Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/AvqK7fCgDQjM013QtrgQ6yDiy_o.roa
File: AvqK7fCgDQjM013QtrgQ6yDiy_o.roa (raw, json)
Hash identifier: 6XJVvc7Twjxy4pBK2HYeOAK60ZqzluHrP5oYnFk8OtM=
Subject key identifier: 02:FA:8A:ED:F0:A0:0D:08:CC:D3:5D:D0:B6:B8:10:EB:20:E2:CB:FA
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018F158E8916F65A4B50E2FC2BF1C3710D18
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/AvqK7fCgDQjM013QtrgQ6yDiy_o.roa
Signing time: Thu 25 Apr 2024 14:00:13 +0000
ROA not before: Thu 25 Apr 2024 14:00:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8888
IP address blocks: 45.14.107.0/24 maxlen: 32
45.87.92.0/22 maxlen: 32
45.87.92.0/24 maxlen: 32
45.87.93.0/24 maxlen: 32
45.87.95.0/24 maxlen: 32
45.90.210.0/24 maxlen: 24
45.92.157.0/24 maxlen: 24
45.130.20.0/22 maxlen: 24
45.131.152.0/22 maxlen: 24
45.135.40.0/22 maxlen: 32
45.139.192.0/22 maxlen: 24
45.139.192.0/24 maxlen: 32
45.139.195.0/24 maxlen: 32
45.143.232.0/22 maxlen: 24
45.143.233.0/24 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
80.66.196.0/22 maxlen: 24
94.124.116.0/22 maxlen: 24
95.214.164.0/22 maxlen: 24
141.98.196.0/22 maxlen: 24
149.62.44.0/22 maxlen: 24
185.194.52.0/22 maxlen: 24
185.194.54.0/24 maxlen: 32
185.200.64.0/22 maxlen: 24
185.222.216.0/21 maxlen: 24
185.248.87.0/24 maxlen: 32
193.111.30.0/23 maxlen: 24
194.36.24.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
194.169.54.0/23 maxlen: 24
194.169.54.0/24 maxlen: 24
195.245.219.0/24 maxlen: 32
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
2a06:4fc0::/29 maxlen: 48
2a06:57c0::/29 maxlen: 48
2a07:e900::/29 maxlen: 48
2a07:fa00::/29 maxlen: 48
2a09:0:15::/48 maxlen: 48
2a09:6::/48 maxlen: 48
2a09:6:1::/48 maxlen: 48
2a0c:ed40::/29 maxlen: 48
2a0d:1fc0::/29 maxlen: 48
2a0d:3640::/29 maxlen: 48
2a0d:4340::/29 maxlen: 48
2a0d:4bc0::/29 maxlen: 48
2a0d:7540::/29 maxlen: 48
2a0d:de80::/29 maxlen: 48
2a0e:6200::/29 maxlen: 48
2a10:2600::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 11:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:15:8e:89:16:f6:5a:4b:50:e2:fc:2b:f1:c3:71:0d:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Apr 25 14:00:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02fa8aedf0a00d08ccd35dd0b6b810eb20e2cbfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:91:6b:9c:3f:36:e4:09:c3:be:4f:7c:fb:3a:
d9:9c:2f:ab:b4:38:f1:80:95:8a:1d:f3:13:cb:be:
54:2f:5d:01:88:30:81:51:24:df:92:94:42:9c:10:
77:93:7e:b2:42:53:b5:bb:51:d6:47:c6:22:27:b4:
58:c3:2a:7b:5f:5e:5c:4d:df:e0:71:08:3d:70:80:
88:fd:3b:ae:bb:f0:50:7a:d9:cf:8c:4a:a6:c2:74:
e1:d2:d1:4f:9d:9e:9d:77:00:ae:9f:98:8e:25:33:
b5:d1:4c:7d:ef:a2:fc:84:58:95:59:ee:d8:41:58:
c7:1f:11:d6:65:41:ae:46:44:b3:e0:0d:a7:e7:35:
dd:0a:a9:af:5c:22:f1:d1:d8:c8:32:2f:ec:4f:d6:
df:33:92:b0:eb:96:af:31:59:8c:69:ca:60:85:8c:
f2:36:a8:1a:be:7b:1c:22:3d:16:5c:21:dd:11:48:
18:97:2a:97:ff:35:e8:53:a5:bd:b4:01:88:89:a6:
2f:28:46:70:9e:13:7f:eb:28:f5:12:36:20:6a:10:
86:bd:6b:ff:b0:b7:00:21:2b:9a:63:ca:b5:49:1d:
5f:9e:0a:83:f7:62:14:13:bd:c4:97:75:cb:db:7e:
ca:9a:fc:cd:ff:e9:2b:47:69:81:db:dd:61:b8:27:
34:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:FA:8A:ED:F0:A0:0D:08:CC:D3:5D:D0:B6:B8:10:EB:20:E2:CB:FA
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/AvqK7fCgDQjM013QtrgQ6yDiy_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.107.0/24
45.87.92.0/22
45.90.210.0/24
45.92.157.0/24
45.130.20.0/22
45.131.152.0/22
45.135.40.0/22
45.139.192.0/22
45.143.232.0/22
80.66.196.0/22
94.124.116.0/22
95.214.164.0/22
141.98.196.0/22
149.62.44.0/22
185.194.52.0/22
185.200.64.0/22
185.222.216.0/21
185.248.87.0/24
193.111.30.0/23
194.36.24.0/24
194.104.152.0/22
194.169.54.0/23
195.245.219.0/24
195.245.241.0-195.245.242.255
IPv6:
2a06:4fc0::/29
2a06:57c0::/29
2a07:e900::/29
2a07:fa00::/29
2a09:0:15::/48
2a09:6::/47
2a0c:ed40::/29
2a0d:1fc0::/29
2a0d:3640::/29
2a0d:4340::/29
2a0d:4bc0::/29
2a0d:7540::/29
2a0d:de80::/29
2a0e:6200::/29
2a10:2600::/29
Signature Algorithm: sha256WithRSAEncryption
66:18:ca:e2:26:1c:d6:75:92:1b:48:49:38:05:ce:c5:f6:bf:
77:28:b5:25:77:f0:0f:29:3e:e3:e6:d9:7f:a3:59:19:39:ba:
a2:74:d8:bf:8a:60:79:33:f2:47:81:bd:be:b2:b1:03:cd:1c:
c2:8a:6e:80:55:17:e1:ef:b0:6e:8f:83:3c:50:23:f1:8c:01:
1b:a9:ea:e8:7a:fd:25:07:0d:91:c1:0a:c2:92:9e:b4:55:5f:
ca:b0:4d:58:95:34:b3:c6:86:87:29:a7:1a:4c:de:7f:62:b6:
45:99:1c:ca:ee:44:14:f8:9c:8d:d3:58:5c:6a:9d:7b:8e:2b:
17:3a:e9:77:34:4c:15:9b:cb:85:a6:2d:41:0a:a9:1a:fd:07:
54:19:87:84:04:b7:d2:f4:a7:dc:a7:95:3a:02:27:b5:16:9c:
79:a5:2a:86:89:25:5c:48:9c:78:9f:3a:e2:4f:4d:3b:a5:bb:
40:59:06:fc:22:20:09:36:fa:a8:a2:51:4a:16:c8:80:32:f1:
12:7d:f1:a3:2d:dd:13:0e:cc:7c:22:20:32:46:91:e4:49:d9:
c4:8d:90:79:80:c2:68:9e:d5:48:07:b4:f3:9c:89:21:8c:e6:
14:39:98:70:90:f7:e9:eb:93:ce:cb:83:9f:c4:7d:f4:49:4e:
8a:25:7c:27
-----BEGIN CERTIFICATE-----
MIIGDDCCBPSgAwIBAgISAY8VjokW9lpLUOL8K/HDcQ0YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwNDI1MTQwMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmZhOGFlZGYwYTAwZDA4Y2NkMzVkZDBiNmI4MTBlYjIwZTJjYmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZFrnD825AnDvk98+zrZnC+rtDjx
gJWKHfMTy75UL10BiDCBUSTfkpRCnBB3k36yQlO1u1HWR8YiJ7RYwyp7X15cTd/g
cQg9cICI/Tuuu/BQetnPjEqmwnTh0tFPnZ6ddwCun5iOJTO10Ux976L8hFiVWe7Y
QVjHHxHWZUGuRkSz4A2n5zXdCqmvXCLx0djIMi/sT9bfM5Kw65avMVmMacpghYzy
NqgavnscIj0WXCHdEUgYlyqX/zXoU6W9tAGIiaYvKEZwnhN/6yj1EjYgahCGvWv/
sLcAISuaY8q1SR1fngqD92IUE73El3XL237KmvzN/+krR2mB291huCc01wIDAQAB
o4IDGDCCAxQwHQYDVR0OBBYEFAL6iu3woA0IzNNd0La4EOsg4sv6MB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvQXZxSzdmQ2dEUWpNMDEzUXRyZ1E2eURpeV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLAYIKwYBBQUHAQcBAf8EggEbMIIBFzCBnwQCAAEwgZgD
BAAtDmsDBAItV1wDBAAtWtIDBAAtXJ0DBAItghQDBAItg5gDBAIthygDBAIti8AD
BAItj+gDBAJQQsQDBAJefHQDBAJf1qQDBAKNYsQDBAKVPiwDBAK5wjQDBAK5yEAD
BAO53tgDBAC5+FcDBAHBbx4DBADCJBgDBALCaJgDBAHCqTYDBADD9dswDAMEAMP1
8QMEAMP18jBzBAIAAjBtAwUDKgZPwAMFAyoGV8ADBQMqB+kAAwUDKgf6AAMHACoJ
AAAAFQMHASoJAAYAAAMFAyoM7UADBQMqDR/AAwUDKg02QAMFAyoNQ0ADBQMqDUvA
AwUDKg11QAMFAyoN3oADBQMqDmIAAwUDKhAmADANBgkqhkiG9w0BAQsFAAOCAQEA
ZhjK4iYc1nWSG0hJOAXOxfa/dyi1JXfwDyk+4+bZf6NZGTm6onTYv4pgeTPyR4G9
vrKxA80cwopugFUX4e+wbo+DPFAj8YwBG6nq6Hr9JQcNkcEKwpKetFVfyrBNWJU0
s8aGhymnGkzef2K2RZkcyu5EFPicjdNYXGqde44rFzrpdzRMFZvLhaYtQQqpGv0H
VBmHhAS30vSn3KeVOgIntRaceaUqhoklXEiceJ864k9NO6W7QFkG/CIgCTb6qKJR
ShbIgDLxEn3xoy3dEw7MfCIgMkaR5EnZxI2QeYDCaJ7VSAe085yJIYzmFDmYcJD3
6euTzsuDn8R99ElOiiV8Jw==
-----END CERTIFICATE-----
Generated at Mon May 27 18:03:36 2024 by rpki-client on console-fra.rpki-client.org