Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/duhHz9Rgkl7YKY-gPEp6byVw4GY.roa
File: duhHz9Rgkl7YKY-gPEp6byVw4GY.roa (raw, json)
Hash identifier: MZe8raxEstgLGos+foBdNyQ44X2wRRNUrWN9pP1/YOI=
Subject key identifier: 76:E8:47:CF:D4:60:92:5E:D8:29:8F:A0:3C:4A:7A:6F:25:70:E0:66
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 018D45C4C4E16BEDA75D01D44B4E2AA30FE8
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/duhHz9Rgkl7YKY-gPEp6byVw4GY.roa
Signing time: Fri 26 Jan 2024 12:35:39 +0000
ROA not before: Fri 26 Jan 2024 12:35:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49685
IP address blocks: 31.3.96.0/21 maxlen: 24
31.223.160.0/20 maxlen: 24
37.17.208.0/20 maxlen: 24
37.34.48.0/21 maxlen: 24
37.230.96.0/21 maxlen: 24
78.108.128.0/20 maxlen: 24
79.170.88.0/21 maxlen: 24
80.84.224.0/19 maxlen: 24
80.84.224.0/20 maxlen: 24
80.84.240.0/20 maxlen: 24
80.246.192.0/20 maxlen: 24
80.246.207.0/24 maxlen: 24
80.255.240.0/20 maxlen: 24
81.4.64.0/19 maxlen: 24
81.4.84.0/22 maxlen: 24
81.4.96.0/22 maxlen: 24
81.4.112.0/21 maxlen: 24
81.4.112.0/22 maxlen: 24
81.21.136.0/21 maxlen: 24
81.30.32.0/20 maxlen: 24
83.96.128.0/17 maxlen: 24
83.96.157.0/24 maxlen: 24
83.96.200.0/22 maxlen: 24
83.96.204.0/22 maxlen: 24
83.96.212.0/22 maxlen: 24
83.96.216.0/22 maxlen: 24
83.96.224.0/19 maxlen: 24
83.96.236.0/22 maxlen: 24
83.96.240.0/22 maxlen: 24
83.96.244.0/22 maxlen: 24
83.96.252.0/22 maxlen: 24
85.10.160.0/19 maxlen: 24
85.10.176.0/22 maxlen: 24
85.222.224.0/21 maxlen: 24
89.31.96.0/21 maxlen: 24
91.142.240.0/20 maxlen: 24
91.205.32.0/22 maxlen: 24
91.216.162.0/24 maxlen: 24
93.191.128.0/21 maxlen: 24
141.138.192.0/20 maxlen: 24
141.255.176.0/22 maxlen: 24
171.33.128.0/21 maxlen: 24
171.33.128.0/24 maxlen: 24
176.74.224.0/19 maxlen: 24
178.18.80.0/20 maxlen: 24
185.3.208.0/22 maxlen: 24
185.15.248.0/22 maxlen: 24
185.21.188.0/22 maxlen: 24
185.95.68.0/22 maxlen: 24
185.110.172.0/22 maxlen: 24
185.110.173.0/24 maxlen: 24
185.110.200.0/22 maxlen: 24
193.93.172.0/22 maxlen: 24
193.138.204.0/22 maxlen: 24
193.242.119.0/24 maxlen: 24
194.60.207.0/24 maxlen: 24
213.187.240.0/21 maxlen: 24
217.21.240.0/20 maxlen: 24
217.149.128.0/20 maxlen: 24
2001:828::/32 maxlen: 48
2001:4cb8::/29 maxlen: 48
2001:4cb8:e::/48 maxlen: 48
2001:4cb8:40b::/48 maxlen: 48
2a02:348::/32 maxlen: 48
2a02:348:28::/48 maxlen: 48
2a02:348:29::/48 maxlen: 48
2a02:348:7d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 05:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:c4:c4:e1:6b:ed:a7:5d:01:d4:4b:4e:2a:a3:0f:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 26 12:35:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76e847cfd460925ed8298fa03c4a7a6f2570e066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:85:94:47:c7:18:c2:97:5c:f1:19:7f:9c:83:
69:f6:11:e3:74:06:70:3e:86:89:e4:85:bc:db:eb:
31:36:2a:d8:59:23:39:b4:95:44:5c:d2:c7:a1:d3:
ef:c1:e0:2e:a1:a9:b4:ec:60:9c:3e:c1:ce:32:b6:
65:18:80:67:fb:b9:09:40:d6:11:03:38:57:89:5a:
15:f9:d2:5b:0b:0b:d0:75:80:a2:31:a4:c7:15:ee:
85:01:7b:53:f6:14:60:a8:2a:7f:2e:1c:4c:fd:28:
61:4f:6e:82:ee:a0:b9:2c:3c:96:16:b7:b4:ae:77:
42:fe:d0:82:72:4a:f3:06:d3:7f:ba:e4:34:23:e8:
08:02:ce:5a:dc:54:8f:ad:00:e9:1a:f9:97:6a:a3:
02:2a:af:0f:0b:69:f3:da:ac:09:8c:ea:6c:8a:b0:
52:fc:02:3c:4f:3f:b7:36:03:a2:8a:ce:64:82:74:
ab:43:22:cf:4d:5a:1e:f2:fd:ba:5a:aa:8d:52:db:
73:0c:4f:69:03:45:1a:0f:b9:57:79:76:6e:f6:90:
ea:0e:ce:72:4f:14:89:55:20:37:ba:24:a9:8b:24:
b1:67:2f:83:5d:46:76:45:72:6c:b4:9c:7b:3f:e9:
cd:f9:fd:28:75:b3:29:ff:e1:f5:c8:32:e7:b3:8f:
1f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E8:47:CF:D4:60:92:5E:D8:29:8F:A0:3C:4A:7A:6F:25:70:E0:66
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/duhHz9Rgkl7YKY-gPEp6byVw4GY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.96.0/21
31.223.160.0/20
37.17.208.0/20
37.34.48.0/21
37.230.96.0/21
78.108.128.0/20
79.170.88.0/21
80.84.224.0/19
80.246.192.0/20
80.255.240.0/20
81.4.64.0-81.4.99.255
81.4.112.0/21
81.21.136.0/21
81.30.32.0/20
83.96.128.0/17
85.10.160.0/19
85.222.224.0/21
89.31.96.0/21
91.142.240.0/20
91.205.32.0/22
91.216.162.0/24
93.191.128.0/21
141.138.192.0/20
141.255.176.0/22
171.33.128.0/21
176.74.224.0/19
178.18.80.0/20
185.3.208.0/22
185.15.248.0/22
185.21.188.0/22
185.95.68.0/22
185.110.172.0/22
185.110.200.0/22
193.93.172.0/22
193.138.204.0/22
193.242.119.0/24
194.60.207.0/24
213.187.240.0/21
217.21.240.0/20
217.149.128.0/20
IPv6:
2001:828::/32
2001:4cb8::/29
2a02:348::/32
Signature Algorithm: sha256WithRSAEncryption
d3:fb:a3:28:79:2e:72:7f:05:b3:a8:53:bb:b4:52:6d:d1:f3:
4c:19:5d:81:a5:4c:88:0c:3d:35:1e:79:57:69:ac:74:86:80:
c9:76:18:b3:75:d3:e2:ed:6b:89:28:d2:ad:03:93:30:3e:55:
64:0e:15:11:4b:6f:26:3b:6b:f2:11:df:5a:25:e8:7a:83:eb:
be:38:65:73:6d:6e:cc:7b:8d:8f:ec:eb:14:c9:f1:49:64:1d:
e1:df:48:86:99:14:96:05:a9:11:e7:21:86:0c:8f:96:ec:6d:
cf:bf:b3:0d:52:c6:c4:ac:d9:b0:db:74:db:9c:e2:aa:90:a0:
26:8d:29:ba:f8:33:1e:a7:ab:a6:e1:31:f6:f1:1d:fb:b0:b6:
8d:f7:f8:ae:9a:ca:0c:93:fd:d2:31:07:10:e8:fb:8e:a6:6e:
9a:66:01:6f:25:d2:7f:46:50:74:02:fc:fe:5b:d4:29:82:73:
14:3f:ab:96:bc:38:46:22:30:35:7b:e1:63:df:65:a3:13:30:
c2:d3:10:c2:c6:4f:84:ff:1d:6e:6d:dd:c6:d6:28:43:54:92:
a6:63:42:0e:47:5d:c9:28:79:e8:e4:8a:61:2d:9a:e8:51:31:
9c:49:21:f0:5f:a3:b6:b6:29:6a:8b:78:b8:8c:5c:6b:5a:96:
6d:9f:8c:66
-----BEGIN CERTIFICATE-----
MIIGFDCCBPygAwIBAgISAY1FxMTha+2nXQHUS04qow/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjQwMTI2MTIzNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmU4NDdjZmQ0NjA5MjVlZDgyOThmYTAzYzRhN2E2ZjI1NzBlMDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4WUR8cYwpdc8Rl/nINp9hHjdAZw
PoaJ5IW82+sxNirYWSM5tJVEXNLHodPvweAuoam07GCcPsHOMrZlGIBn+7kJQNYR
AzhXiVoV+dJbCwvQdYCiMaTHFe6FAXtT9hRgqCp/LhxM/ShhT26C7qC5LDyWFre0
rndC/tCCckrzBtN/uuQ0I+gIAs5a3FSPrQDpGvmXaqMCKq8PC2nz2qwJjOpsirBS
/AI8Tz+3NgOiis5kgnSrQyLPTVoe8v26WqqNUttzDE9pA0UaD7lXeXZu9pDqDs5y
TxSJVSA3uiSpiySxZy+DXUZ2RXJstJx7P+nN+f0odbMp/+H1yDLns48fawIDAQAB
o4IDIDCCAxwwHQYDVR0OBBYEFHboR8/UYJJe2CmPoDxKem8lcOBmMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvZHVoSHo5UmdrbDdZS1ktZ1BFcDZieVZ3NEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNAYIKwYBBQUHAQcBAf8EggEjMIIBHzCB/wQCAAEwgfgD
BAMfA2ADBAQf36ADBAQlEdADBAMlIjADBAMl5mADBARObIADBANPqlgDBAVQVOAD
BARQ9sADBARQ//AwDAMEBlEEQAMEAlEEYAMEA1EEcAMEA1EViAMEBFEeIAMEB1Ng
gAMEBVUKoAMEA1Xe4AMEA1kfYAMEBFuO8AMEAlvNIAMEAFvYogMEA12/gAMEBI2K
wAMEAo3/sAMEA6shgAMEBbBK4AMEBLISUAMEArkD0AMEArkP+AMEArkVvAMEArlf
RAMEArlurAMEArluyAMEAsFdrAMEAsGKzAMEAMHydwMEAMI8zwMEA9W78AMEBNkV
8AMEBNmVgDAbBAIAAjAVAwUAIAEIKAMFAyABTLgDBQAqAgNIMA0GCSqGSIb3DQEB
CwUAA4IBAQDT+6MoeS5yfwWzqFO7tFJt0fNMGV2BpUyIDD01HnlXaax0hoDJdhiz
ddPi7WuJKNKtA5MwPlVkDhURS28mO2vyEd9aJeh6g+u+OGVzbW7Me42P7OsUyfFJ
ZB3h30iGmRSWBakR5yGGDI+W7G3Pv7MNUsbErNmw23TbnOKqkKAmjSm6+DMep6um
4TH28R37sLaN9/iumsoMk/3SMQcQ6PuOpm6aZgFvJdJ/RlB0Avz+W9QpgnMUP6uW
vDhGIjA1e+Fj32WjEzDC0xDCxk+E/x1ubd3G1ihDVJKmY0IOR13JKHno5IphLZro
UTGcSSHwX6O2tilqi3i4jFxrWpZtn4xm
-----END CERTIFICATE-----
Generated at Fri Jun 28 11:22:56 2024 by rpki-client on console-ams.rpki-client.org