Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/kNapqk4ySVfH_DGNl5PCkOkRjUs.roa
File: kNapqk4ySVfH_DGNl5PCkOkRjUs.roa (raw, json)
Hash identifier: hz50vyIXD7uFAnNCYrHkWRlEQwEsWnMXV0rz5FeOxe4=
Subject key identifier: 90:D6:A9:AA:4E:32:49:57:C7:FC:31:8D:97:93:C2:90:E9:11:8D:4B
Certificate issuer: /CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Certificate serial: 0191DF9B16A4A81C96F549BFBB7588EF3473
Authority key identifier: BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/kNapqk4ySVfH_DGNl5PCkOkRjUs.roa
Signing time: Wed 11 Sep 2024 05:42:48 +0000
ROA not before: Wed 11 Sep 2024 05:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204170
IP address blocks: 5.102.176.0/21 maxlen: 21
5.102.176.0/24 maxlen: 24
5.102.178.0/24 maxlen: 24
5.102.179.0/24 maxlen: 24
5.102.180.0/24 maxlen: 24
5.102.181.0/24 maxlen: 24
5.102.182.0/24 maxlen: 24
5.102.183.0/24 maxlen: 24
78.111.32.0/20 maxlen: 20
78.111.32.0/24 maxlen: 24
78.111.33.0/24 maxlen: 24
78.111.34.0/24 maxlen: 24
78.111.35.0/24 maxlen: 24
78.111.36.0/24 maxlen: 24
78.111.37.0/24 maxlen: 24
78.111.38.0/24 maxlen: 24
78.111.39.0/24 maxlen: 24
78.111.40.0/24 maxlen: 24
78.111.41.0/24 maxlen: 24
78.111.42.0/24 maxlen: 24
78.111.43.0/24 maxlen: 24
78.111.44.0/24 maxlen: 24
78.111.45.0/24 maxlen: 24
78.111.46.0/24 maxlen: 24
78.111.47.0/24 maxlen: 24
84.242.32.0/20 maxlen: 20
84.242.32.0/24 maxlen: 24
84.242.33.0/24 maxlen: 24
84.242.34.0/24 maxlen: 24
84.242.35.0/24 maxlen: 24
84.242.36.0/24 maxlen: 24
84.242.37.0/24 maxlen: 24
84.242.38.0/24 maxlen: 24
84.242.39.0/24 maxlen: 24
84.242.40.0/24 maxlen: 24
84.242.41.0/24 maxlen: 24
84.242.42.0/24 maxlen: 24
84.242.43.0/24 maxlen: 24
84.242.44.0/24 maxlen: 24
84.242.45.0/24 maxlen: 24
84.242.46.0/24 maxlen: 24
84.242.47.0/24 maxlen: 24
94.176.16.0/20 maxlen: 20
94.176.16.0/24 maxlen: 24
94.176.17.0/24 maxlen: 24
94.176.18.0/24 maxlen: 24
94.176.19.0/24 maxlen: 24
94.176.20.0/24 maxlen: 24
94.176.21.0/24 maxlen: 24
94.176.22.0/24 maxlen: 24
94.176.23.0/24 maxlen: 24
94.176.24.0/24 maxlen: 24
94.176.25.0/24 maxlen: 24
94.176.26.0/24 maxlen: 24
94.176.27.0/24 maxlen: 24
94.176.28.0/24 maxlen: 24
94.176.29.0/24 maxlen: 24
94.176.30.0/24 maxlen: 24
94.176.31.0/24 maxlen: 24
96.9.128.0/19 maxlen: 19
96.9.128.0/24 maxlen: 24
96.9.129.0/24 maxlen: 24
96.9.130.0/24 maxlen: 24
96.9.131.0/24 maxlen: 24
96.9.132.0/24 maxlen: 24
96.9.133.0/24 maxlen: 24
96.9.134.0/24 maxlen: 24
96.9.135.0/24 maxlen: 24
96.9.136.0/24 maxlen: 24
96.9.137.0/24 maxlen: 24
96.9.138.0/24 maxlen: 24
96.9.139.0/24 maxlen: 24
96.9.140.0/24 maxlen: 24
96.9.141.0/24 maxlen: 24
96.9.142.0/24 maxlen: 24
96.9.143.0/24 maxlen: 24
96.9.144.0/24 maxlen: 24
96.9.146.0/24 maxlen: 24
96.9.147.0/24 maxlen: 24
96.9.148.0/24 maxlen: 24
96.9.149.0/24 maxlen: 24
96.9.150.0/24 maxlen: 24
96.9.151.0/24 maxlen: 24
96.9.152.0/24 maxlen: 24
96.9.153.0/24 maxlen: 24
96.9.154.0/24 maxlen: 24
96.9.155.0/24 maxlen: 24
96.9.156.0/24 maxlen: 24
96.9.157.0/24 maxlen: 24
96.9.158.0/24 maxlen: 24
96.9.159.0/24 maxlen: 24
141.105.168.0/21 maxlen: 21
141.105.168.0/24 maxlen: 24
141.105.169.0/24 maxlen: 24
141.105.170.0/24 maxlen: 24
141.105.171.0/24 maxlen: 24
141.105.172.0/24 maxlen: 24
141.105.173.0/24 maxlen: 24
141.105.174.0/24 maxlen: 24
141.105.175.0/24 maxlen: 24
178.20.16.0/21 maxlen: 21
178.20.16.0/24 maxlen: 24
178.20.17.0/24 maxlen: 24
178.20.18.0/24 maxlen: 24
178.20.19.0/24 maxlen: 24
178.20.20.0/24 maxlen: 24
178.20.21.0/24 maxlen: 24
178.20.22.0/24 maxlen: 24
178.20.23.0/24 maxlen: 24
185.29.140.0/22 maxlen: 22
185.29.140.0/24 maxlen: 24
185.29.141.0/24 maxlen: 24
185.29.142.0/24 maxlen: 24
185.29.143.0/24 maxlen: 24
185.112.104.0/22 maxlen: 22
185.112.104.0/24 maxlen: 24
185.112.105.0/24 maxlen: 24
185.112.106.0/24 maxlen: 24
185.112.107.0/24 maxlen: 24
199.48.224.0/24 maxlen: 24
206.167.33.0/24 maxlen: 24
2a0a:c740:2::/48 maxlen: 48
2a0a:c740:4::/48 maxlen: 48
2a0a:c740:5::/48 maxlen: 48
2a0a:c740:7::/48 maxlen: 48
2a0a:c740:8::/48 maxlen: 48
2a0a:c740:100::/48 maxlen: 48
2a0a:c740:2000::/48 maxlen: 48
2a0a:c740:9998::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.mft
rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:df:9b:16:a4:a8:1c:96:f5:49:bf:bb:75:88:ef:34:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Validity
Not Before: Sep 11 05:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90d6a9aa4e324957c7fc318d9793c290e9118d4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7b:0b:bf:58:3e:fd:00:42:ff:5b:49:79:5e:
a9:f0:ac:0f:4e:9c:fa:e8:ca:80:fe:11:1e:2a:de:
7b:1d:5c:38:ea:0e:ec:71:41:15:5e:5c:38:00:c4:
75:58:ed:f4:23:1c:e7:37:d7:87:e6:2d:17:72:9e:
c1:1d:7c:3b:44:a8:84:95:3e:99:9b:c8:85:f3:14:
49:d5:09:78:2d:4e:6f:92:6d:a8:76:76:8a:61:96:
14:50:32:52:df:c7:50:a5:f7:41:17:6d:e8:9e:31:
a8:34:6e:12:c0:7d:40:22:cc:27:57:27:ba:bc:41:
0c:a5:62:59:a7:96:56:2d:6b:90:d4:8d:e9:f9:95:
c2:46:29:59:bb:a1:5e:6c:2d:90:71:1f:b8:a4:5b:
c3:14:71:38:62:90:1f:12:22:72:28:29:62:aa:06:
1c:5f:65:88:64:67:ce:49:c8:e2:e1:6b:54:60:1e:
82:8a:76:29:d8:a3:a4:36:2c:e4:2e:68:53:da:e2:
f9:0d:13:99:67:52:c0:f5:cc:81:6f:1e:d1:cf:0a:
0d:ec:91:a1:1f:8d:ca:ed:c7:aa:7a:34:cc:52:88:
d8:d9:f0:24:87:5b:03:c0:08:74:f0:36:98:76:0a:
96:e4:ca:73:1f:08:56:be:87:f7:bc:6a:86:fe:1a:
15:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:D6:A9:AA:4E:32:49:57:C7:FC:31:8D:97:93:C2:90:E9:11:8D:4B
X509v3 Authority Key Identifier:
keyid:BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/kNapqk4ySVfH_DGNl5PCkOkRjUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.176.0/21
78.111.32.0/20
84.242.32.0/20
94.176.16.0/20
96.9.128.0/19
141.105.168.0/21
178.20.16.0/21
185.29.140.0/22
185.112.104.0/22
199.48.224.0/24
206.167.33.0/24
IPv6:
2a0a:c740:2::/48
2a0a:c740:4::/47
2a0a:c740:7::-2a0a:c740:8:ffff:ffff:ffff:ffff:ffff
2a0a:c740:100::/48
2a0a:c740:2000::/48
2a0a:c740:9998::/48
Signature Algorithm: sha256WithRSAEncryption
43:f7:09:26:f6:6f:b7:6a:2f:ff:87:c1:31:58:84:4d:4b:a8:
47:42:c2:06:76:3b:8f:c9:2c:1b:c1:3f:65:54:88:c6:a8:18:
99:05:21:55:5c:16:05:1f:d9:0a:c3:b6:92:32:5c:59:26:9a:
32:b0:bc:e6:2e:7f:c2:74:dc:a9:fa:9c:ed:01:6f:60:ce:ea:
09:ac:e1:14:4c:9b:e1:26:ee:f8:db:d3:97:0e:ca:52:15:ab:
1f:ea:2d:18:0f:e9:a4:0d:f1:f9:04:32:aa:ff:f3:32:cd:6d:
ab:d9:63:f5:c0:53:ff:ce:2f:a0:4f:d4:59:45:3e:da:59:c6:
df:cc:4a:c6:53:d4:ce:59:0e:c4:70:0d:a5:ee:3d:e9:21:17:
33:64:07:73:41:cf:d7:24:d5:7f:fa:09:fa:34:ae:6b:de:24:
bf:77:b2:24:5e:39:ce:ee:41:14:f3:bc:c2:f1:a9:a8:81:6f:
10:8d:bb:62:bc:a1:8e:5f:f1:04:3d:40:fa:52:07:4b:51:23:
a7:96:70:8f:21:a9:dd:68:39:de:9c:47:57:f1:b0:f6:95:b7:
7f:c8:20:12:d6:69:05:f6:76:4b:43:9d:6e:cc:f6:37:8f:69:
12:0f:1b:47:d5:49:e0:2c:f2:5c:80:bc:6a:4f:35:38:98:db:
f4:ad:07:98
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgISAZHfmxakqByW9Um/u3WI7zRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNTUwYjhlZmY5MGNjY2VlOWY4ZDMxMzRiNjQzODk5NmI3
ZDI3Y2QwHhcNMjQwOTExMDU0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGQ2YTlhYTRlMzI0OTU3YzdmYzMxOGQ5NzkzYzI5MGU5MTE4ZDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHsLv1g+/QBC/1tJeV6p8KwPTpz6
6MqA/hEeKt57HVw46g7scUEVXlw4AMR1WO30IxznN9eH5i0Xcp7BHXw7RKiElT6Z
m8iF8xRJ1Ql4LU5vkm2odnaKYZYUUDJS38dQpfdBF23onjGoNG4SwH1AIswnVye6
vEEMpWJZp5ZWLWuQ1I3p+ZXCRilZu6FebC2QcR+4pFvDFHE4YpAfEiJyKCliqgYc
X2WIZGfOScji4WtUYB6CinYp2KOkNizkLmhT2uL5DROZZ1LA9cyBbx7RzwoN7JGh
H43K7ceqejTMUojY2fAkh1sDwAh08DaYdgqW5MpzHwhWvof3vGqG/hoViwIDAQAB
o4ICkTCCAo0wHQYDVR0OBBYEFJDWqapOMklXx/wxjZeTwpDpEY1LMB8GA1UdIwQY
MBaAFL5VC47/kMzO6fjTE0tkOJlrfSfNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmxVTGp2LVF6TTdwLU5NVFMyUTRtV3Q5SjgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8zNDBkY2QtM2FlZS00MDEyLTkyMzMt
YzE1NTMyYmFmZjdkLzEva05hcHFrNHlTVmZIX0RHTmw1UENrT2tSalVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8zNDBkY2QtM2FlZS00MDEyLTkyMzMtYzE1NTMyYmFmZjdk
LzEvdmxVTGp2LVF6TTdwLU5NVFMyUTRtV3Q5SjgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGmBggrBgEFBQcBBwEB/wSBljCBkzBIBAIAATBCAwQDBWaw
AwQETm8gAwQEVPIgAwQEXrAQAwQFYAmAAwQDjWmoAwQDshQQAwQCuR2MAwQCuXBo
AwQAxzDgAwQAzqchMEcEAgACMEEDBwAqCsdAAAIDBwEqCsdAAAQwEgMHACoKx0AA
BwMHACoKx0AACAMHACoKx0ABAAMHACoKx0AgAAMHACoKx0CZmDANBgkqhkiG9w0B
AQsFAAOCAQEAQ/cJJvZvt2ov/4fBMViETUuoR0LCBnY7j8ksG8E/ZVSIxqgYmQUh
VVwWBR/ZCsO2kjJcWSaaMrC85i5/wnTcqfqc7QFvYM7qCazhFEyb4Sbu+NvTlw7K
UhWrH+otGA/ppA3x+QQyqv/zMs1tq9lj9cBT/84voE/UWUU+2lnG38xKxlPUzlkO
xHANpe496SEXM2QHc0HP1yTVf/oJ+jSua94kv3eyJF45zu5BFPO8wvGpqIFvEI27
Yryhjl/xBD1A+lIHS1Ejp5ZwjyGp3Wg53pxHV/Gw9pW3f8ggEtZpBfZ2S0Odbsz2
N49pEg8bR9VJ4CzyXIC8ak81OJjb9K0HmA==
-----END CERTIFICATE-----
Generated at Tue Nov 26 09:55:16 2024 by rpki-client on console-ams.rpki-client.org