Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/mgZJPL0nR3ZEehAjPHzv4kedWww.roa
File: mgZJPL0nR3ZEehAjPHzv4kedWww.roa (raw, json)
Hash identifier: 89tsemg9bwljRD4qyclcULNS89/gjzWeZiimoRrRYFo=
Subject key identifier: 9A:06:49:3C:BD:27:47:76:44:7A:10:23:3C:7C:EF:E2:47:9D:5B:0C
Certificate issuer: /CN=237f7db033314c473cda194e0df79f1c375da3f4
Certificate serial: 018CC86FEF0E4C4AAA03FA1B9699F8A069D9
Authority key identifier: 23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/mgZJPL0nR3ZEehAjPHzv4kedWww.roa
Signing time: Tue 02 Jan 2024 04:30:27 +0000
ROA not before: Tue 02 Jan 2024 04:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3225
IP address blocks: 91.140.216.0/22 maxlen: 24
91.140.221.0/24 maxlen: 24
91.140.220.0/24 maxlen: 24
91.140.224.0/22 maxlen: 24
91.140.224.0/24 maxlen: 24
91.140.222.0/24 maxlen: 24
91.140.223.0/24 maxlen: 24
91.140.226.0/24 maxlen: 24
91.140.233.0/24 maxlen: 24
91.140.228.0/22 maxlen: 24
91.140.232.0/24 maxlen: 24
91.140.240.0/24 maxlen: 24
91.140.235.0/24 maxlen: 24
91.140.234.0/24 maxlen: 24
91.140.238.0/24 maxlen: 24
91.140.239.0/24 maxlen: 24
91.140.236.0/24 maxlen: 24
91.140.237.0/24 maxlen: 24
91.140.242.0/24 maxlen: 24
91.140.241.0/24 maxlen: 24
91.140.246.0/24 maxlen: 24
91.140.244.0/22 maxlen: 24
91.140.248.0/22 maxlen: 24
91.140.248.0/24 maxlen: 24
91.140.249.0/24 maxlen: 24
91.140.252.0/22 maxlen: 24
91.140.252.0/24 maxlen: 24
91.140.253.0/24 maxlen: 24
91.140.250.0/24 maxlen: 24
91.140.251.0/24 maxlen: 24
91.140.255.0/24 maxlen: 24
91.140.254.0/24 maxlen: 24
185.16.4.0/22 maxlen: 24
91.140.164.0/22 maxlen: 24
91.140.160.0/22 maxlen: 24
91.140.172.0/22 maxlen: 24
94.187.224.0/19 maxlen: 24
91.140.180.0/22 maxlen: 24
94.187.232.0/22 maxlen: 24
91.140.192.0/22 maxlen: 24
94.187.228.0/22 maxlen: 24
91.140.188.0/22 maxlen: 24
91.140.196.0/22 maxlen: 24
94.187.236.0/22 maxlen: 24
94.187.240.0/22 maxlen: 24
91.140.200.0/22 maxlen: 24
91.140.201.0/24 maxlen: 24
91.140.203.0/24 maxlen: 24
94.187.244.0/22 maxlen: 24
91.140.204.0/22 maxlen: 24
91.140.202.0/24 maxlen: 24
94.187.252.0/22 maxlen: 24
91.140.212.0/22 maxlen: 24
91.140.207.0/24 maxlen: 24
94.187.248.0/22 maxlen: 24
91.140.208.0/22 maxlen: 24
91.140.128.0/17 maxlen: 24
91.140.128.0/22 maxlen: 24
91.140.132.0/22 maxlen: 24
91.140.140.0/22 maxlen: 24
91.140.152.0/22 maxlen: 24
91.140.148.0/22 maxlen: 24
194.54.241.0/24 maxlen: 24
194.54.244.0/22 maxlen: 24
194.54.243.0/24 maxlen: 24
194.54.248.0/22 maxlen: 24
194.54.252.0/22 maxlen: 24
194.54.192.0/19 maxlen: 24
194.54.196.0/22 maxlen: 24
194.54.192.0/18 maxlen: 24
194.54.194.0/23 maxlen: 24
194.54.204.0/22 maxlen: 24
194.54.200.0/22 maxlen: 24
194.54.202.0/24 maxlen: 24
194.54.209.0/24 maxlen: 24
194.54.208.0/24 maxlen: 24
194.54.208.0/22 maxlen: 24
194.54.212.0/22 maxlen: 24
194.54.216.0/22 maxlen: 24
194.54.224.0/19 maxlen: 24
194.54.220.0/24 maxlen: 24
194.54.220.0/22 maxlen: 24
194.54.224.0/22 maxlen: 24
194.54.232.0/22 maxlen: 24
194.54.228.0/22 maxlen: 24
194.54.234.0/24 maxlen: 24
194.54.236.0/22 maxlen: 24
194.54.240.0/22 maxlen: 24
2a01:7780::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/I399sDMxTEc82hlODfefHDddo_Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/I399sDMxTEc82hlODfefHDddo_Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Jun 2024 07:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:ef:0e:4c:4a:aa:03:fa:1b:96:99:f8:a0:69:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=237f7db033314c473cda194e0df79f1c375da3f4
Validity
Not Before: Jan 2 04:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a06493cbd274776447a10233c7cefe2479d5b0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f7:39:d8:d2:01:7c:76:a8:f4:a0:20:a8:62:
bd:cd:9d:61:b1:ca:e4:99:48:c6:35:ea:23:6b:af:
08:6b:29:0f:cd:59:14:07:80:9f:3d:68:cf:be:6d:
a2:99:0e:96:10:99:19:c2:ef:31:e5:70:45:ce:e0:
7a:34:4b:79:c2:a1:b3:9a:1e:7c:0f:17:63:8e:7a:
90:c7:24:03:00:c3:80:c0:b7:b5:86:39:ea:ee:bc:
14:a4:3d:67:b6:93:ae:74:70:7a:77:d4:c9:e5:ad:
2c:5c:2a:01:da:5b:b1:91:52:d8:58:e0:bb:64:50:
dc:76:c4:a8:42:7c:44:d4:24:54:94:8e:a0:5c:e5:
73:53:82:fe:b0:94:77:0e:72:75:a4:de:9f:70:02:
fe:b1:ec:d4:d4:b6:0a:10:14:40:59:5e:76:3f:ce:
a8:c0:d0:ee:d3:ab:6f:b6:a8:e8:62:2e:30:6e:0e:
00:ac:7e:de:6b:bc:e8:3b:f8:00:50:d3:a9:04:fb:
db:bc:4f:14:83:94:e1:2f:d9:a1:68:eb:11:ff:bb:
6f:d5:c2:cf:44:78:92:cd:e2:67:ca:07:d4:81:76:
b9:26:24:fb:47:c1:e9:77:0a:3b:98:17:80:9e:72:
db:ac:20:41:07:05:cb:ca:c1:91:d2:63:b3:8f:06:
81:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:06:49:3C:BD:27:47:76:44:7A:10:23:3C:7C:EF:E2:47:9D:5B:0C
X509v3 Authority Key Identifier:
keyid:23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/mgZJPL0nR3ZEehAjPHzv4kedWww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/I399sDMxTEc82hlODfefHDddo_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.140.128.0/17
94.187.224.0/19
185.16.4.0/22
194.54.192.0/18
IPv6:
2a01:7780::/32
Signature Algorithm: sha256WithRSAEncryption
aa:f5:a1:d4:95:c9:c9:65:07:f5:77:e1:c0:73:a8:6d:c7:a1:
94:ed:06:bc:51:cf:b2:4e:8e:90:98:53:80:a3:4f:e0:0c:0a:
8f:a3:70:c6:e4:c2:d8:42:b1:d2:fa:ad:7e:af:50:c3:f7:43:
00:92:fe:68:dc:f2:ad:ea:3b:69:20:8d:0c:d0:22:f1:5f:48:
d1:36:be:01:e3:b7:a1:e3:be:62:01:0e:d4:9b:24:fa:c3:c4:
1e:97:24:9b:15:9b:98:67:35:1c:11:0f:90:13:45:c9:53:12:
94:1c:ca:27:68:11:2e:4c:e4:0c:45:26:0b:7d:90:2f:35:fc:
dd:02:09:17:64:b0:bf:ed:a3:0c:65:ed:fe:16:f1:bb:93:15:
b8:2b:47:34:48:c4:7c:e0:6f:fe:dd:78:cd:df:50:30:e4:ac:
1f:22:f5:6e:51:a0:ae:e1:08:ed:91:e7:f8:a2:62:35:3a:aa:
f7:a8:d9:6c:d0:f5:3c:e5:c1:66:94:5e:d5:30:55:38:b3:c8:
b9:51:52:04:f6:6c:fe:ba:b7:e9:fd:4b:94:da:1c:1f:55:da:
d0:37:65:c1:cf:06:e8:82:74:7b:52:b5:98:f7:8b:d3:c6:02:
e0:83:fd:af:4e:79:9e:ec:1a:2e:8b:cb:ab:fa:ce:df:01:fb:
61:47:8d:82
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzIb+8OTEqqA/oblpn4oGnZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2Y3ZGIwMzMzMTRjNDczY2RhMTk0ZTBkZjc5ZjFjMzc1
ZGEzZjQwHhcNMjQwMTAyMDQzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTA2NDkzY2JkMjc0Nzc2NDQ3YTEwMjMzYzdjZWZlMjQ3OWQ1YjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPc52NIBfHao9KAgqGK9zZ1hscrk
mUjGNeoja68IaykPzVkUB4CfPWjPvm2imQ6WEJkZwu8x5XBFzuB6NEt5wqGzmh58
DxdjjnqQxyQDAMOAwLe1hjnq7rwUpD1ntpOudHB6d9TJ5a0sXCoB2luxkVLYWOC7
ZFDcdsSoQnxE1CRUlI6gXOVzU4L+sJR3DnJ1pN6fcAL+sezU1LYKEBRAWV52P86o
wNDu06tvtqjoYi4wbg4ArH7ea7zoO/gAUNOpBPvbvE8Ug5ThL9mhaOsR/7tv1cLP
RHiSzeJnygfUgXa5JiT7R8Hpdwo7mBeAnnLbrCBBBwXLysGR0mOzjwaBlQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJoGSTy9J0d2RHoQIzx87+JHnVsMMB8GA1UdIwQY
MBaAFCN/fbAzMUxHPNoZTg33nxw3XaP0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYt
ZWUwNjAzOTQ5ZjkzLzEvbWdaSlBMMG5SM1pFZWhBalBIenY0a2VkV3d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYtZWUwNjAzOTQ5Zjkz
LzEvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQHW4yAAwQF
XrvgAwQCuRAEAwQGwjbAMA0EAgACMAcDBQAqAXeAMA0GCSqGSIb3DQEBCwUAA4IB
AQCq9aHUlcnJZQf1d+HAc6htx6GU7Qa8Uc+yTo6QmFOAo0/gDAqPo3DG5MLYQrHS
+q1+r1DD90MAkv5o3PKt6jtpII0M0CLxX0jRNr4B47eh475iAQ7UmyT6w8QelySb
FZuYZzUcEQ+QE0XJUxKUHMonaBEuTOQMRSYLfZAvNfzdAgkXZLC/7aMMZe3+FvG7
kxW4K0c0SMR84G/+3XjN31Aw5KwfIvVuUaCu4Qjtkef4omI1Oqr3qNls0PU85cFm
lF7VMFU4s8i5UVIE9mz+urfp/UuU2hwfVdrQN2XBzwbognR7UrWY94vTxgLgg/2v
Tnme7Boui8ur+s7fAfthR42C
-----END CERTIFICATE-----
Generated at Tue Jun 4 10:55:38 2024 by rpki-client on console-ams.rpki-client.org