Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/zPOAUrQzpPNGvvVmITAD6-vBcCE.roa
File: zPOAUrQzpPNGvvVmITAD6-vBcCE.roa (raw, json)
Hash identifier: 9+7ni7YGNzagY72NhA/qJS71IT3VmeuFI+MuYWb9VGQ=
Subject key identifier: CC:F3:80:52:B4:33:A4:F3:46:BE:F5:66:21:30:03:EB:EB:C1:70:21
Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Certificate serial: 0192B304EC2CFA6FF74EC4350F68BBA526C9
Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/zPOAUrQzpPNGvvVmITAD6-vBcCE.roa
Signing time: Tue 22 Oct 2024 06:58:17 +0000
ROA not before: Tue 22 Oct 2024 06:58:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57809
IP address blocks: 2.59.144.0/22 maxlen: 22
5.10.128.0/21 maxlen: 21
5.183.248.0/22 maxlen: 22
23.90.192.0/18 maxlen: 18
31.204.80.0/21 maxlen: 21
45.80.252.0/22 maxlen: 22
45.86.96.0/22 maxlen: 22
45.89.76.0/22 maxlen: 22
45.92.180.0/22 maxlen: 22
45.129.216.0/24 maxlen: 24
45.129.217.0/24 maxlen: 24
45.129.218.0/24 maxlen: 24
45.133.68.0/22 maxlen: 22
45.142.108.0/22 maxlen: 22
45.152.16.0/22 maxlen: 22
46.18.120.0/22 maxlen: 22
46.18.124.0/24 maxlen: 24
46.18.125.0/24 maxlen: 24
46.18.126.0/23 maxlen: 23
62.192.156.0/22 maxlen: 22
79.99.160.0/21 maxlen: 21
88.86.224.0/19 maxlen: 19
88.218.12.0/22 maxlen: 22
92.119.232.0/22 maxlen: 22
94.154.4.0/24 maxlen: 24
94.187.128.0/19 maxlen: 19
94.187.144.0/22 maxlen: 22
94.187.150.0/24 maxlen: 24
168.220.128.0/19 maxlen: 19
185.20.16.0/22 maxlen: 22
185.48.252.0/22 maxlen: 22
185.86.88.0/22 maxlen: 22
185.87.100.0/22 maxlen: 22
185.98.116.0/22 maxlen: 22
185.132.64.0/22 maxlen: 22
185.133.80.0/22 maxlen: 22
185.134.156.0/22 maxlen: 22
185.135.176.0/22 maxlen: 22
185.138.116.0/22 maxlen: 22
185.163.136.0/22 maxlen: 22
185.163.212.0/22 maxlen: 22
185.163.220.0/22 maxlen: 22
185.163.228.0/22 maxlen: 22
185.169.156.0/22 maxlen: 22
185.186.88.0/22 maxlen: 22
185.191.36.0/22 maxlen: 22
185.197.108.0/22 maxlen: 22
185.241.140.0/22 maxlen: 22
185.254.8.0/22 maxlen: 22
192.214.192.0/19 maxlen: 19
195.216.140.0/22 maxlen: 22
2a00:41e0::/29 maxlen: 32
2a00:6780::/29 maxlen: 32
2a01:648::/29 maxlen: 32
2a05:b780::/29 maxlen: 29
2a05:c100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:04:ec:2c:fa:6f:f7:4e:c4:35:0f:68:bb:a5:26:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Validity
Not Before: Oct 22 06:58:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccf38052b433a4f346bef566213003ebebc17021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b8:9d:23:b3:a3:a5:3f:c3:c3:76:cb:61:5d:
60:71:cb:c4:d3:69:a0:9e:6f:b5:e9:a2:7c:6e:0c:
a7:87:8f:6d:70:8e:ed:7d:27:b3:cc:e8:71:83:8d:
34:32:de:1d:0b:39:ad:4a:01:68:08:49:dd:11:48:
ec:5d:61:88:3a:ad:96:1f:d7:f9:61:e6:c8:50:bb:
f5:df:9f:56:79:21:ea:1f:18:47:5f:bc:0f:38:3f:
1f:71:62:3e:c4:34:dd:66:e4:9a:89:9e:9d:34:0b:
86:36:fd:89:12:11:d5:a6:85:d6:7e:b2:c3:a9:ed:
75:32:c5:c7:83:2f:ab:33:4b:98:90:db:62:98:52:
d2:2b:ba:1b:25:d9:44:8a:fc:12:9a:f0:da:1b:9e:
37:f7:ce:1f:43:72:df:e8:c3:c2:5d:92:76:57:1c:
2d:0c:1e:36:99:92:fb:f7:1e:a1:0b:55:b8:34:e5:
a7:26:ff:26:61:21:28:87:bc:11:e8:a0:43:e1:a5:
c4:21:35:1b:7e:33:e4:65:76:1e:df:12:12:c2:97:
e0:bb:d7:25:61:48:e8:f5:51:1d:f7:c1:08:7b:19:
79:b7:51:6f:7a:38:c2:5f:5a:80:33:35:2a:5e:d9:
f2:2e:63:bc:45:c0:6f:ca:d2:6a:c5:b1:3a:49:96:
6e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:F3:80:52:B4:33:A4:F3:46:BE:F5:66:21:30:03:EB:EB:C1:70:21
X509v3 Authority Key Identifier:
keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/zPOAUrQzpPNGvvVmITAD6-vBcCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.144.0/22
5.10.128.0/21
5.183.248.0/22
23.90.192.0/18
31.204.80.0/21
45.80.252.0/22
45.86.96.0/22
45.89.76.0/22
45.92.180.0/22
45.129.216.0-45.129.218.255
45.133.68.0/22
45.142.108.0/22
45.152.16.0/22
46.18.120.0/21
62.192.156.0/22
79.99.160.0/21
88.86.224.0/19
88.218.12.0/22
92.119.232.0/22
94.154.4.0/24
94.187.128.0/19
168.220.128.0/19
185.20.16.0/22
185.48.252.0/22
185.86.88.0/22
185.87.100.0/22
185.98.116.0/22
185.132.64.0/22
185.133.80.0/22
185.134.156.0/22
185.135.176.0/22
185.138.116.0/22
185.163.136.0/22
185.163.212.0/22
185.163.220.0/22
185.163.228.0/22
185.169.156.0/22
185.186.88.0/22
185.191.36.0/22
185.197.108.0/22
185.241.140.0/22
185.254.8.0/22
192.214.192.0/19
195.216.140.0/22
IPv6:
2a00:41e0::/29
2a00:6780::/29
2a01:648::/29
2a05:b780::/29
2a05:c100::/29
Signature Algorithm: sha256WithRSAEncryption
89:4b:84:b4:49:8e:da:44:49:d5:4d:37:5b:e8:9c:ae:2c:e3:
e9:88:de:6d:cc:e6:dd:9b:80:05:2b:85:7d:34:7c:3b:ad:03:
70:0c:bb:8f:51:7b:a1:42:2e:15:dd:98:81:3f:1c:b0:af:4e:
37:3b:47:1d:b0:04:82:57:36:22:81:62:2e:cf:69:f8:24:9d:
8f:cd:50:74:f3:82:c7:13:fb:c7:33:c9:62:b6:3d:a4:e1:f2:
25:ce:24:ad:ac:0f:d3:d4:8b:bd:ec:e7:c0:f2:57:47:6b:b9:
7e:92:bf:5a:1d:69:36:f9:c4:99:82:2b:7f:d6:d6:78:a5:a9:
e6:32:40:21:13:09:29:90:60:93:5e:cd:ed:92:2a:27:b8:61:
5b:b6:34:c3:d9:d0:b0:94:7e:4c:83:4f:0a:44:69:a2:77:4c:
4a:c7:f0:80:ae:b9:89:aa:ca:2d:a5:71:a5:a3:42:10:b8:a5:
36:e3:f6:b6:ea:df:4d:4f:f4:b2:c5:b6:2e:23:6e:a3:4a:2c:
ff:df:7e:d7:82:fa:e0:9e:65:d0:65:24:6f:f1:cb:76:d2:54:
e1:d3:0b:58:bb:5e:d2:26:4d:a8:ce:5b:fc:8e:41:8d:2e:3f:
9b:ed:63:55:0c:5b:40:d0:46:39:b9:fa:b8:dc:64:6b:b0:a7:
60:8d:e4:b3
-----BEGIN CERTIFICATE-----
MIIGPDCCBSSgAwIBAgISAZKzBOws+m/3TsQ1D2i7pSbJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZDk5MDEzMTQ2N2I3N2QxMTE2MmI3OWZiZTNiMDZjYThh
YjJkMzkwHhcNMjQxMDIyMDY1ODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2YzODA1MmI0MzNhNGYzNDZiZWY1NjYyMTMwMDNlYmViYzE3MDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bidI7OjpT/Dw3bLYV1gccvE02mg
nm+16aJ8bgynh49tcI7tfSezzOhxg400Mt4dCzmtSgFoCEndEUjsXWGIOq2WH9f5
YebIULv1359WeSHqHxhHX7wPOD8fcWI+xDTdZuSaiZ6dNAuGNv2JEhHVpoXWfrLD
qe11MsXHgy+rM0uYkNtimFLSK7obJdlEivwSmvDaG543984fQ3Lf6MPCXZJ2Vxwt
DB42mZL79x6hC1W4NOWnJv8mYSEoh7wR6KBD4aXEITUbfjPkZXYe3xISwpfgu9cl
YUjo9VEd98EIexl5t1FvejjCX1qAMzUqXtnyLmO8RcBvytJqxbE6SZZuWwIDAQAB
o4IDSDCCA0QwHQYDVR0OBBYEFMzzgFK0M6TzRr71ZiEwA+vrwXAhMB8GA1UdIwQY
MBaAFIfZkBMUZ7d9ERYrefvjsGyoqy05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMt
YjhlOGIzNGRiMjkwLzEvelBPQVVyUXpwUE5HdnZWbUlUQUQ2LXZCY0NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMtYjhlOGIzNGRiMjkw
LzEvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXAYIKwYBBQUHAQcBAf8EggFLMIIBRzCCARgEAgABMIIB
EAMEAgI7kAMEAwUKgAMEAgW3+AMEBhdawAMEAx/MUAMEAi1Q/AMEAi1WYAMEAi1Z
TAMEAi1ctDAMAwQDLYHYAwQALYHaAwQCLYVEAwQCLY5sAwQCLZgQAwQDLhJ4AwQC
PsCcAwQDT2OgAwQFWFbgAwQCWNoMAwQCXHfoAwQAXpoEAwQFXruAAwQFqNyAAwQC
uRQQAwQCuTD8AwQCuVZYAwQCuVdkAwQCuWJ0AwQCuYRAAwQCuYVQAwQCuYacAwQC
uYewAwQCuYp0AwQCuaOIAwQCuaPUAwQCuaPcAwQCuaPkAwQCuamcAwQCubpYAwQC
ub8kAwQCucVsAwQCufGMAwQCuf4IAwQFwNbAAwQCw9iMMCkEAgACMCMDBQMqAEHg
AwUDKgBngAMFAyoBBkgDBQMqBbeAAwUDKgXBADANBgkqhkiG9w0BAQsFAAOCAQEA
iUuEtEmO2kRJ1U03W+icrizj6Yjebczm3ZuABSuFfTR8O60DcAy7j1F7oUIuFd2Y
gT8csK9ONztHHbAEglc2IoFiLs9p+CSdj81QdPOCxxP7xzPJYrY9pOHyJc4krawP
09SLveznwPJXR2u5fpK/Wh1pNvnEmYIrf9bWeKWp5jJAIRMJKZBgk17N7ZIqJ7hh
W7Y0w9nQsJR+TINPCkRpondMSsfwgK65iarKLaVxpaNCELilNuP2turfTU/0ssW2
LiNuo0os/99+14L64J5l0GUkb/HLdtJU4dMLWLte0iZNqM5b/I5BjS4/m+1jVQxb
QNBGObn6uNxka7CnYI3ksw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:41:59 2024 by rpki-client on console-ams.rpki-client.org