Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/ZN8vAj86ORJ8DUnKXy6bcP6eCrg.roa
File: ZN8vAj86ORJ8DUnKXy6bcP6eCrg.roa (raw, json)
Hash identifier: kYaneJx1ZbLBXjOf7j/M2W1FcW+KmY5O6ejiLfx5AGk=
Subject key identifier: 64:DF:2F:02:3F:3A:39:12:7C:0D:49:CA:5F:2E:9B:70:FE:9E:0A:B8
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0190DA7D0E7B7B4E60D4303B41FD00CE7B8B
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/ZN8vAj86ORJ8DUnKXy6bcP6eCrg.roa
Signing time: Mon 22 Jul 2024 12:49:07 +0000
ROA not before: Mon 22 Jul 2024 12:49:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200598
IP address blocks: 24.235.22.0/23 maxlen: 24
31.187.92.0/22 maxlen: 24
66.9.96.0/20 maxlen: 24
69.72.72.0/22 maxlen: 24
77.223.192.0/21 maxlen: 24
77.223.200.0/23 maxlen: 24
79.110.184.0/22 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
85.204.28.0/23 maxlen: 24
86.106.28.0/23 maxlen: 24
89.20.50.0/23 maxlen: 24
89.37.60.0/23 maxlen: 24
89.39.184.0/23 maxlen: 24
89.40.236.0/23 maxlen: 24
91.210.80.0/22 maxlen: 24
91.217.106.0/23 maxlen: 24
95.215.144.0/22 maxlen: 24
121.127.48.0/20 maxlen: 24
128.0.60.0/22 maxlen: 24
141.193.108.0/22 maxlen: 24
141.193.214.0/23 maxlen: 24
162.216.138.0/23 maxlen: 24
162.250.216.0/22 maxlen: 24
168.149.248.0/23 maxlen: 24
173.214.200.0/22 maxlen: 24
176.111.54.0/23 maxlen: 24
176.222.48.0/22 maxlen: 24
178.216.184.0/21 maxlen: 24
188.215.12.0/22 maxlen: 24
193.91.8.0/23 maxlen: 24
195.78.90.0/23 maxlen: 24
198.14.16.0/20 maxlen: 24
198.145.112.0/22 maxlen: 24
199.48.230.0/23 maxlen: 24
204.15.4.0/22 maxlen: 24
205.220.216.0/23 maxlen: 24
217.144.108.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:36:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:da:7d:0e:7b:7b:4e:60:d4:30:3b:41:fd:00:ce:7b:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jul 22 12:49:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64df2f023f3a39127c0d49ca5f2e9b70fe9e0ab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f5:8c:12:b5:8c:b5:6b:10:04:92:37:4e:94:
47:91:ae:ce:24:66:0f:dd:a4:54:e9:46:f8:f0:98:
b4:8b:bf:10:ca:db:1a:08:fe:95:d6:25:3d:b9:23:
fe:67:74:fc:d7:34:c0:4b:16:af:b5:63:42:62:9d:
53:fd:32:22:cf:32:fb:cf:09:0a:0f:b0:4a:5e:f1:
0b:3b:73:65:3a:53:49:cc:8b:95:f4:a1:70:db:76:
ac:eb:04:33:83:3e:74:f0:62:c5:f9:72:3e:67:92:
d3:a8:fd:16:d3:f3:ea:c6:74:67:b8:e6:46:9f:6f:
8c:b0:fd:c2:2c:a3:af:19:0a:a9:e0:19:c4:00:0e:
d2:86:50:fa:fd:56:13:03:50:c1:13:27:71:7c:6f:
17:81:ff:40:85:f3:3e:00:b4:66:69:0a:5a:9e:96:
5d:7d:94:ad:b5:be:e1:d3:12:3d:76:79:80:f7:c0:
87:e6:fb:42:22:30:cf:93:8d:03:12:26:5f:4c:35:
97:df:2e:31:7c:be:ba:bc:12:65:4a:fb:94:a5:cf:
82:de:e4:79:b9:58:9a:a2:45:20:42:70:4c:17:96:
1d:9e:5d:66:2e:1f:56:4d:fe:c0:3f:ec:b3:98:f2:
c7:42:c4:3b:02:e2:76:d5:a4:54:a5:fc:4f:f8:44:
9f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:DF:2F:02:3F:3A:39:12:7C:0D:49:CA:5F:2E:9B:70:FE:9E:0A:B8
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/ZN8vAj86ORJ8DUnKXy6bcP6eCrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.235.22.0/23
31.187.92.0/22
66.9.96.0/20
69.72.72.0/22
77.223.192.0-77.223.201.255
79.110.184.0/22
79.139.64.0/23
83.142.200.0/21
85.204.28.0/23
86.106.28.0/23
89.20.50.0/23
89.37.60.0/23
89.39.184.0/23
89.40.236.0/23
91.210.80.0/22
91.217.106.0/23
95.215.144.0/22
121.127.48.0/20
128.0.60.0/22
141.193.108.0/22
141.193.214.0/23
162.216.138.0/23
162.250.216.0/22
168.149.248.0/23
173.214.200.0/22
176.111.54.0/23
176.222.48.0/22
178.216.184.0/21
188.215.12.0/22
193.91.8.0/23
195.78.90.0/23
198.14.16.0/20
198.145.112.0/22
199.48.230.0/23
204.15.4.0/22
205.220.216.0/23
217.144.108.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:e4:03:fd:2e:c3:b8:57:42:42:e4:0f:22:24:c2:58:a9:0d:
df:99:11:64:30:95:53:f7:4c:3f:74:3e:aa:9b:c4:7c:50:50:
9e:59:19:87:37:fb:c2:04:59:00:e0:ff:fe:c9:fe:34:46:ea:
13:68:d7:be:a1:b1:3b:8a:87:aa:fb:3c:d8:0f:84:6b:ec:46:
d0:28:66:08:0e:40:e3:b3:b0:51:da:c9:86:c2:0c:96:24:44:
2c:c8:38:87:c1:ce:40:41:48:c8:e0:35:3e:7d:44:dc:ba:b8:
e1:57:49:d9:a0:f4:f7:57:a9:ad:2d:e0:5b:b2:ce:98:5a:ab:
09:ca:6f:6f:af:8a:60:12:ff:3c:f1:d2:ee:3f:e4:2e:7f:9b:
92:17:ca:9e:24:9c:36:e1:f4:37:42:2f:db:c1:7f:e7:72:50:
6d:dc:23:2a:80:c9:dc:dd:fb:72:11:24:6e:c5:95:4d:ae:42:
98:74:68:ce:d7:df:bd:da:0b:ef:4d:ec:55:82:03:e4:1d:d6:
10:7b:d6:90:bc:9a:d0:49:35:e7:9f:03:48:45:7e:24:3d:94:
b0:77:87:1f:e5:d6:16:de:44:08:9a:3d:91:60:8f:04:dd:c3:
5d:59:dc:c2:cb:81:7c:e5:e7:e9:bb:db:04:c9:66:0c:57:97:
e4:3d:18:d3
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgISAZDafQ57e05g1DA7Qf0AznuLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwNzIyMTI0OTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGRmMmYwMjNmM2EzOTEyN2MwZDQ5Y2E1ZjJlOWI3MGZlOWUwYWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfWMErWMtWsQBJI3TpRHka7OJGYP
3aRU6Ub48Ji0i78QytsaCP6V1iU9uSP+Z3T81zTASxavtWNCYp1T/TIizzL7zwkK
D7BKXvELO3NlOlNJzIuV9KFw23as6wQzgz508GLF+XI+Z5LTqP0W0/PqxnRnuOZG
n2+MsP3CLKOvGQqp4BnEAA7ShlD6/VYTA1DBEydxfG8Xgf9AhfM+ALRmaQpanpZd
fZSttb7h0xI9dnmA98CH5vtCIjDPk40DEiZfTDWX3y4xfL66vBJlSvuUpc+C3uR5
uViaokUgQnBMF5Ydnl1mLh9WTf7AP+yzmPLHQsQ7AuJ21aRUpfxP+ESfewIDAQAB
o4IC7zCCAuswHQYDVR0OBBYEFGTfLwI/OjkSfA1Jyl8um3D+ngq4MB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvWk44dkFqODZPUko4RFVuS1h5NmJjUDZlQ3JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwge0EAgABMIHmAwQB
GOsWAwQCH7tcAwQEQglgAwQCRUhIMAwDBAZN38ADBAFN38gDBAJPbrgDBAFPi0AD
BANTjsgDBAFVzBwDBAFWahwDBAFZFDIDBAFZJTwDBAFZJ7gDBAFZKOwDBAJb0lAD
BAFb2WoDBAJf15ADBAR5fzADBAKAADwDBAKNwWwDBAGNwdYDBAGi2IoDBAKi+tgD
BAGolfgDBAKt1sgDBAGwbzYDBAKw3jADBAOy2LgDBAK81wwDBAHBWwgDBAHDTloD
BATGDhADBALGkXADBAHHMOYDBALMDwQDBAHN3NgDBALZkGwwDQYJKoZIhvcNAQEL
BQADggEBAB/kA/0uw7hXQkLkDyIkwlipDd+ZEWQwlVP3TD90PqqbxHxQUJ5ZGYc3
+8IEWQDg//7J/jRG6hNo176hsTuKh6r7PNgPhGvsRtAoZggOQOOzsFHayYbCDJYk
RCzIOIfBzkBBSMjgNT59RNy6uOFXSdmg9PdXqa0t4FuyzphaqwnKb2+vimAS/zzx
0u4/5C5/m5IXyp4knDbh9DdCL9vBf+dyUG3cIyqAydzd+3IRJG7FlU2uQph0aM7X
373aC+9N7FWCA+Qd1hB71pC8mtBJNeefA0hFfiQ9lLB3hx/l1hbeRAiaPZFgjwTd
w11Z3MLLgXzl5+m72wTJZgxXl+Q9GNM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:01:27 2024 by rpki-client on console-fra.rpki-client.org