Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/PwLsHH8OAsEF6gGAL2MzCt4ujQo.roa
File: PwLsHH8OAsEF6gGAL2MzCt4ujQo.roa (raw, json)
Hash identifier: 4O5iMN+I5lADLIpb6gr0pl9fXpJTrSC8M0dMEyEhNkQ=
Subject key identifier: 3F:02:EC:1C:7F:0E:02:C1:05:EA:01:80:2F:63:33:0A:DE:2E:8D:0A
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019350457812D94462397DB9BA496E7B73E6
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/PwLsHH8OAsEF6gGAL2MzCt4ujQo.roa
Signing time: Thu 21 Nov 2024 19:49:09 +0000
ROA not before: Thu 21 Nov 2024 19:49:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.194.55.0/24 maxlen: 24
93.190.12.0/24 maxlen: 24
93.190.13.0/24 maxlen: 24
109.236.48.0/24 maxlen: 24
109.236.49.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
160.20.108.0/24 maxlen: 24
160.20.109.0/24 maxlen: 24
185.85.188.0/24 maxlen: 24
185.86.4.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
185.86.7.0/24 maxlen: 24
185.86.12.0/24 maxlen: 24
185.86.14.0/24 maxlen: 24
185.86.15.0/24 maxlen: 24
185.86.152.0/24 maxlen: 24
185.86.155.0/24 maxlen: 24
185.87.120.0/24 maxlen: 24
185.88.172.0/24 maxlen: 24
185.88.173.0/24 maxlen: 24
185.88.174.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
185.98.61.0/24 maxlen: 24
185.98.62.0/24 maxlen: 24
185.98.63.0/24 maxlen: 24
185.141.33.0/24 maxlen: 24
185.141.34.0/24 maxlen: 24
185.141.35.0/24 maxlen: 24
185.184.24.0/24 maxlen: 24
185.184.25.0/24 maxlen: 24
185.184.26.0/24 maxlen: 24
185.184.27.0/24 maxlen: 24
185.185.232.0/24 maxlen: 24
185.185.233.0/24 maxlen: 24
185.185.234.0/24 maxlen: 24
185.243.180.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.243.182.0/24 maxlen: 24
185.243.183.0/24 maxlen: 24
185.249.200.0/24 maxlen: 24
185.249.201.0/24 maxlen: 24
185.249.202.0/24 maxlen: 24
185.249.203.0/24 maxlen: 24
185.250.210.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
185.254.30.0/24 maxlen: 24
185.254.31.0/24 maxlen: 24
185.254.236.0/24 maxlen: 24
185.254.237.0/24 maxlen: 24
185.254.238.0/24 maxlen: 24
185.254.239.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.35.153.0/24 maxlen: 24
193.35.154.0/24 maxlen: 24
193.35.155.0/24 maxlen: 24
193.160.140.0/24 maxlen: 24
193.160.141.0/24 maxlen: 24
193.160.142.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
193.223.104.0/24 maxlen: 24
193.223.105.0/24 maxlen: 24
193.223.106.0/24 maxlen: 24
193.223.107.0/24 maxlen: 24
194.62.52.0/24 maxlen: 24
194.62.53.0/24 maxlen: 24
194.62.54.0/24 maxlen: 24
194.62.55.0/24 maxlen: 24
2a05:bf00::/29 maxlen: 29
2a07:e700::/29 maxlen: 29
2a0b:2780::/29 maxlen: 29
2a0d:49c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:50:45:78:12:d9:44:62:39:7d:b9:ba:49:6e:7b:73:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Nov 21 19:49:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f02ec1c7f0e02c105ea01802f63330ade2e8d0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:4b:64:92:10:d5:85:19:ce:d8:75:44:15:79:
5c:90:72:55:ba:4f:9c:c0:43:21:23:df:f5:42:a8:
6f:6a:6b:bc:5d:fd:c9:69:00:2f:de:5a:dc:85:fa:
d3:c3:51:f1:11:1b:6f:d2:02:70:16:40:ea:c8:90:
ad:fa:8d:07:44:a5:de:0b:44:cc:f1:4e:9c:52:cf:
b9:1b:18:c4:07:41:4d:15:ee:81:49:97:50:13:d2:
a0:4f:b2:af:df:1c:7b:92:d2:3e:cc:3d:42:66:2c:
22:fb:45:b8:11:30:9c:3a:9a:95:82:52:9a:d7:6b:
08:33:8f:4c:25:99:ab:15:0f:cb:bb:5e:47:e5:e4:
ed:2c:45:e7:36:12:9c:cf:c9:a9:46:af:12:53:15:
56:78:00:a6:5d:3e:d1:12:d3:2b:15:1e:6d:d6:d2:
56:6a:14:08:45:61:e8:d1:ea:c7:80:6f:3d:3e:0a:
9d:af:c8:e1:0f:10:e7:03:15:98:4d:68:6b:46:bf:
ea:15:2f:5d:56:5a:64:e7:cb:92:47:44:87:c1:71:
a1:0d:38:da:5b:aa:9c:d3:56:92:ac:ee:29:5e:b8:
09:62:56:d2:40:ae:ce:61:15:ba:ee:ca:a2:a8:44:
94:bd:68:49:0c:c2:5b:ee:05:3e:77:35:47:8e:df:
84:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:02:EC:1C:7F:0E:02:C1:05:EA:01:80:2F:63:33:0A:DE:2E:8D:0A
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/PwLsHH8OAsEF6gGAL2MzCt4ujQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.55.0/24
93.190.12.0/23
109.236.48.0/22
160.20.108.0/23
185.85.188.0/24
185.86.4.0/24
185.86.6.0/23
185.86.12.0/24
185.86.14.0/23
185.86.152.0/24
185.86.155.0/24
185.87.120.0/24
185.88.172.0/22
185.98.61.0-185.98.63.255
185.141.33.0-185.141.35.255
185.184.24.0/22
185.185.232.0-185.185.234.255
185.243.180.0/22
185.249.200.0/22
185.250.210.0/24
185.254.28.0/22
185.254.236.0/22
193.35.152.0/22
193.160.140.0/22
193.223.104.0/22
194.62.52.0/22
IPv6:
2a05:bf00::/29
2a07:e700::/29
2a0b:2780::/29
2a0d:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
97:f3:58:7e:8a:fb:e0:27:59:e9:ff:87:ed:5c:ef:eb:49:22:
0b:cf:b5:a9:a4:88:e2:8e:71:54:ab:e0:09:5e:3a:e3:01:f5:
10:db:8c:2f:4d:c3:62:65:6d:61:60:bd:b3:02:cd:5f:c0:46:
4f:9f:33:6f:a3:0c:24:7e:cc:db:ea:ef:44:58:14:a9:dc:23:
17:7e:88:74:54:56:7a:07:40:14:5f:ad:06:fa:56:1d:59:e7:
48:5a:ed:c0:01:ae:87:99:5d:a7:c6:be:05:8e:a9:88:c8:fe:
92:b8:7c:8a:c7:3b:45:6e:fd:37:00:c8:7f:24:19:f1:fb:2d:
ed:af:5e:2b:51:b9:7a:7d:09:ff:4a:59:3a:4d:e0:d9:19:75:
54:38:d2:45:d6:58:3a:e6:04:71:fc:23:ac:12:6d:38:b5:31:
c0:f1:ee:fc:d5:74:12:99:89:ea:aa:1d:21:01:16:6d:d4:bf:
ae:53:b5:c6:f1:bc:1a:29:b1:c8:76:34:83:89:93:e0:e5:d8:
8e:36:a9:57:6f:86:43:6c:7e:d4:2a:b1:6b:58:3f:a3:55:4e:
6a:6c:fa:c6:07:57:56:8d:8a:03:5e:45:1b:3d:03:b8:e1:9a:
a3:e1:06:91:c5:50:5a:da:7b:3f:84:88:c6:a9:6d:0b:cc:3b:
16:38:30:7d
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAZNQRXgS2URiOX25uklue3PmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQxMTIxMTk0OTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjAyZWMxYzdmMGUwMmMxMDVlYTAxODAyZjYzMzMwYWRlMmU4ZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+EtkkhDVhRnO2HVEFXlckHJVuk+c
wEMhI9/1Qqhvamu8Xf3JaQAv3lrchfrTw1HxERtv0gJwFkDqyJCt+o0HRKXeC0TM
8U6cUs+5GxjEB0FNFe6BSZdQE9KgT7Kv3xx7ktI+zD1CZiwi+0W4ETCcOpqVglKa
12sIM49MJZmrFQ/Lu15H5eTtLEXnNhKcz8mpRq8SUxVWeACmXT7REtMrFR5t1tJW
ahQIRWHo0erHgG89Pgqdr8jhDxDnAxWYTWhrRr/qFS9dVlpk58uSR0SHwXGhDTja
W6qc01aSrO4pXrgJYlbSQK7OYRW67sqiqESUvWhJDMJb7gU+dzVHjt+E4QIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFD8C7Bx/DgLBBeoBgC9jMwreLo0KMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvUHdMc0hIOE9Bc0VGNmdHQUwyTXpDdDR1alFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCBuwQCAAEwgbQDBABb
wjcDBAFdvgwDBAJt7DADBAGgFGwDBAC5VbwDBAC5VgQDBAG5VgYDBAC5VgwDBAG5
Vg4DBAC5VpgDBAC5VpsDBAC5V3gDBAK5WKwwDAMEALliPQMEBrliADAMAwQAuY0h
AwQCuY0gAwQCubgYMAwDBAO5uegDBAC5ueoDBAK587QDBAK5+cgDBAC5+tIDBAK5
/hwDBAK5/uwDBALBI5gDBALBoIwDBALB32gDBALCPjQwIgQCAAIwHAMFAyoFvwAD
BQMqB+cAAwUDKgsngAMFAyoNScAwDQYJKoZIhvcNAQELBQADggEBAJfzWH6K++An
Wen/h+1c7+tJIgvPtamkiOKOcVSr4AleOuMB9RDbjC9Nw2JlbWFgvbMCzV/ARk+f
M2+jDCR+zNvq70RYFKncIxd+iHRUVnoHQBRfrQb6Vh1Z50ha7cABroeZXafGvgWO
qYjI/pK4fIrHO0Vu/TcAyH8kGfH7Le2vXitRuXp9Cf9KWTpN4NkZdVQ40kXWWDrm
BHH8I6wSbTi1McDx7vzVdBKZieqqHSEBFm3Uv65TtcbxvBopsch2NIOJk+Dl2I42
qVdvhkNsftQqsWtYP6NVTmps+sYHV1aNigNeRRs9A7jhmqPhBpHFUFraez+EiMap
bQvMOxY4MH0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:31:46 2024 by rpki-client on console-fra.rpki-client.org