Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/bHl4v7LeKG8KtEpoFBzbw9fqjLw.roa
File: bHl4v7LeKG8KtEpoFBzbw9fqjLw.roa (raw, json)
Hash identifier: AfgH3XNvmn1+1PNzL9YI7m3YThY/se/sB+1JTn1ALbI=
Subject key identifier: 6C:79:78:BF:B2:DE:28:6F:0A:B4:4A:68:14:1C:DB:C3:D7:EA:8C:BC
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01915BAFA39DC47842440EA9E21EDF76143F
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/bHl4v7LeKG8KtEpoFBzbw9fqjLw.roa
Signing time: Fri 16 Aug 2024 14:55:22 +0000
ROA not before: Fri 16 Aug 2024 14:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200845
IP address blocks: 2.59.192.0/22 maxlen: 22
2.59.192.0/23 maxlen: 23
2.59.192.0/24 maxlen: 24
2.59.193.0/24 maxlen: 24
2.59.194.0/23 maxlen: 23
2.59.194.0/24 maxlen: 24
2.59.195.0/24 maxlen: 24
31.15.0.0/22 maxlen: 22
31.15.0.0/23 maxlen: 23
31.15.0.0/24 maxlen: 24
31.15.1.0/24 maxlen: 24
31.15.2.0/23 maxlen: 23
31.15.2.0/24 maxlen: 24
31.15.3.0/24 maxlen: 25
31.15.4.0/24 maxlen: 24
31.15.5.0/24 maxlen: 24
31.15.6.0/24 maxlen: 24
31.15.7.0/24 maxlen: 24
45.81.104.0/22 maxlen: 22
45.81.104.0/23 maxlen: 23
45.81.104.0/24 maxlen: 24
45.81.105.0/24 maxlen: 24
45.81.106.0/23 maxlen: 23
45.81.106.0/24 maxlen: 24
45.81.107.0/24 maxlen: 24
45.81.124.0/22 maxlen: 22
45.81.124.0/23 maxlen: 23
45.81.124.0/24 maxlen: 24
45.81.125.0/24 maxlen: 24
45.81.126.0/23 maxlen: 23
45.81.126.0/24 maxlen: 24
45.81.127.0/24 maxlen: 24
45.133.60.0/22 maxlen: 22
45.133.60.0/23 maxlen: 23
45.133.60.0/24 maxlen: 24
45.133.61.0/24 maxlen: 24
45.133.62.0/23 maxlen: 23
45.133.62.0/24 maxlen: 24
45.133.63.0/24 maxlen: 24
45.137.12.0/23 maxlen: 23
45.137.12.0/24 maxlen: 24
45.137.13.0/24 maxlen: 24
45.145.132.0/22 maxlen: 22
45.145.132.0/23 maxlen: 23
45.145.132.0/24 maxlen: 24
45.145.133.0/24 maxlen: 24
45.145.134.0/23 maxlen: 23
45.145.134.0/24 maxlen: 24
45.145.135.0/24 maxlen: 24
45.150.84.0/22 maxlen: 22
45.150.84.0/23 maxlen: 23
45.150.84.0/24 maxlen: 24
45.150.85.0/24 maxlen: 24
45.150.86.0/23 maxlen: 23
45.150.86.0/24 maxlen: 24
45.150.87.0/24 maxlen: 24
45.152.140.0/22 maxlen: 22
45.152.140.0/23 maxlen: 23
45.152.140.0/24 maxlen: 24
45.152.141.0/24 maxlen: 24
45.152.142.0/23 maxlen: 23
45.152.142.0/24 maxlen: 24
45.152.143.0/24 maxlen: 24
45.155.56.0/22 maxlen: 22
45.155.56.0/23 maxlen: 23
45.155.56.0/24 maxlen: 24
45.155.57.0/24 maxlen: 24
45.155.58.0/23 maxlen: 23
45.155.58.0/24 maxlen: 24
45.155.59.0/24 maxlen: 24
89.190.152.0/22 maxlen: 22
89.190.152.0/24 maxlen: 24
89.190.153.0/24 maxlen: 24
89.190.154.0/24 maxlen: 24
89.190.155.0/24 maxlen: 24
92.118.180.0/22 maxlen: 22
92.118.180.0/23 maxlen: 23
92.118.180.0/24 maxlen: 24
92.118.181.0/24 maxlen: 24
92.118.182.0/23 maxlen: 23
92.118.182.0/24 maxlen: 24
92.118.183.0/24 maxlen: 24
178.19.40.0/22 maxlen: 22
178.19.40.0/24 maxlen: 24
178.19.41.0/24 maxlen: 24
178.19.42.0/24 maxlen: 24
178.19.43.0/24 maxlen: 24
185.28.51.0/24 maxlen: 24
185.225.244.0/22 maxlen: 22
185.225.244.0/24 maxlen: 24
185.225.245.0/24 maxlen: 24
185.225.246.0/24 maxlen: 24
185.225.247.0/24 maxlen: 24
185.229.216.0/22 maxlen: 22
185.229.216.0/23 maxlen: 23
185.229.217.0/24 maxlen: 24
185.229.218.0/23 maxlen: 23
185.229.219.0/24 maxlen: 24
185.231.186.0/24 maxlen: 24
185.231.187.0/24 maxlen: 24
185.244.228.0/23 maxlen: 23
185.244.228.0/24 maxlen: 24
185.244.229.0/24 maxlen: 24
185.244.230.0/24 maxlen: 24
185.244.231.0/24 maxlen: 24
185.246.12.0/23 maxlen: 23
185.246.12.0/24 maxlen: 24
185.246.13.0/24 maxlen: 24
185.246.14.0/24 maxlen: 24
185.246.15.0/24 maxlen: 24
194.31.104.0/22 maxlen: 22
194.31.104.0/23 maxlen: 23
194.31.104.0/24 maxlen: 24
194.31.105.0/24 maxlen: 24
194.31.106.0/23 maxlen: 23
194.31.106.0/24 maxlen: 24
194.31.107.0/24 maxlen: 24
194.32.112.0/22 maxlen: 22
194.32.112.0/24 maxlen: 24
194.32.113.0/24 maxlen: 24
194.32.114.0/24 maxlen: 24
194.32.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5b:af:a3:9d:c4:78:42:44:0e:a9:e2:1e:df:76:14:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Aug 16 14:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c7978bfb2de286f0ab44a68141cdbc3d7ea8cbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:13:ed:06:3e:db:d9:0b:bf:23:6a:5d:1c:79:
97:21:bf:34:1c:31:f0:c1:6b:65:d0:81:e0:01:a2:
3d:5c:f7:37:b6:a0:f7:c3:b6:13:39:9e:54:dd:21:
91:39:dd:82:ba:98:c2:bb:94:68:75:84:4e:d1:5f:
c3:f0:1e:37:f6:b7:15:cf:25:dd:e0:4f:c8:1f:e0:
cb:86:fb:f6:e8:bd:a1:b4:0a:05:86:d6:85:15:42:
17:a0:74:1e:10:9b:f6:52:55:a2:df:4d:1a:c8:c6:
ad:f7:d5:ac:26:62:86:5d:6c:88:21:88:e6:f5:a9:
6f:0a:b6:2c:91:8b:17:f1:6d:58:fa:94:97:19:ff:
53:a0:64:36:91:69:fe:da:8b:7d:5c:f6:af:70:b4:
19:a4:75:a4:52:0d:60:0f:1d:ab:1b:db:73:71:66:
0d:d6:08:c2:5a:93:d0:43:4e:30:4a:39:37:ae:82:
45:93:36:7b:f5:30:49:2a:fa:80:00:2f:f7:57:7b:
5e:f2:2b:d2:1a:47:38:8e:8b:38:da:ff:9d:70:c4:
d1:f3:aa:05:8f:24:86:f7:ca:3c:99:0a:3a:76:f4:
d4:d6:f5:2f:14:8d:13:65:e9:35:22:bd:74:67:65:
57:40:32:79:91:18:c2:c0:34:d5:51:38:a9:b4:62:
bb:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:79:78:BF:B2:DE:28:6F:0A:B4:4A:68:14:1C:DB:C3:D7:EA:8C:BC
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/bHl4v7LeKG8KtEpoFBzbw9fqjLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.192.0/22
31.15.0.0/21
45.81.104.0/22
45.81.124.0/22
45.133.60.0/22
45.137.12.0/23
45.145.132.0/22
45.150.84.0/22
45.152.140.0/22
45.155.56.0/22
89.190.152.0/22
92.118.180.0/22
178.19.40.0/22
185.28.51.0/24
185.225.244.0/22
185.229.216.0/22
185.231.186.0/23
185.244.228.0/22
185.246.12.0/22
194.31.104.0/22
194.32.112.0/22
Signature Algorithm: sha256WithRSAEncryption
57:43:06:48:b9:9b:a9:aa:3a:ef:8a:f0:f8:58:ae:88:d5:f3:
cb:13:20:bf:8c:88:e4:4b:a8:b9:25:13:73:39:7e:a1:69:f8:
7f:99:14:d2:4c:d6:44:53:bb:e5:e5:dd:23:98:f5:da:59:b7:
80:60:c8:8a:d7:75:36:8e:5d:9a:d2:c3:81:cf:c2:4b:fd:4d:
84:ea:1f:83:f4:53:a0:1d:f1:0e:5f:4c:a9:50:f9:76:e8:b5:
2e:aa:d5:49:b4:56:d1:55:b4:ce:84:9c:e3:9b:ca:50:86:6f:
b4:87:5f:d6:81:68:c8:0d:15:55:77:fa:4f:e0:58:76:bf:87:
9d:9b:64:ec:47:fb:3c:cb:6f:9a:73:80:32:24:79:fd:14:d9:
10:b2:f5:7f:a0:6c:60:76:59:fe:e0:aa:ab:11:ec:db:db:78:
21:0f:58:7d:2d:e1:56:d0:da:ea:dc:85:71:a4:8a:53:1b:68:
b9:2e:c2:2d:37:a6:f0:40:86:f9:6d:86:e3:dc:0c:02:8a:6e:
8a:18:e9:09:2f:69:3b:ad:f1:76:4f:ec:e0:c2:24:76:56:0c:
ff:69:86:b1:b2:42:42:9e:1c:93:fa:7b:24:7e:91:b9:78:e8:
6c:54:70:16:31:a5:94:68:66:da:bc:59:db:39:b1:4e:18:35:
54:71:c3:ce
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZFbr6OdxHhCRA6p4h7fdhQ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwODE2MTQ1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzc5NzhiZmIyZGUyODZmMGFiNDRhNjgxNDFjZGJjM2Q3ZWE4Y2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRPtBj7b2Qu/I2pdHHmXIb80HDHw
wWtl0IHgAaI9XPc3tqD3w7YTOZ5U3SGROd2CupjCu5RodYRO0V/D8B439rcVzyXd
4E/IH+DLhvv26L2htAoFhtaFFUIXoHQeEJv2UlWi300ayMat99WsJmKGXWyIIYjm
9alvCrYskYsX8W1Y+pSXGf9ToGQ2kWn+2ot9XPavcLQZpHWkUg1gDx2rG9tzcWYN
1gjCWpPQQ04wSjk3roJFkzZ79TBJKvqAAC/3V3te8ivSGkc4jos42v+dcMTR86oF
jySG98o8mQo6dvTU1vUvFI0TZek1Ir10Z2VXQDJ5kRjCwDTVUTiptGK7PwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFGx5eL+y3ihvCrRKaBQc28PX6oy8MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvYkhsNHY3TGVLRzhLdEVwb0ZCemJ3OWZxakx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAgI7
wAMEAx8PAAMEAi1RaAMEAi1RfAMEAi2FPAMEAS2JDAMEAi2RhAMEAi2WVAMEAi2Y
jAMEAi2bOAMEAlm+mAMEAlx2tAMEArITKAMEALkcMwMEArnh9AMEArnl2AMEAbnn
ugMEArn05AMEArn2DAMEAsIfaAMEAsIgcDANBgkqhkiG9w0BAQsFAAOCAQEAV0MG
SLmbqao674rw+FiuiNXzyxMgv4yI5EuouSUTczl+oWn4f5kU0kzWRFO75eXdI5j1
2lm3gGDIitd1No5dmtLDgc/CS/1NhOofg/RToB3xDl9MqVD5dui1LqrVSbRW0VW0
zoSc45vKUIZvtIdf1oFoyA0VVXf6T+BYdr+HnZtk7Ef7PMtvmnOAMiR5/RTZELL1
f6BsYHZZ/uCqqxHs29t4IQ9YfS3hVtDa6tyFcaSKUxtouS7CLTem8ECG+W2G49wM
AopuihjpCS9pO63xdk/s4MIkdlYM/2mGsbJCQp4ck/p7JH6RuXjobFRwFjGllGhm
2rxZ2zmxThg1VHHDzg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:53:09 2024 by rpki-client on console-fra.rpki-client.org