Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/IRM-p8ylbn9c8W6kf8BdXILzovk.roa
File: IRM-p8ylbn9c8W6kf8BdXILzovk.roa (raw, json)
Hash identifier: tNBGNv92MO/GO8MtTj/HKP1LC3LJvQGjPoRc6wHnmwo=
Subject key identifier: 21:13:3E:A7:CC:A5:6E:7F:5C:F1:6E:A4:7F:C0:5D:5C:82:F3:A2:F9
Certificate issuer: /CN=63444210ea08ac529878d51917e3b30054d620d1
Certificate serial: 018CC5014379114A3A1193E0A450EC4EC472
Authority key identifier: 63:44:42:10:EA:08:AC:52:98:78:D5:19:17:E3:B3:00:54:D6:20:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/IRM-p8ylbn9c8W6kf8BdXILzovk.roa
Signing time: Mon 01 Jan 2024 12:30:43 +0000
ROA not before: Mon 01 Jan 2024 12:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30722
IP address blocks: 91.80.64.0/18 maxlen: 18
109.114.0.0/15 maxlen: 19
176.242.0.0/15 maxlen: 15
91.80.0.0/19 maxlen: 19
93.144.0.0/16 maxlen: 20
2.43.0.0/16 maxlen: 16
93.70.0.0/16 maxlen: 18
91.80.32.0/21 maxlen: 21
2.33.0.0/17 maxlen: 17
83.225.0.0/16 maxlen: 16
91.80.46.0/24 maxlen: 24
91.80.48.0/20 maxlen: 24
2.33.128.0/17 maxlen: 17
93.148.0.0/16 maxlen: 20
93.151.128.0/17 maxlen: 20
2.40.0.0/16 maxlen: 20
91.80.128.0/17 maxlen: 17
83.224.64.0/20 maxlen: 20
83.224.81.0/24 maxlen: 24
83.224.80.0/24 maxlen: 24
83.224.86.0/23 maxlen: 23
93.66.0.0/15 maxlen: 17
2.32.0.0/16 maxlen: 20
93.150.0.0/16 maxlen: 20
2.36.0.0/14 maxlen: 18
31.26.0.0/16 maxlen: 16
188.218.0.0/15 maxlen: 18
37.117.0.0/16 maxlen: 19
93.147.0.0/16 maxlen: 20
83.224.128.0/17 maxlen: 17
2.46.0.0/15 maxlen: 20
37.176.0.0/13 maxlen: 20
37.119.0.0/17 maxlen: 19
109.119.0.0/16 maxlen: 16
31.156.0.0/14 maxlen: 19
93.146.0.0/16 maxlen: 20
37.159.128.0/17 maxlen: 20
109.115.192.0/19 maxlen: 19
2.45.0.0/16 maxlen: 20
109.115.96.0/19 maxlen: 19
109.112.0.0/15 maxlen: 15
188.152.128.0/17 maxlen: 20
31.27.224.0/19 maxlen: 19
93.65.0.0/16 maxlen: 18
37.116.0.0/16 maxlen: 19
109.116.0.0/15 maxlen: 20
176.244.0.0/14 maxlen: 14
2.42.0.0/16 maxlen: 20
37.119.128.0/17 maxlen: 20
93.69.0.0/16 maxlen: 16
109.115.224.0/19 maxlen: 19
188.153.0.0/16 maxlen: 20
130.25.0.0/16 maxlen: 18
2.44.0.0/16 maxlen: 19
93.71.0.0/16 maxlen: 18
2.34.0.0/15 maxlen: 20
2.33.176.0/20 maxlen: 20
93.64.0.0/16 maxlen: 18
31.27.0.0/18 maxlen: 18
37.118.0.0/16 maxlen: 16
109.118.0.0/16 maxlen: 16
91.81.0.0/17 maxlen: 19
93.145.0.0/16 maxlen: 20
5.88.0.0/13 maxlen: 20
93.68.0.0/16 maxlen: 16
91.81.128.0/17 maxlen: 24
37.159.0.0/17 maxlen: 17
31.27.192.0/19 maxlen: 19
93.149.0.0/16 maxlen: 20
188.152.0.0/17 maxlen: 20
31.27.96.0/20 maxlen: 20
188.216.0.0/15 maxlen: 17
130.0.128.0/18 maxlen: 21
31.27.128.0/17 maxlen: 19
2.41.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/Y0RCEOoIrFKYeNUZF-OzAFTWINE.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/Y0RCEOoIrFKYeNUZF-OzAFTWINE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 09:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:43:79:11:4a:3a:11:93:e0:a4:50:ec:4e:c4:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63444210ea08ac529878d51917e3b30054d620d1
Validity
Not Before: Jan 1 12:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21133ea7cca56e7f5cf16ea47fc05d5c82f3a2f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:2e:b0:57:86:c8:12:66:ca:a7:c6:91:16:c6:
37:91:bc:0b:9a:78:dc:1a:32:d1:2e:ff:83:7c:07:
32:77:38:46:e2:55:15:8e:6d:79:e7:0b:36:b7:27:
47:ff:a3:56:c9:c4:5b:8a:d7:24:29:5f:a1:23:a0:
b9:76:49:58:01:65:bf:6c:18:61:1a:a4:0c:f9:63:
06:1d:1a:27:9e:2d:cf:eb:8b:11:08:f7:76:27:40:
99:c1:d0:e6:ba:75:60:72:9b:c1:0d:a0:c6:37:89:
62:66:f2:ad:27:72:8d:bb:f1:f2:02:80:78:aa:28:
65:82:80:66:f5:21:ea:e5:41:b5:94:a9:a8:e8:c1:
2c:b6:b8:26:a3:0b:57:1b:ee:cd:00:11:4a:65:90:
d5:bb:c7:44:e6:c8:c1:53:75:2f:cc:45:6d:88:42:
6b:87:b8:94:dc:a6:2a:35:85:24:dd:2e:d1:73:c6:
9b:36:d5:f5:df:6e:cf:36:48:07:6b:c4:f7:de:2d:
77:8c:7e:ba:b2:59:02:f3:ab:d3:8e:2e:2e:63:9c:
e8:f6:ce:d5:a8:ed:38:ca:eb:08:db:3d:c1:04:9c:
17:0b:2f:d8:cb:4d:90:d4:4b:e6:8f:27:31:db:87:
86:9e:6b:39:70:c3:95:68:95:44:9b:b3:5e:15:77:
e2:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:13:3E:A7:CC:A5:6E:7F:5C:F1:6E:A4:7F:C0:5D:5C:82:F3:A2:F9
X509v3 Authority Key Identifier:
keyid:63:44:42:10:EA:08:AC:52:98:78:D5:19:17:E3:B3:00:54:D6:20:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/IRM-p8ylbn9c8W6kf8BdXILzovk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/Y0RCEOoIrFKYeNUZF-OzAFTWINE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.32.0.0/12
5.88.0.0/13
31.26.0.0-31.27.63.255
31.27.96.0/20
31.27.128.0/17
31.156.0.0/14
37.116.0.0/14
37.159.0.0/16
37.176.0.0/13
83.224.64.0-83.224.81.255
83.224.86.0/23
83.224.128.0-83.225.255.255
91.80.0.0-91.80.39.255
91.80.46.0/24
91.80.48.0-91.81.255.255
93.64.0.0/13
93.144.0.0-93.150.255.255
93.151.128.0/17
109.112.0.0/13
130.0.128.0/18
130.25.0.0/16
176.242.0.0-176.247.255.255
188.152.0.0/15
188.216.0.0/14
Signature Algorithm: sha256WithRSAEncryption
a2:a2:75:04:1d:8a:f2:ab:70:cc:7f:d7:a2:28:d8:38:67:d6:
2f:8f:3b:61:e7:4b:7c:be:f9:a9:01:5a:eb:d9:62:b6:21:e6:
b1:43:d5:79:6d:cd:6e:35:3a:b4:34:4d:61:e8:1e:b3:24:ef:
61:6c:7e:40:85:32:2c:a6:46:1b:f8:8c:c9:fd:2d:9d:d2:81:
21:f6:d1:e3:1f:c1:64:40:a6:28:bb:6f:7d:04:ad:93:4e:b4:
d1:08:4d:7b:e2:95:fb:3b:07:c8:7a:f0:2c:04:a7:85:85:59:
ce:da:77:94:a6:f3:34:d0:a9:ce:0e:a8:94:d3:8e:41:ca:1b:
40:ce:24:87:81:6c:11:06:4c:fa:12:b8:0c:1d:f0:9b:02:0a:
02:d1:9e:db:78:35:fb:65:9d:49:1e:50:fe:9c:7d:e1:a2:6e:
c8:a7:63:a2:56:cf:a3:c9:17:d4:a8:a3:ea:98:e1:89:dd:c3:
d6:8e:4a:4f:5d:61:29:b2:b1:f9:db:61:82:8e:7e:36:7d:f4:
66:4d:04:b6:69:34:e1:b3:f6:66:3f:5c:db:72:6c:f8:da:e0:
fe:0f:1f:2a:c7:22:de:59:cb:31:ac:43:e4:4b:ae:a2:72:c0:
13:5e:12:76:d5:d5:f7:ad:6a:6c:22:62:35:1d:2a:80:c8:f5:
a2:fa:ca:ce
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgISAYzFAUN5EUo6EZPgpFDsTsRyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNDQ0MjEwZWEwOGFjNTI5ODc4ZDUxOTE3ZTNiMzAwNTRk
NjIwZDEwHhcNMjQwMTAxMTIzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTEzM2VhN2NjYTU2ZTdmNWNmMTZlYTQ3ZmMwNWQ1YzgyZjNhMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjC6wV4bIEmbKp8aRFsY3kbwLmnjc
GjLRLv+DfAcydzhG4lUVjm155ws2tydH/6NWycRbitckKV+hI6C5dklYAWW/bBhh
GqQM+WMGHRonni3P64sRCPd2J0CZwdDmunVgcpvBDaDGN4liZvKtJ3KNu/HyAoB4
qihlgoBm9SHq5UG1lKmo6MEstrgmowtXG+7NABFKZZDVu8dE5sjBU3UvzEVtiEJr
h7iU3KYqNYUk3S7Rc8abNtX1327PNkgHa8T33i13jH66slkC86vTji4uY5zo9s7V
qO04yusI2z3BBJwXCy/Yy02Q1Evmjycx24eGnms5cMOVaJVEm7NeFXfi6wIDAQAB
o4ICvTCCArkwHQYDVR0OBBYEFCETPqfMpW5/XPFupH/AXVyC86L5MB8GA1UdIwQY
MBaAFGNEQhDqCKxSmHjVGRfjswBU1iDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTBSQ0VPb0lyRktZZU5VWkYtT3pBRlRXSU5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lZGVhNmUtNjZjYy00ZmIxLWE0NTQt
ZmU4MzdmOThlMDI2LzEvSVJNLXA4eWxibjljOFc2a2Y4QmRYSUx6b3ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lZGVhNmUtNjZjYy00ZmIxLWE0NTQtZmU4MzdmOThlMDI2
LzEvWTBSQ0VPb0lyRktZZU5VWkYtT3pBRlRXSU5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHSBggrBgEFBQcBBwEB/wSBwjCBvzCBvAQCAAEwgbUDAwQC
IAMDAwVYMAsDAwEfGgMEBh8bAAMEBB8bYAMEBx8bgAMDAh+cAwMCJXQDAwAlnwMD
AyWwMAwDBAZT4EADBAFT4FADBAFT4FYwCwMEB1PggAMDAVPgMAsDAwRbUAMEA1tQ
IAMEAFtQLjALAwQEW1AwAwMBW1ADAwNdQDAKAwMEXZADAwBdlgMEB12XgAMDA21w
AwQGggCAAwMAghkwCgMDAbDyAwMDsPADAwG8mAMDArzYMA0GCSqGSIb3DQEBCwUA
A4IBAQCionUEHYryq3DMf9eiKNg4Z9Yvjzth50t8vvmpAVrr2WK2IeaxQ9V5bc1u
NTq0NE1h6B6zJO9hbH5AhTIspkYb+IzJ/S2d0oEh9tHjH8FkQKYou299BK2TTrTR
CE174pX7OwfIevAsBKeFhVnO2neUpvM00KnODqiU045ByhtAziSHgWwRBkz6ErgM
HfCbAgoC0Z7beDX7ZZ1JHlD+nH3hom7Ip2OiVs+jyRfUqKPqmOGJ3cPWjkpPXWEp
srH522GCjn42ffRmTQS2aTThs/ZmP1zbcmz42uD+Dx8qxyLeWcsxrEPkS66icsAT
XhJ21dX3rWpsImI1HSqAyPWi+srO
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:32:51 2024 by rpki-client on console-ams.rpki-client.org