Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/gQtwyOMEEv9XZrKCYthxSjtjRqA.roa
File: gQtwyOMEEv9XZrKCYthxSjtjRqA.roa (raw, json)
Hash identifier: A5Jc8QTDH8LUysmKtafmyO0IujtpCOBxn6qkDE5Y5Ok=
Subject key identifier: 81:0B:70:C8:E3:04:12:FF:57:66:B2:82:62:D8:71:4A:3B:63:46:A0
Certificate issuer: /CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Certificate serial: 019352F6DB6FD7AA6CBF3BB7CEB33A4EA642
Authority key identifier: F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/gQtwyOMEEv9XZrKCYthxSjtjRqA.roa
Signing time: Fri 22 Nov 2024 08:22:09 +0000
ROA not before: Fri 22 Nov 2024 08:22:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5607
IP address blocks: 2.120.0.0/13 maxlen: 13
2.216.0.0/13 maxlen: 13
5.64.0.0/13 maxlen: 13
46.64.0.0/15 maxlen: 15
51.19.0.0/16 maxlen: 16
51.146.0.0/16 maxlen: 16
51.182.0.0/15 maxlen: 15
51.186.0.0/15 maxlen: 15
51.186.0.0/18 maxlen: 18
51.186.64.0/18 maxlen: 18
51.186.128.0/18 maxlen: 18
51.186.192.0/18 maxlen: 18
51.187.0.0/18 maxlen: 18
51.187.64.0/18 maxlen: 18
51.187.128.0/18 maxlen: 18
51.187.192.0/18 maxlen: 18
51.190.0.0/15 maxlen: 15
51.194.0.0/16 maxlen: 16
51.198.0.0/18 maxlen: 18
51.198.72.0/21 maxlen: 21
51.198.80.0/20 maxlen: 20
51.198.96.0/19 maxlen: 19
51.198.128.0/17 maxlen: 17
51.199.0.0/17 maxlen: 17
51.199.128.0/18 maxlen: 18
51.199.192.0/19 maxlen: 19
51.199.224.0/20 maxlen: 20
51.199.240.0/21 maxlen: 21
51.199.248.0/22 maxlen: 22
51.241.0.0/16 maxlen: 16
78.86.0.0/16 maxlen: 16
78.105.0.0/16 maxlen: 16
87.80.0.0/15 maxlen: 15
90.192.0.0/11 maxlen: 11
93.96.0.0/17 maxlen: 17
93.96.128.0/18 maxlen: 18
93.96.224.0/19 maxlen: 19
93.96.224.0/23 maxlen: 23
93.96.228.0/23 maxlen: 23
94.0.0.0/12 maxlen: 12
94.192.0.0/14 maxlen: 14
149.241.0.0/16 maxlen: 16
151.224.0.0/13 maxlen: 13
176.24.0.0/14 maxlen: 14
176.248.0.0/13 maxlen: 13
176.255.240.0/24 maxlen: 24
176.255.241.0/24 maxlen: 24
176.255.242.0/24 maxlen: 24
188.220.0.0/14 maxlen: 14
2a02:c78::/29 maxlen: 29
2a02:c7a::/32 maxlen: 32
2a02:c7a:1200::/48 maxlen: 48
2a02:c7a:1202::/48 maxlen: 48
2a02:c7b::/32 maxlen: 32
2a02:c7c::/30 maxlen: 30
2a02:c7c::/33 maxlen: 33
2a02:c7c:8000::/33 maxlen: 33
2a02:c7d::/33 maxlen: 33
2a02:c7d:8000::/33 maxlen: 33
2a02:c7e::/33 maxlen: 33
2a02:c7e:8000::/33 maxlen: 33
2a02:c7f::/33 maxlen: 33
2a02:c7f:8000::/33 maxlen: 33
2a06:5900::/32 maxlen: 32
2a06:5900::/34 maxlen: 34
2a06:5900:4000::/34 maxlen: 34
2a06:5900:8000::/34 maxlen: 34
2a06:5900:c000::/34 maxlen: 34
2a06:5901::/33 maxlen: 33
2a06:5902::/31 maxlen: 31
2a06:5904::/31 maxlen: 31
2a06:5906::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.mft
rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:52:f6:db:6f:d7:aa:6c:bf:3b:b7:ce:b3:3a:4e:a6:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Validity
Not Before: Nov 22 08:22:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=810b70c8e30412ff5766b28262d8714a3b6346a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:41:c1:1e:ed:66:cc:48:ff:63:77:98:17:ba:
20:4e:15:d2:58:67:8d:ab:e3:4c:6b:d1:c0:e9:30:
39:68:e6:f2:ee:ab:eb:29:3d:31:5f:5c:3f:4b:3a:
ce:c5:3a:d1:15:f9:11:e6:80:b4:ff:79:da:ae:01:
71:58:9f:0c:d4:47:6c:a2:05:fa:17:5c:88:36:5a:
2b:c1:f2:e9:af:91:bb:74:98:9f:c9:9c:fb:a1:e0:
b7:00:92:95:4d:00:eb:e7:47:a9:af:30:5a:89:26:
67:cb:41:20:c2:fa:c9:37:77:8b:4a:6f:87:42:10:
36:0e:81:11:f6:d1:e8:e9:1c:b2:e6:74:96:14:f8:
54:41:d9:23:5d:dc:0f:52:7b:4a:6f:74:de:e8:9d:
36:95:cd:f0:08:9d:a5:da:f0:da:3c:e4:98:fd:d6:
b1:55:69:fe:07:1a:40:d3:9d:bd:d2:cb:24:1e:eb:
95:6c:97:0d:3f:01:93:b2:c6:d9:f6:74:d3:86:6b:
c8:3c:16:52:73:0b:8f:7d:ec:17:16:30:68:ac:b9:
96:88:c6:c0:a1:0c:bb:07:ad:a0:1c:e7:14:2f:fc:
3f:49:76:60:44:35:2f:af:3b:32:ba:a2:fb:7a:3f:
6b:7a:34:fa:f0:01:2a:92:89:3f:e3:47:3b:99:47:
03:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:0B:70:C8:E3:04:12:FF:57:66:B2:82:62:D8:71:4A:3B:63:46:A0
X509v3 Authority Key Identifier:
keyid:F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/gQtwyOMEEv9XZrKCYthxSjtjRqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.120.0.0/13
2.216.0.0/13
5.64.0.0/13
46.64.0.0/15
51.19.0.0/16
51.146.0.0/16
51.182.0.0/15
51.186.0.0/15
51.190.0.0/15
51.194.0.0/16
51.198.0.0/18
51.198.72.0-51.199.251.255
51.241.0.0/16
78.86.0.0/16
78.105.0.0/16
87.80.0.0/15
90.192.0.0/11
93.96.0.0-93.96.191.255
93.96.224.0/19
94.0.0.0/12
94.192.0.0/14
149.241.0.0/16
151.224.0.0/13
176.24.0.0/14
176.248.0.0/13
188.220.0.0/14
IPv6:
2a02:c78::/29
2a06:5900::-2a06:5901:7fff:ffff:ffff:ffff:ffff:ffff
2a06:5902::-2a06:5907:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
63:0a:f2:84:0d:7d:de:2d:5f:b7:74:26:41:43:f4:b0:8e:9b:
55:59:8b:47:53:96:94:77:6f:64:26:82:03:99:ab:75:fa:dc:
f3:f6:0a:99:c3:77:cc:30:70:98:0e:c8:ab:b6:0c:41:22:4a:
00:16:d8:11:8c:f3:b7:61:f0:39:6b:da:23:40:96:34:26:b9:
8c:97:75:8e:33:a3:92:3a:27:5a:7f:22:c4:4a:bf:c6:ef:ab:
d5:18:5a:56:74:d5:c4:3a:46:e9:95:e4:f0:38:bc:e8:3c:38:
1b:e8:f2:e9:ee:b3:fb:4e:bb:62:a5:26:91:63:4d:52:c6:56:
89:c9:61:02:ae:2d:33:6b:51:2a:e3:2c:0c:32:b3:dd:82:79:
bb:9e:4f:43:3d:de:8f:c3:9b:26:26:cc:50:6f:97:f3:24:79:
79:5b:76:94:d7:4b:33:89:c0:74:ab:18:58:49:b6:58:ba:49:
b0:bd:f9:b1:4c:15:e6:02:fe:e7:f4:8f:cd:62:48:bd:b9:8f:
5e:c1:4d:5d:6b:f1:96:ce:00:ea:5e:3b:ec:5f:79:5c:74:66:
ca:51:34:ea:22:9e:ce:92:38:d3:e6:5a:d5:52:a1:7b:a4:d2:
61:89:bf:f1:ad:36:b2:81:5b:c6:68:cc:be:10:43:71:57:b3:
06:57:ee:e1
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAZNS9ttv16psvzu3zrM6TqZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MWQ0YTQzNzRkZjIyMmFjMzIzNWI5NjAyMjA2ZDk2YmYx
ZGFjODIwHhcNMjQxMTIyMDgyMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTBiNzBjOGUzMDQxMmZmNTc2NmIyODI2MmQ4NzE0YTNiNjM0NmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUHBHu1mzEj/Y3eYF7ogThXSWGeN
q+NMa9HA6TA5aOby7qvrKT0xX1w/SzrOxTrRFfkR5oC0/3nargFxWJ8M1EdsogX6
F1yINlorwfLpr5G7dJifyZz7oeC3AJKVTQDr50eprzBaiSZny0EgwvrJN3eLSm+H
QhA2DoER9tHo6Ryy5nSWFPhUQdkjXdwPUntKb3Te6J02lc3wCJ2l2vDaPOSY/dax
VWn+BxpA05290sskHuuVbJcNPwGTssbZ9nTThmvIPBZScwuPfewXFjBorLmWiMbA
oQy7B62gHOcUL/w/SXZgRDUvrzsyuqL7ej9rejT68AEqkok/40c7mUcDVQIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFIELcMjjBBL/V2aygmLYcUo7Y0agMB8GA1UdIwQY
MBaAFPcdSkN03yIqwyNblgIgbZa/HayCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUt
ZTlhYzJiMDAzMTZhLzEvZ1F0d3lPTUVFdjlYWnJLQ1l0aHhTanRqUnFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUtZTlhYzJiMDAzMTZh
LzEvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBnAQCAAEwgZUDAwMC
eAMDAwLYAwMDBUADAwEuQAMDADMTAwMAM5IDAwEztgMDATO6AwMBM74DAwAzwgME
BjPGADAMAwQDM8ZIAwQCM8f4AwMAM/EDAwBOVgMDAE5pAwMBV1ADAwVawDALAwMF
XWADBAZdYIADBAVdYOADAwReAAMDAl7AAwMAlfEDAwOX4AMDArAYAwMDsPgDAwK8
3DAtBAIAAjAnAwUDKgIMeDAOAwQAKgZZAwYHKgZZAQAwDgMFASoGWQIDBQMqBlkA
MA0GCSqGSIb3DQEBCwUAA4IBAQBjCvKEDX3eLV+3dCZBQ/SwjptVWYtHU5aUd29k
JoIDmat1+tzz9gqZw3fMMHCYDsirtgxBIkoAFtgRjPO3YfA5a9ojQJY0JrmMl3WO
M6OSOidafyLESr/G76vVGFpWdNXEOkbpleTwOLzoPDgb6PLp7rP7TrtipSaRY01S
xlaJyWECri0za1Eq4ywMMrPdgnm7nk9DPd6Pw5smJsxQb5fzJHl5W3aU10szicB0
qxhYSbZYukmwvfmxTBXmAv7n9I/NYki9uY9ewU1da/GWzgDqXjvsX3lcdGbKUTTq
Ip7OkjjT5lrVUqF7pNJhib/xrTaygVvGaMy+EENxV7MGV+7h
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:14:53 2024 by rpki-client on console-fra.rpki-client.org