Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/9IlULI2kwU3pfAa2saeXeUPXk-Y.roa
File: 9IlULI2kwU3pfAa2saeXeUPXk-Y.roa (raw, json)
Hash identifier: qiu6vpj3527B+xAxM6in8xvzY7lFy/4HQdLZOt1D0t0=
Subject key identifier: F4:89:54:2C:8D:A4:C1:4D:E9:7C:06:B6:B1:A7:97:79:43:D7:93:E6
Certificate issuer: /CN=e909ee3d618974da0cbd805a2da80410a4989881
Certificate serial: 018CCED0A0624A8F1CF4C1150500FAE1AC8D
Authority key identifier: E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/9IlULI2kwU3pfAa2saeXeUPXk-Y.roa
Signing time: Wed 03 Jan 2024 10:13:48 +0000
ROA not before: Wed 03 Jan 2024 10:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30781
IP address blocks: 46.231.216.0/21 maxlen: 24
185.53.80.0/22 maxlen: 24
46.22.192.0/20 maxlen: 24
46.255.200.0/21 maxlen: 24
185.114.100.0/22 maxlen: 24
94.100.160.0/20 maxlen: 24
37.110.192.0/21 maxlen: 24
193.151.84.0/22 maxlen: 24
193.151.84.0/24 maxlen: 24
193.151.87.0/24 maxlen: 24
37.26.184.0/21 maxlen: 24
37.156.226.0/24 maxlen: 24
194.116.142.0/23 maxlen: 24
185.15.140.0/22 maxlen: 24
185.62.184.0/22 maxlen: 24
212.85.229.0/24 maxlen: 24
212.85.230.0/23 maxlen: 24
195.234.35.0/24 maxlen: 24
95.143.64.0/20 maxlen: 24
91.224.162.0/23 maxlen: 24
176.241.120.0/21 maxlen: 24
212.18.240.0/21 maxlen: 24
82.96.128.0/18 maxlen: 24
78.153.224.0/19 maxlen: 24
91.226.193.0/24 maxlen: 24
185.61.184.0/21 maxlen: 24
31.172.232.0/21 maxlen: 24
185.78.156.0/22 maxlen: 24
185.92.36.0/22 maxlen: 24
31.7.248.0/21 maxlen: 24
31.172.160.0/22 maxlen: 24
193.189.124.0/23 maxlen: 24
185.4.60.0/23 maxlen: 24
185.4.62.0/24 maxlen: 24
185.91.224.0/22 maxlen: 24
77.72.88.0/21 maxlen: 24
46.247.128.0/22 maxlen: 24
37.61.240.0/21 maxlen: 24
46.102.116.0/24 maxlen: 24
85.31.192.0/19 maxlen: 24
82.163.36.0/22 maxlen: 24
149.232.160.0/20 maxlen: 24
87.121.136.0/21 maxlen: 24
5.226.0.0/21 maxlen: 24
88.212.144.0/21 maxlen: 24
185.209.52.0/22 maxlen: 24
82.196.24.0/21 maxlen: 24
77.246.80.0/20 maxlen: 24
89.44.77.0/24 maxlen: 24
195.128.147.0/24 maxlen: 24
2a03:bdc0::/32 maxlen: 48
2a02:398::/32 maxlen: 48
2a0b:41c0::/29 maxlen: 48
2a00:68c0::/32 maxlen: 48
2a04:cc00::/29 maxlen: 48
2a01:240::/32 maxlen: 48
2a01:290::/32 maxlen: 48
2a00:78c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 13:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:d0:a0:62:4a:8f:1c:f4:c1:15:05:00:fa:e1:ac:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e909ee3d618974da0cbd805a2da80410a4989881
Validity
Not Before: Jan 3 10:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f489542c8da4c14de97c06b6b1a7977943d793e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:9a:23:7b:55:00:56:b0:9b:47:bd:1e:f4:74:
00:6d:92:d0:99:05:84:d6:65:cf:97:18:be:f0:90:
09:e0:e2:18:16:ac:ef:da:9d:07:6d:ba:5e:c9:be:
bb:d3:39:c0:ec:94:7c:74:79:47:58:a2:f1:d2:c3:
49:9b:07:ed:44:3c:43:8b:31:11:45:20:af:1d:32:
b0:4c:84:3c:ec:c9:75:68:15:f5:10:b7:26:ea:f8:
c3:db:1f:fd:51:f7:ea:f7:11:04:b1:d7:9a:d8:11:
7f:a4:07:8f:ea:a8:e7:61:68:e4:cf:98:72:0a:43:
23:a1:b7:06:6e:8d:e8:7e:38:5b:bf:25:84:87:d2:
11:b7:85:26:9b:66:ff:9c:0c:fa:0e:53:2e:23:ed:
32:de:a0:2c:ae:96:a3:06:4e:2e:33:cd:a6:77:df:
9c:0c:c2:cf:8f:a3:ef:9e:64:76:4f:a3:b0:ec:ff:
eb:7e:e5:af:c2:39:43:1c:9d:30:c5:b6:b4:08:4d:
1a:3a:e6:d9:22:e9:2b:34:1b:1b:72:56:84:8b:2a:
2b:73:b2:16:ab:2c:73:8e:84:99:6a:64:c4:aa:f8:
55:98:47:c8:35:5c:c3:f6:68:32:c5:ee:d3:4c:d1:
6b:66:78:eb:8b:2b:3a:09:4d:14:01:bc:08:9c:1b:
99:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:89:54:2C:8D:A4:C1:4D:E9:7C:06:B6:B1:A7:97:79:43:D7:93:E6
X509v3 Authority Key Identifier:
keyid:E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/9IlULI2kwU3pfAa2saeXeUPXk-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.0.0/21
31.7.248.0/21
31.172.160.0/22
31.172.232.0/21
37.26.184.0/21
37.61.240.0/21
37.110.192.0/21
37.156.226.0/24
46.22.192.0/20
46.102.116.0/24
46.231.216.0/21
46.247.128.0/22
46.255.200.0/21
77.72.88.0/21
77.246.80.0/20
78.153.224.0/19
82.96.128.0/18
82.163.36.0/22
82.196.24.0/21
85.31.192.0/19
87.121.136.0/21
88.212.144.0/21
89.44.77.0/24
91.224.162.0/23
91.226.193.0/24
94.100.160.0/20
95.143.64.0/20
149.232.160.0/20
176.241.120.0/21
185.4.60.0-185.4.62.255
185.15.140.0/22
185.53.80.0/22
185.61.184.0/21
185.62.184.0/22
185.78.156.0/22
185.91.224.0/22
185.92.36.0/22
185.114.100.0/22
185.209.52.0/22
193.151.84.0/22
193.189.124.0/23
194.116.142.0/23
195.128.147.0/24
195.234.35.0/24
212.18.240.0/21
212.85.229.0-212.85.231.255
IPv6:
2a00:68c0::/32
2a00:78c0::/29
2a01:240::/32
2a01:290::/32
2a02:398::/32
2a03:bdc0::/32
2a04:cc00::/29
2a0b:41c0::/29
Signature Algorithm: sha256WithRSAEncryption
83:2d:49:52:44:9c:12:44:e4:99:c0:11:22:94:c5:a8:6b:3a:
83:ba:3e:5f:f7:55:1f:9d:ff:4d:3b:c0:9e:b6:af:99:9c:d3:
4d:b6:ff:28:36:22:91:98:c1:c7:0f:da:a9:08:21:f1:05:79:
aa:54:0b:50:0c:1d:75:ca:96:e4:2a:c2:10:b5:cf:64:6f:76:
b3:cc:3e:52:d6:88:5d:72:ae:38:5d:bc:c7:40:c7:85:57:5c:
23:7d:d2:5a:b0:bf:36:2a:1b:73:d4:da:f6:0d:7b:3b:56:81:
15:61:15:71:5e:39:82:3c:f4:a4:d1:8a:3e:d1:9f:eb:33:d6:
a8:13:89:8b:30:df:f4:d2:ee:65:c5:a1:c8:be:30:12:61:f7:
bd:bc:2a:cf:76:27:5e:a8:41:f3:5e:bb:1d:32:6a:e7:ff:b2:
24:f2:8b:44:75:75:82:67:6a:6f:82:a3:48:35:0e:6f:e3:2c:
e4:39:a7:87:0a:95:0b:ea:02:2c:c4:26:d2:22:e2:0f:ec:94:
55:fd:04:f9:10:38:00:2c:38:3e:8a:34:47:f9:bd:a6:c2:5a:
66:f0:9e:1b:c8:ec:b6:16:f2:f1:50:82:87:9f:58:16:a7:72:
f1:9a:fd:cc:81:cb:22:61:24:bd:7d:d5:9c:23:5a:d1:1c:65:
bb:70:9c:f5
-----BEGIN CERTIFICATE-----
MIIGZTCCBU2gAwIBAgISAYzO0KBiSo8c9MEVBQD64ayNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDllZTNkNjE4OTc0ZGEwY2JkODA1YTJkYTgwNDEwYTQ5
ODk4ODEwHhcNMjQwMTAzMTAxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDg5NTQyYzhkYTRjMTRkZTk3YzA2YjZiMWE3OTc3OTQzZDc5M2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJoje1UAVrCbR70e9HQAbZLQmQWE
1mXPlxi+8JAJ4OIYFqzv2p0Hbbpeyb670znA7JR8dHlHWKLx0sNJmwftRDxDizER
RSCvHTKwTIQ87Ml1aBX1ELcm6vjD2x/9Uffq9xEEsdea2BF/pAeP6qjnYWjkz5hy
CkMjobcGbo3ofjhbvyWEh9IRt4Umm2b/nAz6DlMuI+0y3qAsrpajBk4uM82md9+c
DMLPj6PvnmR2T6Ow7P/rfuWvwjlDHJ0wxba0CE0aOubZIukrNBsbclaEiyorc7IW
qyxzjoSZamTEqvhVmEfINVzD9mgyxe7TTNFrZnjriys6CU0UAbwInBuZpQIDAQAB
o4IDcTCCA20wHQYDVR0OBBYEFPSJVCyNpMFN6XwGtrGnl3lD15PmMB8GA1UdIwQY
MBaAFOkJ7j1hiXTaDL2AWi2oBBCkmJiBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEt
ZGQxMTVmOWUzMzAxLzEvOUlsVUxJMmt3VTNwZkFhMnNhZVhlVVBYay1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEtZGQxMTVmOWUzMzAx
LzEvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhQYIKwYBBQUHAQcBAf8EggF0MIIBcDCCASwEAgABMIIB
JAMEAwXiAAMEAx8H+AMEAh+soAMEAx+s6AMEAyUauAMEAyU98AMEAyVuwAMEACWc
4gMEBC4WwAMEAC5mdAMEAy7n2AMEAi73gAMEAy7/yAMEA01IWAMEBE32UAMEBU6Z
4AMEBlJggAMEAlKjJAMEA1LEGAMEBVUfwAMEA1d5iAMEA1jUkAMEAFksTQMEAVvg
ogMEAFviwQMEBF5koAMEBF+PQAMEBJXooAMEA7DxeDAMAwQCuQQ8AwQAuQQ+AwQC
uQ+MAwQCuTVQAwQDuT24AwQCuT64AwQCuU6cAwQCuVvgAwQCuVwkAwQCuXJkAwQC
udE0AwQCwZdUAwQBwb18AwQBwnSOAwQAw4CTAwQAw+ojAwQD1BLwMAwDBADUVeUD
BAPUVeAwPgQCAAIwOAMFACoAaMADBQMqAHjAAwUAKgECQAMFACoBApADBQAqAgOY
AwUAKgO9wAMFAyoEzAADBQMqC0HAMA0GCSqGSIb3DQEBCwUAA4IBAQCDLUlSRJwS
ROSZwBEilMWoazqDuj5f91Ufnf9NO8Cetq+ZnNNNtv8oNiKRmMHHD9qpCCHxBXmq
VAtQDB11ypbkKsIQtc9kb3azzD5S1ohdcq44XbzHQMeFV1wjfdJasL82Khtz1Nr2
DXs7VoEVYRVxXjmCPPSk0Yo+0Z/rM9aoE4mLMN/00u5lxaHIvjASYfe9vCrPdide
qEHzXrsdMmrn/7Ik8otEdXWCZ2pvgqNINQ5v4yzkOaeHCpUL6gIsxCbSIuIP7JRV
/QT5EDgALDg+ijRH+b2mwlpm8J4byOy2FvLxUIKHn1gWp3Lxmv3MgcsiYSS9fdWc
I1rRHGW7cJz1
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:32:22 2024 by rpki-client on console-ams.rpki-client.org