Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/ysDtIgTzQ3dDVUm6LZ5lmfk4mdg.roa
File: ysDtIgTzQ3dDVUm6LZ5lmfk4mdg.roa (raw, json)
Hash identifier: h/wZLTZLFcPgnEQENsJ8+QgoDi7LZbsqWI+Mr56cBPA=
Subject key identifier: CA:C0:ED:22:04:F3:43:77:43:55:49:BA:2D:9E:65:99:F9:38:99:D8
Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b
Certificate serial: 0191E62103BF4FD57CF6B5BC491A0DA3FEFB
Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/ysDtIgTzQ3dDVUm6LZ5lmfk4mdg.roa
Signing time: Thu 12 Sep 2024 12:06:48 +0000
ROA not before: Thu 12 Sep 2024 12:06:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207990
IP address blocks: 5.62.152.0/21 maxlen: 32
31.14.26.0/24 maxlen: 32
46.102.105.0/24 maxlen: 32
77.81.92.0/22 maxlen: 32
79.139.80.0/23 maxlen: 32
85.217.220.0/23 maxlen: 32
86.105.241.0/24 maxlen: 32
86.106.176.0/23 maxlen: 32
89.32.125.0/24 maxlen: 32
89.37.58.0/24 maxlen: 32
89.38.234.0/24 maxlen: 32
89.40.41.0/24 maxlen: 32
89.40.81.0/24 maxlen: 32
89.40.164.0/23 maxlen: 32
89.47.43.0/24 maxlen: 32
89.104.122.0/23 maxlen: 32
89.223.22.0/23 maxlen: 32
91.92.22.0/23 maxlen: 32
91.92.138.0/24 maxlen: 32
91.92.178.0/23 maxlen: 32
91.92.216.0/23 maxlen: 32
91.92.218.0/24 maxlen: 32
91.192.212.0/22 maxlen: 32
92.114.60.0/22 maxlen: 32
92.114.81.0/24 maxlen: 32
92.114.110.0/24 maxlen: 32
92.255.0.0/24 maxlen: 32
92.255.52.0/24 maxlen: 32
92.255.64.0/24 maxlen: 32
92.255.80.0/24 maxlen: 32
92.255.81.0/24 maxlen: 32
92.255.82.0/24 maxlen: 32
92.255.83.0/24 maxlen: 32
93.113.52.0/23 maxlen: 32
93.114.84.0/24 maxlen: 32
93.115.4.0/23 maxlen: 32
93.115.36.0/24 maxlen: 32
93.119.193.0/24 maxlen: 32
94.139.56.0/22 maxlen: 32
94.139.60.0/23 maxlen: 32
94.139.224.0/20 maxlen: 32
94.176.0.0/23 maxlen: 32
94.176.132.0/23 maxlen: 32
94.176.150.0/24 maxlen: 32
94.177.6.0/23 maxlen: 32
94.177.14.0/23 maxlen: 32
94.177.23.0/24 maxlen: 32
110.238.192.0/19 maxlen: 32
110.239.208.0/22 maxlen: 32
110.239.212.0/22 maxlen: 32
110.239.216.0/21 maxlen: 32
119.12.176.0/20 maxlen: 32
119.12.192.0/21 maxlen: 32
119.12.200.0/21 maxlen: 32
176.126.198.0/23 maxlen: 32
176.126.204.0/24 maxlen: 32
176.223.104.0/22 maxlen: 32
176.223.182.0/23 maxlen: 32
180.149.0.0/20 maxlen: 32
180.149.16.0/20 maxlen: 32
180.235.160.0/20 maxlen: 32
185.66.136.0/22 maxlen: 32
188.94.84.0/22 maxlen: 32
188.208.108.0/24 maxlen: 32
188.208.116.0/24 maxlen: 32
188.210.254.0/24 maxlen: 32
188.211.24.0/23 maxlen: 32
188.211.234.0/24 maxlen: 32
188.212.136.0/21 maxlen: 32
188.214.81.0/24 maxlen: 32
188.215.76.0/23 maxlen: 32
188.240.48.0/23 maxlen: 32
188.241.15.0/24 maxlen: 32
188.241.56.0/23 maxlen: 32
188.241.200.0/21 maxlen: 32
188.241.249.0/24 maxlen: 32
193.56.24.0/23 maxlen: 32
193.56.26.0/23 maxlen: 32
193.142.103.0/24 maxlen: 32
193.200.104.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.mft
rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e6:21:03:bf:4f:d5:7c:f6:b5:bc:49:1a:0d:a3:fe:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b
Validity
Not Before: Sep 12 12:06:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cac0ed2204f34377435549ba2d9e6599f93899d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:cc:c7:a5:38:af:79:5c:31:c9:5f:9f:e7:c9:
69:51:62:26:2c:09:f5:98:35:13:46:81:a6:47:3a:
70:7b:23:26:89:72:00:12:fa:2f:9a:c0:85:c4:f7:
e6:4f:dd:8a:ee:90:2f:2a:38:4f:2e:78:e5:04:a1:
44:94:fc:f6:a3:5d:a5:fb:90:31:d5:ae:98:99:34:
f1:a9:e3:a4:98:d2:3f:e1:15:ed:95:aa:2b:e4:a6:
71:f4:2e:b9:6a:a5:b8:ce:33:5b:dc:0f:c5:1c:a6:
07:59:33:ce:94:1d:20:b8:b8:33:b6:98:1d:cc:1c:
4f:ff:37:c2:12:1b:4c:fe:e6:70:f7:e5:31:d3:da:
8d:05:d4:cd:84:e4:68:3f:71:be:c9:8d:97:fe:5d:
94:3a:38:43:4f:82:d3:da:2b:f3:8a:bd:47:a5:ba:
f5:76:c5:19:68:d0:ae:3e:d8:11:37:e2:d8:d3:18:
39:a5:96:1c:d5:30:2a:ac:0e:f8:ef:fb:57:d5:7a:
4f:14:26:86:fd:8c:5c:07:3e:2b:50:01:a9:5e:5c:
80:5b:65:98:45:31:59:68:c6:55:48:4c:33:a8:81:
53:a2:4b:75:f5:73:de:be:44:4b:e2:7c:fa:e6:c9:
a5:2d:68:6d:14:27:1f:61:d5:8f:c4:c3:0f:d2:ff:
68:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C0:ED:22:04:F3:43:77:43:55:49:BA:2D:9E:65:99:F9:38:99:D8
X509v3 Authority Key Identifier:
keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/ysDtIgTzQ3dDVUm6LZ5lmfk4mdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.152.0/21
31.14.26.0/24
46.102.105.0/24
77.81.92.0/22
79.139.80.0/23
85.217.220.0/23
86.105.241.0/24
86.106.176.0/23
89.32.125.0/24
89.37.58.0/24
89.38.234.0/24
89.40.41.0/24
89.40.81.0/24
89.40.164.0/23
89.47.43.0/24
89.104.122.0/23
89.223.22.0/23
91.92.22.0/23
91.92.138.0/24
91.92.178.0/23
91.92.216.0-91.92.218.255
91.192.212.0/22
92.114.60.0/22
92.114.81.0/24
92.114.110.0/24
92.255.0.0/24
92.255.52.0/24
92.255.64.0/24
92.255.80.0/22
93.113.52.0/23
93.114.84.0/24
93.115.4.0/23
93.115.36.0/24
93.119.193.0/24
94.139.56.0-94.139.61.255
94.139.224.0/20
94.176.0.0/23
94.176.132.0/23
94.176.150.0/24
94.177.6.0/23
94.177.14.0/23
94.177.23.0/24
110.238.192.0/19
110.239.208.0/20
119.12.176.0-119.12.207.255
176.126.198.0/23
176.126.204.0/24
176.223.104.0/22
176.223.182.0/23
180.149.0.0/19
180.235.160.0/20
185.66.136.0/22
188.94.84.0/22
188.208.108.0/24
188.208.116.0/24
188.210.254.0/24
188.211.24.0/23
188.211.234.0/24
188.212.136.0/21
188.214.81.0/24
188.215.76.0/23
188.240.48.0/23
188.241.15.0/24
188.241.56.0/23
188.241.200.0/21
188.241.249.0/24
193.56.24.0/22
193.142.103.0/24
193.200.104.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:71:94:aa:d8:a1:e4:73:65:cf:74:4c:48:dd:95:5c:86:f4:
3f:35:1b:60:31:89:f4:3c:f3:f6:2c:a8:e1:6f:14:28:33:d6:
0c:15:65:6e:34:c9:e0:ca:e6:0b:f4:18:1d:44:16:96:a6:e3:
08:2a:c2:b8:cd:66:51:38:4e:b0:7c:df:0f:fa:ed:f8:c4:33:
94:f6:6b:b1:5a:76:b1:eb:96:ce:44:c7:e7:a8:4a:93:04:a1:
2d:47:7d:12:11:e0:55:b6:95:e1:08:f4:9d:29:5e:88:40:03:
99:fe:36:b3:fe:b6:39:a2:93:5b:fc:29:f8:d1:c7:e8:ed:42:
e6:f9:c7:1a:20:7f:80:eb:79:ec:48:52:37:1c:46:45:85:e6:
0d:02:94:48:6e:3c:61:3e:60:8c:c5:bf:6a:2f:84:d2:04:63:
0d:86:35:65:c4:6e:5b:d1:a5:0e:ff:45:29:03:2a:86:25:8d:
53:ab:a4:94:7c:ff:7b:8c:1d:76:18:08:fe:27:33:e4:13:4e:
7c:14:c7:28:37:17:23:e1:2a:75:e7:5a:95:ef:49:53:10:7f:
7b:5d:bf:e6:47:2f:4b:0d:a3:2c:7d:f4:0e:93:49:a9:17:a6:
14:e8:b8:f1:95:0d:7a:d0:60:f2:4c:83:59:22:82:90:53:11:
c9:f1:66:cb
-----BEGIN CERTIFICATE-----
MIIGtzCCBZ+gAwIBAgISAZHmIQO/T9V89rW8SRoNo/77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl
NzczNWIwHhcNMjQwOTEyMTIwNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWMwZWQyMjA0ZjM0Mzc3NDM1NTQ5YmEyZDllNjU5OWY5Mzg5OWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MzHpTiveVwxyV+f58lpUWImLAn1
mDUTRoGmRzpweyMmiXIAEvovmsCFxPfmT92K7pAvKjhPLnjlBKFElPz2o12l+5Ax
1a6YmTTxqeOkmNI/4RXtlaor5KZx9C65aqW4zjNb3A/FHKYHWTPOlB0guLgztpgd
zBxP/zfCEhtM/uZw9+Ux09qNBdTNhORoP3G+yY2X/l2UOjhDT4LT2ivzir1Hpbr1
dsUZaNCuPtgRN+LY0xg5pZYc1TAqrA747/tX1XpPFCaG/YxcBz4rUAGpXlyAW2WY
RTFZaMZVSEwzqIFTokt19XPevkRL4nz65smlLWhtFCcfYdWPxMMP0v9o6wIDAQAB
o4IDwzCCA78wHQYDVR0OBBYEFMrA7SIE80N3Q1VJui2eZZn5OJnYMB8GA1UdIwQY
MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt
ZWVkZDk0ZWMxMjhjLzEveXNEdElnVHpRM2REVlVtNkxaNWxtZms0bWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj
LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB1wYIKwYBBQUHAQcBAf8EggHGMIIBwjCCAb4EAgABMIIB
tgMEAwU+mAMEAB8OGgMEAC5maQMEAk1RXAMEAU+LUAMEAVXZ3AMEAFZp8QMEAVZq
sAMEAFkgfQMEAFklOgMEAFkm6gMEAFkoKQMEAFkoUQMEAVkopAMEAFkvKwMEAVlo
egMEAVnfFgMEAVtcFgMEAFtcigMEAVtcsjAMAwQDW1zYAwQAW1zaAwQCW8DUAwQC
XHI8AwQAXHJRAwQAXHJuAwQAXP8AAwQAXP80AwQAXP9AAwQCXP9QAwQBXXE0AwQA
XXJUAwQBXXMEAwQAXXMkAwQAXXfBMAwDBANeizgDBAFeizwDBARei+ADBAFesAAD
BAFesIQDBABesJYDBAFesQYDBAFesQ4DBABesRcDBAVu7sADBARu79AwDAMEBHcM
sAMEBHcMwAMEAbB+xgMEALB+zAMEArDfaAMEAbDftgMEBbSVAAMEBLTroAMEArlC
iAMEArxeVAMEALzQbAMEALzQdAMEALzS/gMEAbzTGAMEALzT6gMEA7zUiAMEALzW
UQMEAbzXTAMEAbzwMAMEALzxDwMEAbzxOAMEA7zxyAMEALzx+QMEAsE4GAMEAMGO
ZwMEAcHIaDANBgkqhkiG9w0BAQsFAAOCAQEAb3GUqtih5HNlz3RMSN2VXIb0PzUb
YDGJ9Dzz9iyo4W8UKDPWDBVlbjTJ4MrmC/QYHUQWlqbjCCrCuM1mUThOsHzfD/rt
+MQzlPZrsVp2seuWzkTH56hKkwShLUd9EhHgVbaV4Qj0nSleiEADmf42s/62OaKT
W/wp+NHH6O1C5vnHGiB/gOt57EhSNxxGRYXmDQKUSG48YT5gjMW/ai+E0gRjDYY1
ZcRuW9GlDv9FKQMqhiWNU6uklHz/e4wddhgI/icz5BNOfBTHKDcXI+Eqdedale9J
UxB/e12/5kcvSw2jLH30DpNJqRemFOi48ZUNetBg8kyDWSKCkFMRyfFmyw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:41:46 2024 by rpki-client on console-ams.rpki-client.org