Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/_qX7ljEgwJak08bkHTPuEDv5z0c.roa
File: _qX7ljEgwJak08bkHTPuEDv5z0c.roa (raw, json)
Hash identifier: auI2oajf+h/+ymfOrwsJrn6QhNSlogE2T1miv9F6fOc=
Subject key identifier: FE:A5:FB:96:31:20:C0:96:A4:D3:C6:E4:1D:33:EE:10:3B:F9:CF:47
Certificate issuer: /CN=f62eeb879085c94194297dd9e4cd249cd2516515
Certificate serial: 0191B6AC7AE5F488A6D2DF58D8334B9977F7
Authority key identifier: F6:2E:EB:87:90:85:C9:41:94:29:7D:D9:E4:CD:24:9C:D2:51:65:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9i7rh5CFyUGUKX3Z5M0knNJRZRU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/_qX7ljEgwJak08bkHTPuEDv5z0c.roa
Signing time: Tue 03 Sep 2024 06:57:22 +0000
ROA not before: Tue 03 Sep 2024 06:57:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197540
IP address blocks: 2.56.96.0/22 maxlen: 22
5.45.96.0/20 maxlen: 32
5.181.48.0/22 maxlen: 22
5.252.224.0/22 maxlen: 22
37.120.160.0/19 maxlen: 32
37.221.192.0/21 maxlen: 32
45.9.60.0/22 maxlen: 22
45.83.104.0/22 maxlen: 22
45.90.4.0/22 maxlen: 22
45.90.7.0/24 maxlen: 24
45.129.180.0/22 maxlen: 22
45.132.244.0/22 maxlen: 22
45.136.28.0/22 maxlen: 22
45.142.176.0/22 maxlen: 22
45.157.176.0/22 maxlen: 22
46.38.224.0/20 maxlen: 32
46.38.240.0/21 maxlen: 32
46.38.248.0/22 maxlen: 32
46.38.252.0/22 maxlen: 32
46.232.248.0/22 maxlen: 22
81.16.16.0/22 maxlen: 22
85.209.48.0/22 maxlen: 22
85.235.64.0/22 maxlen: 22
89.58.0.0/22 maxlen: 22
89.58.4.0/22 maxlen: 22
89.58.8.0/22 maxlen: 22
89.58.12.0/22 maxlen: 22
89.58.16.0/21 maxlen: 21
89.58.20.0/24 maxlen: 24
89.58.24.0/22 maxlen: 22
89.58.28.0/22 maxlen: 22
89.58.32.0/22 maxlen: 22
89.58.36.0/22 maxlen: 22
89.58.40.0/22 maxlen: 22
89.58.44.0/22 maxlen: 22
89.58.48.0/22 maxlen: 22
89.58.52.0/22 maxlen: 22
89.58.56.0/22 maxlen: 22
89.58.60.0/22 maxlen: 22
91.132.144.0/22 maxlen: 22
91.204.44.0/22 maxlen: 24
92.60.36.0/22 maxlen: 22
93.177.64.0/22 maxlen: 22
152.89.104.0/22 maxlen: 22
185.16.60.0/22 maxlen: 32
185.162.248.0/22 maxlen: 32
185.163.116.0/22 maxlen: 22
185.170.112.0/22 maxlen: 32
185.183.156.0/22 maxlen: 32
185.194.140.0/22 maxlen: 22
185.207.104.0/22 maxlen: 32
185.228.136.0/22 maxlen: 32
185.233.104.0/22 maxlen: 32
185.243.8.0/22 maxlen: 32
185.244.192.0/22 maxlen: 32
188.68.32.0/19 maxlen: 32
192.145.44.0/22 maxlen: 22
193.30.120.0/22 maxlen: 22
193.31.24.0/22 maxlen: 22
194.13.80.0/22 maxlen: 22
194.55.12.0/22 maxlen: 22
194.59.204.0/22 maxlen: 22
195.128.100.0/22 maxlen: 22
213.109.160.0/22 maxlen: 22
2a03:4000::/32 maxlen: 48
2a03:4001::/32 maxlen: 48
2a0a:4cc0::/40 maxlen: 40
2a0a:4cc0::/43 maxlen: 43
2a0a:4cc0:40::/43 maxlen: 43
2a0a:4cc0:80::/43 maxlen: 43
2a0a:4cc0:fe::/48 maxlen: 48
2a0a:4cc0:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/9i7rh5CFyUGUKX3Z5M0knNJRZRU.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/9i7rh5CFyUGUKX3Z5M0knNJRZRU.mft
rsync://rpki.ripe.net/repository/DEFAULT/9i7rh5CFyUGUKX3Z5M0knNJRZRU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b6:ac:7a:e5:f4:88:a6:d2:df:58:d8:33:4b:99:77:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f62eeb879085c94194297dd9e4cd249cd2516515
Validity
Not Before: Sep 3 06:57:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fea5fb963120c096a4d3c6e41d33ee103bf9cf47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:6d:02:7e:ba:75:e9:1f:cc:8f:95:fa:fd:fb:
be:da:c6:4a:39:c6:20:55:8c:00:ca:c4:ae:c4:45:
20:1e:ff:81:c1:21:77:37:5e:36:6b:b6:68:22:90:
8e:69:00:92:0a:ca:cd:32:8e:37:24:49:0c:9c:ed:
cd:ee:58:6d:b9:06:f7:60:2f:a0:60:20:5d:0a:67:
e2:32:74:12:5f:b1:56:49:80:0d:4a:f7:77:6d:5c:
87:d9:b0:04:88:dc:bb:36:b7:8b:8f:a6:98:f0:5b:
ad:24:df:0d:79:f8:11:ab:6b:45:b4:7f:36:7c:9a:
3f:4b:71:bd:23:10:6a:78:26:d8:b7:7a:be:ea:09:
e0:09:3e:33:eb:5e:09:59:fc:84:a8:13:e6:57:dd:
b1:15:59:7e:fd:3d:56:bc:af:c3:78:c4:b9:71:49:
ce:56:ca:9d:f5:17:66:23:bf:71:74:94:f1:bc:b5:
64:12:e8:a8:67:a9:6e:83:21:91:59:89:7f:40:a3:
96:45:6d:21:b7:1b:70:f9:17:94:f8:cd:2f:17:00:
31:17:47:03:6c:46:66:37:58:3b:f5:5f:80:69:9a:
d4:41:da:99:8b:05:bc:a2:0e:47:b1:da:ef:f8:13:
7a:00:da:68:83:d5:d6:fa:c1:54:d1:ac:aa:3b:cd:
0f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:A5:FB:96:31:20:C0:96:A4:D3:C6:E4:1D:33:EE:10:3B:F9:CF:47
X509v3 Authority Key Identifier:
keyid:F6:2E:EB:87:90:85:C9:41:94:29:7D:D9:E4:CD:24:9C:D2:51:65:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9i7rh5CFyUGUKX3Z5M0knNJRZRU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/_qX7ljEgwJak08bkHTPuEDv5z0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/9i7rh5CFyUGUKX3Z5M0knNJRZRU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.96.0/22
5.45.96.0/20
5.181.48.0/22
5.252.224.0/22
37.120.160.0/19
37.221.192.0/21
45.9.60.0/22
45.83.104.0/22
45.90.4.0/22
45.129.180.0/22
45.132.244.0/22
45.136.28.0/22
45.142.176.0/22
45.157.176.0/22
46.38.224.0/19
46.232.248.0/22
81.16.16.0/22
85.209.48.0/22
85.235.64.0/22
89.58.0.0/18
91.132.144.0/22
91.204.44.0/22
92.60.36.0/22
93.177.64.0/22
152.89.104.0/22
185.16.60.0/22
185.162.248.0/22
185.163.116.0/22
185.170.112.0/22
185.183.156.0/22
185.194.140.0/22
185.207.104.0/22
185.228.136.0/22
185.233.104.0/22
185.243.8.0/22
185.244.192.0/22
188.68.32.0/19
192.145.44.0/22
193.30.120.0/22
193.31.24.0/22
194.13.80.0/22
194.55.12.0/22
194.59.204.0/22
195.128.100.0/22
213.109.160.0/22
IPv6:
2a03:4000::/31
2a0a:4cc0::-2a0a:4cc0:100:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1b:df:5d:e8:16:c9:40:f6:53:34:da:f2:5d:16:85:b0:e5:54:
7f:1c:12:fd:9d:ce:0a:52:ea:54:f0:06:c0:01:d9:05:ea:8b:
c2:32:44:85:27:e2:23:f7:3f:46:4d:e8:c0:4f:7f:e9:71:81:
85:34:fd:30:55:3a:2a:f1:43:d5:a2:69:51:53:0f:d4:75:90:
43:79:64:61:0c:75:4b:f8:5c:16:ef:a6:71:a7:f6:2b:25:2e:
95:92:b1:64:dd:54:08:ef:c7:d1:12:b0:65:14:b0:ba:38:4b:
ef:fb:c9:af:60:46:a2:07:f6:25:d2:49:b9:ae:f5:e7:ef:5d:
b8:1a:62:f5:fd:38:db:c1:8a:b9:53:04:72:2e:5d:9d:ed:9c:
f0:95:b8:37:bf:b6:1c:2d:08:15:44:e4:75:7a:d4:5e:f4:21:
b3:58:98:b6:89:3c:78:5a:77:47:95:48:19:e1:e7:c4:a3:02:
03:7a:ea:88:e4:d4:9d:96:fd:62:a9:64:db:46:0f:ca:3a:3d:
2d:e7:d1:bb:9a:c0:93:be:67:b3:7e:b4:ad:02:4e:14:36:89:
e9:62:f6:89:5e:53:5c:36:1d:cd:df:6a:33:78:7b:8a:19:fc:
63:b5:e5:8f:d5:be:db:01:e4:9a:e8:01:0f:29:42:1d:28:99:
33:98:af:15
-----BEGIN CERTIFICATE-----
MIIGMDCCBRigAwIBAgISAZG2rHrl9Iim0t9Y2DNLmXf3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MmVlYjg3OTA4NWM5NDE5NDI5N2RkOWU0Y2QyNDljZDI1
MTY1MTUwHhcNMjQwOTAzMDY1NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWE1ZmI5NjMxMjBjMDk2YTRkM2M2ZTQxZDMzZWUxMDNiZjljZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7G0Cfrp16R/Mj5X6/fu+2sZKOcYg
VYwAysSuxEUgHv+BwSF3N142a7ZoIpCOaQCSCsrNMo43JEkMnO3N7lhtuQb3YC+g
YCBdCmfiMnQSX7FWSYANSvd3bVyH2bAEiNy7NreLj6aY8FutJN8NefgRq2tFtH82
fJo/S3G9IxBqeCbYt3q+6gngCT4z614JWfyEqBPmV92xFVl+/T1WvK/DeMS5cUnO
Vsqd9RdmI79xdJTxvLVkEuioZ6lugyGRWYl/QKOWRW0htxtw+ReU+M0vFwAxF0cD
bEZmN1g79V+AaZrUQdqZiwW8og5Hsdrv+BN6ANpog9XW+sFU0ayqO80PhwIDAQAB
o4IDPDCCAzgwHQYDVR0OBBYEFP6l+5YxIMCWpNPG5B0z7hA7+c9HMB8GA1UdIwQY
MBaAFPYu64eQhclBlCl92eTNJJzSUWUVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWk3cmg1Q0Z5VUdVS1gzWjVNMGtuTkpSWlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS85MWRhOGItMDUwMi00OGRmLTg1MzIt
NWZiZjlhMjliNmUxLzEvX3FYN2xqRWd3SmFrMDhia0hUUHVFRHY1ejBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS85MWRhOGItMDUwMi00OGRmLTg1MzItNWZiZjlhMjliNmUx
LzEvOWk3cmg1Q0Z5VUdVS1gzWjVNMGtuTkpSWlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUAYIKwYBBQUHAQcBAf8EggE/MIIBOzCCARYEAgABMIIB
DgMEAgI4YAMEBAUtYAMEAgW1MAMEAgX84AMEBSV4oAMEAyXdwAMEAi0JPAMEAi1T
aAMEAi1aBAMEAi2BtAMEAi2E9AMEAi2IHAMEAi2OsAMEAi2dsAMEBS4m4AMEAi7o
+AMEAlEQEAMEAlXRMAMEAlXrQAMEBlk6AAMEAluEkAMEAlvMLAMEAlw8JAMEAl2x
QAMEAphZaAMEArkQPAMEArmi+AMEArmjdAMEArmqcAMEArm3nAMEArnCjAMEArnP
aAMEArnkiAMEArnpaAMEArnzCAMEArn0wAMEBbxEIAMEAsCRLAMEAsEeeAMEAsEf
GAMEAsINUAMEAsI3DAMEAsI7zAMEAsOAZAMEAtVtoDAfBAIAAjAZAwUBKgNAADAQ
AwUGKgpMwAMHACoKTMABADANBgkqhkiG9w0BAQsFAAOCAQEAG99d6BbJQPZTNNry
XRaFsOVUfxwS/Z3OClLqVPAGwAHZBeqLwjJEhSfiI/c/Rk3owE9/6XGBhTT9MFU6
KvFD1aJpUVMP1HWQQ3lkYQx1S/hcFu+mcaf2KyUulZKxZN1UCO/H0RKwZRSwujhL
7/vJr2BGogf2JdJJua715+9duBpi9f0428GKuVMEci5dne2c8JW4N7+2HC0IFUTk
dXrUXvQhs1iYtok8eFp3R5VIGeHnxKMCA3rqiOTUnZb9Yqlk20YPyjo9LefRu5rA
k75ns360rQJOFDaJ6WL2iV5TXDYdzd9qM3h7ihn8Y7Xlj9W+2wHkmugBDylCHSiZ
M5ivFQ==
-----END CERTIFICATE-----
Generated at Sat Sep 28 10:33:17 2024 by rpki-client on console-ams.rpki-client.org