Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/lfbBQgI97quJSJLRlXgsyGFUNOU.roa
File: lfbBQgI97quJSJLRlXgsyGFUNOU.roa (raw, json)
Hash identifier: QOo9xRbHpdVuC8+gpYlNSDOjXY8NKFhRVKp8DCS+7G8=
Subject key identifier: 95:F6:C1:42:02:3D:EE:AB:89:48:92:D1:95:78:2C:C8:61:54:34:E5
Certificate issuer: /CN=75790c7ecf24d28be2e13fe069118cee27d58002
Certificate serial: 018FA99DE4376A3F3A381ACA2A5EDACF7C39
Authority key identifier: 75:79:0C:7E:CF:24:D2:8B:E2:E1:3F:E0:69:11:8C:EE:27:D5:80:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXkMfs8k0ovi4T_gaRGM7ifVgAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/lfbBQgI97quJSJLRlXgsyGFUNOU.roa
Signing time: Fri 24 May 2024 08:00:48 +0000
ROA not before: Fri 24 May 2024 08:00:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12302
IP address blocks: 31.5.0.0/16 maxlen: 16
31.5.0.0/17 maxlen: 17
31.5.128.0/17 maxlen: 17
31.14.35.0/24 maxlen: 24
62.121.64.0/18 maxlen: 19
77.81.16.0/20 maxlen: 21
78.96.0.0/15 maxlen: 16
81.89.0.0/20 maxlen: 21
82.208.128.0/18 maxlen: 19
82.210.128.0/18 maxlen: 19
83.103.128.0/17 maxlen: 18
84.117.0.0/16 maxlen: 16
84.117.0.0/17 maxlen: 17
84.117.128.0/17 maxlen: 17
85.186.0.0/16 maxlen: 17
85.204.0.0/20 maxlen: 21
85.204.0.0/21 maxlen: 21
85.204.184.0/21 maxlen: 22
85.204.188.0/22 maxlen: 22
86.104.136.0/21 maxlen: 22
86.105.64.0/20 maxlen: 21
86.106.32.0/19 maxlen: 20
86.106.48.0/20 maxlen: 20
89.33.72.0/21 maxlen: 22
89.38.72.0/22 maxlen: 23
89.42.248.0/21 maxlen: 22
89.42.252.0/22 maxlen: 22
89.44.78.0/23 maxlen: 23
89.44.78.0/24 maxlen: 24
89.136.0.0/15 maxlen: 16
93.113.32.0/23 maxlen: 23
93.113.241.0/24 maxlen: 24
93.113.242.0/23 maxlen: 23
93.117.66.0/23 maxlen: 23
93.117.138.0/23 maxlen: 23
93.117.154.0/23 maxlen: 23
93.118.46.0/23 maxlen: 23
93.119.126.0/23 maxlen: 23
93.119.137.0/24 maxlen: 24
93.119.138.0/23 maxlen: 23
93.119.224.0/23 maxlen: 23
93.119.226.0/24 maxlen: 24
95.76.0.0/15 maxlen: 16
185.63.136.0/22 maxlen: 23
188.208.117.0/24 maxlen: 24
188.208.118.0/23 maxlen: 23
188.214.153.0/24 maxlen: 24
188.214.195.0/24 maxlen: 24
188.214.196.0/23 maxlen: 23
188.240.64.0/22 maxlen: 22
188.240.64.0/23 maxlen: 23
188.240.66.0/23 maxlen: 23
193.178.165.0/24 maxlen: 24
194.102.99.0/24 maxlen: 24
194.102.146.0/24 maxlen: 24
194.102.248.0/21 maxlen: 22
194.105.17.0/24 maxlen: 24
194.105.24.0/22 maxlen: 22
194.105.28.0/22 maxlen: 23
195.234.172.0/24 maxlen: 24
213.164.224.0/19 maxlen: 20
2a04:2400::/27 maxlen: 27
2a04:2400::/28 maxlen: 28
2a04:2410::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/dXkMfs8k0ovi4T_gaRGM7ifVgAI.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/dXkMfs8k0ovi4T_gaRGM7ifVgAI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dXkMfs8k0ovi4T_gaRGM7ifVgAI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 23:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a9:9d:e4:37:6a:3f:3a:38:1a:ca:2a:5e:da:cf:7c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75790c7ecf24d28be2e13fe069118cee27d58002
Validity
Not Before: May 24 08:00:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95f6c142023deeab894892d195782cc8615434e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f9:3b:9a:4a:75:55:6d:5d:a9:25:92:db:19:
94:c3:cd:82:38:86:6e:7d:1d:1d:a3:82:f2:e2:ae:
fe:40:2a:6e:29:47:27:90:ab:01:1d:61:ca:39:9e:
31:66:b1:24:38:e1:9d:ee:45:e6:2c:56:77:5b:db:
0b:c7:6a:7a:49:93:3d:bf:37:6b:2f:a8:d9:f6:2f:
7c:f1:1c:47:e7:ed:47:c5:3e:ab:35:4f:57:f9:2c:
c0:14:db:71:1f:8a:06:ef:f5:80:c9:6b:70:b7:ce:
c5:6f:2f:a3:74:33:fb:79:8b:00:c2:9f:2b:f0:a9:
64:06:6a:b8:3d:0e:7a:5b:f7:ce:4e:a6:69:65:85:
0e:2c:9e:18:e3:f9:22:97:e4:11:e7:9f:fb:a3:4b:
7e:99:11:f5:bf:b3:71:99:5b:b3:ba:f3:a1:a4:5c:
49:f0:12:b4:46:67:f3:88:a5:0d:51:3f:c8:00:ad:
8d:ac:03:19:54:fd:29:b5:65:3b:e8:df:0d:fd:0d:
25:0b:ba:eb:e6:e0:91:da:b7:70:be:88:d6:e4:5e:
6e:de:1c:49:0f:cc:52:ac:72:af:cb:22:93:16:a4:
e3:35:4a:8f:50:24:99:28:0d:e7:a5:a7:99:cf:25:
be:8b:a0:26:4e:66:55:78:15:64:7b:b9:e4:ba:dc:
42:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F6:C1:42:02:3D:EE:AB:89:48:92:D1:95:78:2C:C8:61:54:34:E5
X509v3 Authority Key Identifier:
keyid:75:79:0C:7E:CF:24:D2:8B:E2:E1:3F:E0:69:11:8C:EE:27:D5:80:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXkMfs8k0ovi4T_gaRGM7ifVgAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/lfbBQgI97quJSJLRlXgsyGFUNOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/dXkMfs8k0ovi4T_gaRGM7ifVgAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.5.0.0/16
31.14.35.0/24
62.121.64.0/18
77.81.16.0/20
78.96.0.0/15
81.89.0.0/20
82.208.128.0/18
82.210.128.0/18
83.103.128.0/17
84.117.0.0/16
85.186.0.0/16
85.204.0.0/20
85.204.184.0/21
86.104.136.0/21
86.105.64.0/20
86.106.32.0/19
89.33.72.0/21
89.38.72.0/22
89.42.248.0/21
89.44.78.0/23
89.136.0.0/15
93.113.32.0/23
93.113.241.0-93.113.243.255
93.117.66.0/23
93.117.138.0/23
93.117.154.0/23
93.118.46.0/23
93.119.126.0/23
93.119.137.0-93.119.139.255
93.119.224.0-93.119.226.255
95.76.0.0/15
185.63.136.0/22
188.208.117.0-188.208.119.255
188.214.153.0/24
188.214.195.0-188.214.197.255
188.240.64.0/22
193.178.165.0/24
194.102.99.0/24
194.102.146.0/24
194.102.248.0/21
194.105.17.0/24
194.105.24.0/21
195.234.172.0/24
213.164.224.0/19
IPv6:
2a04:2400::/27
Signature Algorithm: sha256WithRSAEncryption
57:04:53:14:3c:ed:72:43:b5:48:5c:5c:fd:1b:16:ab:19:f8:
40:9b:93:81:1f:ee:3e:ed:b3:17:73:48:5c:20:db:bf:c5:3f:
5b:50:67:b3:8e:27:09:58:4c:0f:11:93:b0:a1:05:b3:a8:74:
84:8a:f5:88:ec:5b:2d:b5:62:06:f9:0a:df:76:7a:d4:0f:d7:
c1:ae:95:21:f8:a0:1d:c3:c3:9e:19:3b:39:98:e4:91:e5:9f:
d2:ec:35:79:66:e1:c0:c1:10:5b:7d:fd:31:37:c4:e2:b1:f6:
6a:85:84:4b:2e:1c:8d:a8:52:9f:f1:f7:28:69:cf:2a:72:14:
9c:04:2a:ec:ce:9a:41:90:79:9e:d9:a4:a7:ff:c5:98:69:34:
18:13:8f:c3:e3:7d:c8:b8:66:28:48:50:06:a1:3b:d4:17:cf:
23:92:c0:36:57:2c:40:6a:ce:02:5d:98:50:c3:2d:35:b5:04:
69:52:d2:dc:e9:19:01:27:49:7a:8c:57:e5:08:ad:15:80:a1:
f0:51:73:58:95:18:a5:d1:ed:10:a3:6b:a9:f1:c0:55:af:b1:
48:94:10:be:5b:6c:c1:74:01:dd:aa:72:b4:47:1b:5a:31:89:
ac:4c:73:30:4c:b1:97:68:9a:6e:04:3e:03:84:5f:aa:12:0c:
1a:a5:d3:7a
-----BEGIN CERTIFICATE-----
MIIGOjCCBSKgAwIBAgISAY+pneQ3aj86OBrKKl7az3w5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzkwYzdlY2YyNGQyOGJlMmUxM2ZlMDY5MTE4Y2VlMjdk
NTgwMDIwHhcNMjQwNTI0MDgwMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWY2YzE0MjAyM2RlZWFiODk0ODkyZDE5NTc4MmNjODYxNTQzNGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPk7mkp1VW1dqSWS2xmUw82COIZu
fR0do4Ly4q7+QCpuKUcnkKsBHWHKOZ4xZrEkOOGd7kXmLFZ3W9sLx2p6SZM9vzdr
L6jZ9i988RxH5+1HxT6rNU9X+SzAFNtxH4oG7/WAyWtwt87Fby+jdDP7eYsAwp8r
8KlkBmq4PQ56W/fOTqZpZYUOLJ4Y4/kil+QR55/7o0t+mRH1v7NxmVuzuvOhpFxJ
8BK0RmfziKUNUT/IAK2NrAMZVP0ptWU76N8N/Q0lC7rr5uCR2rdwvojW5F5u3hxJ
D8xSrHKvyyKTFqTjNUqPUCSZKA3npaeZzyW+i6AmTmZVeBVke7nkutxC4wIDAQAB
o4IDRjCCA0IwHQYDVR0OBBYEFJX2wUICPe6riUiS0ZV4LMhhVDTlMB8GA1UdIwQY
MBaAFHV5DH7PJNKL4uE/4GkRjO4n1YACMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhrTWZzOGswb3ZpNFRfZ2FSR003aWZWZ0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi80OTZkNTYtODZmZi00OGJlLWJkZTMt
MjcxZmRlMmRjNjU1LzEvbGZiQlFnSTk3cXVKU0pMUmxYZ3N5R0ZVTk9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi80OTZkNTYtODZmZi00OGJlLWJkZTMtMjcxZmRlMmRjNjU1
LzEvZFhrTWZzOGswb3ZpNFRfZ2FSR003aWZWZ0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWgYIKwYBBQUHAQcBAf8EggFJMIIBRTCCATIEAgABMIIB
KgMDAB8FAwQAHw4jAwQGPnlAAwQETVEQAwMBTmADBARRWQADBAZS0IADBAZS0oAD
BAdTZ4ADAwBUdQMDAFW6AwQEVcwAAwQDVcy4AwQDVmiIAwQEVmlAAwQFVmogAwQD
WSFIAwQCWSZIAwQDWSr4AwQBWSxOAwMBWYgDBAFdcSAwDAMEAF1x8QMEAl1x8AME
AV11QgMEAV11igMEAV11mgMEAV12LgMEAV13fjAMAwQAXXeJAwQCXXeIMAwDBAVd
d+ADBABdd+IDAwFfTAMEArk/iDAMAwQAvNB1AwQDvNBwAwQAvNaZMAwDBAC81sMD
BAG81sQDBAK88EADBADBsqUDBADCZmMDBADCZpIDBAPCZvgDBADCaREDBAPCaRgD
BADD6qwDBAXVpOAwDQQCAAIwBwMFBSoEJAAwDQYJKoZIhvcNAQELBQADggEBAFcE
UxQ87XJDtUhcXP0bFqsZ+ECbk4Ef7j7tsxdzSFwg27/FP1tQZ7OOJwlYTA8Rk7Ch
BbOodISK9YjsWy21Ygb5Ct92etQP18GulSH4oB3Dw54ZOzmY5JHln9LsNXlm4cDB
EFt9/TE3xOKx9mqFhEsuHI2oUp/x9yhpzypyFJwEKuzOmkGQeZ7ZpKf/xZhpNBgT
j8Pjfci4ZihIUAahO9QXzyOSwDZXLEBqzgJdmFDDLTW1BGlS0tzpGQEnSXqMV+UI
rRWAofBRc1iVGKXR7RCja6nxwFWvsUiUEL5bbMF0Ad2qcrRHG1oxiaxMczBMsZdo
mm4EPgOEX6oSDBql03o=
-----END CERTIFICATE-----
Generated at Sat Jun 29 04:25:24 2024 by rpki-client on console-fra.rpki-client.org