Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/T4IvO-xwyr_3GKR1cHEKn1c-vF4.roa
File: T4IvO-xwyr_3GKR1cHEKn1c-vF4.roa (raw, json)
Hash identifier: vFG7JLUjllBPDpeQWcnE+ztb4V4ctAd8QaFfxMdiBAc=
Subject key identifier: 4F:82:2F:3B:EC:70:CA:BF:F7:18:A4:75:70:71:0A:9F:57:3E:BC:5E
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0191A3F49CFAE5968A1D99E4926705877FBB
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/T4IvO-xwyr_3GKR1cHEKn1c-vF4.roa
Signing time: Fri 30 Aug 2024 15:43:22 +0000
ROA not before: Fri 30 Aug 2024 15:43:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8888
IP address blocks: 45.14.105.0/24 maxlen: 32
45.14.107.0/24 maxlen: 32
45.87.92.0/22 maxlen: 32
45.87.92.0/24 maxlen: 32
45.87.93.0/24 maxlen: 32
45.87.95.0/24 maxlen: 32
45.90.210.0/24 maxlen: 24
45.92.157.0/24 maxlen: 24
45.130.20.0/22 maxlen: 24
45.131.152.0/22 maxlen: 24
45.135.40.0/22 maxlen: 32
45.139.192.0/22 maxlen: 24
45.139.192.0/24 maxlen: 32
45.139.195.0/24 maxlen: 32
45.143.232.0/22 maxlen: 24
45.143.233.0/24 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
80.66.196.0/22 maxlen: 24
92.118.188.0/24 maxlen: 32
94.124.116.0/22 maxlen: 24
95.214.164.0/22 maxlen: 24
141.98.196.0/22 maxlen: 24
149.62.44.0/22 maxlen: 24
185.194.52.0/22 maxlen: 24
185.194.54.0/24 maxlen: 32
185.200.64.0/22 maxlen: 24
185.222.216.0/21 maxlen: 24
185.248.87.0/24 maxlen: 32
193.111.30.0/23 maxlen: 24
193.177.220.0/24 maxlen: 32
193.177.221.0/24 maxlen: 32
194.36.24.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
194.169.54.0/23 maxlen: 24
194.169.54.0/24 maxlen: 24
195.245.219.0/24 maxlen: 32
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
2a06:4fc0::/29 maxlen: 48
2a06:57c0::/29 maxlen: 48
2a07:e900::/29 maxlen: 48
2a07:fa00::/29 maxlen: 48
2a09:0:15::/48 maxlen: 48
2a09:6::/48 maxlen: 48
2a09:6:1::/48 maxlen: 48
2a0c:ed40::/29 maxlen: 48
2a0d:1fc0::/29 maxlen: 48
2a0d:3640::/29 maxlen: 48
2a0d:4340::/29 maxlen: 48
2a0d:4bc0::/29 maxlen: 48
2a0d:7540::/29 maxlen: 48
2a0d:de80::/29 maxlen: 48
2a0e:6200::/29 maxlen: 48
2a10:2600::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a3:f4:9c:fa:e5:96:8a:1d:99:e4:92:67:05:87:7f:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Aug 30 15:43:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f822f3bec70cabff718a47570710a9f573ebc5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e0:64:0f:02:55:55:98:0c:56:80:4f:fc:73:
52:b8:aa:69:9a:bd:90:c7:65:12:ff:fd:2f:61:ef:
e8:63:ce:07:5c:3a:8b:94:f7:54:6e:0d:41:cf:0f:
19:5d:5d:a6:f0:3b:d2:6a:72:e3:2d:d2:48:2b:94:
da:62:78:70:11:be:21:02:ab:dc:ae:6e:e6:e1:42:
9c:cd:1e:71:b4:c3:74:d9:24:c3:12:4c:49:2b:07:
c8:1d:fc:66:3f:2d:fe:eb:0e:f9:8d:0e:11:12:8e:
57:bc:d6:9d:5e:db:f4:5b:57:38:80:c1:a1:3d:c6:
2c:4e:d6:bd:58:96:cb:ca:0e:24:ea:75:3b:af:9b:
25:8b:1f:67:e9:47:17:70:59:ce:32:b7:4d:5c:ea:
a4:99:82:5e:6f:14:22:34:93:b7:eb:a5:96:df:75:
a8:e6:a1:55:08:ec:b8:ba:b5:56:53:8b:8b:8b:9c:
f3:8c:a2:9f:29:7e:07:fe:05:48:f1:09:37:b9:59:
0e:a7:21:31:38:ce:1f:59:36:6b:d7:75:48:06:69:
5e:01:bf:4f:d4:35:c6:a7:df:b2:c3:1f:d9:6f:38:
21:c1:70:8d:19:fd:c2:b0:62:99:25:5d:90:39:aa:
84:c1:5a:12:35:c9:bc:88:85:09:58:bc:fe:e0:df:
f0:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:82:2F:3B:EC:70:CA:BF:F7:18:A4:75:70:71:0A:9F:57:3E:BC:5E
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/T4IvO-xwyr_3GKR1cHEKn1c-vF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.105.0/24
45.14.107.0/24
45.87.92.0/22
45.90.210.0/24
45.92.157.0/24
45.130.20.0/22
45.131.152.0/22
45.135.40.0/22
45.139.192.0/22
45.143.232.0/22
80.66.196.0/22
92.118.188.0/24
94.124.116.0/22
95.214.164.0/22
141.98.196.0/22
149.62.44.0/22
185.194.52.0/22
185.200.64.0/22
185.222.216.0/21
185.248.87.0/24
193.111.30.0/23
193.177.220.0/23
194.36.24.0/24
194.104.152.0/22
194.169.54.0/23
195.245.219.0/24
195.245.241.0-195.245.242.255
IPv6:
2a06:4fc0::/29
2a06:57c0::/29
2a07:e900::/29
2a07:fa00::/29
2a09:0:15::/48
2a09:6::/47
2a0c:ed40::/29
2a0d:1fc0::/29
2a0d:3640::/29
2a0d:4340::/29
2a0d:4bc0::/29
2a0d:7540::/29
2a0d:de80::/29
2a0e:6200::/29
2a10:2600::/29
Signature Algorithm: sha256WithRSAEncryption
82:bb:89:aa:30:0b:aa:49:bc:74:df:b3:bd:d4:89:7f:a0:24:
2a:eb:fd:80:57:08:c8:f4:e0:0b:78:86:a0:62:d9:7b:cd:91:
28:f3:8f:f2:69:c5:86:2b:f4:84:82:96:77:f2:63:ac:d0:2d:
02:0b:58:56:0b:13:6b:70:4a:50:fc:bf:40:27:7f:ee:20:aa:
c1:a4:02:a7:d3:80:c2:49:66:52:93:81:78:32:fd:7c:b6:6a:
83:f3:a0:27:44:58:48:fc:6f:14:a5:df:3f:6e:fd:cf:b1:cf:
bb:24:74:cc:74:ee:bf:9c:ea:b1:c0:96:c7:08:50:d4:92:7c:
cc:39:b6:a8:39:56:9b:b9:be:4c:7e:28:06:e9:97:e9:25:1f:
b4:13:ab:92:8a:ea:d4:49:e3:64:23:b1:c1:ef:8b:25:6b:c0:
33:5a:c5:9c:75:ca:4e:4c:01:e7:76:2e:23:95:c6:54:bb:c6:
91:ca:90:b0:d8:41:94:98:54:ea:60:60:9c:bc:6d:0d:7f:d6:
45:b5:75:56:04:26:43:c7:59:f7:ba:9b:53:2d:42:e6:09:16:
fe:13:1a:51:8d:5a:37:7c:cd:8a:f2:e9:81:18:14:4a:48:de:
94:0e:3a:e5:07:9e:62:98:8c:7d:25:e4:31:2b:d7:fb:85:72:
e9:ff:a0:d4
-----BEGIN CERTIFICATE-----
MIIGHjCCBQagAwIBAgISAZGj9Jz65ZaKHZnkkmcFh3+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwODMwMTU0MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjgyMmYzYmVjNzBjYWJmZjcxOGE0NzU3MDcxMGE5ZjU3M2ViYzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2eBkDwJVVZgMVoBP/HNSuKppmr2Q
x2US//0vYe/oY84HXDqLlPdUbg1Bzw8ZXV2m8DvSanLjLdJIK5TaYnhwEb4hAqvc
rm7m4UKczR5xtMN02STDEkxJKwfIHfxmPy3+6w75jQ4REo5XvNadXtv0W1c4gMGh
PcYsTta9WJbLyg4k6nU7r5slix9n6UcXcFnOMrdNXOqkmYJebxQiNJO366WW33Wo
5qFVCOy4urVWU4uLi5zzjKKfKX4H/gVI8Qk3uVkOpyExOM4fWTZr13VIBmleAb9P
1DXGp9+ywx/ZbzghwXCNGf3CsGKZJV2QOaqEwVoSNcm8iIUJWLz+4N/wFQIDAQAB
o4IDKjCCAyYwHQYDVR0OBBYEFE+CLzvscMq/9xikdXBxCp9XPrxeMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvVDRJdk8teHd5cl8zR0tSMWNIRUtuMWMtdkY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPgYIKwYBBQUHAQcBAf8EggEtMIIBKTCBsQQCAAEwgaoD
BAAtDmkDBAAtDmsDBAItV1wDBAAtWtIDBAAtXJ0DBAItghQDBAItg5gDBAIthygD
BAIti8ADBAItj+gDBAJQQsQDBABcdrwDBAJefHQDBAJf1qQDBAKNYsQDBAKVPiwD
BAK5wjQDBAK5yEADBAO53tgDBAC5+FcDBAHBbx4DBAHBsdwDBADCJBgDBALCaJgD
BAHCqTYDBADD9dswDAMEAMP18QMEAMP18jBzBAIAAjBtAwUDKgZPwAMFAyoGV8AD
BQMqB+kAAwUDKgf6AAMHACoJAAAAFQMHASoJAAYAAAMFAyoM7UADBQMqDR/AAwUD
Kg02QAMFAyoNQ0ADBQMqDUvAAwUDKg11QAMFAyoN3oADBQMqDmIAAwUDKhAmADAN
BgkqhkiG9w0BAQsFAAOCAQEAgruJqjALqkm8dN+zvdSJf6AkKuv9gFcIyPTgC3iG
oGLZe82RKPOP8mnFhiv0hIKWd/JjrNAtAgtYVgsTa3BKUPy/QCd/7iCqwaQCp9OA
wklmUpOBeDL9fLZqg/OgJ0RYSPxvFKXfP279z7HPuyR0zHTuv5zqscCWxwhQ1JJ8
zDm2qDlWm7m+TH4oBumX6SUftBOrkorq1EnjZCOxwe+LJWvAM1rFnHXKTkwB53Yu
I5XGVLvGkcqQsNhBlJhU6mBgnLxtDX/WRbV1VgQmQ8dZ97qbUy1C5gkW/hMaUY1a
N3zNivLpgRgUSkjelA465QeeYpiMfSXkMSvX+4Vy6f+g1A==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:55:50 2024 by rpki-client on console-ams.rpki-client.org