Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/10393d-a030-4af5-8995-8f2d6684c814/1/aY0cs2rDsOLqJyRgMXQYDEbetqM.roa
File: aY0cs2rDsOLqJyRgMXQYDEbetqM.roa (raw, json)
Hash identifier: KOYU0gL7zq95XDwWIA7Z8WV6VyYzmFMUk90etZd/zMo=
Subject key identifier: 69:8D:1C:B3:6A:C3:B0:E2:EA:27:24:60:31:74:18:0C:46:DE:B6:A3
Certificate issuer: /CN=1c864813c0862e6b4756f8dfda8957c6aeac6654
Certificate serial: 018CC94CFE622DABD9556883895F3C084A1F
Authority key identifier: 1C:86:48:13:C0:86:2E:6B:47:56:F8:DF:DA:89:57:C6:AE:AC:66:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HIZIE8CGLmtHVvjf2olXxq6sZlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/10393d-a030-4af5-8995-8f2d6684c814/1/aY0cs2rDsOLqJyRgMXQYDEbetqM.roa
Signing time: Tue 02 Jan 2024 08:31:55 +0000
ROA not before: Tue 02 Jan 2024 08:31:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 81.201.124.0/22 maxlen: 22
81.29.192.0/19 maxlen: 19
81.29.208.0/20 maxlen: 20
81.201.96.0/22 maxlen: 22
89.107.16.0/21 maxlen: 21
81.201.100.0/23 maxlen: 23
81.201.104.0/24 maxlen: 24
81.201.112.0/22 maxlen: 22
81.201.108.0/22 maxlen: 22
81.201.118.0/23 maxlen: 23
88.80.160.0/20 maxlen: 20
88.80.176.0/21 maxlen: 21
85.90.224.0/20 maxlen: 20
217.20.32.0/21 maxlen: 21
217.20.32.0/20 maxlen: 20
217.20.44.0/22 maxlen: 22
217.20.40.0/23 maxlen: 23
217.20.42.0/23 maxlen: 23
85.90.240.0/22 maxlen: 22
212.111.32.0/21 maxlen: 21
217.117.144.0/20 maxlen: 20
80.252.80.0/20 maxlen: 20
87.237.184.0/21 maxlen: 21
213.52.132.0/22 maxlen: 22
213.52.136.0/21 maxlen: 21
213.52.144.0/20 maxlen: 20
213.52.160.0/20 maxlen: 20
213.52.172.0/22 maxlen: 22
213.52.176.0/22 maxlen: 22
213.52.180.0/23 maxlen: 23
213.52.184.0/22 maxlen: 22
213.52.190.0/23 maxlen: 23
213.52.188.0/23 maxlen: 23
213.52.192.0/18 maxlen: 18
188.95.96.0/21 maxlen: 21
80.85.80.0/23 maxlen: 23
80.85.82.0/23 maxlen: 23
80.85.88.0/21 maxlen: 21
212.71.224.0/21 maxlen: 21
212.71.240.0/22 maxlen: 22
80.85.64.0/20 maxlen: 20
109.237.16.0/21 maxlen: 21
62.216.224.0/21 maxlen: 21
109.237.28.0/24 maxlen: 24
85.233.192.0/19 maxlen: 19
62.216.233.0/24 maxlen: 24
62.216.236.0/22 maxlen: 22
85.233.196.0/24 maxlen: 24
62.216.234.0/23 maxlen: 23
85.233.194.0/24 maxlen: 24
62.216.244.0/22 maxlen: 22
85.233.205.0/24 maxlen: 24
62.216.246.0/24 maxlen: 24
62.216.240.0/20 maxlen: 20
213.219.40.0/21 maxlen: 21
213.219.48.0/20 maxlen: 20
62.209.32.0/19 maxlen: 19
212.111.44.0/22 maxlen: 22
85.90.248.0/21 maxlen: 21
212.111.48.0/20 maxlen: 20
85.90.252.0/22 maxlen: 22
213.219.0.0/19 maxlen: 19
217.114.160.0/20 maxlen: 20
87.252.192.0/20 maxlen: 20
213.219.32.0/22 maxlen: 22
87.252.208.0/20 maxlen: 20
217.68.16.0/20 maxlen: 20
217.68.16.0/22 maxlen: 22
217.68.24.0/21 maxlen: 21
217.68.20.0/22 maxlen: 22
89.21.0.0/19 maxlen: 19
213.168.224.0/20 maxlen: 20
82.199.64.0/19 maxlen: 19
213.168.240.0/21 maxlen: 21
213.168.252.0/22 maxlen: 22
2a02:170::/32 maxlen: 32
2001:4d78:f200::/40 maxlen: 40
2001:4d78::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/10393d-a030-4af5-8995-8f2d6684c814/1/HIZIE8CGLmtHVvjf2olXxq6sZlQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/10393d-a030-4af5-8995-8f2d6684c814/1/HIZIE8CGLmtHVvjf2olXxq6sZlQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HIZIE8CGLmtHVvjf2olXxq6sZlQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:fe:62:2d:ab:d9:55:68:83:89:5f:3c:08:4a:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c864813c0862e6b4756f8dfda8957c6aeac6654
Validity
Not Before: Jan 2 08:31:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=698d1cb36ac3b0e2ea2724603174180c46deb6a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4e:b8:4d:73:55:09:a3:2e:14:5c:78:20:f3:
6a:a1:d7:79:af:68:74:6d:46:72:c8:f9:fd:8c:09:
64:7b:86:85:4e:f9:00:00:e5:87:11:19:c3:1f:50:
d9:7b:82:35:9e:24:16:d2:0b:50:5b:a7:53:ae:99:
42:0a:9a:df:73:fc:05:b9:03:f8:44:9e:72:1b:ca:
57:7c:c4:0f:80:ca:9b:c7:9b:d0:4c:78:56:25:40:
87:04:02:47:c7:37:a5:9d:9b:bc:1a:9a:be:45:ce:
e3:23:5c:51:3f:dc:d1:01:b1:1d:ce:46:b6:10:76:
d2:77:6e:18:c1:f3:ce:0a:2a:81:29:8f:6a:d6:64:
ed:ae:a3:db:34:f2:85:53:36:e2:4a:d7:8f:12:fc:
d8:4e:6c:8e:62:9b:44:ad:41:6d:05:86:8e:ea:53:
72:f6:62:55:ab:5d:e3:bb:0c:7e:15:b8:3d:24:f7:
4e:79:ab:fa:b6:34:8f:10:5e:38:28:cc:58:bf:24:
25:75:93:9a:e8:ec:4b:57:c0:51:84:00:ef:91:e8:
b0:3c:42:84:33:bf:69:30:f5:cb:6c:61:2b:8e:ea:
9a:e7:fa:3b:0b:3d:17:ac:6c:09:ed:1d:07:ea:ac:
ab:b4:fe:bd:a6:22:c8:ec:79:dd:ae:27:50:f9:cf:
1b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:8D:1C:B3:6A:C3:B0:E2:EA:27:24:60:31:74:18:0C:46:DE:B6:A3
X509v3 Authority Key Identifier:
keyid:1C:86:48:13:C0:86:2E:6B:47:56:F8:DF:DA:89:57:C6:AE:AC:66:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HIZIE8CGLmtHVvjf2olXxq6sZlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/10393d-a030-4af5-8995-8f2d6684c814/1/aY0cs2rDsOLqJyRgMXQYDEbetqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/10393d-a030-4af5-8995-8f2d6684c814/1/HIZIE8CGLmtHVvjf2olXxq6sZlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.209.32.0/19
62.216.224.0/21
62.216.233.0-62.216.255.255
80.85.64.0-80.85.83.255
80.85.88.0/21
80.252.80.0/20
81.29.192.0/19
81.201.96.0-81.201.101.255
81.201.104.0/24
81.201.108.0-81.201.115.255
81.201.118.0/23
81.201.124.0/22
82.199.64.0/19
85.90.224.0-85.90.243.255
85.90.248.0/21
85.233.192.0/19
87.237.184.0/21
87.252.192.0/19
88.80.160.0-88.80.183.255
89.21.0.0/19
89.107.16.0/21
109.237.16.0/21
109.237.28.0/24
188.95.96.0/21
212.71.224.0/21
212.71.240.0/22
212.111.32.0/21
212.111.44.0-212.111.63.255
213.52.132.0-213.52.181.255
213.52.184.0-213.52.255.255
213.168.224.0-213.168.247.255
213.168.252.0/22
213.219.0.0-213.219.35.255
213.219.40.0-213.219.63.255
217.20.32.0/20
217.68.16.0/20
217.114.160.0/20
217.117.144.0/20
IPv6:
2001:4d78::/32
2a02:170::/32
Signature Algorithm: sha256WithRSAEncryption
25:97:d8:cd:84:0f:4b:c1:96:7a:df:d5:bb:11:79:e0:43:6a:
16:10:6c:c8:3f:14:19:c2:7e:f0:4b:b8:b6:45:83:31:b8:f2:
ee:59:57:30:0e:23:ba:cd:60:be:26:d7:44:15:94:33:fc:b4:
7e:04:bc:ac:57:f2:a9:36:c9:c4:7a:34:36:4b:e2:77:c0:d9:
76:be:a4:9a:6b:c6:4b:94:18:13:a5:79:1c:77:35:b7:a3:05:
e3:8d:e1:c3:a2:79:5a:57:83:d0:70:98:ff:e8:d4:fb:3a:5f:
a6:15:db:e0:ab:8e:7a:c3:14:ff:bf:af:f7:4d:bc:d2:42:8a:
c1:1e:f1:10:66:43:f0:da:23:ec:26:3c:8d:07:61:61:e7:87:
09:8b:9e:d0:2c:f6:e2:6b:52:6d:84:2e:1d:d4:b1:96:b1:8b:
12:33:bf:d1:a9:cf:15:e2:0e:b6:62:7f:bb:32:d5:f1:b1:16:
63:3e:f3:4d:f2:cc:ce:55:05:40:48:89:84:45:e6:88:c9:23:
9a:cc:37:9d:a9:59:64:d6:e1:b9:dd:64:a4:7b:e5:fb:1e:a2:
84:db:4d:46:5e:f6:6d:53:65:07:1e:17:d4:86:2f:a9:3f:e9:
71:72:54:a4:63:85:a9:f5:1a:1d:1e:f1:60:0b:b7:ea:57:28:
3d:c1:ae:08
-----BEGIN CERTIFICATE-----
MIIGWDCCBUCgAwIBAgISAYzJTP5iLavZVWiDiV88CEofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjODY0ODEzYzA4NjJlNmI0NzU2ZjhkZmRhODk1N2M2YWVh
YzY2NTQwHhcNMjQwMTAyMDgzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OThkMWNiMzZhYzNiMGUyZWEyNzI0NjAzMTc0MTgwYzQ2ZGViNmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiE64TXNVCaMuFFx4IPNqodd5r2h0
bUZyyPn9jAlke4aFTvkAAOWHERnDH1DZe4I1niQW0gtQW6dTrplCCprfc/wFuQP4
RJ5yG8pXfMQPgMqbx5vQTHhWJUCHBAJHxzelnZu8Gpq+Rc7jI1xRP9zRAbEdzka2
EHbSd24YwfPOCiqBKY9q1mTtrqPbNPKFUzbiStePEvzYTmyOYptErUFtBYaO6lNy
9mJVq13juwx+Fbg9JPdOeav6tjSPEF44KMxYvyQldZOa6OxLV8BRhADvkeiwPEKE
M79pMPXLbGErjuqa5/o7Cz0XrGwJ7R0H6qyrtP69piLI7HndridQ+c8boQIDAQAB
o4IDZDCCA2AwHQYDVR0OBBYEFGmNHLNqw7Di6ickYDF0GAxG3rajMB8GA1UdIwQY
MBaAFByGSBPAhi5rR1b439qJV8aurGZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSElaSUU4Q0dMbXRIVnZqZjJvbFh4cTZzWmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xMDM5M2QtYTAzMC00YWY1LTg5OTUt
OGYyZDY2ODRjODE0LzEvYVkwY3MyckRzT0xxSnlSZ01YUVlERWJldHFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xMDM5M2QtYTAzMC00YWY1LTg5OTUtOGYyZDY2ODRjODE0
LzEvSElaSUU4Q0dMbXRIVnZqZjJvbFh4cTZzWmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBeAYIKwYBBQUHAQcBAf8EggFnMIIBYzCCAUkEAgABMIIB
QQMEBT7RIAMEAz7Y4DALAwQAPtjpAwMAPtgwDAMEBlBVQAMEAlBVUAMEA1BVWAME
BFD8UAMEBVEdwDAMAwQFUclgAwQBUclkAwQAUcloMAwDBAJRyWwDBAJRyXADBAFR
yXYDBAJRyXwDBAVSx0AwDAMEBVVa4AMEAlVa8AMEA1Va+AMEBVXpwAMEA1ftuAME
BVf8wDAMAwQFWFCgAwQDWFCwAwQFWRUAAwQDWWsQAwQDbe0QAwQAbe0cAwQDvF9g
AwQD1EfgAwQC1EfwAwQD1G8gMAwDBALUbywDBAbUbwAwDAMEAtU0hAMEAdU0tDAL
AwQD1TS4AwMA1TQwDAMEBdWo4AMEA9Wo8AMEAtWo/DALAwMA1dsDBALV2yAwDAME
A9XbKAMEBtXbAAMEBNkUIAMEBNlEEAMEBNlyoAMEBNl1kDAUBAIAAjAOAwUAIAFN
eAMFACoCAXAwDQYJKoZIhvcNAQELBQADggEBACWX2M2ED0vBlnrf1bsReeBDahYQ
bMg/FBnCfvBLuLZFgzG48u5ZVzAOI7rNYL4m10QVlDP8tH4EvKxX8qk2ycR6NDZL
4nfA2Xa+pJprxkuUGBOleRx3NbejBeON4cOieVpXg9BwmP/o1Ps6X6YV2+CrjnrD
FP+/r/dNvNJCisEe8RBmQ/DaI+wmPI0HYWHnhwmLntAs9uJrUm2ELh3UsZaxixIz
v9GpzxXiDrZif7sy1fGxFmM+803yzM5VBUBIiYRF5ojJI5rMN52pWWTW4bndZKR7
5fseooTbTUZe9m1TZQceF9SGL6k/6XFyVKRjhan1Gh0e8WALt+pXKD3Brgg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:13:36 2024 by rpki-client on console-ams.rpki-client.org