Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/oPu2Bb91EOgjHoE2lsDern5rpiY.roa
File: oPu2Bb91EOgjHoE2lsDern5rpiY.roa (raw, json)
Hash identifier: hLNPMjcO5QwKH5kggyta7ADIdAGmGXmcZpaJm5YTiT4=
Subject key identifier: A0:FB:B6:05:BF:75:10:E8:23:1E:81:36:96:C0:DE:AE:7E:6B:A6:26
Certificate issuer: /CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Certificate serial: 019242316F0C486C2DECB6685C66A2F1F919
Authority key identifier: 39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/oPu2Bb91EOgjHoE2lsDern5rpiY.roa
Signing time: Mon 30 Sep 2024 09:09:48 +0000
ROA not before: Mon 30 Sep 2024 09:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9021
IP address blocks: 90.158.0.0/16 maxlen: 16
90.158.0.0/18 maxlen: 18
90.158.0.0/22 maxlen: 22
90.158.0.0/23 maxlen: 23
90.158.3.0/24 maxlen: 24
90.158.8.0/24 maxlen: 24
90.158.15.0/24 maxlen: 24
90.158.16.0/24 maxlen: 24
90.158.18.0/24 maxlen: 24
90.158.19.0/24 maxlen: 24
90.158.24.0/24 maxlen: 24
90.158.26.0/24 maxlen: 24
90.158.27.0/24 maxlen: 24
90.158.28.0/24 maxlen: 24
90.158.29.0/24 maxlen: 24
90.158.30.0/24 maxlen: 24
90.158.31.0/24 maxlen: 24
90.158.32.0/24 maxlen: 24
90.158.33.0/24 maxlen: 24
90.158.36.0/24 maxlen: 24
90.158.37.0/24 maxlen: 24
90.158.39.0/24 maxlen: 24
90.158.41.0/24 maxlen: 24
90.158.43.0/24 maxlen: 24
90.158.44.0/24 maxlen: 24
90.158.45.0/24 maxlen: 24
90.158.46.0/24 maxlen: 24
90.158.47.0/24 maxlen: 24
90.158.48.0/20 maxlen: 20
90.158.48.0/24 maxlen: 24
90.158.50.0/23 maxlen: 23
90.158.51.0/24 maxlen: 24
90.158.52.0/23 maxlen: 23
90.158.52.0/24 maxlen: 24
90.158.53.0/24 maxlen: 24
90.158.54.0/23 maxlen: 23
90.158.55.0/24 maxlen: 24
90.158.56.0/24 maxlen: 24
90.158.60.0/24 maxlen: 24
90.158.62.0/24 maxlen: 24
90.158.64.0/21 maxlen: 21
90.158.64.0/24 maxlen: 24
90.158.65.0/24 maxlen: 24
90.158.66.0/24 maxlen: 24
90.158.67.0/24 maxlen: 24
90.158.68.0/24 maxlen: 24
90.158.72.0/22 maxlen: 22
90.158.72.0/24 maxlen: 24
90.158.73.0/24 maxlen: 24
90.158.74.0/24 maxlen: 24
90.158.75.0/24 maxlen: 24
90.158.96.0/22 maxlen: 22
90.158.100.0/24 maxlen: 24
90.158.101.0/24 maxlen: 24
90.158.102.0/23 maxlen: 23
90.158.104.0/24 maxlen: 24
90.158.105.0/24 maxlen: 24
90.158.106.0/24 maxlen: 24
90.158.109.0/24 maxlen: 24
90.158.110.0/24 maxlen: 24
90.158.111.0/24 maxlen: 24
90.158.112.0/20 maxlen: 20
90.158.114.0/24 maxlen: 24
90.158.116.0/24 maxlen: 24
90.158.117.0/24 maxlen: 24
90.158.119.0/24 maxlen: 24
90.158.120.0/24 maxlen: 24
90.158.121.0/24 maxlen: 24
90.158.122.0/24 maxlen: 24
90.158.123.0/24 maxlen: 24
90.158.126.0/24 maxlen: 24
90.158.127.0/24 maxlen: 24
90.158.128.0/17 maxlen: 17
90.158.128.0/21 maxlen: 21
90.158.136.0/21 maxlen: 21
90.158.139.0/24 maxlen: 24
90.158.160.0/24 maxlen: 24
90.158.161.0/24 maxlen: 24
90.158.200.0/23 maxlen: 23
90.158.224.0/22 maxlen: 22
90.158.240.0/21 maxlen: 21
90.158.244.0/22 maxlen: 22
90.158.248.0/21 maxlen: 21
90.158.249.0/24 maxlen: 24
90.158.251.0/24 maxlen: 24
90.158.252.0/22 maxlen: 22
90.159.0.0/16 maxlen: 16
90.159.0.0/22 maxlen: 22
90.159.0.0/24 maxlen: 24
90.159.1.0/24 maxlen: 24
90.159.2.0/24 maxlen: 24
90.159.3.0/24 maxlen: 24
90.159.4.0/23 maxlen: 23
90.159.10.0/24 maxlen: 24
90.159.15.0/24 maxlen: 24
90.159.20.0/24 maxlen: 24
90.159.26.0/24 maxlen: 24
90.159.27.0/24 maxlen: 24
90.159.29.0/24 maxlen: 24
90.159.31.0/24 maxlen: 24
90.159.33.0/24 maxlen: 24
90.159.34.0/24 maxlen: 24
90.159.36.0/24 maxlen: 24
90.159.37.0/24 maxlen: 24
90.159.38.0/24 maxlen: 24
90.159.44.0/22 maxlen: 22
90.159.50.0/24 maxlen: 24
90.159.51.0/24 maxlen: 24
90.159.58.0/24 maxlen: 24
90.159.59.0/24 maxlen: 24
90.159.60.0/24 maxlen: 24
90.159.61.0/24 maxlen: 24
90.159.64.0/18 maxlen: 18
90.159.64.0/24 maxlen: 24
90.159.68.0/24 maxlen: 24
90.159.128.0/20 maxlen: 20
90.159.136.0/21 maxlen: 21
90.159.136.0/24 maxlen: 24
90.159.240.0/20 maxlen: 20
90.159.246.0/24 maxlen: 24
212.98.0.0/19 maxlen: 19
212.98.0.0/20 maxlen: 20
212.98.1.0/24 maxlen: 24
212.98.2.0/24 maxlen: 24
212.98.8.0/21 maxlen: 21
212.98.9.0/24 maxlen: 24
212.98.16.0/21 maxlen: 21
212.98.16.0/24 maxlen: 24
212.98.28.0/22 maxlen: 22
213.143.224.0/20 maxlen: 20
213.143.226.0/23 maxlen: 23
213.143.226.0/24 maxlen: 24
213.143.227.0/24 maxlen: 24
213.143.228.0/24 maxlen: 24
213.143.229.0/24 maxlen: 24
213.143.230.0/24 maxlen: 24
213.143.233.0/24 maxlen: 24
213.143.234.0/24 maxlen: 24
213.143.235.0/24 maxlen: 24
213.143.236.0/22 maxlen: 22
213.143.238.0/24 maxlen: 24
213.143.239.0/24 maxlen: 24
213.143.240.0/20 maxlen: 20
213.143.240.0/22 maxlen: 22
213.143.240.0/24 maxlen: 24
213.143.241.0/24 maxlen: 24
213.143.243.0/24 maxlen: 24
213.143.244.0/22 maxlen: 22
213.143.250.0/24 maxlen: 24
213.143.251.0/24 maxlen: 24
213.143.252.0/24 maxlen: 24
213.143.253.0/24 maxlen: 24
213.143.254.0/24 maxlen: 24
213.143.255.0/24 maxlen: 24
213.161.128.0/19 maxlen: 19
213.161.128.0/21 maxlen: 21
213.161.135.0/24 maxlen: 24
213.161.136.0/21 maxlen: 21
213.161.136.0/22 maxlen: 22
213.161.144.0/23 maxlen: 23
213.161.144.0/24 maxlen: 24
213.161.145.0/24 maxlen: 24
213.161.146.0/24 maxlen: 24
213.161.148.0/23 maxlen: 23
213.161.148.0/24 maxlen: 24
213.161.149.0/24 maxlen: 24
213.161.150.0/24 maxlen: 24
213.161.151.0/24 maxlen: 24
213.161.152.0/21 maxlen: 21
213.161.152.0/24 maxlen: 24
2a00:1f90::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:42:31:6f:0c:48:6c:2d:ec:b6:68:5c:66:a2:f1:f9:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Validity
Not Before: Sep 30 09:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0fbb605bf7510e8231e813696c0deae7e6ba626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:df:3d:42:0a:2a:90:8f:1d:dd:3f:46:0a:9b:
52:a5:38:a6:fd:6b:52:ef:55:8f:de:7f:93:10:55:
cd:c4:ff:71:9b:e4:c1:17:3b:8a:ce:79:29:47:a7:
cf:4f:3f:94:88:c7:07:3a:f5:66:ed:a4:4a:6f:79:
e8:8a:e5:4a:38:86:bc:85:72:b0:79:ca:d1:75:bc:
4c:c9:d2:69:99:2b:80:b0:91:2e:a4:08:45:b4:01:
4a:b0:76:41:75:e0:7b:de:b0:c8:c7:b6:b2:ec:fa:
c6:67:d0:35:bf:83:8f:0f:e9:95:9e:fa:bf:00:de:
9d:24:77:c5:e7:9f:70:bd:a8:25:aa:66:63:bd:e1:
83:86:cc:b9:bc:73:26:cc:f0:34:7f:b8:3b:4d:4a:
e7:5e:eb:24:44:fe:6a:85:ab:79:c3:73:c2:3c:c2:
c7:69:6c:c0:30:f9:ce:ea:9d:74:41:60:af:e4:b0:
bd:23:cf:33:79:52:c0:fe:be:df:18:34:c8:73:4d:
41:eb:73:17:03:8c:c1:e3:47:9e:7a:70:4a:6d:b4:
ba:a2:1f:47:56:d0:6e:b4:c0:3b:90:ed:66:68:65:
32:b8:5a:87:f5:5c:41:49:ba:89:80:1f:2d:45:94:
0f:e2:0b:e1:3c:64:68:37:9a:47:19:0b:6e:18:77:
52:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:FB:B6:05:BF:75:10:E8:23:1E:81:36:96:C0:DE:AE:7E:6B:A6:26
X509v3 Authority Key Identifier:
keyid:39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/oPu2Bb91EOgjHoE2lsDern5rpiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.158.0.0/15
212.98.0.0/19
213.143.224.0/19
213.161.128.0/19
IPv6:
2a00:1f90::/32
Signature Algorithm: sha256WithRSAEncryption
9d:c3:54:3d:05:e5:09:c9:b7:aa:07:17:64:59:00:2d:bc:e1:
40:47:ac:c0:e2:25:e2:58:e1:3f:22:92:86:c0:31:55:25:4d:
67:e2:87:f1:10:ef:20:5d:ba:d2:de:9e:09:8d:80:46:3b:1b:
91:31:36:7d:21:73:8e:c5:40:b4:6e:9e:7a:8d:d6:0e:f3:55:
27:d7:8f:0e:0d:d6:5f:39:d6:ca:ef:bd:98:a7:62:f8:8d:be:
ec:f6:2e:92:a0:50:75:32:a8:d6:80:42:a8:36:cb:d9:95:47:
fc:16:2e:ac:c8:b0:74:69:d1:b1:33:27:78:a7:13:d1:ff:3e:
15:95:e5:a0:73:03:ff:3d:25:fa:b9:d2:8b:17:f2:bb:31:d3:
28:2b:e3:f5:cd:35:af:e4:62:be:ee:ab:1e:a8:70:ec:89:0a:
f4:f6:8d:61:ca:ae:1b:7a:bd:b5:c8:7f:9c:c1:06:2f:1b:9f:
1c:17:49:84:76:95:be:81:7e:2b:af:9c:22:0d:61:8a:98:89:
77:de:bf:00:d6:31:fa:e4:4f:1f:65:c8:91:ef:7d:bd:11:08:
3a:3a:6e:55:3f:63:82:28:43:e4:88:da:7c:34:e1:e5:e8:22:
44:5b:08:e5:ce:79:f5:92:95:4d:24:61:23:e5:44:07:73:01:
86:c0:e6:a5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZJCMW8MSGwt7LZoXGai8fkZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MTlmMmFkOTE1ODRiYWZmMDQ2NzQ0N2JhYzhmYjk3OGQx
ZjlkZDMwHhcNMjQwOTMwMDkwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGZiYjYwNWJmNzUxMGU4MjMxZTgxMzY5NmMwZGVhZTdlNmJhNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt89QgoqkI8d3T9GCptSpTim/WtS
71WP3n+TEFXNxP9xm+TBFzuKznkpR6fPTz+UiMcHOvVm7aRKb3noiuVKOIa8hXKw
ecrRdbxMydJpmSuAsJEupAhFtAFKsHZBdeB73rDIx7ay7PrGZ9A1v4OPD+mVnvq/
AN6dJHfF559wvaglqmZjveGDhsy5vHMmzPA0f7g7TUrnXuskRP5qhat5w3PCPMLH
aWzAMPnO6p10QWCv5LC9I88zeVLA/r7fGDTIc01B63MXA4zB40eeenBKbbS6oh9H
VtButMA7kO1maGUyuFqH9VxBSbqJgB8tRZQP4gvhPGRoN5pHGQtuGHdS9QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKD7tgW/dRDoIx6BNpbA3q5+a6YmMB8GA1UdIwQY
MBaAFDkZ8q2RWEuv8EZ0R7rI+5eNH53TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUt
MzJhYTY3MzFjMjkxLzEvb1B1MkJiOTFFT2dqSG9FMmxzRGVybjVycGlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUtMzJhYTY3MzFjMjkx
LzEvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMBWp4DBAXU
YgADBAXVj+ADBAXVoYAwDQQCAAIwBwMFACoAH5AwDQYJKoZIhvcNAQELBQADggEB
AJ3DVD0F5QnJt6oHF2RZAC284UBHrMDiJeJY4T8ikobAMVUlTWfih/EQ7yBdutLe
ngmNgEY7G5ExNn0hc47FQLRunnqN1g7zVSfXjw4N1l851srvvZinYviNvuz2LpKg
UHUyqNaAQqg2y9mVR/wWLqzIsHRp0bEzJ3inE9H/PhWV5aBzA/89Jfq50osX8rsx
0ygr4/XNNa/kYr7uqx6ocOyJCvT2jWHKrht6vbXIf5zBBi8bnxwXSYR2lb6Bfiuv
nCINYYqYiXfevwDWMfrkTx9lyJHvfb0RCDo6blU/Y4IoQ+SI2nw04eXoIkRbCOXO
efWSlU0kYSPlRAdzAYbA5qU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:48:50 2024 by rpki-client on console-fra.rpki-client.org