.roa
Signing time: Tue 02 Jan 2024 12:32:29 +0000
ROA not before: Tue 02 Jan 2024 12:32:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13097
IP address blocks: 185.178.14.0/24 maxlen: 24
185.178.15.0/24 maxlen: 24
185.178.13.0/24 maxlen: 24
185.178.12.0/24 maxlen: 24
185.178.12.0/22 maxlen: 22
80.70.116.0/24 maxlen: 24
80.70.117.0/24 maxlen: 24
80.70.118.0/24 maxlen: 24
80.70.116.0/22 maxlen: 22
80.70.119.0/24 maxlen: 24
84.234.100.0/22 maxlen: 22
84.234.103.0/24 maxlen: 24
84.234.101.0/24 maxlen: 24
84.234.102.0/24 maxlen: 24
84.234.100.0/24 maxlen: 24
82.163.32.0/22 maxlen: 22
82.163.35.0/24 maxlen: 24
82.163.33.0/24 maxlen: 24
82.163.34.0/24 maxlen: 24
82.163.32.0/24 maxlen: 24
213.178.192.0/20 maxlen: 20
213.178.192.0/24 maxlen: 24
213.178.199.0/24 maxlen: 24
213.178.197.0/24 maxlen: 24
213.178.198.0/24 maxlen: 24
213.178.195.0/24 maxlen: 24
213.178.196.0/24 maxlen: 24
213.178.194.0/24 maxlen: 24
213.178.193.0/24 maxlen: 24
46.229.84.0/24 maxlen: 24
46.229.85.0/24 maxlen: 24
213.178.202.0/24 maxlen: 24
213.178.203.0/24 maxlen: 24
46.229.83.0/24 maxlen: 24
46.229.81.0/24 maxlen: 24
46.229.82.0/24 maxlen: 24
46.229.80.0/20 maxlen: 20
213.178.201.0/24 maxlen: 24
213.178.205.0/24 maxlen: 24
213.178.206.0/24 maxlen: 24
213.178.204.0/24 maxlen: 24
213.178.200.0/24 maxlen: 24
46.229.80.0/24 maxlen: 24
46.229.91.0/24 maxlen: 24
46.229.90.0/24 maxlen: 24
46.229.88.0/24 maxlen: 24
46.229.89.0/24 maxlen: 24
46.229.86.0/24 maxlen: 24
46.229.87.0/24 maxlen: 24
213.178.207.0/24 maxlen: 24
46.229.95.0/24 maxlen: 24
46.229.93.0/24 maxlen: 24
46.229.94.0/24 maxlen: 24
46.229.92.0/24 maxlen: 24
185.138.37.0/24 maxlen: 24
185.138.38.0/24 maxlen: 24
185.138.36.0/24 maxlen: 24
185.138.36.0/23 maxlen: 23
185.138.36.0/22 maxlen: 22
185.138.39.0/24 maxlen: 24
185.138.38.0/23 maxlen: 23
89.189.32.0/20 maxlen: 20
89.189.38.0/24 maxlen: 24
89.189.36.0/24 maxlen: 24
89.189.37.0/24 maxlen: 24
89.189.34.0/24 maxlen: 24
89.189.35.0/24 maxlen: 24
89.189.32.0/24 maxlen: 24
89.189.33.0/24 maxlen: 24
89.189.44.0/24 maxlen: 24
89.189.43.0/24 maxlen: 24
89.189.41.0/24 maxlen: 24
89.189.42.0/24 maxlen: 24
89.189.39.0/24 maxlen: 24
89.189.40.0/24 maxlen: 24
89.189.46.0/24 maxlen: 24
89.189.47.0/24 maxlen: 24
89.189.45.0/24 maxlen: 24
89.189.56.0/21 maxlen: 21
89.189.56.0/24 maxlen: 24
89.189.58.0/24 maxlen: 24
89.189.57.0/24 maxlen: 24
89.189.62.0/24 maxlen: 24
89.189.63.0/24 maxlen: 24
89.189.60.0/24 maxlen: 24
89.189.61.0/24 maxlen: 24
89.189.59.0/24 maxlen: 24
2a01:7540::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/cZSbR98xPLq5RS2pj8xjdgipCb0.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/cZSbR98xPLq5RS2pj8xjdgipCb0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:3e:d1:34:97:a5:80:eb:98:97:98:8b:6f:55:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71949b47df313cbab9452da98fcc637608a909bd
Validity
Not Before: Jan 2 12:32:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f03de34ba35200f03914f4542c10bfd951c742f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:88:8c:8d:6a:21:d0:ff:dc:26:51:6a:81:d5:
0c:2c:42:1e:78:84:0c:a1:37:91:7c:76:30:4a:3a:
3c:2c:84:75:9a:da:27:0e:9c:f9:87:70:78:e8:f8:
15:7a:86:39:c6:00:68:cc:63:ec:ca:9d:1c:2e:60:
5f:ed:2e:e2:2a:6f:9d:25:21:98:7b:af:f3:10:e0:
32:5e:2c:84:d0:bb:10:73:38:37:73:62:2a:66:5c:
a5:8d:b8:72:2e:1c:39:78:82:32:95:7a:75:b9:8f:
12:39:0a:18:1f:2d:4f:71:74:bc:8d:98:8f:db:81:
61:e6:bc:02:91:24:52:bf:dc:2a:82:70:6f:92:c0:
71:ec:88:fb:c1:5a:71:95:29:9c:46:27:34:9c:ce:
08:53:69:22:a1:82:d5:84:e7:80:6e:47:61:f1:cd:
a9:f7:65:ef:a5:e7:84:3c:5d:c6:78:64:a3:d9:55:
8d:1f:ab:5a:cb:ca:cc:1a:20:2d:21:f2:ec:e7:c0:
1e:55:03:70:44:7d:c3:40:85:47:9e:5c:5c:f5:94:
f7:c3:58:e8:e5:75:06:07:82:ee:f2:3d:be:c1:0c:
8c:bf:15:df:b3:db:f6:4b:49:69:c6:e3:00:59:14:
a6:41:6b:b2:6d:cf:e3:5a:2f:1e:dc:c2:a6:24:3f:
70:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:03:DE:34:BA:35:20:0F:03:91:4F:45:42:C1:0B:FD:95:1C:74:2F
X509v3 Authority Key Identifier:
keyid:71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/nwPeNLo1IA8DkU9FQsEL_ZUcdC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/cZSbR98xPLq5RS2pj8xjdgipCb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.80.0/20
80.70.116.0/22
82.163.32.0/22
84.234.100.0/22
89.189.32.0/20
89.189.56.0/21
185.138.36.0/22
185.178.12.0/22
213.178.192.0/20
IPv6:
2a01:7540::/32
Signature Algorithm: sha256WithRSAEncryption
17:b8:b2:29:79:de:25:bc:0f:ef:19:6e:0d:3e:b5:07:cb:ea:
fa:d1:00:0c:75:a8:b3:d4:5d:07:e3:24:6a:a3:ab:96:9a:72:
bf:48:a6:28:9c:d0:e2:1d:ad:8c:c5:25:25:2b:c3:5f:c7:12:
2b:fa:b8:6a:f8:0e:5b:81:f7:66:0e:3b:82:ec:42:a2:83:d6:
a9:f3:6e:52:79:95:d3:1d:6e:15:5d:f1:76:f0:0f:6a:77:d6:
26:1f:f5:4c:cf:0d:0f:75:b6:c0:9f:c7:9e:ff:0e:f9:9a:ea:
3d:f7:bd:7d:64:ee:de:aa:c1:34:cf:5c:8d:ac:10:9a:bf:03:
3e:3a:e4:c1:d2:1d:8d:51:08:ad:77:78:e7:2a:e5:28:53:2b:
9f:eb:25:b5:71:5f:34:1e:20:af:7a:d1:44:9c:04:0e:cc:41:
ce:e2:40:5e:be:cc:33:41:f1:57:79:90:3c:f2:67:52:9c:17:
be:cd:7b:10:82:a4:69:d8:b1:e1:73:64:44:d2:a7:5a:ad:69:
b7:73:1b:c8:30:90:b0:6e:1e:3e:ba:f3:b8:44:27:97:ed:49:
5e:fd:b5:d5:05:d5:57:1b:b3:57:2b:56:ca:31:94:9f:94:56:
0d:49:e1:af:68:6c:32:c6:b0:3e:9e:46:b9:6c:3c:fa:b7:d4:
7c:dd:7f:ab
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzKKT7RNJelgOuYl5iLb1WAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTQ5YjQ3ZGYzMTNjYmFiOTQ1MmRhOThmY2M2Mzc2MDhh
OTA5YmQwHhcNMjQwMTAyMTIzMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjAzZGUzNGJhMzUyMDBmMDM5MTRmNDU0MmMxMGJmZDk1MWM3NDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroiMjWoh0P/cJlFqgdUMLEIeeIQM
oTeRfHYwSjo8LIR1mtonDpz5h3B46PgVeoY5xgBozGPsyp0cLmBf7S7iKm+dJSGY
e6/zEOAyXiyE0LsQczg3c2IqZlyljbhyLhw5eIIylXp1uY8SOQoYHy1PcXS8jZiP
24Fh5rwCkSRSv9wqgnBvksBx7Ij7wVpxlSmcRic0nM4IU2kioYLVhOeAbkdh8c2p
92XvpeeEPF3GeGSj2VWNH6tay8rMGiAtIfLs58AeVQNwRH3DQIVHnlxc9ZT3w1jo
5XUGB4Lu8j2+wQyMvxXfs9v2S0lpxuMAWRSmQWuybc/jWi8e3MKmJD9wvwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFJ8D3jS6NSAPA5FPRULBC/2VHHQvMB8GA1UdIwQY
MBaAFHGUm0ffMTy6uUUtqY/MY3YIqQm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgt
MDA2NmY1NDFmYWVhLzEvbndQZU5MbzFJQThEa1U5RlFzRUxfWlVjZEM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgtMDA2NmY1NDFmYWVh
LzEvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQELuVQAwQC
UEZ0AwQCUqMgAwQCVOpkAwQEWb0gAwQDWb04AwQCuYokAwQCubIMAwQE1bLAMA0E
AgACMAcDBQAqAXVAMA0GCSqGSIb3DQEBCwUAA4IBAQAXuLIped4lvA/vGW4NPrUH
y+r60QAMdaiz1F0H4yRqo6uWmnK/SKYonNDiHa2MxSUlK8NfxxIr+rhq+A5bgfdm
DjuC7EKig9ap825SeZXTHW4VXfF28A9qd9YmH/VMzw0PdbbAn8ee/w75muo99719
ZO7eqsE0z1yNrBCavwM+OuTB0h2NUQitd3jnKuUoUyuf6yW1cV80HiCvetFEnAQO
zEHO4kBevswzQfFXeZA88mdSnBe+zXsQgqRp2LHhc2RE0qdarWm3cxvIMJCwbh4+
uvO4RCeX7Ule/bXVBdVXG7NXK1bKMZSflFYNSeGvaGwyxrA+nka5bDz6t9R83X+r
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:19:13 2024 by rpki-client on console-fra.rpki-client.org