Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/vOoKrCEMjIlGSMgXzFSABYVg8eQ.roa
File: vOoKrCEMjIlGSMgXzFSABYVg8eQ.roa (raw, json)
Hash identifier: 5hQRlFEfWdo7hHc3hCTYTe6wrspFnwxNEhuCPmpqg/4=
Subject key identifier: BC:EA:0A:AC:21:0C:8C:89:46:48:C8:17:CC:54:80:05:85:60:F1:E4
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 018CC424F304EFF40DAF1DAD96C6BFDB2CDB
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/vOoKrCEMjIlGSMgXzFSABYVg8eQ.roa
Signing time: Mon 01 Jan 2024 08:30:04 +0000
ROA not before: Mon 01 Jan 2024 08:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 185.87.120.0/24 maxlen: 24
185.141.33.0/24 maxlen: 24
185.141.35.0/24 maxlen: 24
185.141.34.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.35.154.0/24 maxlen: 24
193.35.155.0/24 maxlen: 24
193.35.153.0/24 maxlen: 24
185.86.4.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
185.86.7.0/24 maxlen: 24
185.86.14.0/24 maxlen: 24
185.86.15.0/24 maxlen: 24
185.86.12.0/24 maxlen: 24
185.86.152.0/24 maxlen: 24
185.86.155.0/24 maxlen: 24
185.184.24.0/24 maxlen: 24
185.184.25.0/24 maxlen: 24
185.184.26.0/24 maxlen: 24
185.184.27.0/24 maxlen: 24
91.194.55.0/24 maxlen: 24
193.160.140.0/24 maxlen: 24
193.160.141.0/24 maxlen: 24
193.160.142.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
185.254.236.0/24 maxlen: 24
185.254.238.0/24 maxlen: 24
185.254.239.0/24 maxlen: 24
185.254.237.0/24 maxlen: 24
193.223.104.0/24 maxlen: 24
193.223.105.0/24 maxlen: 24
185.88.172.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
193.223.107.0/24 maxlen: 24
193.223.106.0/24 maxlen: 24
185.88.173.0/24 maxlen: 24
185.88.174.0/24 maxlen: 24
185.243.182.0/24 maxlen: 24
185.243.183.0/24 maxlen: 24
185.243.180.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.254.30.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
185.254.31.0/24 maxlen: 24
185.85.188.0/24 maxlen: 24
185.250.210.0/24 maxlen: 24
194.62.54.0/24 maxlen: 24
194.62.55.0/24 maxlen: 24
194.62.52.0/24 maxlen: 24
194.62.53.0/24 maxlen: 24
93.190.12.0/24 maxlen: 24
93.190.13.0/24 maxlen: 24
160.20.109.0/24 maxlen: 24
160.20.108.0/24 maxlen: 24
109.236.48.0/24 maxlen: 24
109.236.49.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
185.185.232.0/24 maxlen: 24
185.185.233.0/24 maxlen: 24
185.185.234.0/24 maxlen: 24
185.249.200.0/24 maxlen: 24
185.249.201.0/24 maxlen: 24
185.249.202.0/24 maxlen: 24
185.249.203.0/24 maxlen: 24
185.98.63.0/24 maxlen: 24
185.98.61.0/24 maxlen: 24
185.98.62.0/24 maxlen: 24
2a0b:2780::/29 maxlen: 29
2a07:e700::/29 maxlen: 29
2a0d:49c0::/29 maxlen: 29
2a05:bf00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 22:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:f3:04:ef:f4:0d:af:1d:ad:96:c6:bf:db:2c:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 08:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bcea0aac210c8c894648c817cc5480058560f1e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:74:b1:9c:d0:32:6c:c0:af:55:dd:ea:49:7f:
8d:54:5e:b6:cc:8a:72:b8:90:8f:12:3a:7e:f6:32:
89:f8:68:a3:b9:83:27:6c:82:79:dc:04:95:6a:a4:
6a:8d:4f:cf:9d:8a:f7:93:c4:e5:25:62:01:a5:fe:
41:ad:ca:d4:37:e5:39:2b:d7:91:bf:da:d9:b2:e5:
f2:85:e9:33:a8:df:76:b4:30:eb:b0:15:a5:4f:8b:
8c:21:c3:d2:7f:15:fb:54:84:0d:9a:f5:7b:97:d1:
d9:46:73:26:82:9b:d1:db:3e:58:fb:99:09:19:2a:
d6:fd:5e:8c:e4:5d:66:07:55:b4:52:18:c4:bf:6a:
a7:05:87:ee:b1:cc:d7:69:e2:c5:ab:78:30:e8:b5:
46:1d:83:c8:b8:8b:dc:e1:23:f2:29:92:b3:36:a2:
c7:b2:7b:50:6f:46:e0:16:dd:b1:61:e9:97:23:f4:
6e:5e:ca:8f:34:ec:fa:ca:ab:18:74:78:4b:d8:a2:
d5:b4:43:ae:c6:77:c8:cf:f9:e2:30:bb:35:1e:b7:
f9:28:0d:c7:3d:3c:1a:0e:d0:54:4f:20:a0:8d:ad:
8b:62:08:50:25:32:c8:26:ea:bf:1b:58:44:47:2f:
8b:b6:87:73:19:fb:4c:a6:c1:e6:f4:e2:79:37:e1:
ad:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:EA:0A:AC:21:0C:8C:89:46:48:C8:17:CC:54:80:05:85:60:F1:E4
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/vOoKrCEMjIlGSMgXzFSABYVg8eQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.55.0/24
93.190.12.0/23
109.236.48.0/22
160.20.108.0/23
185.85.188.0/24
185.86.4.0/24
185.86.6.0/23
185.86.12.0/24
185.86.14.0/23
185.86.152.0/24
185.86.155.0/24
185.87.120.0/24
185.88.172.0/22
185.98.61.0-185.98.63.255
185.141.33.0-185.141.35.255
185.184.24.0/22
185.185.232.0-185.185.234.255
185.243.180.0/22
185.249.200.0/22
185.250.210.0/24
185.254.28.0/22
185.254.236.0/22
193.35.152.0/22
193.160.140.0/22
193.223.104.0/22
194.62.52.0/22
IPv6:
2a05:bf00::/29
2a07:e700::/29
2a0b:2780::/29
2a0d:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
65:d7:df:d3:03:71:26:8a:01:33:a5:24:fd:81:3e:e5:2c:a6:
c1:08:7d:9a:61:c7:45:ed:15:f0:e9:7c:6c:2d:74:e9:c9:5d:
40:47:ad:37:30:85:be:10:e8:c5:60:c6:82:1e:00:46:9f:30:
a6:2b:86:92:61:77:39:c0:7c:2c:6c:70:86:d0:a1:29:0d:14:
99:ac:d6:cf:8b:1e:a6:d4:9a:1c:7e:39:fb:22:7a:dd:15:85:
5c:b0:80:c8:e7:00:26:b8:28:62:fd:30:f9:ea:51:6c:92:3f:
e5:94:47:d9:00:ef:22:cc:06:a7:5f:0a:6c:e5:70:92:97:c4:
79:cb:4f:23:bf:fd:d0:d6:e8:68:91:4a:cc:17:cd:77:de:4d:
1b:e7:c0:0b:cc:94:d9:c7:79:fb:6b:7b:a7:85:b8:24:60:6a:
85:17:15:ce:f8:46:46:74:b9:c7:c3:21:b8:6f:32:e2:29:90:
2a:99:bf:f5:05:23:ad:9a:9e:6d:3c:f4:80:65:f9:67:9e:6d:
c1:08:71:40:ba:d9:52:bb:9b:98:3e:5d:c4:50:45:4b:b8:62:
a0:d3:21:5d:47:65:a3:57:7c:ab:7c:d4:c9:05:11:a8:8a:bf:
6b:94:63:04:6a:bc:a5:f9:83:a2:a5:ef:94:f3:1b:89:94:28:
06:0d:61:fd
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAYzEJPME7/QNrx2tlsa/2yzbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQwMTAxMDgzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2VhMGFhYzIxMGM4Yzg5NDY0OGM4MTdjYzU0ODAwNTg1NjBmMWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3SxnNAybMCvVd3qSX+NVF62zIpy
uJCPEjp+9jKJ+GijuYMnbIJ53ASVaqRqjU/PnYr3k8TlJWIBpf5BrcrUN+U5K9eR
v9rZsuXyhekzqN92tDDrsBWlT4uMIcPSfxX7VIQNmvV7l9HZRnMmgpvR2z5Y+5kJ
GSrW/V6M5F1mB1W0UhjEv2qnBYfusczXaeLFq3gw6LVGHYPIuIvc4SPyKZKzNqLH
sntQb0bgFt2xYemXI/RuXsqPNOz6yqsYdHhL2KLVtEOuxnfIz/niMLs1Hrf5KA3H
PTwaDtBUTyCgja2LYghQJTLIJuq/G1hERy+LtodzGftMpsHm9OJ5N+GtgQIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFLzqCqwhDIyJRkjIF8xUgAWFYPHkMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvdk9vS3JDRU1qSWxHU01nWHpGU0FCWVZnOGVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCBuwQCAAEwgbQDBABb
wjcDBAFdvgwDBAJt7DADBAGgFGwDBAC5VbwDBAC5VgQDBAG5VgYDBAC5VgwDBAG5
Vg4DBAC5VpgDBAC5VpsDBAC5V3gDBAK5WKwwDAMEALliPQMEBrliADAMAwQAuY0h
AwQCuY0gAwQCubgYMAwDBAO5uegDBAC5ueoDBAK587QDBAK5+cgDBAC5+tIDBAK5
/hwDBAK5/uwDBALBI5gDBALBoIwDBALB32gDBALCPjQwIgQCAAIwHAMFAyoFvwAD
BQMqB+cAAwUDKgsngAMFAyoNScAwDQYJKoZIhvcNAQELBQADggEBAGXX39MDcSaK
ATOlJP2BPuUspsEIfZphx0XtFfDpfGwtdOnJXUBHrTcwhb4Q6MVgxoIeAEafMKYr
hpJhdznAfCxscIbQoSkNFJms1s+LHqbUmhx+Ofsiet0VhVywgMjnACa4KGL9MPnq
UWySP+WUR9kA7yLMBqdfCmzlcJKXxHnLTyO//dDW6GiRSswXzXfeTRvnwAvMlNnH
eftre6eFuCRgaoUXFc74RkZ0ucfDIbhvMuIpkCqZv/UFI62anm089IBl+WeebcEI
cUC62VK7m5g+XcRQRUu4YqDTIV1HZaNXfKt81MkFEaiKv2uUYwRqvKX5g6Kl75Tz
G4mUKAYNYf0=
-----END CERTIFICATE-----
Generated at Wed May 1 06:08:16 2024 by rpki-client on console-fra.rpki-client.org