Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/AkSrgU3OO_0h9TAnjsqd5ePH_JY.roa
File: AkSrgU3OO_0h9TAnjsqd5ePH_JY.roa (raw, json)
Hash identifier: LooCi5lgnHq+R1iCMaclTiB6TO/aBFG9vtKzVaaWonQ=
Subject key identifier: 02:44:AB:81:4D:CE:3B:FD:21:F5:30:27:8E:CA:9D:E5:E3:C7:FC:96
Certificate issuer: /CN=945b73df7e6fe1100f1d13a07c18d59af228428c
Certificate serial: 0190EE3D79A015E1192B96E795CFC221ACF0
Authority key identifier: 94:5B:73:DF:7E:6F:E1:10:0F:1D:13:A0:7C:18:D5:9A:F2:28:42:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lFtz335v4RAPHROgfBjVmvIoQow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/AkSrgU3OO_0h9TAnjsqd5ePH_JY.roa
Signing time: Fri 26 Jul 2024 08:52:04 +0000
ROA not before: Fri 26 Jul 2024 08:52:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61098
IP address blocks: 85.217.160.0/22 maxlen: 24
85.217.172.0/23 maxlen: 24
85.217.174.0/23 maxlen: 24
85.217.184.0/23 maxlen: 24
85.217.186.0/23 maxlen: 24
89.145.160.0/22 maxlen: 24
89.145.164.0/23 maxlen: 24
89.145.166.0/23 maxlen: 24
91.92.116.0/23 maxlen: 24
91.92.118.0/23 maxlen: 24
91.92.140.0/23 maxlen: 24
91.92.142.0/23 maxlen: 24
91.92.152.0/23 maxlen: 24
91.92.154.0/23 maxlen: 24
91.92.200.0/23 maxlen: 24
91.92.202.0/23 maxlen: 24
91.92.224.0/23 maxlen: 24
91.92.227.0/24 maxlen: 24
92.39.56.0/22 maxlen: 24
92.39.60.0/22 maxlen: 24
138.124.208.0/22 maxlen: 24
138.124.212.0/22 maxlen: 24
138.124.216.0/23 maxlen: 24
159.100.240.0/22 maxlen: 24
159.100.244.0/24 maxlen: 24
159.100.245.0/24 maxlen: 24
159.100.246.0/23 maxlen: 24
159.100.248.0/21 maxlen: 24
185.19.28.0/22 maxlen: 24
185.150.8.0/22 maxlen: 24
194.182.160.0/22 maxlen: 24
194.182.164.0/22 maxlen: 24
194.182.168.0/22 maxlen: 24
194.182.172.0/22 maxlen: 24
194.182.176.0/22 maxlen: 24
194.182.180.0/22 maxlen: 24
194.182.184.0/22 maxlen: 24
194.182.188.0/22 maxlen: 24
2a04:c41::/32 maxlen: 48
2a04:c42::/32 maxlen: 48
2a04:c42:f11::/48 maxlen: 48
2a04:c42:f12::/48 maxlen: 48
2a04:c43::/32 maxlen: 48
2a04:c44::/32 maxlen: 48
2a04:c45::/32 maxlen: 48
2a04:c46::/32 maxlen: 48
2a04:c47::/32 maxlen: 48
2a04:c47:f11::/48 maxlen: 48
2a04:c47:f12::/48 maxlen: 48
2a07:6cc0:10::/48 maxlen: 48
2a07:6cc0:11::/48 maxlen: 48
2a07:6cc0:12::/48 maxlen: 48
2a07:6cc0:20::/48 maxlen: 48
2a07:6cc0:21::/48 maxlen: 48
2a07:6cc0:30::/48 maxlen: 48
2a07:6cc0:31::/48 maxlen: 48
2a07:6cc0:40::/48 maxlen: 48
2a07:6cc0:41::/48 maxlen: 48
2a07:6cc0:50::/48 maxlen: 48
2a07:6cc0:60::/48 maxlen: 48
2a07:6cc0:70::/48 maxlen: 48
2a07:6cc0:71::/48 maxlen: 48
2a07:6cc1::/32 maxlen: 48
2a07:6cc2::/32 maxlen: 48
2a07:6cc2:f12::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/lFtz335v4RAPHROgfBjVmvIoQow.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/lFtz335v4RAPHROgfBjVmvIoQow.mft
rsync://rpki.ripe.net/repository/DEFAULT/lFtz335v4RAPHROgfBjVmvIoQow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ee:3d:79:a0:15:e1:19:2b:96:e7:95:cf:c2:21:ac:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=945b73df7e6fe1100f1d13a07c18d59af228428c
Validity
Not Before: Jul 26 08:52:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0244ab814dce3bfd21f530278eca9de5e3c7fc96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6d:0a:12:2e:df:ac:f0:1f:54:3a:d2:11:e2:
c8:49:35:a2:33:d8:d8:68:cd:8e:77:e8:e4:a0:74:
81:37:83:75:66:75:39:30:81:21:3e:88:91:09:ba:
8f:f4:ec:c8:9a:72:0a:f4:be:89:aa:3a:83:26:e3:
08:8a:be:3a:b2:2c:51:24:70:f5:b3:8d:a7:e9:4b:
e1:15:fa:c9:07:86:b9:24:26:6a:74:9a:5f:54:7f:
ce:50:47:41:1e:5f:b3:c1:3e:ca:8c:a7:73:48:05:
70:8a:50:8a:85:fb:36:a5:84:ec:45:d2:36:b3:e6:
35:27:fe:f6:48:31:30:10:f1:d8:9c:db:af:10:66:
0a:87:6e:39:91:d3:9b:dc:37:dd:a7:02:0b:cf:d1:
f0:cb:90:2d:d3:74:d2:b2:0b:04:4b:e9:f0:92:c1:
86:d4:a1:dc:0f:21:c4:93:b2:ef:7f:c1:58:4c:4e:
d2:d2:5e:1c:e4:21:bd:17:c1:e5:a0:9f:97:a6:47:
33:b1:e0:d1:42:6a:a0:4b:7e:92:e9:44:b5:1f:df:
bb:ff:15:6f:a4:dd:fa:ff:35:4d:6e:fb:d3:32:a8:
16:91:70:5e:57:d9:69:ba:38:ab:a8:0f:42:8b:7d:
8a:c5:4d:c3:dc:3b:fd:d5:7a:50:e3:cf:87:b0:ea:
62:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:44:AB:81:4D:CE:3B:FD:21:F5:30:27:8E:CA:9D:E5:E3:C7:FC:96
X509v3 Authority Key Identifier:
keyid:94:5B:73:DF:7E:6F:E1:10:0F:1D:13:A0:7C:18:D5:9A:F2:28:42:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lFtz335v4RAPHROgfBjVmvIoQow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/AkSrgU3OO_0h9TAnjsqd5ePH_JY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/lFtz335v4RAPHROgfBjVmvIoQow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.160.0/22
85.217.172.0/22
85.217.184.0/22
89.145.160.0/21
91.92.116.0/22
91.92.140.0/22
91.92.152.0/22
91.92.200.0/22
91.92.224.0/23
91.92.227.0/24
92.39.56.0/21
138.124.208.0-138.124.217.255
159.100.240.0/20
185.19.28.0/22
185.150.8.0/22
194.182.160.0/19
IPv6:
2a04:c41::-2a04:c47:ffff:ffff:ffff:ffff:ffff:ffff
2a07:6cc0:10::-2a07:6cc0:12:ffff:ffff:ffff:ffff:ffff
2a07:6cc0:20::/47
2a07:6cc0:30::/47
2a07:6cc0:40::/47
2a07:6cc0:50::/48
2a07:6cc0:60::/48
2a07:6cc0:70::/47
2a07:6cc1::-2a07:6cc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2f:f4:00:96:a3:00:13:55:f9:9c:29:25:a7:69:ff:b7:95:bc:
79:55:77:ac:f7:eb:0c:d8:0f:25:d3:61:a0:fe:45:5a:ae:88:
f0:2f:fc:ea:f5:de:07:6c:e7:80:07:32:2b:14:42:0c:20:41:
a6:b6:db:48:de:94:e1:40:6e:75:28:86:d6:1c:32:98:b9:b9:
55:a6:2d:e5:ef:8d:9c:ca:c5:bd:19:40:de:31:2a:d8:71:f4:
1b:62:e9:c2:b6:c0:b6:55:fd:d5:ff:a3:3a:29:06:70:2c:1b:
5d:bb:35:2f:82:ff:05:ef:0f:22:66:a6:4e:ac:53:b8:31:c3:
02:06:c8:5a:77:e3:e4:f0:c8:4b:73:00:6c:e5:57:01:2a:e5:
d6:09:98:93:3d:d3:00:c2:9a:f1:66:7b:1b:78:56:94:d4:b6:
74:1b:55:78:3d:48:97:38:ca:8a:43:2b:fb:bc:d0:82:97:6f:
4a:a2:33:36:cf:ee:c8:97:65:93:e0:09:06:fd:eb:6e:cd:a8:
d0:33:44:31:fa:fa:90:89:a1:e2:73:ac:18:af:e1:b0:70:96:
0b:9d:29:5c:a1:95:23:23:42:f6:d9:87:fa:0d:8f:ac:d0:4f:
64:a8:23:43:0a:fa:2d:b8:ef:9f:c4:71:1e:89:1f:f7:a7:c8:
91:05:bd:8b
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAZDuPXmgFeEZK5bnlc/CIazwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NWI3M2RmN2U2ZmUxMTAwZjFkMTNhMDdjMThkNTlhZjIy
ODQyOGMwHhcNMjQwNzI2MDg1MjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjQ0YWI4MTRkY2UzYmZkMjFmNTMwMjc4ZWNhOWRlNWUzYzdmYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvG0KEi7frPAfVDrSEeLISTWiM9jY
aM2Od+jkoHSBN4N1ZnU5MIEhPoiRCbqP9OzImnIK9L6JqjqDJuMIir46sixRJHD1
s42n6UvhFfrJB4a5JCZqdJpfVH/OUEdBHl+zwT7KjKdzSAVwilCKhfs2pYTsRdI2
s+Y1J/72SDEwEPHYnNuvEGYKh245kdOb3DfdpwILz9Hwy5At03TSsgsES+nwksGG
1KHcDyHEk7Lvf8FYTE7S0l4c5CG9F8HloJ+XpkczseDRQmqgS36S6US1H9+7/xVv
pN36/zVNbvvTMqgWkXBeV9lpujirqA9Ci32KxU3D3Dv91XpQ48+HsOpi4QIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFAJEq4FNzjv9IfUwJ47KneXjx/yWMB8GA1UdIwQY
MBaAFJRbc99+b+EQDx0ToHwY1ZryKEKMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEZ0ejMzNXY0UkFQSFJPZ2ZCalZtdklvUW93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9lYzYxOGYtOWY2MS00MTg1LWJhMGQt
NmU0NTI0MjVhMTkzLzEvQWtTcmdVM09PXzBoOVRBbmpzcWQ1ZVBIX0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9lYzYxOGYtOWY2MS00MTg1LWJhMGQtNmU0NTI0MjVhMTkz
LzEvbEZ0ejMzNXY0UkFQSFJPZ2ZCalZtdklvUW93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jBuBAIAATBoAwQCVdmg
AwQCVdmsAwQCVdm4AwQDWZGgAwQCW1x0AwQCW1yMAwQCW1yYAwQCW1zIAwQBW1zg
AwQAW1zjAwQDXCc4MAwDBASKfNADBAGKfNgDBASfZPADBAK5ExwDBAK5lggDBAXC
tqAwcAQCAAIwajAOAwUAKgQMQQMFAyoEDEAwEgMHBCoHbMAAEAMHACoHbMAAEgMH
ASoHbMAAIAMHASoHbMAAMAMHASoHbMAAQAMHACoHbMAAUAMHACoHbMAAYAMHASoH
bMAAcDAOAwUAKgdswQMFACoHbMIwDQYJKoZIhvcNAQELBQADggEBAC/0AJajABNV
+ZwpJadp/7eVvHlVd6z36wzYDyXTYaD+RVquiPAv/Or13gds54AHMisUQgwgQaa2
20jelOFAbnUohtYcMpi5uVWmLeXvjZzKxb0ZQN4xKthx9Bti6cK2wLZV/dX/ozop
BnAsG127NS+C/wXvDyJmpk6sU7gxwwIGyFp34+TwyEtzAGzlVwEq5dYJmJM90wDC
mvFmext4VpTUtnQbVXg9SJc4yopDK/u80IKXb0qiMzbP7siXZZPgCQb9627NqNAz
RDH6+pCJoeJzrBiv4bBwlgudKVyhlSMjQvbZh/oNj6zQT2SoI0MK+i2475/EcR6J
H/enyJEFvYs=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:51:32 2024 by rpki-client on console-fra.rpki-client.org