Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/9FioU1a5I3WRLtaLrJZfAny4OpE.roa
File: 9FioU1a5I3WRLtaLrJZfAny4OpE.roa (raw, json)
Hash identifier: P3TmMQyy64xmu+F7AcgbgpamUtqZrx7cNBpwqQZrJI8=
Subject key identifier: F4:58:A8:53:56:B9:23:75:91:2E:D6:8B:AC:96:5F:02:7C:B8:3A:91
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 0192B8F01E3DE6D51C8E4C51D5EAB64AB4D1
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/9FioU1a5I3WRLtaLrJZfAny4OpE.roa
Signing time: Wed 23 Oct 2024 10:33:16 +0000
ROA not before: Wed 23 Oct 2024 10:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 5.157.136.0/24 maxlen: 24
5.157.139.0/24 maxlen: 24
5.157.160.0/22 maxlen: 22
37.35.36.0/24 maxlen: 24
37.35.37.0/24 maxlen: 24
37.35.39.0/24 maxlen: 24
62.216.92.0/24 maxlen: 24
62.216.93.0/24 maxlen: 24
91.225.14.0/24 maxlen: 24
91.225.15.0/24 maxlen: 24
91.235.123.0/24 maxlen: 24
146.66.208.0/24 maxlen: 24
146.66.209.0/24 maxlen: 24
146.66.212.0/22 maxlen: 22
146.66.212.0/23 maxlen: 23
146.66.212.0/24 maxlen: 24
146.66.213.0/24 maxlen: 24
146.66.214.0/24 maxlen: 24
146.66.215.0/24 maxlen: 24
146.66.220.0/24 maxlen: 24
146.66.221.0/24 maxlen: 24
146.66.222.0/24 maxlen: 24
146.66.223.0/24 maxlen: 24
178.157.76.0/24 maxlen: 24
178.157.94.0/24 maxlen: 24
178.157.108.0/24 maxlen: 24
178.157.110.0/24 maxlen: 24
178.157.124.0/24 maxlen: 24
178.157.126.0/24 maxlen: 24
185.76.60.0/24 maxlen: 24
185.76.62.0/24 maxlen: 24
188.74.128.0/24 maxlen: 24
188.74.130.0/24 maxlen: 24
188.74.152.0/24 maxlen: 24
188.74.155.0/24 maxlen: 24
188.74.171.0/24 maxlen: 24
188.74.181.0/24 maxlen: 24
188.74.190.0/24 maxlen: 24
188.74.208.0/24 maxlen: 24
188.74.209.0/24 maxlen: 24
188.74.212.0/22 maxlen: 22
188.74.245.0/24 maxlen: 24
188.119.165.0/24 maxlen: 24
188.119.166.0/24 maxlen: 24
188.119.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b8:f0:1e:3d:e6:d5:1c:8e:4c:51:d5:ea:b6:4a:b4:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Oct 23 10:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f458a85356b92375912ed68bac965f027cb83a91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:15:f0:94:bc:9f:0a:dc:3f:fd:4f:fb:04:0f:
8d:7b:57:1f:66:1b:72:b9:4b:e2:6e:d5:cc:aa:61:
54:33:89:77:e0:36:26:6e:f7:41:ec:7a:eb:bc:5d:
46:84:dc:2b:07:93:16:82:ad:0a:87:94:1c:e3:08:
ed:d4:da:c3:c5:25:97:56:d7:80:d3:47:c5:7e:d5:
de:85:d1:1b:56:5e:ca:a4:3a:57:cf:05:f1:8c:e3:
3e:6d:0c:cf:e5:96:e3:79:30:d9:c9:5d:f4:c4:d8:
03:c2:ae:6e:cb:f7:97:04:db:77:0a:5b:a6:93:9f:
7c:16:7b:21:e2:37:16:d9:c3:2d:ab:0c:1c:9e:d7:
1c:15:21:0d:f0:5d:28:af:19:cd:68:47:ef:5b:9b:
9b:eb:0b:f3:c6:ab:ec:a6:76:42:2e:e6:67:a1:ba:
59:1a:7c:02:c4:71:31:93:73:24:17:9d:1b:44:f0:
6f:b3:a0:21:f1:c1:af:bd:bf:ed:56:fd:22:43:15:
86:ba:9f:09:3d:85:39:57:ce:55:fd:41:78:cd:c3:
8c:a1:23:96:7c:21:f2:aa:dd:56:22:98:45:83:95:
1c:ba:ef:0b:09:ec:64:e8:34:45:da:5b:2b:88:56:
68:41:ff:24:67:49:49:5d:bd:c9:b8:fa:70:11:92:
5a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:58:A8:53:56:B9:23:75:91:2E:D6:8B:AC:96:5F:02:7C:B8:3A:91
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/9FioU1a5I3WRLtaLrJZfAny4OpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.136.0/24
5.157.139.0/24
5.157.160.0/22
37.35.36.0/23
37.35.39.0/24
62.216.92.0/23
91.225.14.0/23
91.235.123.0/24
146.66.208.0/23
146.66.212.0/22
146.66.220.0/22
178.157.76.0/24
178.157.94.0/24
178.157.108.0/24
178.157.110.0/24
178.157.124.0/24
178.157.126.0/24
185.76.60.0/24
185.76.62.0/24
188.74.128.0/24
188.74.130.0/24
188.74.152.0/24
188.74.155.0/24
188.74.171.0/24
188.74.181.0/24
188.74.190.0/24
188.74.208.0/23
188.74.212.0/22
188.74.245.0/24
188.119.165.0-188.119.166.255
188.119.181.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:2f:c6:80:65:d1:3c:e7:8e:ee:4d:97:91:80:2c:8d:26:d5:
de:ee:34:77:03:e3:12:21:fb:42:f2:0a:69:3e:1a:d9:99:f6:
8f:dd:f8:53:ba:ad:bd:e3:11:40:0b:e8:cb:89:3f:4c:a5:67:
54:51:6a:ff:2e:7c:79:c5:cb:c7:96:2c:5e:32:14:50:b0:03:
04:ff:44:57:2b:d3:37:65:1a:42:a1:02:c5:a9:8b:49:c8:37:
44:6f:6b:0f:12:c1:66:7c:ba:be:e0:eb:dd:a5:81:ba:76:b9:
63:db:36:91:e8:58:e9:07:35:64:f9:92:6e:9d:d6:8b:5c:bf:
a4:c1:f1:98:c9:10:e2:4a:3f:ec:9f:cb:d8:8e:27:ff:70:11:
63:68:b0:6e:bd:58:21:1c:4d:3a:99:dc:06:19:a0:51:64:c5:
39:e1:09:0e:b2:ed:de:b8:d3:03:b0:fd:25:12:7f:37:62:80:
8e:97:1a:fe:a7:9b:db:a5:16:8d:bb:eb:0a:37:c7:d4:f1:3a:
8b:7b:a3:84:61:93:1e:cf:6a:d2:9d:e6:cd:96:0d:4b:9b:08:
a2:e6:39:9b:b7:6f:37:c8:1a:ba:92:da:9e:ee:4d:58:55:67:
06:77:70:af:a2:e8:28:29:d1:1d:0c:1c:b0:dc:ac:6f:ac:89:
3a:23:ee:62
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAZK48B495tUcjkxR1eq2SrTRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjQxMDIzMTAzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDU4YTg1MzU2YjkyMzc1OTEyZWQ2OGJhYzk2NWYwMjdjYjgzYTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRXwlLyfCtw//U/7BA+Ne1cfZhty
uUvibtXMqmFUM4l34DYmbvdB7HrrvF1GhNwrB5MWgq0Kh5Qc4wjt1NrDxSWXVteA
00fFftXehdEbVl7KpDpXzwXxjOM+bQzP5ZbjeTDZyV30xNgDwq5uy/eXBNt3Clum
k598Fnsh4jcW2cMtqwwcntccFSEN8F0orxnNaEfvW5ub6wvzxqvspnZCLuZnobpZ
GnwCxHExk3MkF50bRPBvs6Ah8cGvvb/tVv0iQxWGup8JPYU5V85V/UF4zcOMoSOW
fCHyqt1WIphFg5Ucuu8LCexk6DRF2lsriFZoQf8kZ0lJXb3JuPpwEZJaNwIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFPRYqFNWuSN1kS7Wi6yWXwJ8uDqRMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvOUZpb1UxYTVJM1dSTHRhTHJKWmZBbnk0T3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBAAF
nYgDBAAFnYsDBAIFnaADBAElIyQDBAAlIycDBAE+2FwDBAFb4Q4DBABb63sDBAGS
QtADBAKSQtQDBAKSQtwDBACynUwDBACynV4DBACynWwDBACynW4DBACynXwDBACy
nX4DBAC5TDwDBAC5TD4DBAC8SoADBAC8SoIDBAC8SpgDBAC8SpsDBAC8SqsDBAC8
SrUDBAC8Sr4DBAG8StADBAK8StQDBAC8SvUwDAMEALx3pQMEALx3pgMEALx3tTAN
BgkqhkiG9w0BAQsFAAOCAQEAOi/GgGXRPOeO7k2XkYAsjSbV3u40dwPjEiH7QvIK
aT4a2Zn2j934U7qtveMRQAvoy4k/TKVnVFFq/y58ecXLx5YsXjIUULADBP9EVyvT
N2UaQqECxamLScg3RG9rDxLBZny6vuDr3aWBuna5Y9s2kehY6Qc1ZPmSbp3Wi1y/
pMHxmMkQ4ko/7J/L2I4n/3ARY2iwbr1YIRxNOpncBhmgUWTFOeEJDrLt3rjTA7D9
JRJ/N2KAjpca/qeb26UWjbvrCjfH1PE6i3ujhGGTHs9q0p3mzZYNS5sIouY5m7dv
N8gaupLanu5NWFVnBndwr6LoKCnRHQwcsNysb6yJOiPuYg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:38:04 2024 by rpki-client on console-fra.rpki-client.org