Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/aow0mHspZq0Ze2XXV5ymf47Td7I.roa
File: aow0mHspZq0Ze2XXV5ymf47Td7I.roa (raw, json)
Hash identifier: CN+uxs7pII+RiBmaQzdieedqsTl6usjThDDfL3BVlTU=
Subject key identifier: 6A:8C:34:98:7B:29:66:AD:19:7B:65:D7:57:9C:A6:7F:8E:D3:77:B2
Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Certificate serial: 0192B303173927E33CCD8C52BF53AF716283
Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/aow0mHspZq0Ze2XXV5ymf47Td7I.roa
Signing time: Tue 22 Oct 2024 06:56:17 +0000
ROA not before: Tue 22 Oct 2024 06:56:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16347
IP address blocks: 2.59.144.0/22 maxlen: 22
5.10.128.0/21 maxlen: 21
5.183.248.0/22 maxlen: 22
23.90.192.0/18 maxlen: 18
31.204.80.0/21 maxlen: 21
45.80.252.0/22 maxlen: 22
45.86.96.0/22 maxlen: 22
45.89.76.0/22 maxlen: 22
45.92.180.0/22 maxlen: 22
45.129.216.0/24 maxlen: 24
45.129.217.0/24 maxlen: 24
45.129.218.0/24 maxlen: 24
45.133.68.0/22 maxlen: 22
45.142.108.0/22 maxlen: 22
45.152.16.0/22 maxlen: 22
46.18.120.0/22 maxlen: 22
46.18.124.0/24 maxlen: 24
46.18.125.0/24 maxlen: 24
46.18.126.0/23 maxlen: 23
62.192.156.0/22 maxlen: 22
79.99.160.0/21 maxlen: 21
88.86.224.0/19 maxlen: 19
88.218.12.0/22 maxlen: 22
92.119.232.0/22 maxlen: 22
94.154.4.0/24 maxlen: 24
94.187.128.0/19 maxlen: 19
168.220.128.0/19 maxlen: 19
185.20.16.0/22 maxlen: 22
185.48.252.0/22 maxlen: 22
185.86.88.0/22 maxlen: 22
185.87.100.0/22 maxlen: 22
185.98.116.0/22 maxlen: 22
185.132.64.0/22 maxlen: 22
185.133.80.0/22 maxlen: 22
185.134.156.0/22 maxlen: 22
185.135.176.0/22 maxlen: 22
185.138.116.0/22 maxlen: 22
185.163.136.0/22 maxlen: 22
185.163.212.0/22 maxlen: 22
185.163.220.0/22 maxlen: 22
185.163.228.0/22 maxlen: 22
185.169.156.0/22 maxlen: 22
185.186.88.0/22 maxlen: 22
185.191.36.0/22 maxlen: 22
185.197.108.0/22 maxlen: 22
185.241.140.0/22 maxlen: 22
185.254.8.0/22 maxlen: 22
192.214.192.0/19 maxlen: 19
195.216.140.0/22 maxlen: 22
2a00:41e0::/29 maxlen: 29
2a00:6780::/29 maxlen: 32
2a00:6780::/32 maxlen: 32
2a01:648::/29 maxlen: 29
2a05:b780::/29 maxlen: 29
2a05:c100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:03:17:39:27:e3:3c:cd:8c:52:bf:53:af:71:62:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Validity
Not Before: Oct 22 06:56:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a8c34987b2966ad197b65d7579ca67f8ed377b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:5e:ee:13:e6:4c:98:a1:2b:44:a6:a5:13:07:
6a:27:fd:3b:9d:de:e3:c3:98:9f:67:ff:b3:03:a7:
11:0d:9e:55:c1:d8:ec:e9:7e:6d:1b:30:6c:b1:3e:
58:60:25:44:11:55:de:1c:ef:69:d9:89:3a:76:87:
c6:c6:aa:3f:1f:02:98:b5:65:04:4f:02:5a:7c:49:
7d:b8:9c:a2:e9:f0:15:66:67:d7:7d:1f:1c:f5:de:
c1:cf:8a:ac:bf:1b:16:e1:6c:f2:31:56:e3:2e:76:
16:92:63:3d:dc:ec:32:a5:93:5f:e7:f4:07:a4:35:
51:11:eb:05:7e:00:3a:37:68:eb:bc:4b:56:c7:10:
15:40:c3:0a:d4:70:83:56:15:78:93:ae:91:45:af:
89:00:f1:b7:46:62:7c:a1:f3:31:9d:29:9a:6a:b7:
5b:ca:10:18:b2:1c:10:b0:1e:b1:69:15:5e:8d:fa:
a8:30:2b:03:f9:f6:fb:4e:7b:64:65:34:1f:87:90:
91:dd:53:06:cd:2f:22:02:98:e8:ea:4b:f3:f5:7c:
6b:22:aa:f5:a5:3c:fe:3e:f1:24:d6:40:01:6f:a7:
c8:36:bc:40:5d:4c:86:69:82:92:bd:ff:60:32:3d:
c9:a9:92:e8:ad:07:a6:8b:83:50:dd:76:5d:ae:55:
da:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:8C:34:98:7B:29:66:AD:19:7B:65:D7:57:9C:A6:7F:8E:D3:77:B2
X509v3 Authority Key Identifier:
keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/aow0mHspZq0Ze2XXV5ymf47Td7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.144.0/22
5.10.128.0/21
5.183.248.0/22
23.90.192.0/18
31.204.80.0/21
45.80.252.0/22
45.86.96.0/22
45.89.76.0/22
45.92.180.0/22
45.129.216.0-45.129.218.255
45.133.68.0/22
45.142.108.0/22
45.152.16.0/22
46.18.120.0/21
62.192.156.0/22
79.99.160.0/21
88.86.224.0/19
88.218.12.0/22
92.119.232.0/22
94.154.4.0/24
94.187.128.0/19
168.220.128.0/19
185.20.16.0/22
185.48.252.0/22
185.86.88.0/22
185.87.100.0/22
185.98.116.0/22
185.132.64.0/22
185.133.80.0/22
185.134.156.0/22
185.135.176.0/22
185.138.116.0/22
185.163.136.0/22
185.163.212.0/22
185.163.220.0/22
185.163.228.0/22
185.169.156.0/22
185.186.88.0/22
185.191.36.0/22
185.197.108.0/22
185.241.140.0/22
185.254.8.0/22
192.214.192.0/19
195.216.140.0/22
IPv6:
2a00:41e0::/29
2a00:6780::/29
2a01:648::/29
2a05:b780::/29
2a05:c100::/29
Signature Algorithm: sha256WithRSAEncryption
4b:98:7a:5b:db:43:e7:88:74:f2:be:b7:5e:1a:28:79:df:92:
e4:36:2c:89:0c:7f:6e:02:88:aa:f2:78:5c:99:de:d5:48:a3:
17:ca:bc:af:8d:23:a7:e8:a4:2e:84:0d:61:ec:5a:05:bd:a9:
99:c2:6e:a8:8a:f0:be:74:c0:3a:d8:49:c4:3c:b5:3f:ea:43:
b9:39:f0:fb:d3:99:91:fa:b4:12:c0:cb:16:98:e8:a7:f3:dd:
14:47:fd:51:d9:7b:79:6d:e8:a8:0e:f7:d1:0e:d6:37:b2:be:
b2:08:a9:5a:e3:29:7f:bb:ee:80:ad:d0:c8:68:f2:3b:fd:b3:
28:36:5f:10:33:c8:50:95:9a:aa:1e:34:41:85:a2:56:f2:38:
12:f2:e9:ad:d1:e8:86:f5:72:e8:97:eb:c4:18:ab:0f:cf:43:
82:fb:1a:68:2d:3a:1d:07:41:f5:04:d8:de:08:f4:21:13:d4:
8d:b6:c1:cb:44:75:17:92:b3:45:96:3b:15:cd:11:c3:5c:75:
04:0a:86:e1:31:bf:a4:69:85:b9:87:c3:4f:b1:03:8d:8c:b8:
96:f2:12:14:4e:39:00:39:53:f4:05:1c:57:c3:47:7d:f2:a7:
89:99:e9:46:41:6e:89:05:e3:36:07:df:ea:52:9b:75:ee:9b:
39:9f:3e:58
-----BEGIN CERTIFICATE-----
MIIGPDCCBSSgAwIBAgISAZKzAxc5J+M8zYxSv1OvcWKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZDk5MDEzMTQ2N2I3N2QxMTE2MmI3OWZiZTNiMDZjYThh
YjJkMzkwHhcNMjQxMDIyMDY1NjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YThjMzQ5ODdiMjk2NmFkMTk3YjY1ZDc1NzljYTY3ZjhlZDM3N2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyF7uE+ZMmKErRKalEwdqJ/07nd7j
w5ifZ/+zA6cRDZ5Vwdjs6X5tGzBssT5YYCVEEVXeHO9p2Yk6dofGxqo/HwKYtWUE
TwJafEl9uJyi6fAVZmfXfR8c9d7Bz4qsvxsW4WzyMVbjLnYWkmM93OwypZNf5/QH
pDVREesFfgA6N2jrvEtWxxAVQMMK1HCDVhV4k66RRa+JAPG3RmJ8ofMxnSmaardb
yhAYshwQsB6xaRVejfqoMCsD+fb7TntkZTQfh5CR3VMGzS8iApjo6kvz9XxrIqr1
pTz+PvEk1kABb6fINrxAXUyGaYKSvf9gMj3JqZLorQemi4NQ3XZdrlXaKwIDAQAB
o4IDSDCCA0QwHQYDVR0OBBYEFGqMNJh7KWatGXtl11ecpn+O03eyMB8GA1UdIwQY
MBaAFIfZkBMUZ7d9ERYrefvjsGyoqy05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMt
YjhlOGIzNGRiMjkwLzEvYW93MG1Ic3BacTBaZTJYWFY1eW1mNDdUZDdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMtYjhlOGIzNGRiMjkw
LzEvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXAYIKwYBBQUHAQcBAf8EggFLMIIBRzCCARgEAgABMIIB
EAMEAgI7kAMEAwUKgAMEAgW3+AMEBhdawAMEAx/MUAMEAi1Q/AMEAi1WYAMEAi1Z
TAMEAi1ctDAMAwQDLYHYAwQALYHaAwQCLYVEAwQCLY5sAwQCLZgQAwQDLhJ4AwQC
PsCcAwQDT2OgAwQFWFbgAwQCWNoMAwQCXHfoAwQAXpoEAwQFXruAAwQFqNyAAwQC
uRQQAwQCuTD8AwQCuVZYAwQCuVdkAwQCuWJ0AwQCuYRAAwQCuYVQAwQCuYacAwQC
uYewAwQCuYp0AwQCuaOIAwQCuaPUAwQCuaPcAwQCuaPkAwQCuamcAwQCubpYAwQC
ub8kAwQCucVsAwQCufGMAwQCuf4IAwQFwNbAAwQCw9iMMCkEAgACMCMDBQMqAEHg
AwUDKgBngAMFAyoBBkgDBQMqBbeAAwUDKgXBADANBgkqhkiG9w0BAQsFAAOCAQEA
S5h6W9tD54h08r63Xhooed+S5DYsiQx/bgKIqvJ4XJne1UijF8q8r40jp+ikLoQN
YexaBb2pmcJuqIrwvnTAOthJxDy1P+pDuTnw+9OZkfq0EsDLFpjop/PdFEf9Udl7
eW3oqA730Q7WN7K+sgipWuMpf7vugK3QyGjyO/2zKDZfEDPIUJWaqh40QYWiVvI4
EvLprdHohvVy6JfrxBirD89DgvsaaC06HQdB9QTY3gj0IRPUjbbBy0R1F5KzRZY7
Fc0Rw1x1BAqG4TG/pGmFuYfDT7EDjYy4lvISFE45ADlT9AUcV8NHffKniZnpRkFu
iQXjNgff6lKbde6bOZ8+WA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:47:30 2024 by rpki-client on console-fra.rpki-client.org