Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/2QFh7xwl033VRXjnczMI3BRPhn0.roa
File: 2QFh7xwl033VRXjnczMI3BRPhn0.roa (raw, json)
Hash identifier: uV/w8lqm1nwYC8lPQ0/DmdlMJwCH5drC7YZ1ElOwjQ4=
Subject key identifier: D9:01:61:EF:1C:25:D3:7D:D5:45:78:E7:73:33:08:DC:14:4F:86:7D
Certificate issuer: /CN=945b73df7e6fe1100f1d13a07c18d59af228428c
Certificate serial: 018CEE70859DE0B604ACDA63F9E496F07B22
Authority key identifier: 94:5B:73:DF:7E:6F:E1:10:0F:1D:13:A0:7C:18:D5:9A:F2:28:42:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lFtz335v4RAPHROgfBjVmvIoQow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/2QFh7xwl033VRXjnczMI3BRPhn0.roa
Signing time: Tue 09 Jan 2024 13:36:40 +0000
ROA not before: Tue 09 Jan 2024 13:36:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61098
IP address blocks: 159.100.240.0/22 maxlen: 24
159.100.245.0/24 maxlen: 24
159.100.246.0/23 maxlen: 24
159.100.244.0/24 maxlen: 24
159.100.248.0/21 maxlen: 24
91.92.224.0/23 maxlen: 24
91.92.227.0/24 maxlen: 24
85.217.160.0/22 maxlen: 24
85.217.172.0/23 maxlen: 24
185.150.8.0/22 maxlen: 24
91.92.202.0/23 maxlen: 24
91.92.200.0/23 maxlen: 24
85.217.174.0/23 maxlen: 24
85.217.186.0/23 maxlen: 24
85.217.184.0/23 maxlen: 24
92.39.56.0/22 maxlen: 24
92.39.60.0/22 maxlen: 24
185.19.28.0/22 maxlen: 24
194.182.188.0/22 maxlen: 24
91.92.118.0/23 maxlen: 24
91.92.116.0/23 maxlen: 24
91.92.142.0/23 maxlen: 24
91.92.140.0/23 maxlen: 24
91.92.152.0/23 maxlen: 24
91.92.154.0/23 maxlen: 24
138.124.208.0/22 maxlen: 24
194.182.164.0/22 maxlen: 24
194.182.160.0/22 maxlen: 24
194.182.172.0/22 maxlen: 24
194.182.168.0/22 maxlen: 24
89.145.164.0/23 maxlen: 24
194.182.176.0/22 maxlen: 24
89.145.160.0/22 maxlen: 24
194.182.184.0/22 maxlen: 24
89.145.166.0/23 maxlen: 24
194.182.180.0/22 maxlen: 24
2a07:6cc0:11::/48 maxlen: 48
2a07:6cc0:30::/48 maxlen: 48
2a07:6cc0:70::/48 maxlen: 48
2a04:c42::/32 maxlen: 48
2a07:6cc0:12::/48 maxlen: 48
2a07:6cc0:41::/48 maxlen: 48
2a04:c42:f12::/48 maxlen: 48
2a04:c41::/32 maxlen: 48
2a07:6cc0:60::/48 maxlen: 48
2a07:6cc0:20::/48 maxlen: 48
2a04:c44::/32 maxlen: 48
2a04:c47::/32 maxlen: 48
2a07:6cc0:31::/48 maxlen: 48
2a07:6cc0:71::/48 maxlen: 48
2a04:c46::/32 maxlen: 48
2a04:c42:f11::/48 maxlen: 48
2a04:c45::/32 maxlen: 48
2a07:6cc0:10::/48 maxlen: 48
2a07:6cc0:50::/48 maxlen: 48
2a04:c47:f12::/48 maxlen: 48
2a07:6cc2::/32 maxlen: 48
2a04:c43::/32 maxlen: 48
2a07:6cc0:21::/48 maxlen: 48
2a07:6cc1::/32 maxlen: 48
2a07:6cc2:f12::/48 maxlen: 48
2a07:6cc0:40::/48 maxlen: 48
2a04:c47:f11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/lFtz335v4RAPHROgfBjVmvIoQow.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/lFtz335v4RAPHROgfBjVmvIoQow.mft
rsync://rpki.ripe.net/repository/DEFAULT/lFtz335v4RAPHROgfBjVmvIoQow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ee:70:85:9d:e0:b6:04:ac:da:63:f9:e4:96:f0:7b:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=945b73df7e6fe1100f1d13a07c18d59af228428c
Validity
Not Before: Jan 9 13:36:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d90161ef1c25d37dd54578e7733308dc144f867d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ad:ca:0a:0a:66:64:f4:ab:74:ba:fe:f2:34:
51:f0:59:d2:52:0d:55:26:aa:a4:63:68:03:d6:d1:
09:56:30:b1:ed:b2:34:2d:0a:44:39:e5:a9:bf:eb:
6c:8f:1f:a6:d6:b2:c4:17:02:65:69:08:11:50:f5:
da:a1:9c:cb:37:5c:36:a5:a4:95:3b:e8:65:8a:07:
59:41:db:1e:76:85:31:f9:f8:9e:93:39:69:f8:2d:
71:fc:64:80:11:36:15:1d:c8:4b:be:39:0e:9b:d5:
04:cc:0d:5c:cb:88:34:b5:d5:80:53:d6:8a:b4:5e:
99:82:78:b2:6a:30:88:3e:9c:72:2f:1f:05:30:35:
1d:73:42:c8:9a:91:7b:18:bf:78:86:bc:0f:d7:96:
5d:ac:d6:3d:7e:91:56:b1:8b:e6:ef:09:d0:28:0d:
4b:8f:b2:ef:02:bc:93:af:fe:37:0f:53:52:8c:1a:
4c:27:b6:01:e4:b8:bb:5f:1e:3e:2c:58:68:ad:76:
68:f8:98:c5:4d:1d:32:6b:d2:c1:63:85:ef:bf:6f:
35:94:20:b9:0f:c7:de:78:04:b3:32:85:02:ce:3e:
b1:99:6e:24:c6:9c:2a:80:4b:41:3c:da:f8:e7:a4:
c6:69:ce:93:b4:0d:2d:fa:b5:7d:0b:cd:23:81:21:
a6:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:01:61:EF:1C:25:D3:7D:D5:45:78:E7:73:33:08:DC:14:4F:86:7D
X509v3 Authority Key Identifier:
keyid:94:5B:73:DF:7E:6F:E1:10:0F:1D:13:A0:7C:18:D5:9A:F2:28:42:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lFtz335v4RAPHROgfBjVmvIoQow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/2QFh7xwl033VRXjnczMI3BRPhn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/lFtz335v4RAPHROgfBjVmvIoQow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.160.0/22
85.217.172.0/22
85.217.184.0/22
89.145.160.0/21
91.92.116.0/22
91.92.140.0/22
91.92.152.0/22
91.92.200.0/22
91.92.224.0/23
91.92.227.0/24
92.39.56.0/21
138.124.208.0/22
159.100.240.0/20
185.19.28.0/22
185.150.8.0/22
194.182.160.0/19
IPv6:
2a04:c41::-2a04:c47:ffff:ffff:ffff:ffff:ffff:ffff
2a07:6cc0:10::-2a07:6cc0:12:ffff:ffff:ffff:ffff:ffff
2a07:6cc0:20::/47
2a07:6cc0:30::/47
2a07:6cc0:40::/47
2a07:6cc0:50::/48
2a07:6cc0:60::/48
2a07:6cc0:70::/47
2a07:6cc1::-2a07:6cc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
96:3d:ed:ad:a2:d5:8b:1b:24:bf:87:58:0b:d9:5c:ff:3c:76:
ad:b9:3e:e8:f4:3e:a7:a9:7a:ee:80:68:09:39:db:8f:7b:c3:
87:8e:c1:49:be:ba:c0:1a:43:81:88:03:ee:ab:ed:d2:a0:9f:
48:e1:b8:e1:ed:9c:70:c7:1c:d7:e8:50:67:da:89:7a:df:d5:
2f:37:8e:a6:93:75:17:5d:46:ff:8f:a7:40:53:d1:5f:44:1b:
64:f6:24:fa:73:b7:3a:44:29:4e:03:b4:12:43:2c:e0:4a:ba:
a7:d9:8b:9c:66:93:b5:54:cc:b5:88:b4:a9:e8:84:f8:56:65:
5a:78:a8:fa:6e:40:2e:99:a5:1e:4a:c8:94:4d:28:0f:ca:6c:
ae:ee:15:78:87:30:9c:14:6a:a2:1c:d4:1c:15:7f:19:92:b4:
16:0c:49:5e:69:d5:e4:09:79:f2:81:b5:dc:c3:28:be:ae:12:
7a:d8:03:42:4d:d0:23:fc:31:16:c0:3b:5e:3a:89:7d:16:2a:
ac:7a:a4:bc:6f:90:0d:64:e0:64:c1:71:f4:1c:e2:25:91:5f:
88:5b:6f:88:e6:a0:15:63:81:12:09:d1:cb:33:60:9e:26:b7:
2d:73:21:a6:93:f8:07:a6:d5:db:8f:e6:16:54:cd:cf:2d:2b:
8e:94:d9:db
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAYzucIWd4LYErNpj+eSW8HsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NWI3M2RmN2U2ZmUxMTAwZjFkMTNhMDdjMThkNTlhZjIy
ODQyOGMwHhcNMjQwMTA5MTMzNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTAxNjFlZjFjMjVkMzdkZDU0NTc4ZTc3MzMzMDhkYzE0NGY4NjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApq3KCgpmZPSrdLr+8jRR8FnSUg1V
JqqkY2gD1tEJVjCx7bI0LQpEOeWpv+tsjx+m1rLEFwJlaQgRUPXaoZzLN1w2paSV
O+hligdZQdsedoUx+fiekzlp+C1x/GSAETYVHchLvjkOm9UEzA1cy4g0tdWAU9aK
tF6ZgniyajCIPpxyLx8FMDUdc0LImpF7GL94hrwP15ZdrNY9fpFWsYvm7wnQKA1L
j7LvAryTr/43D1NSjBpMJ7YB5Li7Xx4+LFhorXZo+JjFTR0ya9LBY4Xvv281lCC5
D8feeASzMoUCzj6xmW4kxpwqgEtBPNr456TGac6TtA0t+rV9C80jgSGmtQIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFNkBYe8cJdN91UV453MzCNwUT4Z9MB8GA1UdIwQY
MBaAFJRbc99+b+EQDx0ToHwY1ZryKEKMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEZ0ejMzNXY0UkFQSFJPZ2ZCalZtdklvUW93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9lYzYxOGYtOWY2MS00MTg1LWJhMGQt
NmU0NTI0MjVhMTkzLzEvMlFGaDd4d2wwMzNWUlhqbmN6TUkzQlJQaG4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9lYzYxOGYtOWY2MS00MTg1LWJhMGQtNmU0NTI0MjVhMTkz
LzEvbEZ0ejMzNXY0UkFQSFJPZ2ZCalZtdklvUW93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jBmBAIAATBgAwQCVdmg
AwQCVdmsAwQCVdm4AwQDWZGgAwQCW1x0AwQCW1yMAwQCW1yYAwQCW1zIAwQBW1zg
AwQAW1zjAwQDXCc4AwQCinzQAwQEn2TwAwQCuRMcAwQCuZYIAwQFwragMHAEAgAC
MGowDgMFACoEDEEDBQMqBAxAMBIDBwQqB2zAABADBwAqB2zAABIDBwEqB2zAACAD
BwEqB2zAADADBwEqB2zAAEADBwAqB2zAAFADBwAqB2zAAGADBwEqB2zAAHAwDgMF
ACoHbMEDBQAqB2zCMA0GCSqGSIb3DQEBCwUAA4IBAQCWPe2totWLGyS/h1gL2Vz/
PHatuT7o9D6nqXrugGgJOduPe8OHjsFJvrrAGkOBiAPuq+3SoJ9I4bjh7ZxwxxzX
6FBn2ol639UvN46mk3UXXUb/j6dAU9FfRBtk9iT6c7c6RClOA7QSQyzgSrqn2Yuc
ZpO1VMy1iLSp6IT4VmVaeKj6bkAumaUeSsiUTSgPymyu7hV4hzCcFGqiHNQcFX8Z
krQWDEleadXkCXnygbXcwyi+rhJ62ANCTdAj/DEWwDteOol9FiqseqS8b5ANZOBk
wXH0HOIlkV+IW2+I5qAVY4ESCdHLM2CeJrctcyGmk/gHptXbj+YWVM3PLSuOlNnb
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:43:57 2024 by rpki-client on console-fra.rpki-client.org