Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/E-yMwwoOEDCQVgTrPbHeiHJaNvg.roa
File: E-yMwwoOEDCQVgTrPbHeiHJaNvg.roa (raw, json)
Hash identifier: zj0LP9skF+TPdYPm3doPZdOmcTop6ixBud1za/Y5Gi8=
Subject key identifier: 13:EC:8C:C3:0A:0E:10:30:90:56:04:EB:3D:B1:DE:88:72:5A:36:F8
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 019302AEF9102F8F3E5F9D5716D3C2D7D45D
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/E-yMwwoOEDCQVgTrPbHeiHJaNvg.roa
Signing time: Wed 06 Nov 2024 18:14:01 +0000
ROA not before: Wed 06 Nov 2024 18:14:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 31.131.12.0/22 maxlen: 22
31.133.192.0/24 maxlen: 24
31.133.193.0/24 maxlen: 24
31.133.194.0/24 maxlen: 24
31.133.195.0/24 maxlen: 24
31.133.196.0/23 maxlen: 23
31.133.198.0/24 maxlen: 24
31.133.199.0/24 maxlen: 24
31.135.1.0/24 maxlen: 24
31.135.7.0/24 maxlen: 24
37.97.122.0/23 maxlen: 23
64.43.66.0/23 maxlen: 23
64.43.68.0/22 maxlen: 22
64.43.80.0/21 maxlen: 21
64.43.88.0/22 maxlen: 22
77.36.8.0/21 maxlen: 21
77.36.28.0/23 maxlen: 23
77.36.30.0/24 maxlen: 24
77.36.32.0/22 maxlen: 22
77.36.36.0/23 maxlen: 23
77.36.38.0/23 maxlen: 23
77.36.40.0/21 maxlen: 21
77.36.48.0/22 maxlen: 22
77.36.52.0/23 maxlen: 23
77.36.80.0/21 maxlen: 21
77.36.88.0/24 maxlen: 24
77.36.89.0/24 maxlen: 24
77.36.90.0/23 maxlen: 23
77.36.92.0/22 maxlen: 22
77.36.96.0/20 maxlen: 20
77.232.192.0/23 maxlen: 24
77.232.194.0/23 maxlen: 23
77.232.196.0/22 maxlen: 22
77.232.200.0/22 maxlen: 22
77.232.204.0/22 maxlen: 22
77.232.208.0/21 maxlen: 21
77.232.220.0/22 maxlen: 22
81.161.12.0/22 maxlen: 22
85.204.196.0/23 maxlen: 24
86.104.132.0/23 maxlen: 24
89.34.74.0/23 maxlen: 24
89.42.232.0/23 maxlen: 24
89.44.100.0/23 maxlen: 24
89.45.92.0/23 maxlen: 24
89.46.112.0/23 maxlen: 24
91.225.34.0/24 maxlen: 24
91.225.35.0/24 maxlen: 24
91.229.16.0/23 maxlen: 23
91.229.31.0/24 maxlen: 24
91.229.156.0/23 maxlen: 23
91.229.158.0/24 maxlen: 24
91.229.159.0/24 maxlen: 24
91.231.223.0/24 maxlen: 24
91.231.224.0/23 maxlen: 23
91.231.226.0/24 maxlen: 24
91.232.16.0/23 maxlen: 23
91.233.2.0/23 maxlen: 23
91.233.202.0/23 maxlen: 23
91.234.150.0/23 maxlen: 23
91.234.220.0/23 maxlen: 23
91.234.222.0/23 maxlen: 23
91.239.0.0/22 maxlen: 22
91.239.178.0/24 maxlen: 24
91.240.156.0/22 maxlen: 22
91.245.176.0/21 maxlen: 21
91.246.188.0/22 maxlen: 22
91.246.196.0/22 maxlen: 22
93.120.8.0/24 maxlen: 24
93.120.27.0/24 maxlen: 24
93.120.28.0/23 maxlen: 23
93.120.30.0/24 maxlen: 24
93.120.48.0/20 maxlen: 20
93.120.64.0/21 maxlen: 21
93.120.75.0/24 maxlen: 24
93.120.76.0/22 maxlen: 22
93.120.80.0/22 maxlen: 22
93.120.85.0/24 maxlen: 24
93.120.86.0/23 maxlen: 23
93.120.88.0/23 maxlen: 23
93.120.90.0/24 maxlen: 24
93.120.92.0/23 maxlen: 23
93.120.94.0/23 maxlen: 23
93.120.112.0/21 maxlen: 21
93.120.124.0/22 maxlen: 22
171.25.223.0/24 maxlen: 24
176.96.56.0/21 maxlen: 21
176.96.176.0/22 maxlen: 22
176.96.180.0/22 maxlen: 22
176.97.144.0/22 maxlen: 22
176.97.148.0/22 maxlen: 22
176.98.56.0/22 maxlen: 22
176.98.60.0/22 maxlen: 22
176.107.64.0/20 maxlen: 24
176.110.106.0/24 maxlen: 24
176.110.114.0/23 maxlen: 23
176.111.0.0/22 maxlen: 22
176.111.4.0/22 maxlen: 22
176.112.84.0/22 maxlen: 22
176.116.40.0/21 maxlen: 21
176.118.88.0/22 maxlen: 22
176.118.92.0/22 maxlen: 22
176.121.96.0/21 maxlen: 21
176.124.176.0/22 maxlen: 22
176.124.180.0/22 maxlen: 22
178.159.148.0/22 maxlen: 22
178.159.152.0/21 maxlen: 21
185.9.236.0/22 maxlen: 22
185.9.240.0/22 maxlen: 22
185.104.196.0/22 maxlen: 24
188.191.248.0/22 maxlen: 22
188.213.233.0/24 maxlen: 24
193.0.190.0/24 maxlen: 24
193.36.192.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:02:ae:f9:10:2f:8f:3e:5f:9d:57:16:d3:c2:d7:d4:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Nov 6 18:14:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=13ec8cc30a0e1030905604eb3db1de88725a36f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a9:1b:a6:2b:37:f3:5a:e8:11:36:86:40:cc:
ad:f5:d3:02:7f:4e:38:d3:eb:97:2b:59:28:43:46:
ba:46:09:1d:cf:46:d3:3b:2e:d4:48:4e:5b:29:54:
7c:9b:cb:37:15:f0:8a:a9:7c:38:33:08:73:86:cd:
a1:0b:d1:db:d2:80:46:10:59:5b:73:bb:36:05:6b:
c2:94:9e:b5:04:88:dd:75:e2:e0:1a:7e:5a:d5:f2:
0e:5c:1c:e1:43:1c:b2:af:ff:78:ef:84:f8:3d:36:
94:4c:c9:7b:c2:5f:ff:f0:1a:fa:cc:3c:ef:31:a7:
7a:0a:b0:2d:31:ae:a1:80:f3:24:fd:d9:30:86:fb:
bb:26:0e:7b:30:9a:c8:7a:1c:a0:57:36:c5:c9:af:
70:1e:d5:08:8a:59:f9:98:7b:2d:6f:da:96:a7:b0:
f5:8f:8a:c4:76:82:2f:0c:57:5d:ad:3b:af:3f:ae:
aa:af:0b:6c:4f:a0:3e:b5:05:3a:26:bf:b7:43:94:
92:90:37:1a:3b:0c:05:14:07:62:e9:fe:62:55:d9:
94:68:27:39:eb:87:79:7f:4a:b9:b7:e8:55:55:b9:
ee:96:f4:90:b2:61:8d:0e:2c:c7:83:9f:26:cb:0d:
c9:cc:83:ce:b4:11:df:1f:42:6e:e8:63:d3:f4:d9:
86:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:EC:8C:C3:0A:0E:10:30:90:56:04:EB:3D:B1:DE:88:72:5A:36:F8
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/E-yMwwoOEDCQVgTrPbHeiHJaNvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.12.0/22
31.133.192.0/21
31.135.1.0/24
31.135.7.0/24
37.97.122.0/23
64.43.66.0-64.43.71.255
64.43.80.0-64.43.91.255
77.36.8.0/21
77.36.28.0-77.36.30.255
77.36.32.0-77.36.53.255
77.36.80.0-77.36.111.255
77.232.192.0-77.232.215.255
77.232.220.0/22
81.161.12.0/22
85.204.196.0/23
86.104.132.0/23
89.34.74.0/23
89.42.232.0/23
89.44.100.0/23
89.45.92.0/23
89.46.112.0/23
91.225.34.0/23
91.229.16.0/23
91.229.31.0/24
91.229.156.0/22
91.231.223.0-91.231.226.255
91.232.16.0/23
91.233.2.0/23
91.233.202.0/23
91.234.150.0/23
91.234.220.0/22
91.239.0.0/22
91.239.178.0/24
91.240.156.0/22
91.245.176.0/21
91.246.188.0/22
91.246.196.0/22
93.120.8.0/24
93.120.27.0-93.120.30.255
93.120.48.0-93.120.71.255
93.120.75.0-93.120.83.255
93.120.85.0-93.120.90.255
93.120.92.0/22
93.120.112.0/21
93.120.124.0/22
171.25.223.0/24
176.96.56.0/21
176.96.176.0/21
176.97.144.0/21
176.98.56.0/21
176.107.64.0/20
176.110.106.0/24
176.110.114.0/23
176.111.0.0/21
176.112.84.0/22
176.116.40.0/21
176.118.88.0/21
176.121.96.0/21
176.124.176.0/21
178.159.148.0-178.159.159.255
185.9.236.0-185.9.243.255
185.104.196.0/22
188.191.248.0/22
188.213.233.0/24
193.0.190.0/24
193.36.192.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:ae:ac:a6:39:cb:ff:dd:7c:58:fb:f8:c9:29:c2:c5:a9:71:
8b:cb:db:20:43:57:25:ad:a4:b6:b3:7b:14:d5:06:95:7a:42:
f3:8c:a7:b8:45:4c:68:87:ec:52:65:4e:28:e5:7c:98:75:fd:
35:2a:7a:02:75:2d:bb:7d:ff:f0:4d:90:37:81:3c:0b:13:ef:
82:69:05:40:74:6c:a1:0c:7a:17:e2:dc:34:ee:6b:47:dd:03:
11:dc:e5:6d:39:c7:4a:f3:35:0c:1c:b8:bd:8e:0e:f2:ca:90:
31:86:08:40:d8:d9:9d:d0:b8:ea:f2:8d:dd:4e:0c:d8:be:32:
44:d8:3f:71:b1:96:61:70:2f:fc:5d:a2:c6:84:da:1f:d1:d5:
b5:b6:7d:a3:7e:e2:00:ac:d9:1d:37:e6:ed:b7:6d:c1:72:7d:
81:b6:98:2d:3b:ad:80:77:e4:28:c6:19:42:19:70:eb:2d:ea:
e9:3f:e9:ae:70:54:bd:a0:96:90:87:3d:d5:5c:c3:6f:29:12:
30:61:a0:a8:91:ad:22:ac:5d:ac:bf:f0:c3:30:ab:29:93:32:
13:4f:1a:fd:69:03:80:09:ec:a4:87:09:19:21:11:18:7b:51:
53:ea:38:e8:b5:2f:89:e7:fa:7d:64:bb:b0:05:bd:67:62:9a:
91:4e:87:cb
-----BEGIN CERTIFICATE-----
MIIG9TCCBd2gAwIBAgISAZMCrvkQL48+X51XFtPC19RdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQxMTA2MTgxNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2VjOGNjMzBhMGUxMDMwOTA1NjA0ZWIzZGIxZGU4ODcyNWEzNmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkakbpis381roETaGQMyt9dMCf044
0+uXK1koQ0a6Rgkdz0bTOy7USE5bKVR8m8s3FfCKqXw4Mwhzhs2hC9Hb0oBGEFlb
c7s2BWvClJ61BIjddeLgGn5a1fIOXBzhQxyyr/9474T4PTaUTMl7wl//8Br6zDzv
Mad6CrAtMa6hgPMk/dkwhvu7Jg57MJrIehygVzbFya9wHtUIiln5mHstb9qWp7D1
j4rEdoIvDFddrTuvP66qrwtsT6A+tQU6Jr+3Q5SSkDcaOwwFFAdi6f5iVdmUaCc5
64d5f0q5t+hVVbnulvSQsmGNDizHg58myw3JzIPOtBHfH0Ju6GPT9NmGvwIDAQAB
o4IEATCCA/0wHQYDVR0OBBYEFBPsjMMKDhAwkFYE6z2x3ohyWjb4MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvRS15TXd3b09FRENRVmdUclBiSGVpSEphTnZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICFQYIKwYBBQUHAQcBAf8EggIEMIICADCCAfwEAgABMIIB
9AMEAh+DDAMEAx+FwAMEAB+HAQMEAB+HBwMEASVhejAMAwQBQCtCAwQDQCtAMAwD
BARAK1ADBAJAK1gDBANNJAgwDAMEAk0kHAMEAE0kHjAMAwQFTSQgAwQBTSQ0MAwD
BARNJFADBARNJGAwDAMEBk3owAMEA03o0AMEAk3o3AMEAlGhDAMEAVXMxAMEAVZo
hAMEAVkiSgMEAVkq6AMEAVksZAMEAVktXAMEAVkucAMEAVvhIgMEAVvlEAMEAFvl
HwMEAlvlnDAMAwQAW+ffAwQAW+fiAwQBW+gQAwQBW+kCAwQBW+nKAwQBW+qWAwQC
W+rcAwQCW+8AAwQAW++yAwQCW/CcAwQDW/WwAwQCW/a8AwQCW/bEAwQAXXgIMAwD
BABdeBsDBABdeB4wDAMEBF14MAMEA114QDAMAwQAXXhLAwQCXXhQMAwDBABdeFUD
BABdeFoDBAJdeFwDBANdeHADBAJdeHwDBACrGd8DBAOwYDgDBAOwYLADBAOwYZAD
BAOwYjgDBASwa0ADBACwbmoDBAGwbnIDBAOwbwADBAKwcFQDBAOwdCgDBAOwdlgD
BAOweWADBAOwfLAwDAMEArKflAMEBbKfgDAMAwQCuQnsAwQCuQnwAwQCuWjEAwQC
vL/4AwQAvNXpAwQAwQC+AwQDwSTAMA0GCSqGSIb3DQEBCwUAA4IBAQCKrqymOcv/
3XxY+/jJKcLFqXGLy9sgQ1clraS2s3sU1QaVekLzjKe4RUxoh+xSZU4o5XyYdf01
KnoCdS27ff/wTZA3gTwLE++CaQVAdGyhDHoX4tw07mtH3QMR3OVtOcdK8zUMHLi9
jg7yypAxhghA2Nmd0Ljq8o3dTgzYvjJE2D9xsZZhcC/8XaLGhNof0dW1tn2jfuIA
rNkdN+btt23Bcn2BtpgtO62Ad+QoxhlCGXDrLerpP+mucFS9oJaQhz3VXMNvKRIw
YaCoka0irF2sv/DDMKspkzITTxr9aQOACeykhwkZIREYe1FT6jjotS+J5/p9ZLuw
Bb1nYpqRTofL
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:29:39 2024 by rpki-client on console-fra.rpki-client.org