Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/bTtG97T7KE8UtfGUei5NS6LvYsA.roa
File: bTtG97T7KE8UtfGUei5NS6LvYsA.roa (raw, json)
Hash identifier: JyoQ6Kk3uEWlNacgnwIKdhV5S6WPM74VTeq1LrfAKp8=
Subject key identifier: 6D:3B:46:F7:B4:FB:28:4F:14:B5:F1:94:7A:2E:4D:4B:A2:EF:62:C0
Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Certificate serial: 018CC26CF2B83D8D1278453B6592E8055039
Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/bTtG97T7KE8UtfGUei5NS6LvYsA.roa
Signing time: Mon 01 Jan 2024 00:29:29 +0000
ROA not before: Mon 01 Jan 2024 00:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16347
IP address blocks: 192.214.192.0/19 maxlen: 19
23.90.192.0/18 maxlen: 18
185.87.100.0/22 maxlen: 22
185.20.16.0/22 maxlen: 22
185.134.156.0/22 maxlen: 22
45.133.68.0/22 maxlen: 22
185.133.80.0/22 maxlen: 22
79.99.160.0/21 maxlen: 21
92.119.232.0/22 maxlen: 22
185.197.108.0/22 maxlen: 22
5.183.248.0/22 maxlen: 22
45.89.76.0/22 maxlen: 22
45.92.180.0/22 maxlen: 22
185.48.252.0/22 maxlen: 22
45.129.218.0/24 maxlen: 24
45.129.217.0/24 maxlen: 24
185.163.136.0/22 maxlen: 22
45.129.216.0/24 maxlen: 24
185.241.140.0/22 maxlen: 22
94.154.4.0/24 maxlen: 24
88.218.12.0/22 maxlen: 22
185.191.36.0/22 maxlen: 22
185.163.212.0/22 maxlen: 22
185.86.88.0/22 maxlen: 22
45.86.96.0/22 maxlen: 22
185.163.220.0/22 maxlen: 22
31.204.80.0/21 maxlen: 21
185.163.228.0/22 maxlen: 22
94.187.128.0/19 maxlen: 19
2.59.144.0/22 maxlen: 22
185.186.88.0/22 maxlen: 22
185.169.156.0/22 maxlen: 22
185.132.64.0/22 maxlen: 22
45.142.108.0/22 maxlen: 22
185.135.176.0/22 maxlen: 22
195.216.140.0/22 maxlen: 22
168.220.128.0/19 maxlen: 19
46.18.120.0/22 maxlen: 22
46.18.124.0/24 maxlen: 24
46.18.125.0/24 maxlen: 24
46.18.126.0/23 maxlen: 23
185.254.8.0/22 maxlen: 22
185.138.116.0/22 maxlen: 22
5.10.128.0/21 maxlen: 21
45.80.252.0/22 maxlen: 22
185.98.116.0/22 maxlen: 22
45.152.16.0/22 maxlen: 22
62.192.156.0/22 maxlen: 22
2a00:41e0::/29 maxlen: 29
2a05:b780::/29 maxlen: 29
2a01:648::/29 maxlen: 29
2a00:6780::/29 maxlen: 29
2a05:c100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f2:b8:3d:8d:12:78:45:3b:65:92:e8:05:50:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Validity
Not Before: Jan 1 00:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d3b46f7b4fb284f14b5f1947a2e4d4ba2ef62c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:03:7a:4c:17:53:b3:3a:06:00:7d:ac:bf:4c:
37:7c:b8:62:14:28:a5:08:76:03:be:19:b3:8a:25:
24:dc:c5:1a:fb:61:c3:d0:a0:2f:11:00:0c:b2:09:
25:90:49:82:27:e0:6c:02:3a:93:49:82:b5:7c:db:
56:01:c9:76:b4:d7:71:19:83:11:7d:f2:3b:81:2d:
f8:1a:6c:f2:e9:dd:8c:be:39:9b:95:e7:86:84:d0:
d0:d5:f6:5d:c3:93:dd:32:a2:16:8c:48:cb:82:94:
29:fc:d1:2f:52:2c:1f:d5:d1:05:37:67:9e:87:1c:
43:87:4b:63:b9:cd:ad:dc:84:90:d5:27:e2:50:5d:
a5:ed:e3:2b:9b:98:2e:b0:fa:1e:02:14:36:10:a0:
cf:85:5c:7b:ab:75:1e:53:4c:d7:92:23:0b:e6:f4:
23:15:ea:58:65:ff:be:aa:7e:ea:61:e7:ff:38:2f:
7c:fe:5e:a0:bc:17:6c:bd:66:e2:02:4d:dd:f8:a4:
81:80:f0:08:33:b5:65:73:7d:9b:c1:fb:c9:11:6b:
5d:82:b6:a5:88:53:81:8f:7c:c0:a0:e0:66:2b:f4:
e0:3d:b3:4f:96:ee:c0:59:e2:ed:45:24:83:70:a5:
5a:75:f8:07:a4:b2:62:4d:4c:e6:b6:de:6d:98:ec:
fc:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:3B:46:F7:B4:FB:28:4F:14:B5:F1:94:7A:2E:4D:4B:A2:EF:62:C0
X509v3 Authority Key Identifier:
keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/bTtG97T7KE8UtfGUei5NS6LvYsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.144.0/22
5.10.128.0/21
5.183.248.0/22
23.90.192.0/18
31.204.80.0/21
45.80.252.0/22
45.86.96.0/22
45.89.76.0/22
45.92.180.0/22
45.129.216.0-45.129.218.255
45.133.68.0/22
45.142.108.0/22
45.152.16.0/22
46.18.120.0/21
62.192.156.0/22
79.99.160.0/21
88.218.12.0/22
92.119.232.0/22
94.154.4.0/24
94.187.128.0/19
168.220.128.0/19
185.20.16.0/22
185.48.252.0/22
185.86.88.0/22
185.87.100.0/22
185.98.116.0/22
185.132.64.0/22
185.133.80.0/22
185.134.156.0/22
185.135.176.0/22
185.138.116.0/22
185.163.136.0/22
185.163.212.0/22
185.163.220.0/22
185.163.228.0/22
185.169.156.0/22
185.186.88.0/22
185.191.36.0/22
185.197.108.0/22
185.241.140.0/22
185.254.8.0/22
192.214.192.0/19
195.216.140.0/22
IPv6:
2a00:41e0::/29
2a00:6780::/29
2a01:648::/29
2a05:b780::/29
2a05:c100::/29
Signature Algorithm: sha256WithRSAEncryption
23:02:96:0d:f4:a5:38:78:d6:70:91:b1:ee:95:42:56:60:7e:
40:1b:67:f6:4b:6d:16:af:31:2f:d8:c5:ea:cc:1f:ca:b0:0f:
1f:df:ab:b2:a1:4d:df:e9:03:6c:23:79:e7:ad:33:8f:1a:19:
ac:2c:97:11:53:fa:3c:49:04:f0:43:bb:7e:7a:b6:c3:a7:ec:
67:6d:d3:88:26:89:ee:04:46:15:c9:27:aa:f5:c8:c2:da:6a:
e5:3b:6b:86:be:5a:26:2b:5a:52:65:e0:89:4e:42:52:b2:98:
9d:a2:a8:36:f5:30:51:ed:18:d4:0c:9d:54:ac:cb:0a:f1:68:
a1:22:26:ed:9e:02:2b:bc:2b:d4:a2:a7:35:e1:de:d6:a4:c2:
57:78:93:86:2f:d0:8c:aa:ea:a1:a4:c6:67:4a:ea:de:1d:cf:
80:ed:0a:11:28:09:a9:26:6f:26:42:d2:96:04:46:44:7e:0b:
d9:1e:7f:9c:2a:26:10:29:6c:ae:bd:cd:01:d2:32:df:c9:dc:
83:da:5a:b9:da:ec:0e:7b:2b:9b:41:a8:4b:b2:0b:5d:94:9f:
d0:23:d8:97:a3:09:40:a2:91:50:11:3b:2e:29:90:c0:b0:5c:
19:53:5a:36:c8:a2:f8:9e:c2:89:84:59:41:5a:bf:5d:54:e1:
25:5e:e3:75
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgISAYzCbPK4PY0SeEU7ZZLoBVA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZDk5MDEzMTQ2N2I3N2QxMTE2MmI3OWZiZTNiMDZjYThh
YjJkMzkwHhcNMjQwMTAxMDAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDNiNDZmN2I0ZmIyODRmMTRiNWYxOTQ3YTJlNGQ0YmEyZWY2MmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQN6TBdTszoGAH2sv0w3fLhiFCil
CHYDvhmziiUk3MUa+2HD0KAvEQAMsgklkEmCJ+BsAjqTSYK1fNtWAcl2tNdxGYMR
ffI7gS34Gmzy6d2MvjmbleeGhNDQ1fZdw5PdMqIWjEjLgpQp/NEvUiwf1dEFN2ee
hxxDh0tjuc2t3ISQ1SfiUF2l7eMrm5gusPoeAhQ2EKDPhVx7q3UeU0zXkiML5vQj
FepYZf++qn7qYef/OC98/l6gvBdsvWbiAk3d+KSBgPAIM7Vlc32bwfvJEWtdgral
iFOBj3zAoOBmK/TgPbNPlu7AWeLtRSSDcKVadfgHpLJiTUzmtt5tmOz8HQIDAQAB
o4IDQjCCAz4wHQYDVR0OBBYEFG07Rve0+yhPFLXxlHouTUui72LAMB8GA1UdIwQY
MBaAFIfZkBMUZ7d9ERYrefvjsGyoqy05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMt
YjhlOGIzNGRiMjkwLzEvYlR0Rzk3VDdLRThVdGZHVWVpNU5TNkx2WXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMtYjhlOGIzNGRiMjkw
LzEvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVgYIKwYBBQUHAQcBAf8EggFFMIIBQTCCARIEAgABMIIB
CgMEAgI7kAMEAwUKgAMEAgW3+AMEBhdawAMEAx/MUAMEAi1Q/AMEAi1WYAMEAi1Z
TAMEAi1ctDAMAwQDLYHYAwQALYHaAwQCLYVEAwQCLY5sAwQCLZgQAwQDLhJ4AwQC
PsCcAwQDT2OgAwQCWNoMAwQCXHfoAwQAXpoEAwQFXruAAwQFqNyAAwQCuRQQAwQC
uTD8AwQCuVZYAwQCuVdkAwQCuWJ0AwQCuYRAAwQCuYVQAwQCuYacAwQCuYewAwQC
uYp0AwQCuaOIAwQCuaPUAwQCuaPcAwQCuaPkAwQCuamcAwQCubpYAwQCub8kAwQC
ucVsAwQCufGMAwQCuf4IAwQFwNbAAwQCw9iMMCkEAgACMCMDBQMqAEHgAwUDKgBn
gAMFAyoBBkgDBQMqBbeAAwUDKgXBADANBgkqhkiG9w0BAQsFAAOCAQEAIwKWDfSl
OHjWcJGx7pVCVmB+QBtn9kttFq8xL9jF6swfyrAPH9+rsqFN3+kDbCN5560zjxoZ
rCyXEVP6PEkE8EO7fnq2w6fsZ23TiCaJ7gRGFcknqvXIwtpq5Ttrhr5aJitaUmXg
iU5CUrKYnaKoNvUwUe0Y1AydVKzLCvFooSIm7Z4CK7wr1KKnNeHe1qTCV3iThi/Q
jKrqoaTGZ0rq3h3PgO0KESgJqSZvJkLSlgRGRH4L2R5/nComEClsrr3NAdIy38nc
g9paudrsDnsrm0GoS7ILXZSf0CPYl6MJQKKRUBE7LimQwLBcGVNaNsii+J7CiYRZ
QVq/XVThJV7jdQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:23:05 2024 by rpki-client on console-ams.rpki-client.org