Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/qsqp61zGFK2g-rhy-ubrsBvJqxc.roa
File: qsqp61zGFK2g-rhy-ubrsBvJqxc.roa (raw, json)
Hash identifier: zJM9wLc2G7VQDS89G+RP+fvrth0itQmNKADoiw9Zs7U=
Subject key identifier: AA:CA:A9:EB:5C:C6:14:AD:A0:FA:B8:72:FA:E6:EB:B0:1B:C9:AB:17
Certificate issuer: /CN=95a5adf6af1fcc0570adf858fd5bfbe28791a186
Certificate serial: 018CC64B355C0CA7741D95E1756F6DE0403C
Authority key identifier: 95:A5:AD:F6:AF:1F:CC:05:70:AD:F8:58:FD:5B:FB:E2:87:91:A1:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/laWt9q8fzAVwrfhY_Vv74oeRoYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/qsqp61zGFK2g-rhy-ubrsBvJqxc.roa
Signing time: Mon 01 Jan 2024 18:31:06 +0000
ROA not before: Mon 01 Jan 2024 18:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5413
IP address blocks: 77.73.120.0/21 maxlen: 24
212.103.224.0/19 maxlen: 24
195.70.64.0/19 maxlen: 24
78.141.0.0/18 maxlen: 24
5.22.224.0/21 maxlen: 24
217.67.48.0/20 maxlen: 24
193.242.113.0/24 maxlen: 24
193.242.116.0/24 maxlen: 24
185.3.76.0/22 maxlen: 24
193.242.115.0/24 maxlen: 24
130.185.64.0/21 maxlen: 24
62.232.0.0/16 maxlen: 24
94.30.0.0/17 maxlen: 24
194.154.160.0/19 maxlen: 24
77.107.128.0/18 maxlen: 24
185.8.204.0/22 maxlen: 24
109.170.128.0/17 maxlen: 24
80.234.128.0/17 maxlen: 24
212.102.192.0/19 maxlen: 24
195.224.0.0/16 maxlen: 24
80.89.80.0/20 maxlen: 24
62.69.32.0/19 maxlen: 24
195.200.128.0/19 maxlen: 24
62.72.128.0/19 maxlen: 24
194.1.210.0/24 maxlen: 24
212.241.128.0/17 maxlen: 24
212.19.64.0/19 maxlen: 24
194.79.240.0/22 maxlen: 24
45.83.76.0/22 maxlen: 24
80.69.128.0/20 maxlen: 24
194.143.160.0/19 maxlen: 24
212.35.224.0/19 maxlen: 24
195.147.0.0/16 maxlen: 24
93.95.104.0/21 maxlen: 24
193.38.52.0/24 maxlen: 24
195.38.64.0/19 maxlen: 24
62.105.64.0/18 maxlen: 24
89.145.192.0/18 maxlen: 24
193.41.96.0/21 maxlen: 24
93.92.120.0/21 maxlen: 24
194.126.64.0/19 maxlen: 24
193.28.154.0/24 maxlen: 24
176.35.0.0/16 maxlen: 24
78.41.208.0/21 maxlen: 24
185.196.204.0/22 maxlen: 24
194.153.0.0/19 maxlen: 24
77.44.0.0/17 maxlen: 24
193.192.64.0/19 maxlen: 24
91.236.17.0/24 maxlen: 24
82.195.96.0/19 maxlen: 24
213.205.128.0/18 maxlen: 24
193.192.34.0/23 maxlen: 24
80.64.48.0/20 maxlen: 24
83.219.32.0/19 maxlen: 24
62.44.64.0/19 maxlen: 24
195.226.32.0/19 maxlen: 24
185.138.152.0/22 maxlen: 24
212.88.32.0/19 maxlen: 24
2a00:b300::/29 maxlen: 48
2a04:b2c0::/29 maxlen: 48
2a07:2640::/29 maxlen: 48
2a03:4200::/32 maxlen: 48
2001:b98::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/laWt9q8fzAVwrfhY_Vv74oeRoYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/laWt9q8fzAVwrfhY_Vv74oeRoYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/laWt9q8fzAVwrfhY_Vv74oeRoYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:35:5c:0c:a7:74:1d:95:e1:75:6f:6d:e0:40:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95a5adf6af1fcc0570adf858fd5bfbe28791a186
Validity
Not Before: Jan 1 18:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aacaa9eb5cc614ada0fab872fae6ebb01bc9ab17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fa:1c:c7:85:d5:85:46:b7:1e:d7:e9:89:f0:
77:e8:ac:f3:98:23:76:98:e9:1f:59:72:3f:57:07:
2d:db:03:4c:3e:34:61:0e:79:90:2e:2e:e9:5b:3f:
54:e7:22:b9:9a:76:26:db:96:72:d4:0e:ba:b8:54:
50:1c:0c:28:cd:a6:28:cd:f3:a8:3d:71:79:22:69:
a5:fd:9a:3d:ad:c0:ad:63:dc:a8:17:1d:83:a2:33:
f4:bf:6b:48:53:6c:c7:69:c4:75:fe:cf:fb:6a:e4:
d1:96:94:ef:08:2a:ff:06:b9:b2:1c:19:2b:12:e3:
43:2f:eb:70:87:0e:6c:98:e4:76:ec:3d:a0:a7:2b:
fb:fb:ca:a1:f2:14:7d:84:dc:fc:d0:9d:35:99:8b:
52:de:0f:be:db:da:07:81:e5:f6:ca:ac:42:10:c4:
29:59:35:73:ee:84:33:ae:7d:d5:c4:7f:3e:26:ff:
5c:85:68:8a:7b:0b:7e:a5:5f:c9:bb:cd:95:43:cb:
b8:5b:45:93:00:6d:f1:47:c0:6a:a7:98:c3:b8:ef:
aa:10:8c:8f:e9:75:22:35:1c:1a:d0:25:8f:f0:c1:
13:b5:15:61:96:d6:0a:e8:44:e0:89:79:6c:73:c3:
0c:21:66:da:d6:b8:b1:82:d5:24:be:01:67:53:c5:
f3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:CA:A9:EB:5C:C6:14:AD:A0:FA:B8:72:FA:E6:EB:B0:1B:C9:AB:17
X509v3 Authority Key Identifier:
keyid:95:A5:AD:F6:AF:1F:CC:05:70:AD:F8:58:FD:5B:FB:E2:87:91:A1:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/laWt9q8fzAVwrfhY_Vv74oeRoYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/qsqp61zGFK2g-rhy-ubrsBvJqxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/laWt9q8fzAVwrfhY_Vv74oeRoYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.224.0/21
45.83.76.0/22
62.44.64.0/19
62.69.32.0/19
62.72.128.0/19
62.105.64.0/18
62.232.0.0/16
77.44.0.0/17
77.73.120.0/21
77.107.128.0/18
78.41.208.0/21
78.141.0.0/18
80.64.48.0/20
80.69.128.0/20
80.89.80.0/20
80.234.128.0/17
82.195.96.0/19
83.219.32.0/19
89.145.192.0/18
91.236.17.0/24
93.92.120.0/21
93.95.104.0/21
94.30.0.0/17
109.170.128.0/17
130.185.64.0/21
176.35.0.0/16
185.3.76.0/22
185.8.204.0/22
185.138.152.0/22
185.196.204.0/22
193.28.154.0/24
193.38.52.0/24
193.41.96.0/21
193.192.34.0/23
193.192.64.0/19
193.242.113.0/24
193.242.115.0-193.242.116.255
194.1.210.0/24
194.79.240.0/22
194.126.64.0/19
194.143.160.0/19
194.153.0.0/19
194.154.160.0/19
195.38.64.0/19
195.70.64.0/19
195.147.0.0/16
195.200.128.0/19
195.224.0.0/16
195.226.32.0/19
212.19.64.0/19
212.35.224.0/19
212.88.32.0/19
212.102.192.0/19
212.103.224.0/19
212.241.128.0/17
213.205.128.0/18
217.67.48.0/20
IPv6:
2001:b98::/29
2a00:b300::/29
2a03:4200::/32
2a04:b2c0::/29
2a07:2640::/29
Signature Algorithm: sha256WithRSAEncryption
b3:31:7f:29:e0:3f:7a:dd:55:f0:1d:27:3f:16:2d:e1:67:15:
63:87:d7:9c:7e:78:63:d2:04:0c:4a:49:27:09:1e:4f:1c:2b:
38:a2:a2:54:c4:54:16:68:ef:06:05:96:ca:c1:b3:ac:12:a4:
0d:e4:95:04:5b:6a:62:4e:c1:a9:53:eb:26:51:11:3b:46:8f:
4e:c9:a9:b4:44:ab:5b:a8:87:1c:68:c7:79:7d:56:dd:b4:f2:
15:18:6e:22:26:2a:3e:e3:3d:62:db:4f:b6:7d:d6:b9:83:f5:
d3:8a:3d:e0:9d:bd:c4:9c:d1:73:db:34:c6:71:fd:37:e0:5e:
e8:90:eb:5b:bc:ea:2c:27:86:7c:5b:4b:c8:2f:15:19:d4:79:
bf:6a:be:49:33:02:1f:92:4d:c0:52:a6:5d:4c:1e:58:a0:90:
6e:04:cf:53:d5:2e:55:a0:4f:04:56:d9:6e:51:b7:63:0b:fa:
4a:cf:a0:89:3a:5f:64:e9:01:7e:af:a5:79:41:0d:8e:ba:70:
58:bd:07:d5:cd:68:de:7d:39:bf:d4:08:1f:e2:6d:fc:64:6a:
d1:17:6d:46:b1:33:8b:e4:25:6a:76:ad:c6:64:25:a1:f1:85:
38:1e:d5:69:ff:e9:2b:ff:73:6d:b6:95:b3:0f:c0:93:60:78:
18:6b:ab:ca
-----BEGIN CERTIFICATE-----
MIIGhjCCBW6gAwIBAgISAYzGSzVcDKd0HZXhdW9t4EA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YTVhZGY2YWYxZmNjMDU3MGFkZjg1OGZkNWJmYmUyODc5
MWExODYwHhcNMjQwMTAxMTgzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWNhYTllYjVjYzYxNGFkYTBmYWI4NzJmYWU2ZWJiMDFiYzlhYjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfocx4XVhUa3HtfpifB36KzzmCN2
mOkfWXI/Vwct2wNMPjRhDnmQLi7pWz9U5yK5mnYm25Zy1A66uFRQHAwozaYozfOo
PXF5Imml/Zo9rcCtY9yoFx2DojP0v2tIU2zHacR1/s/7auTRlpTvCCr/BrmyHBkr
EuNDL+twhw5smOR27D2gpyv7+8qh8hR9hNz80J01mYtS3g++29oHgeX2yqxCEMQp
WTVz7oQzrn3VxH8+Jv9chWiKewt+pV/Ju82VQ8u4W0WTAG3xR8Bqp5jDuO+qEIyP
6XUiNRwa0CWP8METtRVhltYK6ETgiXlsc8MMIWba1rixgtUkvgFnU8XzoQIDAQAB
o4IDkjCCA44wHQYDVR0OBBYEFKrKqetcxhStoPq4cvrm67AbyasXMB8GA1UdIwQY
MBaAFJWlrfavH8wFcK34WP1b++KHkaGGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGFXdDlxOGZ6QVZ3cmZoWV9Wdjc0b2VSb1lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9kM2YxYmEtZDllNS00NWM1LWJjYTIt
MTYxOWQwOGM2OTY1LzEvcXNxcDYxekdGSzJnLXJoeS11YnJzQnZKcXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9kM2YxYmEtZDllNS00NWM1LWJjYTItMTYxOWQwOGM2OTY1
LzEvbGFXdDlxOGZ6QVZ3cmZoWV9Wdjc0b2VSb1lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBpgYIKwYBBQUHAQcBAf8EggGVMIIBkTCCAWIEAgABMIIB
WgMEAwUW4AMEAi1TTAMEBT4sQAMEBT5FIAMEBT5IgAMEBj5pQAMDAD7oAwQHTSwA
AwQDTUl4AwQGTWuAAwQDTinQAwQGTo0AAwQEUEAwAwQEUEWAAwQEUFlQAwQHUOqA
AwQFUsNgAwQFU9sgAwQGWZHAAwQAW+wRAwQDXVx4AwQDXV9oAwQHXh4AAwQHbaqA
AwQDgrlAAwMAsCMDBAK5A0wDBAK5CMwDBAK5ipgDBAK5xMwDBADBHJoDBADBJjQD
BAPBKWADBAHBwCIDBAXBwEADBADB8nEwDAMEAMHycwMEAMHydAMEAMIB0gMEAsJP
8AMEBcJ+QAMEBcKPoAMEBcKZAAMEBcKaoAMEBcMmQAMEBcNGQAMDAMOTAwQFw8iA
AwMAw+ADBAXD4iADBAXUE0ADBAXUI+ADBAXUWCADBAXUZsADBAXUZ+ADBAfU8YAD
BAbVzYADBATZQzAwKQQCAAIwIwMFAyABC5gDBQMqALMAAwUAKgNCAAMFAyoEssAD
BQMqByZAMA0GCSqGSIb3DQEBCwUAA4IBAQCzMX8p4D963VXwHSc/Fi3hZxVjh9ec
fnhj0gQMSkknCR5PHCs4oqJUxFQWaO8GBZbKwbOsEqQN5JUEW2piTsGpU+smURE7
Ro9Oyam0RKtbqIccaMd5fVbdtPIVGG4iJio+4z1i20+2fda5g/XTij3gnb3EnNFz
2zTGcf034F7okOtbvOosJ4Z8W0vILxUZ1Hm/ar5JMwIfkk3AUqZdTB5YoJBuBM9T
1S5VoE8EVtluUbdjC/pKz6CJOl9k6QF+r6V5QQ2OunBYvQfVzWjefTm/1Agf4m38
ZGrRF21GsTOL5CVqdq3GZCWh8YU4HtVp/+kr/3NttpWzD8CTYHgYa6vK
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:26:45 2024 by rpki-client on console-ams.rpki-client.org