Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/P_H5I901p9uT4TULpcfUWpnfgxc.roa
File: P_H5I901p9uT4TULpcfUWpnfgxc.roa (raw, json)
Hash identifier: 5nYschX/VQUuVCl6HMxh2V0MkBgtU9xLQ/f2zZLAuzo=
Subject key identifier: 3F:F1:F9:23:DD:35:A7:DB:93:E1:35:0B:A5:C7:D4:5A:99:DF:83:17
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 0194244572C7A4443DA7D5959CAA561006E1
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/P_H5I901p9uT4TULpcfUWpnfgxc.roa
Signing time: Wed 01 Jan 2025 23:48:38 +0000
ROA not before: Wed 01 Jan 2025 23:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 147.136.65.0/24 maxlen: 24
147.136.66.0/24 maxlen: 24
147.136.67.0/24 maxlen: 24
147.136.68.0/24 maxlen: 24
147.136.69.0/24 maxlen: 24
147.136.71.0/24 maxlen: 24
147.136.76.0/24 maxlen: 24
168.199.165.0/24 maxlen: 24
168.199.170.0/24 maxlen: 24
168.199.171.0/24 maxlen: 24
168.199.172.0/24 maxlen: 24
168.199.173.0/24 maxlen: 24
168.199.175.0/24 maxlen: 24
168.199.176.0/24 maxlen: 24
168.199.177.0/24 maxlen: 24
168.199.178.0/24 maxlen: 24
168.199.179.0/24 maxlen: 24
168.199.180.0/24 maxlen: 24
168.199.181.0/24 maxlen: 24
168.199.182.0/24 maxlen: 24
168.199.183.0/24 maxlen: 24
168.199.184.0/24 maxlen: 24
168.199.185.0/24 maxlen: 24
168.199.187.0/24 maxlen: 24
168.199.188.0/24 maxlen: 24
168.199.189.0/24 maxlen: 24
168.199.190.0/24 maxlen: 24
168.199.191.0/24 maxlen: 24
168.199.196.0/24 maxlen: 24
168.199.197.0/24 maxlen: 24
168.199.198.0/24 maxlen: 24
168.199.199.0/24 maxlen: 24
168.199.200.0/24 maxlen: 24
168.199.201.0/24 maxlen: 24
168.199.205.0/24 maxlen: 24
168.199.207.0/24 maxlen: 24
168.199.210.0/24 maxlen: 24
168.199.231.0/24 maxlen: 24
168.199.233.0/24 maxlen: 24
192.95.81.0/24 maxlen: 24
192.95.82.0/24 maxlen: 24
192.95.84.0/24 maxlen: 24
192.95.87.0/24 maxlen: 24
192.95.88.0/24 maxlen: 24
192.95.89.0/24 maxlen: 24
192.95.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 11:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:72:c7:a4:44:3d:a7:d5:95:9c:aa:56:10:06:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 1 23:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ff1f923dd35a7db93e1350ba5c7d45a99df8317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fc:6d:f6:a1:73:01:d2:77:b3:b5:1b:bb:23:
c1:ab:56:07:aa:08:62:c5:73:cd:2e:b3:f6:a0:0c:
27:4a:08:f5:4c:1d:e5:62:70:16:96:90:0a:55:3f:
9d:e5:7c:80:10:ec:cd:c1:5b:24:b5:14:6c:b5:22:
58:8f:43:27:ff:2c:87:18:e3:b8:67:3a:3e:f2:6e:
ff:13:31:2f:5e:ec:50:91:eb:ab:32:c1:9e:37:90:
cf:13:91:df:56:5d:0a:04:e6:22:5c:ed:56:e4:7e:
3f:79:50:5b:25:eb:d4:56:89:0a:d4:f6:a4:f3:a4:
e0:e3:b5:29:be:44:18:24:b6:9a:33:81:79:f7:bf:
23:c4:0f:23:98:c4:0d:c9:76:77:0b:2d:2f:86:9c:
31:a9:3d:2c:d9:39:12:fa:80:08:80:0a:0c:78:84:
08:c7:27:ce:57:03:2a:67:d5:f9:5b:45:06:4b:44:
b7:ef:f3:8a:b3:c3:9a:67:35:3f:31:11:c8:2d:9d:
69:34:21:52:eb:a9:6a:b6:5a:15:af:1d:8d:bf:62:
87:0e:c9:36:d2:5d:75:80:46:90:a7:29:e6:60:5f:
eb:0e:8a:70:cc:a9:8b:53:a9:6f:ad:22:6f:49:c0:
d8:3c:30:a2:e3:17:34:b4:22:6f:65:f4:f2:41:02:
ac:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:F1:F9:23:DD:35:A7:DB:93:E1:35:0B:A5:C7:D4:5A:99:DF:83:17
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/P_H5I901p9uT4TULpcfUWpnfgxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.136.65.0-147.136.69.255
147.136.71.0/24
147.136.76.0/24
168.199.165.0/24
168.199.170.0-168.199.173.255
168.199.175.0-168.199.185.255
168.199.187.0-168.199.191.255
168.199.196.0-168.199.201.255
168.199.205.0/24
168.199.207.0/24
168.199.210.0/24
168.199.231.0/24
168.199.233.0/24
192.95.81.0-192.95.82.255
192.95.84.0/24
192.95.87.0-192.95.90.255
Signature Algorithm: sha256WithRSAEncryption
59:cb:71:11:e0:ae:5d:d4:4d:3a:e2:26:2b:5f:32:b9:e7:21:
21:1f:fb:68:36:1b:46:59:fa:f6:59:87:43:7f:e0:26:67:04:
d9:51:fe:21:a2:ab:24:84:7f:9b:fc:07:04:1c:c0:dc:72:8c:
4b:da:1c:e4:a2:b8:0a:f7:d9:67:89:b0:78:d1:fe:89:a5:3d:
9d:33:be:14:5b:6a:fa:d6:ef:41:b5:fd:53:d3:6f:e2:40:21:
d9:be:03:94:cb:71:bf:81:11:7e:20:8c:46:b0:d7:0f:1c:76:
1b:4a:1f:e4:86:4a:bc:15:e9:57:f7:21:d8:2a:9e:44:4e:0f:
eb:94:c9:45:b7:5a:fd:a8:2d:0b:3a:83:8d:99:63:64:6e:0d:
9a:82:e4:69:9f:a6:d0:4a:fd:92:ef:54:06:5d:be:62:12:94:
37:02:11:81:79:d2:ae:31:cc:d7:9b:10:13:fa:53:ed:ab:63:
be:89:32:51:54:11:75:88:13:b4:9d:44:e0:0d:4f:57:8d:3a:
f0:88:13:a4:09:19:4c:bc:e8:6f:1a:41:bc:cc:1c:20:af:1f:
8f:ed:b0:8a:1b:44:18:87:23:5b:77:e3:df:83:2a:20:0a:a7:
7f:59:fb:f4:ed:2f:0a:86:50:44:eb:7b:a2:dd:05:fe:36:03:
0f:d8:75:2c
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZQkRXLHpEQ9p9WVnKpWEAbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjUwMTAxMjM0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmYxZjkyM2RkMzVhN2RiOTNlMTM1MGJhNWM3ZDQ1YTk5ZGY4MzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/xt9qFzAdJ3s7UbuyPBq1YHqghi
xXPNLrP2oAwnSgj1TB3lYnAWlpAKVT+d5XyAEOzNwVsktRRstSJYj0Mn/yyHGOO4
Zzo+8m7/EzEvXuxQkeurMsGeN5DPE5HfVl0KBOYiXO1W5H4/eVBbJevUVokK1Pak
86Tg47UpvkQYJLaaM4F5978jxA8jmMQNyXZ3Cy0vhpwxqT0s2TkS+oAIgAoMeIQI
xyfOVwMqZ9X5W0UGS0S37/OKs8OaZzU/MRHILZ1pNCFS66lqtloVrx2Nv2KHDsk2
0l11gEaQpynmYF/rDopwzKmLU6lvrSJvScDYPDCi4xc0tCJvZfTyQQKsgwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFD/x+SPdNafbk+E1C6XH1FqZ34MXMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvUF9INUk5MDFwOXVUNFRVTHBjZlVXcG5mZ3hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgwDAME
AJOIQQMEAZOIRAMEAJOIRwMEAJOITAMEAKjHpTAMAwQBqMeqAwQBqMesMAwDBACo
x68DBAGox7gwDAMEAKjHuwMEBqjHgDAMAwQCqMfEAwQBqMfIAwQAqMfNAwQAqMfP
AwQAqMfSAwQAqMfnAwQAqMfpMAwDBADAX1EDBADAX1IDBADAX1QwDAMEAMBfVwME
AMBfWjANBgkqhkiG9w0BAQsFAAOCAQEAWctxEeCuXdRNOuImK18yuechIR/7aDYb
Rln69lmHQ3/gJmcE2VH+IaKrJIR/m/wHBBzA3HKMS9oc5KK4CvfZZ4mweNH+iaU9
nTO+FFtq+tbvQbX9U9Nv4kAh2b4DlMtxv4ERfiCMRrDXDxx2G0of5IZKvBXpV/ch
2CqeRE4P65TJRbda/agtCzqDjZljZG4NmoLkaZ+m0Er9ku9UBl2+YhKUNwIRgXnS
rjHM15sQE/pT7atjvokyUVQRdYgTtJ1E4A1PV4068IgTpAkZTLzobxpBvMwcIK8f
j+2wihtEGIcjW3fj34MqIAqnf1n79O0vCoZQROt7ot0F/jYDD9h1LA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 19:11:10 2025 by rpki-client