Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/rZYszYEVGFVrJXrbSIX6PjeEgyI.roa
File: rZYszYEVGFVrJXrbSIX6PjeEgyI.roa (raw, json)
Hash identifier: dOzMNo9/KE3/2NDAV95xD+V0/zW9g4X2K2AMFzBqtuU=
Subject key identifier: AD:96:2C:CD:81:15:18:55:6B:25:7A:DB:48:85:FA:3E:37:84:83:22
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018D9CEDA23184EFB49248EFEA479594BDD9
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/rZYszYEVGFVrJXrbSIX6PjeEgyI.roa
Signing time: Mon 12 Feb 2024 10:47:15 +0000
ROA not before: Mon 12 Feb 2024 10:47:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5483
IP address blocks: 5.38.128.0/17 maxlen: 17
5.187.128.0/17 maxlen: 17
31.46.0.0/16 maxlen: 16
31.46.19.0/24 maxlen: 24
37.76.0.0/17 maxlen: 17
46.107.0.0/16 maxlen: 16
46.107.14.0/24 maxlen: 24
46.107.15.0/24 maxlen: 24
46.107.224.0/24 maxlen: 24
46.139.0.0/16 maxlen: 16
62.201.64.0/18 maxlen: 18
78.92.0.0/16 maxlen: 16
79.122.0.0/17 maxlen: 17
80.249.160.0/20 maxlen: 24
80.249.164.0/24 maxlen: 24
80.249.167.0/24 maxlen: 24
80.249.168.0/24 maxlen: 24
80.249.170.0/24 maxlen: 24
80.249.171.0/24 maxlen: 24
80.249.172.0/24 maxlen: 24
80.249.173.0/24 maxlen: 24
80.249.174.0/24 maxlen: 24
81.182.0.0/15 maxlen: 15
84.0.0.0/14 maxlen: 14
84.1.102.0/24 maxlen: 24
84.1.226.0/24 maxlen: 24
84.1.236.0/24 maxlen: 24
84.2.24.0/24 maxlen: 24
84.2.35.0/24 maxlen: 24
84.2.39.0/24 maxlen: 24
84.2.42.0/23 maxlen: 24
84.2.50.0/24 maxlen: 24
84.2.51.0/24 maxlen: 24
84.2.52.0/24 maxlen: 24
84.2.54.0/24 maxlen: 24
84.2.79.0/24 maxlen: 24
84.2.226.0/23 maxlen: 24
84.2.227.0/24 maxlen: 24
84.2.228.0/24 maxlen: 24
84.2.230.0/24 maxlen: 24
84.2.231.0/24 maxlen: 24
86.59.128.0/17 maxlen: 17
87.101.112.0/20 maxlen: 20
91.120.0.0/16 maxlen: 16
91.120.16.0/22 maxlen: 22
91.120.27.0/24 maxlen: 24
91.120.57.0/24 maxlen: 24
91.120.64.0/18 maxlen: 18
91.120.128.0/18 maxlen: 18
93.89.160.0/20 maxlen: 20
94.27.128.0/17 maxlen: 17
134.255.0.0/17 maxlen: 17
145.236.0.0/16 maxlen: 16
145.236.230.0/24 maxlen: 24
149.200.0.0/17 maxlen: 17
185.55.12.0/22 maxlen: 22
185.65.8.0/22 maxlen: 22
188.6.0.0/16 maxlen: 16
188.36.0.0/16 maxlen: 16
188.36.248.0/24 maxlen: 24
188.156.0.0/15 maxlen: 15
194.38.96.0/19 maxlen: 19
194.38.96.0/24 maxlen: 24
194.38.104.0/24 maxlen: 24
194.88.32.0/19 maxlen: 19
194.149.0.0/19 maxlen: 19
194.149.32.0/19 maxlen: 19
194.149.36.0/24 maxlen: 24
194.176.224.0/19 maxlen: 19
195.56.0.0/16 maxlen: 16
195.56.0.0/24 maxlen: 24
195.70.32.0/19 maxlen: 19
195.228.0.0/16 maxlen: 16
195.228.4.0/24 maxlen: 24
195.228.24.0/24 maxlen: 24
195.228.34.0/24 maxlen: 24
195.228.45.0/24 maxlen: 24
195.228.75.0/24 maxlen: 24
195.228.76.0/24 maxlen: 24
195.228.85.0/24 maxlen: 24
195.228.86.0/24 maxlen: 24
195.228.87.0/24 maxlen: 24
195.228.112.0/24 maxlen: 24
195.228.135.0/24 maxlen: 24
195.228.152.0/24 maxlen: 24
195.228.155.0/24 maxlen: 24
195.228.156.0/24 maxlen: 24
195.228.224.0/23 maxlen: 23
195.228.240.0/24 maxlen: 24
195.228.244.0/24 maxlen: 24
195.228.245.0/24 maxlen: 24
195.228.247.0/24 maxlen: 24
195.228.248.0/24 maxlen: 24
195.228.249.0/24 maxlen: 24
195.228.250.0/24 maxlen: 24
195.228.251.0/24 maxlen: 24
195.228.253.0/24 maxlen: 24
195.228.254.0/24 maxlen: 24
195.228.255.0/24 maxlen: 24
212.51.64.0/18 maxlen: 18
212.51.79.0/24 maxlen: 24
212.51.91.0/24 maxlen: 24
212.51.110.0/24 maxlen: 24
212.51.125.0/24 maxlen: 24
213.178.96.0/19 maxlen: 19
217.20.128.0/20 maxlen: 20
217.65.96.0/19 maxlen: 19
217.65.96.0/23 maxlen: 23
217.116.32.0/20 maxlen: 20
2001:4c48::/29 maxlen: 29
2001:4c48::/30 maxlen: 30
2001:4c48::/32 maxlen: 32
2001:4c48::/46 maxlen: 48
2001:4c4c::/30 maxlen: 30
2a00:10d0::/32 maxlen: 32
2a00:1110::/29 maxlen: 29
2a02:738::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9c:ed:a2:31:84:ef:b4:92:48:ef:ea:47:95:94:bd:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Feb 12 10:47:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad962ccd811518556b257adb4885fa3e37848322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:33:54:e0:72:77:f3:65:10:21:ae:7f:d0:95:
4a:5d:6d:ad:35:0a:2c:48:f1:f6:9f:a8:d8:69:5d:
a1:3c:3d:db:06:1e:ea:3b:57:c0:6d:23:14:b2:e7:
a3:9a:e1:4f:5f:0b:26:e1:3b:49:39:bd:a5:f7:7a:
e1:02:20:f8:08:98:fe:71:a4:66:ab:4f:d0:3a:6c:
97:5a:c9:9b:a7:9f:17:cc:5a:ca:18:fe:a0:42:d7:
d0:d7:ec:7e:a2:4e:63:fc:36:cc:bc:4d:9e:f2:2e:
97:6b:ce:5a:fb:dc:d9:fa:40:1e:e3:08:fa:6b:9d:
82:a8:89:a6:98:45:d0:a9:b2:50:62:b0:a0:1a:04:
9c:5d:c7:18:41:d0:d9:ce:ff:96:2d:2e:27:c8:d8:
9d:2a:09:b6:5f:2a:f9:44:4c:e9:14:6e:ac:c8:c4:
bd:15:ea:29:72:fd:d6:d5:1e:85:2b:7a:e0:36:b2:
37:b4:c7:85:f6:21:24:b6:e8:91:d7:34:39:cb:11:
72:52:b5:b4:18:26:7d:00:de:2c:d5:80:0f:8e:92:
f3:13:38:a1:66:a9:f7:81:c6:2d:81:08:1c:9e:01:
e4:8b:d3:ec:f3:f1:51:4a:44:d7:40:91:fb:06:05:
d9:1e:13:54:59:9d:fd:22:5d:17:9c:70:42:0a:49:
ee:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:96:2C:CD:81:15:18:55:6B:25:7A:DB:48:85:FA:3E:37:84:83:22
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/rZYszYEVGFVrJXrbSIX6PjeEgyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.38.128.0/17
5.187.128.0/17
31.46.0.0/16
37.76.0.0/17
46.107.0.0/16
46.139.0.0/16
62.201.64.0/18
78.92.0.0/16
79.122.0.0/17
80.249.160.0/20
81.182.0.0/15
84.0.0.0/14
86.59.128.0/17
87.101.112.0/20
91.120.0.0/16
93.89.160.0/20
94.27.128.0/17
134.255.0.0/17
145.236.0.0/16
149.200.0.0/17
185.55.12.0/22
185.65.8.0/22
188.6.0.0/16
188.36.0.0/16
188.156.0.0/15
194.38.96.0/19
194.88.32.0/19
194.149.0.0/18
194.176.224.0/19
195.56.0.0/16
195.70.32.0/19
195.228.0.0/16
212.51.64.0/18
213.178.96.0/19
217.20.128.0/20
217.65.96.0/19
217.116.32.0/20
IPv6:
2001:4c48::/29
2a00:10d0::/32
2a00:1110::/29
2a02:738::/32
Signature Algorithm: sha256WithRSAEncryption
5e:44:8f:fc:3a:fb:f2:1c:ea:b0:5f:34:0e:3f:73:cb:c1:88:
c5:1f:e3:33:9f:c7:3f:77:1e:fd:a5:2d:40:98:0e:da:a2:a9:
06:5b:87:52:37:eb:ca:cc:1c:bf:56:00:2e:4e:a6:e3:a6:b3:
c9:5b:2c:07:95:b4:28:15:4c:6c:cd:99:4d:f0:93:51:20:65:
07:5e:de:89:7d:26:0a:b5:cc:a8:85:31:f8:4d:f6:fc:7a:52:
ac:3f:6e:d8:e2:45:70:1b:be:d8:e2:1e:c3:a3:e9:26:24:ad:
d4:de:19:a0:a4:3c:9d:38:9e:94:6b:9a:23:28:94:e1:23:8b:
8e:d1:6c:f0:b1:ef:19:b4:ea:5a:06:58:51:d5:6c:0c:40:73:
17:48:13:79:bd:21:69:ff:15:fa:58:91:3d:c9:fa:e1:9b:57:
a8:ef:5e:2a:58:75:ee:b7:41:a4:9b:2a:9e:df:d4:d6:df:90:
6d:20:4b:0c:7a:75:8b:a9:59:a6:de:df:23:25:f1:cd:93:d6:
da:88:8a:2d:6a:b8:0f:e7:7f:08:3b:8a:6a:b0:a7:0b:e1:c1:
0f:62:52:a3:ec:0d:bc:6f:41:d3:0a:0a:a6:9c:83:d3:2c:05:
35:a5:ee:c4:69:7a:aa:47:c0:1b:a3:df:e0:14:b4:a7:bb:6e:
3b:bc:b7:0f
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgISAY2c7aIxhO+0kkjv6keVlL3ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjQwMjEyMTA0NzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDk2MmNjZDgxMTUxODU1NmIyNTdhZGI0ODg1ZmEzZTM3ODQ4MzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDNU4HJ382UQIa5/0JVKXW2tNQos
SPH2n6jYaV2hPD3bBh7qO1fAbSMUsuejmuFPXwsm4TtJOb2l93rhAiD4CJj+caRm
q0/QOmyXWsmbp58XzFrKGP6gQtfQ1+x+ok5j/DbMvE2e8i6Xa85a+9zZ+kAe4wj6
a52CqImmmEXQqbJQYrCgGgScXccYQdDZzv+WLS4nyNidKgm2Xyr5REzpFG6syMS9
Feopcv3W1R6FK3rgNrI3tMeF9iEktuiR1zQ5yxFyUrW0GCZ9AN4s1YAPjpLzEzih
Zqn3gcYtgQgcngHki9Ps8/FRSkTXQJH7BgXZHhNUWZ39Il0XnHBCCknu6wIDAQAB
o4IC/zCCAvswHQYDVR0OBBYEFK2WLM2BFRhVayV620iF+j43hIMiMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvclpZc3pZRVZHRlZySlhyYlNJWDZQamVFZ3lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEwYIKwYBBQUHAQcBAf8EggECMIH/MIHYBAIAATCB0QME
BwUmgAMEBwW7gAMDAB8uAwQHJUwAAwMALmsDAwAuiwMEBj7JQAMDAE5cAwQHT3oA
AwQEUPmgAwMBUbYDAwJUAAMEB1Y7gAMEBFdlcAMDAFt4AwQEXVmgAwQHXhuAAwQH
hv8AAwMAkewDBAeVyAADBAK5NwwDBAK5QQgDAwC8BgMDALwkAwMBvJwDBAXCJmAD
BAXCWCADBAbClQADBAXCsOADAwDDOAMEBcNGIAMDAMPkAwQG1DNAAwQF1bJgAwQE
2RSAAwQF2UFgAwQE2XQgMCIEAgACMBwDBQMgAUxIAwUAKgAQ0AMFAyoAERADBQAq
Agc4MA0GCSqGSIb3DQEBCwUAA4IBAQBeRI/8OvvyHOqwXzQOP3PLwYjFH+Mzn8c/
dx79pS1AmA7aoqkGW4dSN+vKzBy/VgAuTqbjprPJWywHlbQoFUxszZlN8JNRIGUH
Xt6JfSYKtcyohTH4Tfb8elKsP27Y4kVwG77Y4h7Do+kmJK3U3hmgpDydOJ6Ua5oj
KJThI4uO0Wzwse8ZtOpaBlhR1WwMQHMXSBN5vSFp/xX6WJE9yfrhm1eo714qWHXu
t0Gkmyqe39TW35BtIEsMenWLqVmm3t8jJfHNk9baiIotargP538IO4pqsKcL4cEP
YlKj7A28b0HTCgqmnIPTLAU1pe7EaXqqR8Abo9/gFLSnu247vLcP
-----END CERTIFICATE-----
Generated at Wed Jun 26 09:04:40 2024 by rpki-client on console-ams.rpki-client.org