Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/Ia2imnkgDvUqgUJVU1h1_R93WKM.roa
File: Ia2imnkgDvUqgUJVU1h1_R93WKM.roa (raw, json)
Hash identifier: jh+DBG9lrOL2UWX07dehqzqliA+Ge3OYH3iifdS6p20=
Subject key identifier: 21:AD:A2:9A:79:20:0E:F5:2A:81:42:55:53:58:75:FD:1F:77:58:A3
Certificate issuer: /CN=505127723ea0cfd0724713b291734caa353e20ea
Certificate serial: 0190E29A5A015D673C7241CBE75442B5E908
Authority key identifier: 50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/Ia2imnkgDvUqgUJVU1h1_R93WKM.roa
Signing time: Wed 24 Jul 2024 02:38:04 +0000
ROA not before: Wed 24 Jul 2024 02:38:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46261
IP address blocks: 59.152.124.0/22 maxlen: 24
61.14.224.0/22 maxlen: 24
79.110.176.0/21 maxlen: 24
79.110.181.0/24 maxlen: 24
85.8.148.0/22 maxlen: 24
85.202.172.0/22 maxlen: 24
85.202.173.0/24 maxlen: 24
91.132.84.0/22 maxlen: 24
103.203.40.0/22 maxlen: 24
103.205.84.0/22 maxlen: 24
103.207.160.0/22 maxlen: 24
103.207.163.0/24 maxlen: 24
121.46.124.0/22 maxlen: 24
160.238.96.0/22 maxlen: 24
185.105.10.0/24 maxlen: 24
185.118.132.0/22 maxlen: 24
185.118.135.0/24 maxlen: 24
185.145.44.0/22 maxlen: 24
185.147.156.0/22 maxlen: 24
185.147.158.0/24 maxlen: 24
185.157.232.0/22 maxlen: 24
185.158.136.0/22 maxlen: 24
185.176.88.0/22 maxlen: 24
185.176.90.0/24 maxlen: 24
185.190.56.0/22 maxlen: 24
185.196.24.0/23 maxlen: 24
185.196.26.0/23 maxlen: 24
185.202.44.0/23 maxlen: 24
185.202.46.0/23 maxlen: 24
185.206.20.0/23 maxlen: 24
185.206.20.0/24 maxlen: 24
185.206.22.0/23 maxlen: 24
185.209.128.0/23 maxlen: 24
185.209.128.0/24 maxlen: 24
185.209.130.0/23 maxlen: 24
185.213.16.0/23 maxlen: 24
185.213.18.0/23 maxlen: 24
185.214.140.0/22 maxlen: 24
185.214.142.0/23 maxlen: 24
185.214.240.0/23 maxlen: 24
185.214.240.0/24 maxlen: 24
185.214.242.0/23 maxlen: 24
185.219.20.0/22 maxlen: 24
185.219.23.0/24 maxlen: 24
185.225.12.0/23 maxlen: 24
185.225.14.0/23 maxlen: 24
185.227.252.0/23 maxlen: 24
185.227.252.0/24 maxlen: 24
185.227.254.0/23 maxlen: 24
185.227.254.0/24 maxlen: 24
185.228.44.0/22 maxlen: 24
185.235.120.0/22 maxlen: 24
185.235.122.0/24 maxlen: 24
185.235.123.0/24 maxlen: 24
185.238.115.0/24 maxlen: 24
185.242.185.0/24 maxlen: 24
193.31.112.0/22 maxlen: 24
193.31.114.0/24 maxlen: 24
193.163.35.0/24 maxlen: 24
193.176.116.0/22 maxlen: 24
193.187.180.0/22 maxlen: 24
194.50.192.0/22 maxlen: 24
195.216.148.0/22 maxlen: 24
195.245.74.0/23 maxlen: 24
217.18.56.0/22 maxlen: 24
2a07:4580::/29 maxlen: 29
2a07:4580:b0d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e2:9a:5a:01:5d:67:3c:72:41:cb:e7:54:42:b5:e9:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505127723ea0cfd0724713b291734caa353e20ea
Validity
Not Before: Jul 24 02:38:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21ada29a79200ef52a814255535875fd1f7758a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e1:2b:1c:dc:fb:43:87:63:7d:6f:5d:cc:34:
3a:5b:7b:3c:3a:6f:41:b9:33:af:cb:04:cd:3f:7f:
ca:2e:ac:2f:c1:c3:87:98:16:96:38:be:88:98:55:
10:d2:87:67:4d:f9:0e:0f:a6:f8:33:e5:95:d4:bc:
80:c6:6f:bc:a4:98:1b:97:aa:2b:a4:bf:c9:9e:ee:
d6:9e:48:36:38:b0:b4:0a:f2:f6:bd:c8:e6:67:22:
5f:7b:57:a3:8e:cd:9a:c2:98:21:04:76:ba:28:75:
eb:9c:22:f9:7c:41:c0:9b:c0:3b:fd:df:2d:39:64:
25:69:bd:47:70:b4:c6:e6:c0:b3:0e:0a:4f:71:e7:
0c:3f:8b:61:7e:d4:63:3d:c5:27:f1:35:f8:22:7b:
6e:ff:9e:af:d7:bd:99:85:f7:cb:ce:d0:86:ef:d6:
4a:a6:e1:bb:0b:45:7d:bc:1e:4c:20:e7:d2:c2:0c:
5b:67:59:f3:78:96:df:3b:f4:9c:f0:91:7d:93:30:
dd:52:0d:32:a4:a2:c7:bf:ec:b7:a1:5f:ed:95:35:
23:fe:fd:29:34:8b:70:1b:b1:48:f6:24:40:0c:30:
3c:a9:c1:eb:20:0f:e1:2f:9d:bd:35:51:bb:9e:d9:
83:d3:7f:de:ae:52:b9:0b:4f:d9:84:b0:a7:de:31:
9b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:AD:A2:9A:79:20:0E:F5:2A:81:42:55:53:58:75:FD:1F:77:58:A3
X509v3 Authority Key Identifier:
keyid:50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/Ia2imnkgDvUqgUJVU1h1_R93WKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
59.152.124.0/22
61.14.224.0/22
79.110.176.0/21
85.8.148.0/22
85.202.172.0/22
91.132.84.0/22
103.203.40.0/22
103.205.84.0/22
103.207.160.0/22
121.46.124.0/22
160.238.96.0/22
185.105.10.0/24
185.118.132.0/22
185.145.44.0/22
185.147.156.0/22
185.157.232.0/22
185.158.136.0/22
185.176.88.0/22
185.190.56.0/22
185.196.24.0/22
185.202.44.0/22
185.206.20.0/22
185.209.128.0/22
185.213.16.0/22
185.214.140.0/22
185.214.240.0/22
185.219.20.0/22
185.225.12.0/22
185.227.252.0/22
185.228.44.0/22
185.235.120.0/22
185.238.115.0/24
185.242.185.0/24
193.31.112.0/22
193.163.35.0/24
193.176.116.0/22
193.187.180.0/22
194.50.192.0/22
195.216.148.0/22
195.245.74.0/23
217.18.56.0/22
IPv6:
2a07:4580::/29
Signature Algorithm: sha256WithRSAEncryption
07:5a:9e:75:14:e1:2e:53:83:39:d2:1a:5d:ba:72:f1:66:91:
97:3b:27:4d:88:ad:56:16:c5:4d:c2:bb:dc:6f:33:f5:b9:82:
b3:af:b7:ac:5a:91:2e:99:e3:51:c4:83:4a:fa:4d:31:52:79:
63:95:d9:6f:e1:63:6f:e4:c4:b1:25:75:ad:c8:61:fb:eb:13:
ab:35:22:28:62:a2:ab:5f:e3:b2:db:64:2e:4b:b0:af:b3:b3:
bb:2f:0a:6d:0d:db:48:8c:40:9e:f8:14:17:3c:3e:13:a0:9f:
5b:28:e0:35:4c:9c:a3:81:45:41:53:af:74:d2:ba:1d:34:18:
3d:27:0d:ec:81:d0:4c:8e:d2:07:8f:97:8c:a0:9c:90:19:8d:
cd:40:2b:82:fe:76:c4:41:78:18:73:af:bc:ef:5d:14:21:dc:
3b:df:6e:62:85:8a:65:25:cc:b8:48:18:bb:5d:3b:d6:89:ee:
88:55:80:8d:aa:17:63:85:be:ab:30:76:47:6b:09:2c:25:be:
4e:f8:b3:95:41:b2:89:01:8c:3b:80:57:c9:b4:a0:f9:0a:2b:
fe:a5:c7:86:97:5e:64:5f:f1:22:bd:d9:15:10:22:1c:01:dd:
a2:b5:d8:cc:32:0c:49:d3:08:9b:7c:aa:6a:19:b2:0b:81:b2:
ca:6d:15:cf
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgISAZDimloBXWc8ckHL51RCtekIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTEyNzcyM2VhMGNmZDA3MjQ3MTNiMjkxNzM0Y2FhMzUz
ZTIwZWEwHhcNMjQwNzI0MDIzODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWFkYTI5YTc5MjAwZWY1MmE4MTQyNTU1MzU4NzVmZDFmNzc1OGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieErHNz7Q4djfW9dzDQ6W3s8Om9B
uTOvywTNP3/KLqwvwcOHmBaWOL6ImFUQ0odnTfkOD6b4M+WV1LyAxm+8pJgbl6or
pL/Jnu7Wnkg2OLC0CvL2vcjmZyJfe1ejjs2awpghBHa6KHXrnCL5fEHAm8A7/d8t
OWQlab1HcLTG5sCzDgpPcecMP4thftRjPcUn8TX4Intu/56v172ZhffLztCG79ZK
puG7C0V9vB5MIOfSwgxbZ1nzeJbfO/Sc8JF9kzDdUg0ypKLHv+y3oV/tlTUj/v0p
NItwG7FI9iRADDA8qcHrIA/hL529NVG7ntmD03/erlK5C0/ZhLCn3jGb0wIDAQAB
o4IDEDCCAwwwHQYDVR0OBBYEFCGtopp5IA71KoFCVVNYdf0fd1ijMB8GA1UdIwQY
MBaAFFBRJ3I+oM/QckcTspFzTKo1PiDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYt
NTU2MDhiNjk0NDU2LzEvSWEyaW1ua2dEdlVxZ1VKVlUxaDFfUjkzV0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYtNTU2MDhiNjk0NDU2
LzEvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJAYIKwYBBQUHAQcBAf8EggETMIIBDzCB/QQCAAEwgfYD
BAI7mHwDBAI9DuADBANPbrADBAJVCJQDBAJVyqwDBAJbhFQDBAJnyygDBAJnzVQD
BAJnz6ADBAJ5LnwDBAKg7mADBAC5aQoDBAK5doQDBAK5kSwDBAK5k5wDBAK5negD
BAK5nogDBAK5sFgDBAK5vjgDBAK5xBgDBAK5yiwDBAK5zhQDBAK50YADBAK51RAD
BAK51owDBAK51vADBAK52xQDBAK54QwDBAK54/wDBAK55CwDBAK563gDBAC57nMD
BAC58rkDBALBH3ADBADBoyMDBALBsHQDBALBu7QDBALCMsADBALD2JQDBAHD9UoD
BALZEjgwDQQCAAIwBwMFAyoHRYAwDQYJKoZIhvcNAQELBQADggEBAAdannUU4S5T
gznSGl26cvFmkZc7J02IrVYWxU3Cu9xvM/W5grOvt6xakS6Z41HEg0r6TTFSeWOV
2W/hY2/kxLElda3IYfvrE6s1Iihioqtf47LbZC5LsK+zs7svCm0N20iMQJ74FBc8
PhOgn1so4DVMnKOBRUFTr3TSuh00GD0nDeyB0EyO0gePl4ygnJAZjc1AK4L+dsRB
eBhzr7zvXRQh3DvfbmKFimUlzLhIGLtdO9aJ7ohVgI2qF2OFvqswdkdrCSwlvk74
s5VBsokBjDuAV8m0oPkKK/6lx4aXXmRf8SK92RUQIhwB3aK12MwyDEnTCJt8qmoZ
sguBssptFc8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:50:18 2024 by rpki-client on console-fra.rpki-client.org