Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/d7367d-7bbf-4697-96cd-2bb1efc57a86/1/qh4niq8Va-L_BIqb1nN0aFng2tg.roa
File: qh4niq8Va-L_BIqb1nN0aFng2tg.roa (raw, json)
Hash identifier: T+Gz4CHFD9JrSTWK6fxaoQSFUTJ8ycjh8OwGtbQjjOk=
Subject key identifier: AA:1E:27:8A:AF:15:6B:E2:FF:04:8A:9B:D6:73:74:68:59:E0:DA:D8
Certificate issuer: /CN=e9e5b014e569186fb84a2024954cccc9c91b1e3f
Certificate serial: 018DE49FB4E91B4773F8AAC40DA4D0F8B85E
Authority key identifier: E9:E5:B0:14:E5:69:18:6F:B8:4A:20:24:95:4C:CC:C9:C9:1B:1E:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6eWwFOVpGG-4SiAklUzMyckbHj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/d7367d-7bbf-4697-96cd-2bb1efc57a86/1/qh4niq8Va-L_BIqb1nN0aFng2tg.roa
Signing time: Mon 26 Feb 2024 08:54:48 +0000
ROA not before: Mon 26 Feb 2024 08:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9146
IP address blocks: 31.176.128.0/17 maxlen: 21
31.176.128.0/20 maxlen: 20
31.176.144.0/20 maxlen: 20
31.176.160.0/20 maxlen: 20
31.176.176.0/20 maxlen: 20
31.176.216.0/22 maxlen: 22
31.176.220.0/22 maxlen: 22
37.203.64.0/18 maxlen: 21
37.203.112.0/22 maxlen: 22
37.203.120.0/22 maxlen: 22
37.203.124.0/22 maxlen: 22
80.65.64.0/19 maxlen: 21
80.65.64.0/21 maxlen: 21
80.65.64.0/22 maxlen: 22
80.65.68.0/22 maxlen: 22
80.65.72.0/21 maxlen: 21
80.65.72.0/22 maxlen: 22
80.65.76.0/22 maxlen: 22
80.65.80.0/21 maxlen: 21
80.65.80.0/22 maxlen: 22
80.65.84.0/22 maxlen: 22
80.65.88.0/21 maxlen: 21
80.65.88.0/22 maxlen: 22
80.65.92.0/22 maxlen: 22
85.92.224.0/19 maxlen: 21
85.92.226.0/24 maxlen: 24
85.92.227.0/24 maxlen: 24
85.92.228.0/23 maxlen: 23
85.92.230.0/24 maxlen: 24
89.146.128.0/18 maxlen: 21
92.36.128.0/17 maxlen: 21
92.36.192.0/21 maxlen: 21
92.36.232.0/22 maxlen: 22
92.36.236.0/22 maxlen: 22
109.163.128.0/18 maxlen: 18
109.163.128.0/19 maxlen: 19
109.163.128.0/22 maxlen: 22
109.163.132.0/22 maxlen: 22
109.163.136.0/21 maxlen: 21
109.163.144.0/23 maxlen: 23
109.163.146.0/24 maxlen: 24
109.163.147.0/24 maxlen: 24
109.163.148.0/22 maxlen: 22
109.163.152.0/21 maxlen: 21
109.163.160.0/20 maxlen: 20
109.163.160.0/21 maxlen: 21
109.163.168.0/21 maxlen: 23
109.163.168.0/23 maxlen: 23
109.163.170.0/24 maxlen: 24
109.163.171.0/24 maxlen: 24
109.163.172.0/22 maxlen: 22
109.163.176.0/20 maxlen: 21
109.163.176.0/21 maxlen: 21
109.163.184.0/21 maxlen: 21
109.163.184.0/22 maxlen: 22
109.163.188.0/23 maxlen: 23
109.163.190.0/23 maxlen: 23
109.175.0.0/17 maxlen: 21
109.175.4.0/23 maxlen: 23
109.175.6.0/23 maxlen: 23
109.175.8.0/24 maxlen: 24
109.175.12.0/23 maxlen: 23
109.175.14.0/23 maxlen: 23
109.175.15.0/24 maxlen: 24
109.175.16.0/22 maxlen: 22
109.175.20.0/23 maxlen: 23
109.175.22.0/23 maxlen: 23
109.175.24.0/24 maxlen: 24
109.175.26.0/24 maxlen: 24
109.175.28.0/23 maxlen: 23
109.175.30.0/24 maxlen: 24
109.175.38.0/23 maxlen: 23
109.175.40.0/22 maxlen: 22
109.175.44.0/23 maxlen: 23
109.175.46.0/23 maxlen: 23
109.175.96.0/22 maxlen: 22
109.175.96.0/23 maxlen: 23
109.175.98.0/23 maxlen: 23
109.175.100.0/22 maxlen: 22
109.175.100.0/23 maxlen: 23
109.175.102.0/23 maxlen: 23
109.175.104.0/22 maxlen: 22
109.175.104.0/23 maxlen: 23
109.175.106.0/23 maxlen: 23
109.175.108.0/22 maxlen: 22
109.175.112.0/22 maxlen: 22
109.175.116.0/22 maxlen: 22
109.175.120.0/22 maxlen: 22
109.175.124.0/22 maxlen: 22
185.12.76.0/24 maxlen: 24
185.12.78.0/23 maxlen: 23
195.222.32.0/19 maxlen: 21
195.222.32.0/20 maxlen: 20
195.222.32.0/21 maxlen: 21
195.222.40.0/21 maxlen: 21
195.222.48.0/20 maxlen: 20
195.222.48.0/21 maxlen: 21
195.222.49.0/24 maxlen: 24
195.222.56.0/21 maxlen: 21
2a02:27b0::/32 maxlen: 32
2a02:27b0:4100::/40 maxlen: 40
2a02:27b0:4200::/40 maxlen: 40
2a02:27b0:4300::/40 maxlen: 40
2a02:27b0:4400::/40 maxlen: 40
2a02:27b0:4500::/40 maxlen: 40
2a02:27b0:4800::/40 maxlen: 40
2a02:27b0:4900::/40 maxlen: 40
2a02:27b0:4a00::/40 maxlen: 40
2a02:27b0:4b00::/40 maxlen: 40
2a02:27b0:4c00::/40 maxlen: 40
2a02:27b0:4d00::/40 maxlen: 40
2a02:27b0:5300::/40 maxlen: 40
2a02:27b0:5500::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/d7367d-7bbf-4697-96cd-2bb1efc57a86/1/6eWwFOVpGG-4SiAklUzMyckbHj8.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/d7367d-7bbf-4697-96cd-2bb1efc57a86/1/6eWwFOVpGG-4SiAklUzMyckbHj8.mft
rsync://rpki.ripe.net/repository/DEFAULT/6eWwFOVpGG-4SiAklUzMyckbHj8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e4:9f:b4:e9:1b:47:73:f8:aa:c4:0d:a4:d0:f8:b8:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9e5b014e569186fb84a2024954cccc9c91b1e3f
Validity
Not Before: Feb 26 08:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa1e278aaf156be2ff048a9bd673746859e0dad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2a:8a:da:89:2a:ad:ab:b8:08:cb:6c:a8:4f:
ad:3f:38:0d:56:93:80:d5:2f:85:dd:60:04:10:66:
40:30:0f:55:1f:46:55:79:6a:1d:20:66:4c:31:7a:
f5:dd:94:d0:02:6d:1c:8f:c3:c9:b6:13:96:c1:96:
b4:11:77:23:f5:98:7a:74:19:8a:fb:ba:56:7e:fe:
be:2e:b7:c9:6b:86:68:77:62:45:ad:fb:55:fb:5e:
f0:00:74:e4:26:2d:21:6b:83:d3:d3:76:13:54:77:
82:d8:36:0b:96:cb:d8:98:9c:8d:41:40:b7:6b:17:
33:a5:0f:25:c4:93:5f:b2:4a:69:60:5c:df:87:ab:
cd:80:85:17:e9:de:17:03:1d:87:bc:82:4c:57:d0:
10:7b:59:2a:96:76:53:d6:c2:10:be:d6:77:f3:84:
15:0e:9a:08:64:4f:e8:ff:c7:a5:9c:07:b6:0a:f3:
e8:42:be:b6:9f:c1:df:1b:45:3d:d8:e9:ae:ab:2e:
8b:dc:38:6d:ff:a0:ce:1b:37:c6:36:eb:a8:80:55:
40:79:7a:80:00:ec:ba:97:b9:40:f1:33:dc:61:8c:
84:d0:91:b4:1b:21:80:75:9c:e4:3b:25:96:45:ef:
4b:7c:d4:2c:10:f7:ef:d0:1b:81:b6:00:31:50:24:
b2:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1E:27:8A:AF:15:6B:E2:FF:04:8A:9B:D6:73:74:68:59:E0:DA:D8
X509v3 Authority Key Identifier:
keyid:E9:E5:B0:14:E5:69:18:6F:B8:4A:20:24:95:4C:CC:C9:C9:1B:1E:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6eWwFOVpGG-4SiAklUzMyckbHj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d7367d-7bbf-4697-96cd-2bb1efc57a86/1/qh4niq8Va-L_BIqb1nN0aFng2tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d7367d-7bbf-4697-96cd-2bb1efc57a86/1/6eWwFOVpGG-4SiAklUzMyckbHj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.176.128.0/17
37.203.64.0/18
80.65.64.0/19
85.92.224.0/19
89.146.128.0/18
92.36.128.0/17
109.163.128.0/18
109.175.0.0/17
185.12.76.0/24
185.12.78.0/23
195.222.32.0/19
IPv6:
2a02:27b0::/32
Signature Algorithm: sha256WithRSAEncryption
25:6d:08:d1:06:a8:64:a5:7c:b4:5a:6f:5b:cc:9b:d5:5c:de:
76:7d:08:3c:b7:d0:a3:25:5c:5b:6e:2a:5c:47:fc:cb:5a:45:
52:d6:6f:89:23:63:43:24:3c:a2:ba:08:f9:ef:bf:bc:b1:fa:
33:21:4c:a3:7b:94:60:bf:a6:1a:7c:2b:f2:a4:e6:86:68:0a:
d8:b6:3d:67:65:c5:b2:0c:97:f6:6f:05:2a:d1:6d:e5:56:70:
03:98:73:c9:7c:37:8f:24:33:d1:45:5f:47:13:1b:1e:9b:5a:
0e:da:ab:44:55:44:5f:c5:a7:11:a6:cf:39:d6:78:29:4a:fa:
2b:87:d3:c1:0c:d0:f5:83:96:f0:96:1b:2d:e5:5c:67:bb:67:
ae:55:9f:5e:4d:ed:73:73:f1:94:89:30:72:a8:25:8e:2e:06:
b9:d4:c5:f8:e9:9a:c9:b1:36:99:58:d7:68:34:f1:4e:2e:7a:
f7:25:47:b6:d5:20:20:e4:a6:be:ae:f7:0a:e9:94:a8:ab:8d:
64:b4:b1:01:0c:7d:49:d7:86:e0:97:01:26:92:c7:98:4f:1a:
d1:27:d1:e3:8b:bd:30:02:f5:b6:4b:60:e7:c3:b8:c3:7d:7f:
3d:4e:79:c6:ed:3c:40:19:99:92:81:e4:95:d3:70:7f:fc:e3:
52:2f:59:48
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAY3kn7TpG0dz+KrEDaTQ+LheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZTViMDE0ZTU2OTE4NmZiODRhMjAyNDk1NGNjY2M5Yzkx
YjFlM2YwHhcNMjQwMjI2MDg1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTFlMjc4YWFmMTU2YmUyZmYwNDhhOWJkNjczNzQ2ODU5ZTBkYWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyqK2okqrau4CMtsqE+tPzgNVpOA
1S+F3WAEEGZAMA9VH0ZVeWodIGZMMXr13ZTQAm0cj8PJthOWwZa0EXcj9Zh6dBmK
+7pWfv6+LrfJa4Zod2JFrftV+17wAHTkJi0ha4PT03YTVHeC2DYLlsvYmJyNQUC3
axczpQ8lxJNfskppYFzfh6vNgIUX6d4XAx2HvIJMV9AQe1kqlnZT1sIQvtZ384QV
DpoIZE/o/8elnAe2CvPoQr62n8HfG0U92Omuqy6L3Dht/6DOGzfGNuuogFVAeXqA
AOy6l7lA8TPcYYyE0JG0GyGAdZzkOyWWRe9LfNQsEPfv0BuBtgAxUCSydwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFKoeJ4qvFWvi/wSKm9ZzdGhZ4NrYMB8GA1UdIwQY
MBaAFOnlsBTlaRhvuEogJJVMzMnJGx4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmVXd0ZPVnBHRy00U2lBa2xVek15Y2tiSGo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9kNzM2N2QtN2JiZi00Njk3LTk2Y2Qt
MmJiMWVmYzU3YTg2LzEvcWg0bmlxOFZhLUxfQklxYjFuTjBhRm5nMnRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9kNzM2N2QtN2JiZi00Njk3LTk2Y2QtMmJiMWVmYzU3YTg2
LzEvNmVXd0ZPVnBHRy00U2lBa2xVek15Y2tiSGo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQHH7CAAwQG
JctAAwQFUEFAAwQFVVzgAwQGWZKAAwQHXCSAAwQGbaOAAwQHba8AAwQAuQxMAwQB
uQxOAwQFw94gMA0EAgACMAcDBQAqAiewMA0GCSqGSIb3DQEBCwUAA4IBAQAlbQjR
BqhkpXy0Wm9bzJvVXN52fQg8t9CjJVxbbipcR/zLWkVS1m+JI2NDJDyiugj577+8
sfozIUyje5Rgv6YafCvypOaGaArYtj1nZcWyDJf2bwUq0W3lVnADmHPJfDePJDPR
RV9HExsem1oO2qtEVURfxacRps851ngpSvorh9PBDND1g5bwlhst5Vxnu2euVZ9e
Te1zc/GUiTByqCWOLga51MX46ZrJsTaZWNdoNPFOLnr3JUe21SAg5Ka+rvcK6ZSo
q41ktLEBDH1J14bglwEmkseYTxrRJ9Hji70wAvW2S2Dnw7jDfX89TnnG7TxAGZmS
geSV03B//ONSL1lI
-----END CERTIFICATE-----
Generated at Fri May 17 18:27:30 2024 by rpki-client on console-fra.rpki-client.org