Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/L7MoG6byLGYEHdVvdzlas_j4kG4.roa
File: L7MoG6byLGYEHdVvdzlas_j4kG4.roa (raw, json)
Hash identifier: 4BXU0hh8UENwVBY9i94gAF9Mp+fACSCsAFaTG85DL3I=
Subject key identifier: 2F:B3:28:1B:A6:F2:2C:66:04:1D:D5:6F:77:39:5A:B3:F8:F8:90:6E
Certificate issuer: /CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Certificate serial: 0191B708F2C76C426067D18F679FA22C1E2C
Authority key identifier: 39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/L7MoG6byLGYEHdVvdzlas_j4kG4.roa
Signing time: Tue 03 Sep 2024 08:38:22 +0000
ROA not before: Tue 03 Sep 2024 08:38:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9021
IP address blocks: 90.158.0.0/16 maxlen: 16
90.158.0.0/18 maxlen: 18
90.158.0.0/22 maxlen: 22
90.158.0.0/23 maxlen: 23
90.158.3.0/24 maxlen: 24
90.158.8.0/24 maxlen: 24
90.158.15.0/24 maxlen: 24
90.158.16.0/24 maxlen: 24
90.158.18.0/24 maxlen: 24
90.158.19.0/24 maxlen: 24
90.158.24.0/24 maxlen: 24
90.158.26.0/24 maxlen: 24
90.158.27.0/24 maxlen: 24
90.158.28.0/24 maxlen: 24
90.158.29.0/24 maxlen: 24
90.158.30.0/24 maxlen: 24
90.158.31.0/24 maxlen: 24
90.158.32.0/24 maxlen: 24
90.158.33.0/24 maxlen: 24
90.158.36.0/24 maxlen: 24
90.158.37.0/24 maxlen: 24
90.158.39.0/24 maxlen: 24
90.158.41.0/24 maxlen: 24
90.158.43.0/24 maxlen: 24
90.158.44.0/24 maxlen: 24
90.158.45.0/24 maxlen: 24
90.158.46.0/24 maxlen: 24
90.158.47.0/24 maxlen: 24
90.158.48.0/20 maxlen: 20
90.158.48.0/24 maxlen: 24
90.158.50.0/23 maxlen: 23
90.158.51.0/24 maxlen: 24
90.158.52.0/23 maxlen: 23
90.158.52.0/24 maxlen: 24
90.158.53.0/24 maxlen: 24
90.158.54.0/23 maxlen: 23
90.158.55.0/24 maxlen: 24
90.158.56.0/24 maxlen: 24
90.158.60.0/24 maxlen: 24
90.158.62.0/24 maxlen: 24
90.158.64.0/21 maxlen: 21
90.158.64.0/24 maxlen: 24
90.158.65.0/24 maxlen: 24
90.158.66.0/24 maxlen: 24
90.158.67.0/24 maxlen: 24
90.158.68.0/24 maxlen: 24
90.158.72.0/22 maxlen: 22
90.158.72.0/24 maxlen: 24
90.158.73.0/24 maxlen: 24
90.158.74.0/24 maxlen: 24
90.158.75.0/24 maxlen: 24
90.158.96.0/22 maxlen: 22
90.158.100.0/24 maxlen: 24
90.158.101.0/24 maxlen: 24
90.158.102.0/23 maxlen: 23
90.158.104.0/24 maxlen: 24
90.158.105.0/24 maxlen: 24
90.158.109.0/24 maxlen: 24
90.158.110.0/24 maxlen: 24
90.158.111.0/24 maxlen: 24
90.158.112.0/20 maxlen: 20
90.158.114.0/24 maxlen: 24
90.158.116.0/24 maxlen: 24
90.158.117.0/24 maxlen: 24
90.158.119.0/24 maxlen: 24
90.158.120.0/24 maxlen: 24
90.158.121.0/24 maxlen: 24
90.158.122.0/24 maxlen: 24
90.158.123.0/24 maxlen: 24
90.158.126.0/24 maxlen: 24
90.158.127.0/24 maxlen: 24
90.158.128.0/17 maxlen: 17
90.158.128.0/21 maxlen: 21
90.158.136.0/21 maxlen: 21
90.158.139.0/24 maxlen: 24
90.158.160.0/24 maxlen: 24
90.158.161.0/24 maxlen: 24
90.158.200.0/23 maxlen: 23
90.158.224.0/22 maxlen: 22
90.158.240.0/21 maxlen: 21
90.158.244.0/22 maxlen: 22
90.158.248.0/21 maxlen: 21
90.158.249.0/24 maxlen: 24
90.158.251.0/24 maxlen: 24
90.158.252.0/22 maxlen: 22
90.159.0.0/16 maxlen: 16
90.159.0.0/22 maxlen: 22
90.159.0.0/24 maxlen: 24
90.159.1.0/24 maxlen: 24
90.159.2.0/24 maxlen: 24
90.159.3.0/24 maxlen: 24
90.159.4.0/23 maxlen: 23
90.159.10.0/24 maxlen: 24
90.159.15.0/24 maxlen: 24
90.159.20.0/24 maxlen: 24
90.159.26.0/24 maxlen: 24
90.159.27.0/24 maxlen: 24
90.159.29.0/24 maxlen: 24
90.159.31.0/24 maxlen: 24
90.159.33.0/24 maxlen: 24
90.159.34.0/24 maxlen: 24
90.159.36.0/24 maxlen: 24
90.159.37.0/24 maxlen: 24
90.159.38.0/24 maxlen: 24
90.159.44.0/22 maxlen: 22
90.159.50.0/24 maxlen: 24
90.159.51.0/24 maxlen: 24
90.159.58.0/24 maxlen: 24
90.159.59.0/24 maxlen: 24
90.159.60.0/24 maxlen: 24
90.159.61.0/24 maxlen: 24
90.159.64.0/18 maxlen: 18
90.159.64.0/24 maxlen: 24
90.159.68.0/24 maxlen: 24
90.159.128.0/20 maxlen: 20
90.159.136.0/21 maxlen: 21
90.159.136.0/24 maxlen: 24
90.159.240.0/20 maxlen: 20
90.159.246.0/24 maxlen: 24
212.98.0.0/19 maxlen: 19
212.98.0.0/20 maxlen: 20
212.98.1.0/24 maxlen: 24
212.98.2.0/24 maxlen: 24
212.98.8.0/21 maxlen: 21
212.98.9.0/24 maxlen: 24
212.98.16.0/21 maxlen: 21
212.98.16.0/24 maxlen: 24
212.98.28.0/22 maxlen: 22
213.143.224.0/20 maxlen: 20
213.143.226.0/23 maxlen: 23
213.143.226.0/24 maxlen: 24
213.143.227.0/24 maxlen: 24
213.143.228.0/24 maxlen: 24
213.143.229.0/24 maxlen: 24
213.143.230.0/24 maxlen: 24
213.143.233.0/24 maxlen: 24
213.143.234.0/24 maxlen: 24
213.143.235.0/24 maxlen: 24
213.143.236.0/22 maxlen: 22
213.143.238.0/24 maxlen: 24
213.143.239.0/24 maxlen: 24
213.143.240.0/20 maxlen: 20
213.143.240.0/22 maxlen: 22
213.143.240.0/24 maxlen: 24
213.143.241.0/24 maxlen: 24
213.143.243.0/24 maxlen: 24
213.143.244.0/22 maxlen: 22
213.143.250.0/24 maxlen: 24
213.143.251.0/24 maxlen: 24
213.143.252.0/24 maxlen: 24
213.143.253.0/24 maxlen: 24
213.143.254.0/24 maxlen: 24
213.143.255.0/24 maxlen: 24
213.161.128.0/19 maxlen: 19
213.161.128.0/21 maxlen: 21
213.161.135.0/24 maxlen: 24
213.161.136.0/21 maxlen: 21
213.161.136.0/22 maxlen: 22
213.161.144.0/23 maxlen: 23
213.161.144.0/24 maxlen: 24
213.161.145.0/24 maxlen: 24
213.161.146.0/24 maxlen: 24
213.161.148.0/23 maxlen: 23
213.161.148.0/24 maxlen: 24
213.161.149.0/24 maxlen: 24
213.161.150.0/24 maxlen: 24
213.161.151.0/24 maxlen: 24
213.161.152.0/21 maxlen: 21
213.161.152.0/24 maxlen: 24
2a00:1f90::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:08:f2:c7:6c:42:60:67:d1:8f:67:9f:a2:2c:1e:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Validity
Not Before: Sep 3 08:38:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fb3281ba6f22c66041dd56f77395ab3f8f8906e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5f:fe:d2:0d:be:cb:d9:1c:0d:bc:f4:53:ac:
b3:a9:54:59:83:0f:e9:18:e6:d8:54:26:71:12:88:
84:2c:a7:62:c7:7a:22:ea:1b:e3:f2:2e:c3:c8:ec:
3b:02:1a:f0:31:de:ca:cc:22:73:7e:1a:2a:d9:4f:
e8:77:6f:63:96:ad:dc:e9:e3:fa:e2:ab:50:94:27:
b4:07:93:83:bd:5e:dc:ff:08:c5:37:c6:c0:b4:e7:
fa:1b:74:ee:c0:83:78:7a:eb:db:64:37:0b:2d:29:
3a:1e:b8:eb:bd:25:79:25:17:fb:9c:43:1b:00:13:
9d:70:45:d3:6d:cd:8f:b3:e2:df:2c:5b:3a:b7:c9:
c4:a8:bd:95:43:a1:8a:33:52:43:9e:80:1b:b2:25:
b3:09:47:c0:97:be:ac:9b:f9:7a:44:00:9a:80:f9:
dd:df:15:7a:47:e7:d7:30:a9:a0:e5:73:94:63:ef:
ae:0a:7e:a6:4b:1b:40:ca:86:6b:4e:ae:68:6f:8a:
a7:7f:ea:0a:5a:2d:a6:a6:76:f8:a4:b6:da:bf:58:
b5:46:45:b4:b1:22:72:43:40:31:d6:9d:93:c6:13:
7d:3b:93:41:7f:49:5b:c1:1e:9f:f9:a9:ab:54:48:
2a:d6:6f:9d:28:50:c5:31:27:fd:60:25:5a:14:86:
ce:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:B3:28:1B:A6:F2:2C:66:04:1D:D5:6F:77:39:5A:B3:F8:F8:90:6E
X509v3 Authority Key Identifier:
keyid:39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/L7MoG6byLGYEHdVvdzlas_j4kG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.158.0.0/15
212.98.0.0/19
213.143.224.0/19
213.161.128.0/19
IPv6:
2a00:1f90::/32
Signature Algorithm: sha256WithRSAEncryption
86:6d:4d:0d:5f:e8:db:79:20:07:73:d4:e4:1d:8b:a5:11:1c:
c5:80:7a:30:f8:ba:f2:15:98:55:de:8b:ba:f1:fa:ea:56:f1:
da:13:cf:4f:a8:00:0c:f5:83:7d:0a:da:97:43:4e:69:5c:8e:
ea:79:e5:e2:44:ea:eb:f8:f5:ae:bb:72:12:52:d1:54:b9:82:
1a:52:ae:5e:75:16:24:7c:87:d9:37:cd:bd:b9:88:f7:df:42:
2d:4e:05:84:79:77:06:0f:37:5c:29:85:28:c0:26:20:0f:86:
13:e7:c4:ec:5b:33:50:0c:37:81:eb:e4:e7:f7:e6:b9:35:d1:
d2:f9:3a:22:0f:a0:f5:91:1d:bb:06:c2:a3:51:6f:27:86:29:
2c:67:eb:b1:7b:df:8b:57:1a:52:ac:81:6e:72:0e:28:55:54:
1f:60:7f:7a:4b:82:8c:0b:c1:d9:74:d6:11:e0:2e:54:8d:d3:
9c:4e:be:20:cb:8a:26:c6:3b:89:23:b8:52:54:be:18:f9:63:
22:a8:2e:cd:05:37:3c:df:5e:2c:8e:95:38:07:dd:3e:29:d7:
07:80:b7:08:23:ee:d3:bd:cc:a6:61:bd:af:74:96:52:40:db:
f7:f1:e5:0d:9b:6f:a4:f4:4f:6e:cc:18:ac:14:dc:f0:57:b0:
10:2c:b5:83
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZG3CPLHbEJgZ9GPZ5+iLB4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MTlmMmFkOTE1ODRiYWZmMDQ2NzQ0N2JhYzhmYjk3OGQx
ZjlkZDMwHhcNMjQwOTAzMDgzODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmIzMjgxYmE2ZjIyYzY2MDQxZGQ1NmY3NzM5NWFiM2Y4Zjg5MDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1/+0g2+y9kcDbz0U6yzqVRZgw/p
GObYVCZxEoiELKdix3oi6hvj8i7DyOw7AhrwMd7KzCJzfhoq2U/od29jlq3c6eP6
4qtQlCe0B5ODvV7c/wjFN8bAtOf6G3TuwIN4euvbZDcLLSk6HrjrvSV5JRf7nEMb
ABOdcEXTbc2Ps+LfLFs6t8nEqL2VQ6GKM1JDnoAbsiWzCUfAl76sm/l6RACagPnd
3xV6R+fXMKmg5XOUY++uCn6mSxtAyoZrTq5ob4qnf+oKWi2mpnb4pLbav1i1RkW0
sSJyQ0Ax1p2TxhN9O5NBf0lbwR6f+amrVEgq1m+dKFDFMSf9YCVaFIbOpQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFC+zKBum8ixmBB3Vb3c5WrP4+JBuMB8GA1UdIwQY
MBaAFDkZ8q2RWEuv8EZ0R7rI+5eNH53TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUt
MzJhYTY3MzFjMjkxLzEvTDdNb0c2YnlMR1lFSGRWdmR6bGFzX2o0a0c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUtMzJhYTY3MzFjMjkx
LzEvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMBWp4DBAXU
YgADBAXVj+ADBAXVoYAwDQQCAAIwBwMFACoAH5AwDQYJKoZIhvcNAQELBQADggEB
AIZtTQ1f6Nt5IAdz1OQdi6URHMWAejD4uvIVmFXei7rx+upW8doTz0+oAAz1g30K
2pdDTmlcjup55eJE6uv49a67chJS0VS5ghpSrl51FiR8h9k3zb25iPffQi1OBYR5
dwYPN1wphSjAJiAPhhPnxOxbM1AMN4Hr5Of35rk10dL5OiIPoPWRHbsGwqNRbyeG
KSxn67F734tXGlKsgW5yDihVVB9gf3pLgowLwdl01hHgLlSN05xOviDLiibGO4kj
uFJUvhj5YyKoLs0FNzzfXiyOlTgH3T4p1weAtwgj7tO9zKZhva90llJA2/fx5Q2b
b6T0T27MGKwU3PBXsBAstYM=
-----END CERTIFICATE-----
Generated at Sat Sep 28 12:41:19 2024 by rpki-client on console-ams.rpki-client.org