Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/VbG6KzvYZ2pbIrhoBaXChwdPHCA.roa
File: VbG6KzvYZ2pbIrhoBaXChwdPHCA.roa (raw, json)
Hash identifier: 1UMMqvaBy0G8YdPMAFRW3xiXF13vLAZWuBVm3diTpH8=
Subject key identifier: 55:B1:BA:2B:3B:D8:67:6A:5B:22:B8:68:05:A5:C2:87:07:4F:1C:20
Certificate issuer: /CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Certificate serial: 018E2847FBFA6819B93175B8C729D3BCAB9A
Authority key identifier: BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/VbG6KzvYZ2pbIrhoBaXChwdPHCA.roa
Signing time: Sun 10 Mar 2024 12:13:09 +0000
ROA not before: Sun 10 Mar 2024 12:13:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204170
IP address blocks: 5.102.176.0/21 maxlen: 21
5.102.176.0/24 maxlen: 24
5.102.177.0/24 maxlen: 24
5.102.178.0/24 maxlen: 24
5.102.179.0/24 maxlen: 24
5.102.180.0/24 maxlen: 24
5.102.181.0/24 maxlen: 24
5.102.182.0/24 maxlen: 24
5.102.183.0/24 maxlen: 24
78.111.32.0/20 maxlen: 20
78.111.32.0/24 maxlen: 24
78.111.33.0/24 maxlen: 24
78.111.34.0/24 maxlen: 24
78.111.35.0/24 maxlen: 24
78.111.36.0/24 maxlen: 24
78.111.37.0/24 maxlen: 24
78.111.38.0/24 maxlen: 24
78.111.39.0/24 maxlen: 24
78.111.40.0/24 maxlen: 24
78.111.41.0/24 maxlen: 24
78.111.42.0/24 maxlen: 24
78.111.43.0/24 maxlen: 24
78.111.44.0/24 maxlen: 24
78.111.45.0/24 maxlen: 24
78.111.46.0/24 maxlen: 24
78.111.47.0/24 maxlen: 24
84.242.32.0/20 maxlen: 20
84.242.32.0/24 maxlen: 24
84.242.33.0/24 maxlen: 24
84.242.34.0/24 maxlen: 24
84.242.35.0/24 maxlen: 24
84.242.36.0/24 maxlen: 24
84.242.37.0/24 maxlen: 24
84.242.38.0/24 maxlen: 24
84.242.39.0/24 maxlen: 24
84.242.40.0/24 maxlen: 24
84.242.41.0/24 maxlen: 24
84.242.42.0/24 maxlen: 24
84.242.43.0/24 maxlen: 24
84.242.44.0/24 maxlen: 24
84.242.45.0/24 maxlen: 24
84.242.46.0/24 maxlen: 24
84.242.47.0/24 maxlen: 24
94.176.16.0/20 maxlen: 20
94.176.16.0/24 maxlen: 24
94.176.17.0/24 maxlen: 24
94.176.18.0/24 maxlen: 24
94.176.19.0/24 maxlen: 24
94.176.20.0/24 maxlen: 24
94.176.21.0/24 maxlen: 24
94.176.22.0/24 maxlen: 24
94.176.23.0/24 maxlen: 24
94.176.24.0/24 maxlen: 24
94.176.25.0/24 maxlen: 24
94.176.26.0/24 maxlen: 24
94.176.27.0/24 maxlen: 24
94.176.28.0/24 maxlen: 24
94.176.29.0/24 maxlen: 24
94.176.30.0/24 maxlen: 24
94.176.31.0/24 maxlen: 24
96.9.128.0/19 maxlen: 19
96.9.128.0/24 maxlen: 24
96.9.129.0/24 maxlen: 24
96.9.130.0/24 maxlen: 24
96.9.131.0/24 maxlen: 24
96.9.132.0/24 maxlen: 24
96.9.133.0/24 maxlen: 24
96.9.134.0/24 maxlen: 24
96.9.135.0/24 maxlen: 24
96.9.136.0/24 maxlen: 24
96.9.137.0/24 maxlen: 24
96.9.138.0/24 maxlen: 24
96.9.139.0/24 maxlen: 24
96.9.140.0/24 maxlen: 24
96.9.141.0/24 maxlen: 24
96.9.142.0/24 maxlen: 24
96.9.143.0/24 maxlen: 24
96.9.144.0/24 maxlen: 24
96.9.146.0/24 maxlen: 24
96.9.147.0/24 maxlen: 24
96.9.148.0/24 maxlen: 24
96.9.149.0/24 maxlen: 24
96.9.150.0/24 maxlen: 24
96.9.151.0/24 maxlen: 24
96.9.152.0/24 maxlen: 24
96.9.153.0/24 maxlen: 24
96.9.154.0/24 maxlen: 24
96.9.155.0/24 maxlen: 24
96.9.156.0/24 maxlen: 24
96.9.157.0/24 maxlen: 24
96.9.158.0/24 maxlen: 24
96.9.159.0/24 maxlen: 24
141.105.168.0/21 maxlen: 21
141.105.168.0/24 maxlen: 24
141.105.169.0/24 maxlen: 24
141.105.170.0/24 maxlen: 24
141.105.171.0/24 maxlen: 24
141.105.172.0/24 maxlen: 24
141.105.173.0/24 maxlen: 24
141.105.174.0/24 maxlen: 24
141.105.175.0/24 maxlen: 24
178.20.16.0/21 maxlen: 21
178.20.16.0/24 maxlen: 24
178.20.17.0/24 maxlen: 24
178.20.18.0/24 maxlen: 24
178.20.19.0/24 maxlen: 24
178.20.20.0/24 maxlen: 24
178.20.21.0/24 maxlen: 24
178.20.22.0/24 maxlen: 24
178.20.23.0/24 maxlen: 24
185.29.140.0/22 maxlen: 22
185.29.140.0/24 maxlen: 24
185.29.141.0/24 maxlen: 24
185.29.142.0/24 maxlen: 24
185.29.143.0/24 maxlen: 24
185.112.104.0/22 maxlen: 22
185.112.104.0/24 maxlen: 24
185.112.105.0/24 maxlen: 24
185.112.106.0/24 maxlen: 24
185.112.107.0/24 maxlen: 24
199.48.224.0/24 maxlen: 24
206.167.33.0/24 maxlen: 24
2a0a:c740:2::/48 maxlen: 48
2a0a:c740:4::/48 maxlen: 48
2a0a:c740:5::/48 maxlen: 48
2a0a:c740:7::/48 maxlen: 48
2a0a:c740:8::/48 maxlen: 48
2a0a:c740:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.mft
rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:28:47:fb:fa:68:19:b9:31:75:b8:c7:29:d3:bc:ab:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Validity
Not Before: Mar 10 12:13:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55b1ba2b3bd8676a5b22b86805a5c287074f1c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:68:95:5d:79:2d:5d:ab:a5:65:ce:7c:7c:0c:
59:65:f4:2e:d7:06:d2:24:7d:ef:3d:88:1b:4a:79:
e6:ac:9e:a7:5f:e6:94:1b:08:62:ca:33:3d:8a:17:
cc:8a:8d:4c:82:04:ee:f5:b4:a1:44:70:11:37:49:
83:82:bd:d7:e3:8c:30:dd:48:69:60:bf:52:bb:23:
51:f5:03:6f:05:e4:9c:63:7d:03:a7:a1:33:06:c1:
2c:f1:41:51:02:66:e7:2b:8e:d6:66:ca:63:64:dd:
29:cd:55:38:81:8a:98:0c:a9:75:fe:03:88:f9:b3:
4a:da:e1:af:a9:aa:6a:3e:78:41:9a:7b:2a:a5:4b:
cf:b5:87:a4:ae:61:57:11:b9:f7:74:cf:4b:ee:28:
01:3a:b7:6f:f5:5a:b9:1a:21:0b:3a:be:71:0a:26:
b2:77:c6:21:61:64:dd:3b:3a:a6:09:f5:1a:b2:fa:
48:ee:5e:61:3e:53:fe:11:1b:b6:58:3e:19:f4:6a:
78:a8:a1:e3:55:7b:e7:73:b9:38:3b:da:39:89:c3:
5b:90:19:fa:7f:f9:d4:7a:7b:a7:74:63:30:b2:b7:
fd:2a:15:a4:66:de:18:2f:57:1a:3e:72:21:9f:fd:
f7:48:9a:75:17:96:eb:02:8a:ae:ad:91:b3:aa:6f:
22:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:B1:BA:2B:3B:D8:67:6A:5B:22:B8:68:05:A5:C2:87:07:4F:1C:20
X509v3 Authority Key Identifier:
keyid:BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/VbG6KzvYZ2pbIrhoBaXChwdPHCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.176.0/21
78.111.32.0/20
84.242.32.0/20
94.176.16.0/20
96.9.128.0/19
141.105.168.0/21
178.20.16.0/21
185.29.140.0/22
185.112.104.0/22
199.48.224.0/24
206.167.33.0/24
IPv6:
2a0a:c740:2::/48
2a0a:c740:4::/47
2a0a:c740:7::-2a0a:c740:8:ffff:ffff:ffff:ffff:ffff
2a0a:c740:100::/48
Signature Algorithm: sha256WithRSAEncryption
0b:84:4d:fb:83:3b:6b:3e:1b:0f:bb:68:9f:d3:ff:73:1f:59:
53:5a:80:ee:19:fb:40:21:56:2e:46:79:6d:11:06:96:f8:54:
7a:26:cb:c1:a9:40:2a:b1:9c:26:4a:75:20:52:8e:3f:b7:d4:
38:37:c4:60:9b:d5:6d:d4:04:1e:0e:ff:e6:b4:88:7e:c2:d8:
72:db:dd:c8:42:c0:43:fe:50:01:f7:b7:dc:26:32:83:44:a7:
3a:0e:ad:45:66:73:96:11:e8:0d:d7:c6:36:85:39:16:a9:49:
06:4f:79:db:05:7a:f1:ab:cf:fe:15:04:22:5c:93:3b:8c:b6:
d4:e5:8f:ef:df:f8:40:8d:a9:64:88:9e:a3:68:88:f8:86:75:
f6:8a:b6:5c:6a:c8:f2:45:02:62:ad:d6:3b:d9:38:1f:9f:e9:
26:19:85:77:2a:91:13:82:e3:66:ee:40:3c:28:8e:d9:ac:dc:
cd:e9:3a:d4:91:97:f6:ef:03:8c:2a:4d:a0:2e:86:1e:64:ea:
f7:3c:52:53:24:c4:31:c8:70:20:a1:88:a3:ea:68:69:e4:fb:
2c:5a:2d:79:37:f6:eb:13:9a:e1:2b:a7:33:6d:69:c4:2f:c3:
64:44:78:41:63:89:c8:b6:cf:82:9a:bc:71:08:83:0e:e6:90:
72:d6:a2:a6
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAY4oR/v6aBm5MXW4xynTvKuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNTUwYjhlZmY5MGNjY2VlOWY4ZDMxMzRiNjQzODk5NmI3
ZDI3Y2QwHhcNMjQwMzEwMTIxMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWIxYmEyYjNiZDg2NzZhNWIyMmI4NjgwNWE1YzI4NzA3NGYxYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGiVXXktXaulZc58fAxZZfQu1wbS
JH3vPYgbSnnmrJ6nX+aUGwhiyjM9ihfMio1MggTu9bShRHARN0mDgr3X44ww3Uhp
YL9SuyNR9QNvBeScY30Dp6EzBsEs8UFRAmbnK47WZspjZN0pzVU4gYqYDKl1/gOI
+bNK2uGvqapqPnhBmnsqpUvPtYekrmFXEbn3dM9L7igBOrdv9Vq5GiELOr5xCiay
d8YhYWTdOzqmCfUasvpI7l5hPlP+ERu2WD4Z9Gp4qKHjVXvnc7k4O9o5icNbkBn6
f/nUenundGMwsrf9KhWkZt4YL1caPnIhn/33SJp1F5brAoqurZGzqm8irQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFFWxuis72GdqWyK4aAWlwocHTxwgMB8GA1UdIwQY
MBaAFL5VC47/kMzO6fjTE0tkOJlrfSfNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmxVTGp2LVF6TTdwLU5NVFMyUTRtV3Q5SjgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8zNDBkY2QtM2FlZS00MDEyLTkyMzMt
YzE1NTMyYmFmZjdkLzEvVmJHNkt6dllaMnBiSXJob0JhWENod2RQSENBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8zNDBkY2QtM2FlZS00MDEyLTkyMzMtYzE1NTMyYmFmZjdk
LzEvdmxVTGp2LVF6TTdwLU5NVFMyUTRtV3Q5SjgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBIBAIAATBCAwQDBWaw
AwQETm8gAwQEVPIgAwQEXrAQAwQFYAmAAwQDjWmoAwQDshQQAwQCuR2MAwQCuXBo
AwQAxzDgAwQAzqchMDUEAgACMC8DBwAqCsdAAAIDBwEqCsdAAAQwEgMHACoKx0AA
BwMHACoKx0AACAMHACoKx0ABADANBgkqhkiG9w0BAQsFAAOCAQEAC4RN+4M7az4b
D7ton9P/cx9ZU1qA7hn7QCFWLkZ5bREGlvhUeibLwalAKrGcJkp1IFKOP7fUODfE
YJvVbdQEHg7/5rSIfsLYctvdyELAQ/5QAfe33CYyg0SnOg6tRWZzlhHoDdfGNoU5
FqlJBk952wV68avP/hUEIlyTO4y21OWP79/4QI2pZIieo2iI+IZ19oq2XGrI8kUC
Yq3WO9k4H5/pJhmFdyqRE4LjZu5APCiO2azczek61JGX9u8DjCpNoC6GHmTq9zxS
UyTEMchwIKGIo+poaeT7LFoteTf26xOa4SunM21pxC/DZER4QWOJyLbPgpq8cQiD
DuaQctaipg==
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:45:09 2024 by rpki-client on console-fra.rpki-client.org