Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/1-sgGeEqX4UXJVGVErActf658J8s.roa
File: 1-sgGeEqX4UXJVGVErActf658J8s.roa (raw, json)
Hash identifier: ITGHaoVFx3myoCmChb9uXJYU4iuaHv53b+VRyWmzvTM=
Subject key identifier: FA:C8:06:78:4A:97:E1:45:C9:54:65:44:AC:07:2D:7F:AE:7C:27:CB
Certificate issuer: /CN=95a5adf6af1fcc0570adf858fd5bfbe28791a186
Certificate serial: 0190A18A9CE387E6FB6D2C457A5325BBBB25
Authority key identifier: 95:A5:AD:F6:AF:1F:CC:05:70:AD:F8:58:FD:5B:FB:E2:87:91:A1:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/laWt9q8fzAVwrfhY_Vv74oeRoYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/1-sgGeEqX4UXJVGVErActf658J8s.roa
Signing time: Thu 11 Jul 2024 11:25:34 +0000
ROA not before: Thu 11 Jul 2024 11:25:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5413
IP address blocks: 5.22.224.0/21 maxlen: 24
45.83.76.0/22 maxlen: 24
62.44.64.0/19 maxlen: 24
62.69.32.0/19 maxlen: 24
62.72.128.0/19 maxlen: 24
62.105.64.0/18 maxlen: 24
62.232.0.0/16 maxlen: 24
77.44.0.0/17 maxlen: 24
77.73.120.0/21 maxlen: 24
77.107.128.0/18 maxlen: 24
78.41.208.0/21 maxlen: 24
78.141.0.0/18 maxlen: 24
80.64.48.0/20 maxlen: 24
80.69.128.0/20 maxlen: 24
80.89.80.0/20 maxlen: 24
80.234.128.0/17 maxlen: 24
82.195.96.0/19 maxlen: 24
83.219.32.0/19 maxlen: 24
89.145.192.0/18 maxlen: 24
91.236.17.0/24 maxlen: 24
93.92.120.0/21 maxlen: 24
93.95.104.0/21 maxlen: 24
94.30.0.0/17 maxlen: 24
109.170.128.0/17 maxlen: 24
130.185.64.0/21 maxlen: 24
176.35.0.0/16 maxlen: 24
185.3.76.0/22 maxlen: 24
185.8.204.0/22 maxlen: 24
185.138.152.0/22 maxlen: 24
185.144.110.0/24 maxlen: 24
185.196.204.0/22 maxlen: 24
193.28.154.0/24 maxlen: 24
193.38.52.0/24 maxlen: 24
193.41.96.0/21 maxlen: 24
193.192.34.0/23 maxlen: 24
193.192.64.0/19 maxlen: 24
193.242.113.0/24 maxlen: 24
193.242.115.0/24 maxlen: 24
193.242.116.0/24 maxlen: 24
194.1.210.0/24 maxlen: 24
194.79.240.0/22 maxlen: 24
194.126.64.0/19 maxlen: 24
194.143.160.0/19 maxlen: 24
194.153.0.0/19 maxlen: 24
194.154.160.0/19 maxlen: 24
195.38.64.0/19 maxlen: 24
195.70.64.0/19 maxlen: 24
195.147.0.0/16 maxlen: 24
195.200.128.0/19 maxlen: 24
195.224.0.0/16 maxlen: 24
195.226.32.0/19 maxlen: 24
212.19.64.0/19 maxlen: 24
212.35.224.0/19 maxlen: 24
212.88.32.0/19 maxlen: 24
212.102.192.0/19 maxlen: 24
212.103.224.0/19 maxlen: 24
212.241.128.0/17 maxlen: 24
213.205.128.0/18 maxlen: 24
217.67.48.0/20 maxlen: 24
2001:b98::/29 maxlen: 48
2a00:b300::/29 maxlen: 48
2a03:4200::/32 maxlen: 48
2a04:b2c0::/29 maxlen: 48
2a07:2640::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/laWt9q8fzAVwrfhY_Vv74oeRoYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/laWt9q8fzAVwrfhY_Vv74oeRoYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/laWt9q8fzAVwrfhY_Vv74oeRoYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a1:8a:9c:e3:87:e6:fb:6d:2c:45:7a:53:25:bb:bb:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95a5adf6af1fcc0570adf858fd5bfbe28791a186
Validity
Not Before: Jul 11 11:25:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fac806784a97e145c9546544ac072d7fae7c27cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3b:53:01:c7:6f:84:37:23:ce:e9:1a:10:6e:
3a:3b:17:12:e9:4a:ba:ab:98:34:a7:d6:7a:5d:5a:
60:70:07:4a:37:c0:7d:e1:9c:ea:dd:e3:e4:72:49:
d7:b3:92:04:11:32:7a:14:8e:3d:14:53:e2:fd:74:
43:d3:2d:99:18:64:2c:bc:72:3f:c5:99:02:03:9b:
73:46:88:51:d6:27:08:db:83:d1:82:c5:d5:f0:5d:
de:f8:4a:96:66:c6:87:8c:78:57:53:2d:bb:7e:ce:
4d:92:a5:26:2d:25:22:c4:89:0e:d0:59:a1:b8:6e:
f2:44:4a:c3:88:e5:04:fd:2d:e2:f1:23:ba:f8:a3:
cc:87:01:6a:5e:90:4a:14:ac:f2:59:b0:9c:35:7e:
09:49:b4:f3:c4:42:36:78:8c:1f:cb:9f:6e:7f:4b:
fd:70:2e:68:8f:61:6a:a4:ce:e9:5b:c4:8c:70:74:
6a:50:80:f4:c0:4e:d9:b2:63:c0:83:9d:26:23:b9:
2f:f5:0c:17:ed:89:77:ef:a0:5e:be:05:e4:01:2d:
00:6d:c5:ba:6e:9f:a6:55:eb:34:b9:25:b3:58:a2:
9e:00:48:26:a0:72:b3:02:e5:73:8c:81:ea:bf:e2:
37:b1:9a:9d:fa:14:bf:e8:be:4c:9f:24:de:e6:fa:
f6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:C8:06:78:4A:97:E1:45:C9:54:65:44:AC:07:2D:7F:AE:7C:27:CB
X509v3 Authority Key Identifier:
keyid:95:A5:AD:F6:AF:1F:CC:05:70:AD:F8:58:FD:5B:FB:E2:87:91:A1:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/laWt9q8fzAVwrfhY_Vv74oeRoYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/1-sgGeEqX4UXJVGVErActf658J8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/laWt9q8fzAVwrfhY_Vv74oeRoYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.224.0/21
45.83.76.0/22
62.44.64.0/19
62.69.32.0/19
62.72.128.0/19
62.105.64.0/18
62.232.0.0/16
77.44.0.0/17
77.73.120.0/21
77.107.128.0/18
78.41.208.0/21
78.141.0.0/18
80.64.48.0/20
80.69.128.0/20
80.89.80.0/20
80.234.128.0/17
82.195.96.0/19
83.219.32.0/19
89.145.192.0/18
91.236.17.0/24
93.92.120.0/21
93.95.104.0/21
94.30.0.0/17
109.170.128.0/17
130.185.64.0/21
176.35.0.0/16
185.3.76.0/22
185.8.204.0/22
185.138.152.0/22
185.144.110.0/24
185.196.204.0/22
193.28.154.0/24
193.38.52.0/24
193.41.96.0/21
193.192.34.0/23
193.192.64.0/19
193.242.113.0/24
193.242.115.0-193.242.116.255
194.1.210.0/24
194.79.240.0/22
194.126.64.0/19
194.143.160.0/19
194.153.0.0/19
194.154.160.0/19
195.38.64.0/19
195.70.64.0/19
195.147.0.0/16
195.200.128.0/19
195.224.0.0/16
195.226.32.0/19
212.19.64.0/19
212.35.224.0/19
212.88.32.0/19
212.102.192.0/19
212.103.224.0/19
212.241.128.0/17
213.205.128.0/18
217.67.48.0/20
IPv6:
2001:b98::/29
2a00:b300::/29
2a03:4200::/32
2a04:b2c0::/29
2a07:2640::/29
Signature Algorithm: sha256WithRSAEncryption
e8:6f:a7:bd:37:20:a4:c2:1c:c4:eb:e4:7f:4f:3a:8f:62:fe:
6b:1b:56:c4:d6:c8:f3:37:8e:bc:f6:67:29:38:d4:ea:57:ca:
f6:cc:5f:7e:b9:36:15:cd:93:c4:68:35:5c:a6:58:c0:cc:1f:
43:b1:d2:f5:24:52:10:b2:62:3f:7f:2e:dd:40:42:dc:28:13:
9d:88:26:1c:fd:f7:8c:72:1e:17:91:84:d8:5f:9f:93:63:f3:
ba:5c:85:7c:99:46:19:75:62:1e:0d:81:48:4b:39:e4:10:95:
e7:94:33:fb:8a:e3:bb:44:57:96:7f:45:ff:d5:bd:71:dc:b9:
64:b0:15:45:8c:97:ab:a7:35:da:97:11:59:44:e6:9f:0a:86:
31:01:67:0a:06:fe:04:65:1a:eb:6a:62:cf:d4:2d:fa:f5:78:
5b:a1:1d:7e:ab:7a:fc:b4:cd:db:27:3a:ee:a8:04:74:1e:a1:
b3:19:60:81:c1:82:b1:99:71:6b:7a:c7:b8:91:05:ca:ce:43:
6e:40:12:9a:52:b5:39:ae:a2:c9:03:88:b1:e9:f1:56:03:57:
c1:4a:44:dd:b9:43:9b:65:22:23:84:cc:90:e9:76:f8:20:80:
4c:f4:9c:2f:3d:cc:f9:cd:a3:fd:24:60:22:7b:ad:30:a4:ff:
8a:84:88:d2
-----BEGIN CERTIFICATE-----
MIIGjTCCBXWgAwIBAgISAZChipzjh+b7bSxFelMlu7slMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YTVhZGY2YWYxZmNjMDU3MGFkZjg1OGZkNWJmYmUyODc5
MWExODYwHhcNMjQwNzExMTEyNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWM4MDY3ODRhOTdlMTQ1Yzk1NDY1NDRhYzA3MmQ3ZmFlN2MyN2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyztTAcdvhDcjzukaEG46OxcS6Uq6
q5g0p9Z6XVpgcAdKN8B94Zzq3ePkcknXs5IEETJ6FI49FFPi/XRD0y2ZGGQsvHI/
xZkCA5tzRohR1icI24PRgsXV8F3e+EqWZsaHjHhXUy27fs5NkqUmLSUixIkO0Fmh
uG7yRErDiOUE/S3i8SO6+KPMhwFqXpBKFKzyWbCcNX4JSbTzxEI2eIwfy59uf0v9
cC5oj2FqpM7pW8SMcHRqUID0wE7ZsmPAg50mI7kv9QwX7Yl376BevgXkAS0AbcW6
bp+mVes0uSWzWKKeAEgmoHKzAuVzjIHqv+I3sZqd+hS/6L5MnyTe5vr2FQIDAQAB
o4IDmTCCA5UwHQYDVR0OBBYEFPrIBnhKl+FFyVRlRKwHLX+ufCfLMB8GA1UdIwQY
MBaAFJWlrfavH8wFcK34WP1b++KHkaGGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGFXdDlxOGZ6QVZ3cmZoWV9Wdjc0b2VSb1lZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9kM2YxYmEtZDllNS00NWM1LWJjYTIt
MTYxOWQwOGM2OTY1LzEvMS1zZ0dlRXFYNFVYSlZHVkVyQWN0ZjY1OEo4cy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTYvZDNmMWJhLWQ5ZTUtNDVjNS1iY2EyLTE2MTlkMDhjNjk2
NS8xL2xhV3Q5cThmekFWd3JmaFlfVnY3NG9lUm9ZWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAawGCCsGAQUFBwEHAQH/BIIBmzCCAZcwggFoBAIAATCC
AWADBAMFFuADBAItU0wDBAU+LEADBAU+RSADBAU+SIADBAY+aUADAwA+6AMEB00s
AAMEA01JeAMEBk1rgAMEA04p0AMEBk6NAAMEBFBAMAMEBFBFgAMEBFBZUAMEB1Dq
gAMEBVLDYAMEBVPbIAMEBlmRwAMEAFvsEQMEA11ceAMEA11faAMEB14eAAMEB22q
gAMEA4K5QAMDALAjAwQCuQNMAwQCuQjMAwQCuYqYAwQAuZBuAwQCucTMAwQAwRya
AwQAwSY0AwQDwSlgAwQBwcAiAwQFwcBAAwQAwfJxMAwDBADB8nMDBADB8nQDBADC
AdIDBALCT/ADBAXCfkADBAXCj6ADBAXCmQADBAXCmqADBAXDJkADBAXDRkADAwDD
kwMEBcPIgAMDAMPgAwQFw+IgAwQF1BNAAwQF1CPgAwQF1FggAwQF1GbAAwQF1Gfg
AwQH1PGAAwQG1c2AAwQE2UMwMCkEAgACMCMDBQMgAQuYAwUDKgCzAAMFACoDQgAD
BQMqBLLAAwUDKgcmQDANBgkqhkiG9w0BAQsFAAOCAQEA6G+nvTcgpMIcxOvkf086
j2L+axtWxNbI8zeOvPZnKTjU6lfK9sxffrk2Fc2TxGg1XKZYwMwfQ7HS9SRSELJi
P38u3UBC3CgTnYgmHP33jHIeF5GE2F+fk2PzulyFfJlGGXViHg2BSEs55BCV55Qz
+4rju0RXln9F/9W9cdy5ZLAVRYyXq6c12pcRWUTmnwqGMQFnCgb+BGUa62piz9Qt
+vV4W6Edfqt6/LTN2yc67qgEdB6hsxlggcGCsZlxa3rHuJEFys5DbkASmlK1Oa6i
yQOIsenxVgNXwUpE3blDm2UiI4TMkOl2+CCATPScLz3M+c2j/SRgInutMKT/ioSI
0g==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:20:35 2024 by rpki-client on console-fra.rpki-client.org