Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/hst77ckc5MlMEde9UQVYfNj5ccw.roa
File: hst77ckc5MlMEde9UQVYfNj5ccw.roa (raw, json)
Hash identifier: RcQswdDeu9zSy5PiYjrt3uDAyKfltfCZpW9oJaTQDLY=
Subject key identifier: 86:CB:7B:ED:C9:1C:E4:C9:4C:11:D7:BD:51:05:58:7C:D8:F9:71:CC
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 018F1F5E06B40A81A5CD5A677BAC66C1EBA5
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/hst77ckc5MlMEde9UQVYfNj5ccw.roa
Signing time: Sat 27 Apr 2024 11:43:26 +0000
ROA not before: Sat 27 Apr 2024 11:43:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206065
IP address blocks: 31.217.208.0/21 maxlen: 24
37.19.80.0/20 maxlen: 24
37.114.192.0/18 maxlen: 24
37.114.192.0/20 maxlen: 24
37.114.216.0/22 maxlen: 24
37.114.220.0/22 maxlen: 24
37.114.224.0/22 maxlen: 24
37.114.228.0/22 maxlen: 24
37.114.244.0/22 maxlen: 24
37.114.248.0/21 maxlen: 24
37.114.252.0/24 maxlen: 24
37.114.253.0/24 maxlen: 24
37.114.254.0/24 maxlen: 24
37.114.255.0/24 maxlen: 24
37.221.0.0/18 maxlen: 24
37.235.16.0/20 maxlen: 24
45.128.140.0/22 maxlen: 24
45.144.124.0/22 maxlen: 24
46.32.5.0/24 maxlen: 24
46.32.9.0/24 maxlen: 24
46.32.14.0/24 maxlen: 24
46.34.164.0/22 maxlen: 24
46.34.168.0/21 maxlen: 24
46.34.178.0/23 maxlen: 24
46.34.180.0/22 maxlen: 24
46.34.184.0/22 maxlen: 24
46.34.188.0/22 maxlen: 24
78.158.182.0/23 maxlen: 24
79.132.200.0/22 maxlen: 24
79.132.213.0/24 maxlen: 24
79.132.217.0/24 maxlen: 24
79.132.218.0/24 maxlen: 24
79.132.219.0/24 maxlen: 24
79.132.220.0/23 maxlen: 24
80.71.113.0/24 maxlen: 24
80.71.122.0/23 maxlen: 24
80.71.124.0/23 maxlen: 24
80.71.127.0/24 maxlen: 24
81.29.243.0/24 maxlen: 24
81.29.248.0/21 maxlen: 24
81.29.250.0/23 maxlen: 24
81.29.250.0/24 maxlen: 24
81.29.251.0/24 maxlen: 24
81.29.254.0/24 maxlen: 24
81.91.144.0/20 maxlen: 24
86.109.32.0/23 maxlen: 24
86.109.36.0/22 maxlen: 24
86.109.41.0/24 maxlen: 24
86.109.46.0/23 maxlen: 24
86.109.56.0/23 maxlen: 24
86.109.58.0/23 maxlen: 24
86.109.62.0/23 maxlen: 24
87.247.180.0/23 maxlen: 24
91.184.64.0/20 maxlen: 24
92.61.184.0/21 maxlen: 24
92.119.68.0/22 maxlen: 24
94.139.160.0/20 maxlen: 24
109.230.64.0/21 maxlen: 24
109.230.80.0/20 maxlen: 24
109.230.94.0/24 maxlen: 24
109.230.95.0/24 maxlen: 24
176.221.65.0/24 maxlen: 24
185.12.62.0/24 maxlen: 24
185.21.76.0/22 maxlen: 24
185.30.76.0/22 maxlen: 24
185.40.240.0/22 maxlen: 24
185.45.188.0/22 maxlen: 24
185.70.60.0/22 maxlen: 24
185.82.164.0/23 maxlen: 24
185.104.228.0/24 maxlen: 24
185.133.152.0/22 maxlen: 24
185.142.233.0/24 maxlen: 24
185.142.234.0/23 maxlen: 24
185.172.0.0/22 maxlen: 24
185.190.20.0/22 maxlen: 24
185.197.68.0/22 maxlen: 24
185.208.150.0/23 maxlen: 24
188.75.92.0/24 maxlen: 24
188.75.94.0/24 maxlen: 24
188.75.102.0/23 maxlen: 24
188.75.107.0/24 maxlen: 24
188.75.110.0/23 maxlen: 24
188.75.116.0/23 maxlen: 24
188.75.122.0/23 maxlen: 24
188.121.128.0/19 maxlen: 24
188.121.146.0/24 maxlen: 24
188.136.220.0/23 maxlen: 24
213.195.16.0/22 maxlen: 24
213.207.192.0/20 maxlen: 24
217.66.208.0/24 maxlen: 24
217.66.211.0/24 maxlen: 24
2a0c:100::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1f:5e:06:b4:0a:81:a5:cd:5a:67:7b:ac:66:c1:eb:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Apr 27 11:43:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86cb7bedc91ce4c94c11d7bd5105587cd8f971cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fc:48:f2:c6:74:6a:32:9c:0a:8a:65:a6:89:
93:ac:92:0d:84:99:32:51:1e:9e:34:33:58:57:9f:
c8:7a:2a:50:db:6c:b1:3a:bc:2e:26:dd:6a:df:5b:
e9:00:6b:c5:6e:d7:dd:ff:91:69:f7:ed:b3:c1:e0:
95:a0:2b:8b:fb:65:66:a7:b3:ca:d8:94:34:7e:8f:
7f:55:86:45:02:4a:77:0b:40:6f:fc:9c:39:00:f3:
fa:7f:81:e6:dc:29:8e:9a:d0:52:fe:d3:48:84:06:
94:9c:3e:c5:88:1b:96:94:f4:52:54:4f:70:17:9c:
de:f7:d7:08:3c:f6:63:f2:c7:8b:f3:d7:5d:9d:0b:
17:d9:7b:44:10:b4:24:f7:b0:4d:bc:0b:8a:21:ee:
be:08:ce:c8:76:d1:d3:5b:34:8c:7d:66:66:61:ef:
ad:9d:6a:53:08:bd:7f:5e:7f:5a:ad:92:53:b4:23:
a1:35:0f:b7:1d:23:73:b1:a9:95:dc:75:cb:17:f6:
a4:15:2d:23:e9:95:18:8e:09:ed:43:f8:21:cf:01:
d0:4e:c0:ee:68:a2:9a:a3:6e:7b:ae:dc:b6:98:91:
97:1f:63:21:d5:7b:78:a9:c1:69:73:e5:d6:ba:c1:
19:ec:bb:5f:07:00:4b:c7:fb:80:9c:f5:9b:46:e9:
71:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:CB:7B:ED:C9:1C:E4:C9:4C:11:D7:BD:51:05:58:7C:D8:F9:71:CC
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/hst77ckc5MlMEde9UQVYfNj5ccw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.208.0/21
37.19.80.0/20
37.114.192.0/18
37.221.0.0/18
37.235.16.0/20
45.128.140.0/22
45.144.124.0/22
46.32.5.0/24
46.32.9.0/24
46.32.14.0/24
46.34.164.0-46.34.175.255
46.34.178.0-46.34.191.255
78.158.182.0/23
79.132.200.0/22
79.132.213.0/24
79.132.217.0-79.132.221.255
80.71.113.0/24
80.71.122.0-80.71.125.255
80.71.127.0/24
81.29.243.0/24
81.29.248.0/21
81.91.144.0/20
86.109.32.0/23
86.109.36.0/22
86.109.41.0/24
86.109.46.0/23
86.109.56.0/22
86.109.62.0/23
87.247.180.0/23
91.184.64.0/20
92.61.184.0/21
92.119.68.0/22
94.139.160.0/20
109.230.64.0/21
109.230.80.0/20
176.221.65.0/24
185.12.62.0/24
185.21.76.0/22
185.30.76.0/22
185.40.240.0/22
185.45.188.0/22
185.70.60.0/22
185.82.164.0/23
185.104.228.0/24
185.133.152.0/22
185.142.233.0-185.142.235.255
185.172.0.0/22
185.190.20.0/22
185.197.68.0/22
185.208.150.0/23
188.75.92.0/24
188.75.94.0/24
188.75.102.0/23
188.75.107.0/24
188.75.110.0/23
188.75.116.0/23
188.75.122.0/23
188.121.128.0/19
188.136.220.0/23
213.195.16.0/22
213.207.192.0/20
217.66.208.0/24
217.66.211.0/24
IPv6:
2a0c:100::/29
Signature Algorithm: sha256WithRSAEncryption
13:0f:cf:66:36:3d:6c:54:18:58:26:26:25:64:8f:59:c9:b5:
6b:e1:42:62:eb:2f:fd:4d:20:76:fb:6e:7d:9e:94:ce:c7:ca:
5c:d7:77:c8:38:d2:cc:23:d7:ac:d2:4f:f9:e0:04:6a:16:3e:
84:8f:a0:90:84:c9:e1:b3:5c:29:e9:fd:af:5a:e5:fa:21:59:
38:eb:d9:a5:2e:28:ef:84:b7:40:8a:dc:42:3d:85:07:c9:ba:
ee:54:b5:3b:72:ec:d7:ae:35:72:cc:a1:a7:a6:19:6e:6b:0e:
04:f7:3f:e1:e8:1d:84:df:6c:df:b0:6d:38:c1:10:bd:cf:ca:
68:c2:c1:33:1d:ef:16:22:70:ad:ba:a1:0f:cf:56:59:f4:f3:
e2:20:2f:d9:0a:9c:c1:8e:77:2d:86:28:e8:0a:9d:39:5d:27:
40:6d:57:e7:ab:10:7d:db:78:e1:96:08:30:61:67:5c:1d:f3:
ac:fa:9d:b0:d4:d4:f6:42:f5:81:9c:31:c5:42:8c:cb:f3:00:
c6:12:11:8f:ae:15:61:ca:cb:92:61:08:1d:18:dc:e9:99:15:
07:e9:a0:4d:8e:ba:2c:1e:6e:65:7f:0e:d9:e2:78:38:c1:16:
5d:ac:3d:d0:26:37:7d:15:9e:0e:a9:16:4d:8e:4f:24:1d:05:
d5:d4:25:cb
-----BEGIN CERTIFICATE-----
MIIGsjCCBZqgAwIBAgISAY8fXga0CoGlzVpne6xmweulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjQwNDI3MTE0MzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmNiN2JlZGM5MWNlNGM5NGMxMWQ3YmQ1MTA1NTg3Y2Q4Zjk3MWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfxI8sZ0ajKcCoplpomTrJINhJky
UR6eNDNYV5/IeipQ22yxOrwuJt1q31vpAGvFbtfd/5Fp9+2zweCVoCuL+2Vmp7PK
2JQ0fo9/VYZFAkp3C0Bv/Jw5APP6f4Hm3CmOmtBS/tNIhAaUnD7FiBuWlPRSVE9w
F5ze99cIPPZj8seL89ddnQsX2XtEELQk97BNvAuKIe6+CM7IdtHTWzSMfWZmYe+t
nWpTCL1/Xn9arZJTtCOhNQ+3HSNzsamV3HXLF/akFS0j6ZUYjgntQ/ghzwHQTsDu
aKKao257rty2mJGXH2Mh1Xt4qcFpc+XWusEZ7LtfBwBLx/uAnPWbRulx2QIDAQAB
o4IDvjCCA7owHQYDVR0OBBYEFIbLe+3JHOTJTBHXvVEFWHzY+XHMMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvaHN0Nzdja2M1TWxNRWRlOVVRVllmTmo1Y2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB0gYIKwYBBQUHAQcBAf8EggHBMIIBvTCCAaoEAgABMIIB
ogMEAx/Z0AMEBCUTUAMEBiVywAMEBiXdAAMEBCXrEAMEAi2AjAMEAi2QfAMEAC4g
BQMEAC4gCQMEAC4gDjAMAwQCLiKkAwQELiKgMAwDBAEuIrIDBAYuIoADBAFOnrYD
BAJPhMgDBABPhNUwDAMEAE+E2QMEAU+E3AMEAFBHcTAMAwQBUEd6AwQBUEd8AwQA
UEd/AwQAUR3zAwQDUR34AwQEUVuQAwQBVm0gAwQCVm0kAwQAVm0pAwQBVm0uAwQC
Vm04AwQBVm0+AwQBV/e0AwQEW7hAAwQDXD24AwQCXHdEAwQEXougAwQDbeZAAwQE
beZQAwQAsN1BAwQAuQw+AwQCuRVMAwQCuR5MAwQCuSjwAwQCuS28AwQCuUY8AwQB
uVKkAwQAuWjkAwQCuYWYMAwDBAC5jukDBAK5jugDBAK5rAADBAK5vhQDBAK5xUQD
BAG50JYDBAC8S1wDBAC8S14DBAG8S2YDBAC8S2sDBAG8S24DBAG8S3QDBAG8S3oD
BAW8eYADBAG8iNwDBALVwxADBATVz8ADBADZQtADBADZQtMwDQQCAAIwBwMFAyoM
AQAwDQYJKoZIhvcNAQELBQADggEBABMPz2Y2PWxUGFgmJiVkj1nJtWvhQmLrL/1N
IHb7bn2elM7HylzXd8g40swj16zST/ngBGoWPoSPoJCEyeGzXCnp/a9a5fohWTjr
2aUuKO+Et0CK3EI9hQfJuu5UtTty7NeuNXLMoaemGW5rDgT3P+HoHYTfbN+wbTjB
EL3PymjCwTMd7xYicK26oQ/PVln08+IgL9kKnMGOdy2GKOgKnTldJ0BtV+erEH3b
eOGWCDBhZ1wd86z6nbDU1PZC9YGcMcVCjMvzAMYSEY+uFWHKy5JhCB0Y3OmZFQfp
oE2OuiwebmV/DtnieDjBFl2sPdAmN30Vng6pFk2OTyQdBdXUJcs=
-----END CERTIFICATE-----
Generated at Sat Apr 27 19:25:38 2024 by rpki-client on console.sobornost.net