Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/G9qIXjdW1wxxLp5aTpmoHPORXRY.roa
File: G9qIXjdW1wxxLp5aTpmoHPORXRY.roa (raw, json)
Hash identifier: ExxIlJd86Wnzmfok3e5gH0uxZ9mJyjbeAmClCOz/unw=
Subject key identifier: 1B:DA:88:5E:37:56:D7:0C:71:2E:9E:5A:4E:99:A8:1C:F3:91:5D:16
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 01932C898446E8674E59208F21313FF17CD8
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/G9qIXjdW1wxxLp5aTpmoHPORXRY.roa
Signing time: Thu 14 Nov 2024 21:17:10 +0000
ROA not before: Thu 14 Nov 2024 21:17:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9125
IP address blocks: 5.172.33.0/24 maxlen: 24
5.172.34.0/23 maxlen: 23
5.172.34.0/24 maxlen: 24
5.172.36.0/22 maxlen: 22
5.172.36.0/23 maxlen: 23
89.23.65.0/24 maxlen: 24
89.23.66.0/23 maxlen: 23
89.23.68.0/23 maxlen: 23
89.23.70.0/24 maxlen: 24
89.23.74.0/24 maxlen: 24
89.23.75.0/24 maxlen: 24
89.23.77.0/24 maxlen: 24
89.23.78.0/24 maxlen: 24
89.23.83.0/24 maxlen: 24
89.23.84.0/24 maxlen: 24
89.23.86.0/24 maxlen: 24
89.23.88.0/24 maxlen: 24
89.23.90.0/24 maxlen: 24
89.23.93.0/24 maxlen: 24
92.42.248.0/22 maxlen: 22
92.42.252.0/24 maxlen: 24
92.42.253.0/24 maxlen: 24
92.42.254.0/24 maxlen: 24
92.42.255.0/24 maxlen: 24
93.93.192.0/21 maxlen: 21
95.140.112.0/22 maxlen: 22
95.140.115.0/24 maxlen: 24
95.140.116.0/22 maxlen: 22
95.140.120.0/23 maxlen: 23
95.140.124.0/22 maxlen: 22
95.140.125.0/24 maxlen: 24
109.111.224.0/24 maxlen: 24
109.111.225.0/24 maxlen: 24
109.111.226.0/24 maxlen: 24
109.111.227.0/24 maxlen: 24
109.111.228.0/24 maxlen: 24
109.111.229.0/24 maxlen: 24
109.111.230.0/23 maxlen: 23
109.111.232.0/22 maxlen: 22
109.111.236.0/22 maxlen: 22
109.111.240.0/24 maxlen: 24
109.111.243.0/24 maxlen: 24
109.111.244.0/24 maxlen: 24
109.111.245.0/24 maxlen: 24
109.111.246.0/24 maxlen: 24
109.111.247.0/24 maxlen: 24
109.111.248.0/24 maxlen: 24
109.111.249.0/24 maxlen: 24
109.111.250.0/24 maxlen: 24
109.111.252.0/23 maxlen: 23
109.111.254.0/24 maxlen: 24
178.254.128.0/21 maxlen: 21
178.254.133.0/24 maxlen: 24
178.254.136.0/22 maxlen: 22
178.254.140.0/22 maxlen: 22
178.254.144.0/20 maxlen: 20
178.254.145.0/24 maxlen: 24
178.254.163.0/24 maxlen: 24
178.254.165.0/24 maxlen: 24
178.254.169.0/24 maxlen: 24
178.254.172.0/24 maxlen: 24
178.254.175.0/24 maxlen: 24
178.254.177.0/24 maxlen: 24
178.254.182.0/24 maxlen: 24
178.254.183.0/24 maxlen: 24
178.254.184.0/24 maxlen: 24
178.254.187.0/24 maxlen: 24
178.254.188.0/22 maxlen: 24
185.157.44.0/24 maxlen: 24
193.104.68.0/24 maxlen: 24
217.169.208.0/20 maxlen: 20
217.169.208.0/22 maxlen: 22
217.169.212.0/22 maxlen: 22
217.169.216.0/22 maxlen: 22
217.169.219.0/24 maxlen: 24
217.169.220.0/22 maxlen: 22
2a02:b58::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2c:89:84:46:e8:67:4e:59:20:8f:21:31:3f:f1:7c:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Nov 14 21:17:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bda885e3756d70c712e9e5a4e99a81cf3915d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:df:23:23:f6:ff:b0:8a:81:50:c0:cf:af:f4:
1e:7e:3d:fc:0a:69:1b:cf:94:25:58:58:b2:08:39:
9b:28:75:e2:1f:3e:f9:21:f8:fd:ac:e6:90:9f:33:
34:29:f5:59:b9:74:27:b1:19:f7:a0:6a:ac:83:9c:
55:63:12:8e:6b:1b:3b:f5:b1:00:14:a4:fa:08:71:
81:6a:6e:a9:3c:7f:37:e5:d7:cd:29:25:72:2a:26:
0c:9c:35:b4:ee:5b:8b:27:34:da:45:26:6d:b4:4f:
a4:77:34:1a:e8:06:6b:eb:2b:d2:1c:a5:46:9a:af:
a5:72:15:47:36:0d:0d:00:6a:61:6e:ee:9c:65:8c:
39:98:c5:5a:9d:b3:e1:90:3e:f4:ba:ce:60:e6:77:
c0:6a:2f:03:7f:5a:66:d9:28:2d:f6:1e:0a:02:7a:
2c:08:1e:f5:09:4e:0b:9a:ab:1a:e8:e5:4e:13:48:
4b:9f:c5:c9:44:65:6c:08:de:9d:d0:b3:5a:45:92:
ff:27:a7:13:0e:59:b7:c4:15:32:40:96:b6:98:5e:
4a:aa:84:e8:55:c4:e3:0c:cd:e1:09:28:ee:3f:26:
c9:c6:41:d8:b5:50:4c:1e:52:8b:98:3f:6b:eb:66:
c7:c0:b2:5f:b7:8c:8f:8e:95:ed:9a:ec:90:71:6e:
02:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:DA:88:5E:37:56:D7:0C:71:2E:9E:5A:4E:99:A8:1C:F3:91:5D:16
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/G9qIXjdW1wxxLp5aTpmoHPORXRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.33.0-5.172.39.255
89.23.65.0-89.23.70.255
89.23.74.0/23
89.23.77.0-89.23.78.255
89.23.83.0-89.23.84.255
89.23.86.0/24
89.23.88.0/24
89.23.90.0/24
89.23.93.0/24
92.42.248.0/21
93.93.192.0/21
95.140.112.0-95.140.121.255
95.140.124.0/22
109.111.224.0-109.111.240.255
109.111.243.0-109.111.250.255
109.111.252.0-109.111.254.255
178.254.128.0/19
178.254.163.0/24
178.254.165.0/24
178.254.169.0/24
178.254.172.0/24
178.254.175.0/24
178.254.177.0/24
178.254.182.0-178.254.184.255
178.254.187.0-178.254.191.255
185.157.44.0/24
193.104.68.0/24
217.169.208.0/20
IPv6:
2a02:b58::/32
Signature Algorithm: sha256WithRSAEncryption
12:4f:f4:83:8a:97:0b:e6:3c:77:82:e1:5d:fe:a1:d2:dc:e8:
50:f5:42:34:41:d2:45:a7:36:f8:ab:f6:2f:b0:80:64:a3:19:
9d:11:5d:e6:4a:aa:39:d1:16:b5:89:09:4c:82:3d:3d:a5:8f:
85:b5:6e:41:5f:6d:59:bc:bb:84:85:32:45:5f:4a:f1:c7:8e:
24:b4:2b:c0:22:03:7d:96:32:64:57:dc:88:2b:8a:39:bc:73:
2d:cc:01:c0:6f:01:e8:ee:fd:ce:89:52:bb:cf:7e:e7:f7:9c:
ad:79:ef:12:db:58:46:a9:42:fd:8f:eb:a0:7b:f9:1c:e1:d1:
9a:b6:76:2b:ad:5b:1b:c9:51:25:b3:4a:5b:b5:cd:fc:29:92:
de:f7:84:28:a9:e8:9d:d9:d0:d6:b9:39:d1:67:88:96:5f:eb:
5a:57:59:4a:2f:c7:a6:7d:16:c1:f6:3d:88:cf:7e:07:20:86:
30:c8:81:d8:94:cf:5f:7a:bd:49:87:30:26:fd:51:d4:a9:62:
b9:69:39:f4:45:b3:8b:63:14:97:70:18:4d:da:7e:32:f7:04:
2b:f5:09:62:f7:77:26:9d:2d:06:dd:80:d4:ef:97:56:a9:75:
f1:75:53:16:ae:a8:14:80:a4:e0:2e:76:d5:e4:1e:a3:27:91:
ce:0e:01:48
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgISAZMsiYRG6GdOWSCPITE/8XzYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjQxMTE0MjExNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmRhODg1ZTM3NTZkNzBjNzEyZTllNWE0ZTk5YTgxY2YzOTE1ZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6N8jI/b/sIqBUMDPr/Qefj38Cmkb
z5QlWFiyCDmbKHXiHz75Ifj9rOaQnzM0KfVZuXQnsRn3oGqsg5xVYxKOaxs79bEA
FKT6CHGBam6pPH835dfNKSVyKiYMnDW07luLJzTaRSZttE+kdzQa6AZr6yvSHKVG
mq+lchVHNg0NAGphbu6cZYw5mMVanbPhkD70us5g5nfAai8Df1pm2Sgt9h4KAnos
CB71CU4Lmqsa6OVOE0hLn8XJRGVsCN6d0LNaRZL/J6cTDlm3xBUyQJa2mF5KqoTo
VcTjDM3hCSjuPybJxkHYtVBMHlKLmD9r62bHwLJft4yPjpXtmuyQcW4CuQIDAQAB
o4IDEjCCAw4wHQYDVR0OBBYEFBvaiF43VtcMcS6eWk6ZqBzzkV0WMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvRzlxSVhqZFcxd3h4THA1YVRwbW9IUE9SWFJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJgYIKwYBBQUHAQcBAf8EggEVMIIBETCB/wQCAAEwgfgw
DAMEAAWsIQMEAwWsIDAMAwQAWRdBAwQAWRdGAwQBWRdKMAwDBABZF00DBABZF04w
DAMEAFkXUwMEAFkXVAMEAFkXVgMEAFkXWAMEAFkXWgMEAFkXXQMEA1wq+AMEA11d
wDAMAwQEX4xwAwQBX4x4AwQCX4x8MAwDBAVtb+ADBABtb/AwDAMEAG1v8wMEAG1v
+jAMAwQCbW/8AwQAbW/+AwQFsv6AAwQAsv6jAwQAsv6lAwQAsv6pAwQAsv6sAwQA
sv6vAwQAsv6xMAwDBAGy/rYDBACy/rgwDAMEALL+uwMEBrL+gAMEALmdLAMEAMFo
RAMEBNmp0DANBAIAAjAHAwUAKgILWDANBgkqhkiG9w0BAQsFAAOCAQEAEk/0g4qX
C+Y8d4LhXf6h0tzoUPVCNEHSRac2+Kv2L7CAZKMZnRFd5kqqOdEWtYkJTII9PaWP
hbVuQV9tWby7hIUyRV9K8ceOJLQrwCIDfZYyZFfciCuKObxzLcwBwG8B6O79zolS
u89+5/ecrXnvEttYRqlC/Y/roHv5HOHRmrZ2K61bG8lRJbNKW7XN/CmS3veEKKno
ndnQ1rk50WeIll/rWldZSi/Hpn0WwfY9iM9+ByCGMMiB2JTPX3q9SYcwJv1R1Kli
uWk59EWzi2MUl3AYTdp+MvcEK/UJYvd3Jp0tBt2A1O+XVql18XVTFq6oFICk4C52
1eQeoyeRzg4BSA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:41:51 2024 by rpki-client on console-fra.rpki-client.org