Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/KiRt3kr_YeQGQnFGrzWE37jDg1Q.roa
File: KiRt3kr_YeQGQnFGrzWE37jDg1Q.roa (raw, json)
Hash identifier: xF6cs0Jw6PHicJXxeKcZIYo5aWl/hQ5pDR/g1ni63sE=
Subject key identifier: 2A:24:6D:DE:4A:FF:61:E4:06:42:71:46:AF:35:84:DF:B8:C3:83:54
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0193466DEF4F7715CE3459F7625D1F930C24
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/KiRt3kr_YeQGQnFGrzWE37jDg1Q.roa
Signing time: Tue 19 Nov 2024 21:57:10 +0000
ROA not before: Tue 19 Nov 2024 21:57:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:342::/32 maxlen: 32
2a09:346::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a11:3900::/32 maxlen: 32
2a11:d680::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:46:6d:ef:4f:77:15:ce:34:59:f7:62:5d:1f:93:0c:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 19 21:57:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a246dde4aff61e406427146af3584dfb8c38354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4e:f2:c0:94:04:ee:b0:3b:94:b1:0a:3d:73:
e1:b8:91:6e:1e:8a:df:46:16:62:e8:e7:f7:f3:8d:
8e:4b:ec:64:25:2f:8e:20:63:e1:f4:8a:48:be:c8:
ff:84:31:c0:e4:ad:7a:38:77:2d:63:aa:ae:0b:64:
80:9d:64:32:4b:44:08:60:7b:66:74:98:4c:36:d1:
59:05:e4:53:c0:05:15:ba:a0:42:32:31:a9:f7:06:
b1:e5:fc:47:cd:69:6d:6a:7e:e9:71:89:3e:d3:4f:
26:f0:31:ee:e5:21:39:2e:0a:91:2f:f2:fb:d7:4d:
61:9c:b0:0b:29:44:33:31:eb:2c:3a:87:06:ea:bb:
68:3b:37:f8:cf:42:e0:cb:f9:18:13:35:62:cb:42:
cc:20:0d:7c:06:4e:8e:18:c6:b3:ed:bf:57:e6:04:
25:be:07:d7:5b:9e:66:cd:9d:94:d2:6b:4e:52:ea:
af:01:36:73:ee:ca:9d:11:6f:5a:25:fb:66:ed:b3:
39:e0:5d:25:98:2b:36:d2:82:b9:05:c9:c3:a6:42:
6f:ed:76:ac:f2:20:92:42:7a:ad:5e:ac:be:7e:14:
68:12:38:a3:01:d3:b6:19:88:a1:a6:c5:5b:ed:3a:
56:aa:3b:32:1e:8d:b2:e5:25:ff:67:d8:d9:36:b9:
9c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:24:6D:DE:4A:FF:61:E4:06:42:71:46:AF:35:84:DF:B8:C3:83:54
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/KiRt3kr_YeQGQnFGrzWE37jDg1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.81.115.0/24
45.88.136.0/24
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:342::/32
2a09:346::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
2a11:3900::/32
2a11:d680::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
50:13:27:8c:ea:c5:8b:67:59:ec:ea:88:e7:67:d5:0e:70:a4:
76:8e:4b:18:1e:b1:3f:4b:5f:f3:2b:4b:34:69:0f:27:ea:5f:
90:75:b4:51:ee:f1:13:76:c2:26:c7:eb:ca:5b:69:cc:7a:62:
79:2b:bf:ea:57:05:c8:30:d6:4e:38:e1:a3:ea:fc:9a:8d:fb:
cb:6b:be:22:71:83:83:e1:33:bf:03:7b:96:61:c9:44:82:54:
29:a0:98:df:4e:96:f2:06:55:92:85:30:eb:8d:66:e5:3c:2f:
77:f0:bd:1d:7b:f2:0a:64:fe:fd:e6:6d:cc:cc:a5:11:fa:9c:
13:f1:ce:de:f9:83:4f:77:a3:f3:d4:ba:4a:c9:dc:af:2a:e6:
70:64:41:24:3e:ba:8c:cf:ba:b3:4b:34:97:83:89:f5:98:76:
a0:f9:4d:70:89:b6:c7:c8:49:35:b4:ad:58:9a:66:02:93:59:
06:61:0e:f1:56:49:8c:65:00:a5:da:31:13:14:3d:c9:91:3b:
20:36:2b:11:15:23:39:42:09:57:4e:18:f0:22:5c:74:60:65:
9c:bf:9e:89:3b:10:a8:1d:f9:cc:da:98:b3:fc:91:b6:4c:b8:
aa:6d:8c:a4:db:56:b4:05:e9:f8:ff:0e:8d:75:c2:7f:b5:1c:
16:83:a3:b9
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAZNGbe9PdxXONFn3Yl0fkwwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQxMTE5MjE1NzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTI0NmRkZTRhZmY2MWU0MDY0MjcxNDZhZjM1ODRkZmI4YzM4MzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvE7ywJQE7rA7lLEKPXPhuJFuHorf
RhZi6Of3842OS+xkJS+OIGPh9IpIvsj/hDHA5K16OHctY6quC2SAnWQyS0QIYHtm
dJhMNtFZBeRTwAUVuqBCMjGp9wax5fxHzWltan7pcYk+008m8DHu5SE5LgqRL/L7
101hnLALKUQzMessOocG6rtoOzf4z0Lgy/kYEzViy0LMIA18Bk6OGMaz7b9X5gQl
vgfXW55mzZ2U0mtOUuqvATZz7sqdEW9aJftm7bM54F0lmCs20oK5BcnDpkJv7Xas
8iCSQnqtXqy+fhRoEjijAdO2GYihpsVb7TpWqjsyHo2y5SX/Z9jZNrmcJQIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFCokbd5K/2HkBkJxRq81hN+4w4NUMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvS2lSdDNrcl9ZZVFHUW5GR3J6V0UzN2pEZzFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCBoQQCAAEwgZoD
BAACOG0DBAAFtVQDBAAFtVcDBAAtCR0wDAMEAC0NvQMEAC0NvgMEAC1RcwMEAC1Y
iAMEAC1eqwMEAi2EtAMEAC2Q1AMEAC2XAwMEAE1TJQMEAJITfQMEAbkr+AMEALkr
+wMEAbnIPgMEAMEe8AMEAcEe8gMEAME5KwMEAMLyYAMEAcLyYjAMAwQCw7FcAwQA
w7FeAwQCw9O8MHYEAgACMHADBQAqAXEgAwUDKgeSAAMFACoJA0ADBQAqCQNCAwUA
KgkDRgMFACoJxEADBQAqDF1AAwUDKgylgAMFAyoQ38ADBQAqEPrAAwUDKhEFgAMF
ACoRFgADBQAqESqAAwUAKhE5AAMFACoR1oADBQAqEp8AMA0GCSqGSIb3DQEBCwUA
A4IBAQBQEyeM6sWLZ1ns6ojnZ9UOcKR2jksYHrE/S1/zK0s0aQ8n6l+QdbRR7vET
dsImx+vKW2nMemJ5K7/qVwXIMNZOOOGj6vyajfvLa74icYOD4TO/A3uWYclEglQp
oJjfTpbyBlWShTDrjWblPC938L0de/IKZP795m3MzKUR+pwT8c7e+YNPd6Pz1LpK
ydyvKuZwZEEkPrqMz7qzSzSXg4n1mHag+U1wibbHyEk1tK1YmmYCk1kGYQ7xVkmM
ZQCl2jETFD3JkTsgNisRFSM5QglXThjwIlx0YGWcv56JOxCoHfnM2piz/JG2TLiq
bYyk21a0Ben4/w6NdcJ/tRwWg6O5
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:33:26 2024 by rpki-client on console-ams.rpki-client.org