Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/Alwd8urU3MKZlIMbBWRxTU4fcqQ.roa
File: Alwd8urU3MKZlIMbBWRxTU4fcqQ.roa (raw, json)
Hash identifier: UFD4vPzxMVa3/oUThIIrGkXO7lHClgrauVkH0898vjg=
Subject key identifier: 02:5C:1D:F2:EA:D4:DC:C2:99:94:83:1B:05:64:71:4D:4E:1F:72:A4
Certificate issuer: /CN=9da140e8028e6d537600e0888a9af5a971c5db46
Certificate serial: 018CC56EF56835F833874C3CCCD596BD24A9
Authority key identifier: 9D:A1:40:E8:02:8E:6D:53:76:00:E0:88:8A:9A:F5:A9:71:C5:DB:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/Alwd8urU3MKZlIMbBWRxTU4fcqQ.roa
Signing time: Mon 01 Jan 2024 14:30:32 +0000
ROA not before: Mon 01 Jan 2024 14:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1759
IP address blocks: 81.16.64.0/20 maxlen: 20
194.252.0.0/16 maxlen: 16
194.215.0.0/16 maxlen: 16
86.114.0.0/16 maxlen: 21
192.83.96.0/22 maxlen: 22
212.83.96.0/19 maxlen: 19
213.140.160.0/19 maxlen: 19
192.83.100.0/24 maxlen: 24
141.208.0.0/16 maxlen: 16
193.208.0.0/14 maxlen: 14
194.111.0.0/16 maxlen: 16
195.165.0.0/16 maxlen: 16
192.89.123.0/24 maxlen: 24
194.197.68.0/24 maxlen: 24
192.194.0.0/16 maxlen: 24
192.130.0.0/16 maxlen: 24
213.173.128.0/19 maxlen: 19
194.251.0.0/16 maxlen: 16
131.177.0.0/16 maxlen: 16
192.103.92.0/24 maxlen: 24
192.103.105.0/24 maxlen: 24
192.103.106.0/24 maxlen: 24
192.103.112.0/22 maxlen: 22
62.73.32.0/19 maxlen: 19
217.140.128.0/17 maxlen: 17
192.83.64.0/19 maxlen: 19
192.103.116.0/24 maxlen: 24
192.83.0.0/18 maxlen: 18
84.248.0.0/14 maxlen: 21
188.238.0.0/16 maxlen: 16
192.103.85.0/24 maxlen: 24
194.137.0.0/16 maxlen: 16
192.103.86.0/24 maxlen: 24
192.103.91.0/24 maxlen: 24
88.86.128.0/19 maxlen: 19
212.149.64.0/18 maxlen: 18
192.58.80.0/21 maxlen: 21
192.58.88.0/23 maxlen: 23
195.156.0.0/16 maxlen: 16
213.28.0.0/16 maxlen: 16
80.220.0.0/14 maxlen: 21
193.210.18.0/24 maxlen: 24
193.210.19.0/24 maxlen: 24
109.240.0.0/16 maxlen: 16
212.182.192.0/18 maxlen: 18
192.58.42.0/23 maxlen: 23
192.58.44.0/22 maxlen: 22
192.58.48.0/21 maxlen: 21
192.58.64.0/20 maxlen: 20
93.106.0.0/16 maxlen: 16
194.197.0.0/16 maxlen: 16
176.72.0.0/16 maxlen: 16
192.89.0.0/16 maxlen: 16
194.89.0.0/16 maxlen: 16
62.71.0.0/16 maxlen: 16
84.34.0.0/16 maxlen: 16
193.178.133.0/24 maxlen: 24
88.192.0.0/14 maxlen: 21
80.74.192.0/19 maxlen: 19
46.132.0.0/16 maxlen: 16
212.213.0.0/16 maxlen: 16
86.115.0.0/16 maxlen: 16
194.142.0.0/16 maxlen: 16
2001:8b8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/naFA6AKObVN2AOCIipr1qXHF20Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/naFA6AKObVN2AOCIipr1qXHF20Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f5:68:35:f8:33:87:4c:3c:cc:d5:96:bd:24:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9da140e8028e6d537600e0888a9af5a971c5db46
Validity
Not Before: Jan 1 14:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=025c1df2ead4dcc29994831b0564714d4e1f72a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:bb:9e:d7:32:88:a8:31:5a:61:e0:c8:c2:e0:
38:8e:f5:bc:81:6b:9e:da:0b:c4:ea:24:45:8d:1a:
66:71:f4:3f:46:9b:d8:a4:a0:6c:9c:9f:df:14:68:
0a:83:21:4c:45:46:63:6e:0e:2f:2b:00:56:86:78:
45:69:d0:a8:6f:f0:3b:8b:d0:be:52:5a:20:6c:85:
ed:a3:b9:3b:40:d1:55:c3:56:5b:6c:6d:99:38:40:
28:8d:f2:0b:b2:67:d6:3e:2d:c1:3a:eb:73:bf:4e:
b7:9a:a7:c0:67:e7:8a:cd:a1:b5:c6:3a:57:58:6e:
5f:27:3b:cf:6a:5b:1b:19:e8:95:e9:83:7e:62:a9:
1c:1a:b1:f1:18:82:a6:c4:29:65:6f:fe:fd:b5:e0:
3b:14:60:e6:4c:63:be:29:d6:4f:c7:58:74:4c:c9:
2f:cb:56:c6:5a:56:a4:0b:25:65:fd:1b:35:f2:90:
5c:df:bc:93:29:8a:12:cd:b1:bb:8e:3b:f9:00:ea:
20:c0:9d:c3:8c:5c:32:56:75:26:73:22:35:6d:10:
8a:80:a5:11:39:aa:8f:e5:99:14:4d:1e:79:5c:2f:
63:0c:f0:30:33:1c:ea:19:3d:bf:85:2b:b4:96:6b:
05:ca:66:b7:8e:e8:97:1e:07:f4:20:bf:b5:79:f6:
13:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:5C:1D:F2:EA:D4:DC:C2:99:94:83:1B:05:64:71:4D:4E:1F:72:A4
X509v3 Authority Key Identifier:
keyid:9D:A1:40:E8:02:8E:6D:53:76:00:E0:88:8A:9A:F5:A9:71:C5:DB:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/Alwd8urU3MKZlIMbBWRxTU4fcqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/naFA6AKObVN2AOCIipr1qXHF20Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.132.0.0/16
62.71.0.0/16
62.73.32.0/19
80.74.192.0/19
80.220.0.0/14
81.16.64.0/20
84.34.0.0/16
84.248.0.0/14
86.114.0.0/15
88.86.128.0/19
88.192.0.0/14
93.106.0.0/16
109.240.0.0/16
131.177.0.0/16
141.208.0.0/16
176.72.0.0/16
188.238.0.0/16
192.58.42.0-192.58.55.255
192.58.64.0-192.58.89.255
192.83.0.0-192.83.100.255
192.89.0.0/16
192.103.85.0-192.103.86.255
192.103.91.0-192.103.92.255
192.103.105.0-192.103.106.255
192.103.112.0-192.103.116.255
192.130.0.0/16
192.194.0.0/16
193.178.133.0/24
193.208.0.0/14
194.89.0.0/16
194.111.0.0/16
194.137.0.0/16
194.142.0.0/16
194.197.0.0/16
194.215.0.0/16
194.251.0.0-194.252.255.255
195.156.0.0/16
195.165.0.0/16
212.83.96.0/19
212.149.64.0/18
212.182.192.0/18
212.213.0.0/16
213.28.0.0/16
213.140.160.0/19
213.173.128.0/19
217.140.128.0/17
IPv6:
2001:8b8::/29
Signature Algorithm: sha256WithRSAEncryption
65:ae:a2:d3:bd:93:b6:af:cc:7c:aa:65:9a:ab:71:6f:ba:1c:
f4:2e:34:89:f6:62:86:22:40:25:1a:5c:b9:c9:75:bc:4a:e0:
b7:ac:14:76:28:84:89:5d:23:94:d4:7b:79:de:08:e8:a7:54:
41:77:d4:7a:e5:7f:93:6a:77:e2:9a:87:2d:02:3c:36:63:89:
7b:3d:22:da:15:62:5c:21:62:fb:61:60:29:59:0a:c2:2a:2b:
73:cc:ac:56:52:12:4f:f5:76:2d:7e:9e:fb:67:4d:b1:ae:2d:
1e:6e:f0:f6:f2:25:52:7b:db:00:26:b9:59:17:ae:27:55:70:
4d:ea:7d:92:4f:f7:16:02:be:14:de:8b:97:f1:e7:4f:76:ba:
4e:59:da:26:74:74:41:48:a5:63:9e:22:f6:33:32:83:42:23:
95:d5:82:42:ff:ee:5e:ab:66:42:dd:63:df:5d:3c:30:f2:35:
c8:b4:ce:a5:87:f7:83:57:1a:04:5a:f0:e7:45:f3:c8:4a:24:
76:7a:8f:10:ec:50:1b:41:a0:9e:53:7d:7d:28:8c:4f:0a:c6:
cc:f8:c7:42:c0:2d:33:89:c4:86:8e:32:31:53:8a:58:c7:9c:
17:76:0c:7b:06:64:e9:f3:52:6c:39:a1:a8:a7:cc:30:a3:3e:
8a:b4:62:18
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgISAYzFbvVoNfgzh0w8zNWWvSSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYTE0MGU4MDI4ZTZkNTM3NjAwZTA4ODhhOWFmNWE5NzFj
NWRiNDYwHhcNMjQwMTAxMTQzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjVjMWRmMmVhZDRkY2MyOTk5NDgzMWIwNTY0NzE0ZDRlMWY3MmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbue1zKIqDFaYeDIwuA4jvW8gWue
2gvE6iRFjRpmcfQ/RpvYpKBsnJ/fFGgKgyFMRUZjbg4vKwBWhnhFadCob/A7i9C+
UlogbIXto7k7QNFVw1ZbbG2ZOEAojfILsmfWPi3BOutzv063mqfAZ+eKzaG1xjpX
WG5fJzvPalsbGeiV6YN+YqkcGrHxGIKmxCllb/79teA7FGDmTGO+KdZPx1h0TMkv
y1bGWlakCyVl/Rs18pBc37yTKYoSzbG7jjv5AOogwJ3DjFwyVnUmcyI1bRCKgKUR
OaqP5ZkUTR55XC9jDPAwMxzqGT2/hSu0lmsFyma3juiXHgf0IL+1efYTFwIDAQAB
o4IDUjCCA04wHQYDVR0OBBYEFAJcHfLq1NzCmZSDGwVkcU1OH3KkMB8GA1UdIwQY
MBaAFJ2hQOgCjm1TdgDgiIqa9alxxdtGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmFGQTZBS09iVk4yQU9DSWlwcjFxWEhGMjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8xMjY3NTUtZWVkZC00MGIxLTk1ZTgt
YTRjYThiOWMyMDViLzEvQWx3ZDh1clUzTUtabElNYkJXUnhUVTRmY3FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8xMjY3NTUtZWVkZC00MGIxLTk1ZTgtYTRjYThiOWMyMDVi
LzEvbmFGQTZBS09iVk4yQU9DSWlwcjFxWEhGMjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZgYIKwYBBQUHAQcBAf8EggFVMIIBUTCCAT4EAgABMIIB
NgMDAC6EAwMAPkcDBAU+SSADBAVQSsADAwJQ3AMEBFEQQAMDAFQiAwMCVPgDAwFW
cgMEBVhWgAMDAljAAwMAXWoDAwBt8AMDAIOxAwMAjdADAwCwSAMDALzuMAwDBAHA
OioDBAPAOjAwDAMEBsA6QAMEAcA6WDALAwMAwFMDBADAU2QDAwDAWTAMAwQAwGdV
AwQAwGdWMAwDBADAZ1sDBADAZ1wwDAMEAMBnaQMEAMBnajAMAwQEwGdwAwQAwGd0
AwMAwIIDAwDAwgMEAMGyhQMDAsHQAwMAwlkDAwDCbwMDAMKJAwMAwo4DAwDCxQMD
AMLXMAoDAwDC+wMDAML8AwMAw5wDAwDDpQMEBdRTYAMEBtSVQAMEBtS2wAMDANTV
AwMA1RwDBAXVjKADBAXVrYADBAfZjIAwDQQCAAIwBwMFAyABCLgwDQYJKoZIhvcN
AQELBQADggEBAGWuotO9k7avzHyqZZqrcW+6HPQuNIn2YoYiQCUaXLnJdbxK4Les
FHYohIldI5TUe3neCOinVEF31Hrlf5Nqd+Kahy0CPDZjiXs9ItoVYlwhYvthYClZ
CsIqK3PMrFZSEk/1di1+nvtnTbGuLR5u8PbyJVJ72wAmuVkXridVcE3qfZJP9xYC
vhTei5fx5092uk5Z2iZ0dEFIpWOeIvYzMoNCI5XVgkL/7l6rZkLdY99dPDDyNci0
zqWH94NXGgRa8OdF88hKJHZ6jxDsUBtBoJ5TfX0ojE8Kxsz4x0LALTOJxIaOMjFT
iljHnBd2DHsGZOnzUmw5oainzDCjPoq0Yhg=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:25:41 2024 by rpki-client on console-fra.rpki-client.org