Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/760c0f-12ab-483d-8cdb-57e1d5b72b2d/1/hqPvGAm9K74-zW_lI3VgULKNQss.roa
File: hqPvGAm9K74-zW_lI3VgULKNQss.roa (raw, json)
Hash identifier: H+dTHrNcUq8MNJxjghpAguoe8Mv0B57fwfa/Ht9ePNU=
Subject key identifier: 86:A3:EF:18:09:BD:2B:BE:3E:CD:6F:E5:23:75:60:50:B2:8D:42:CB
Certificate issuer: /CN=5d88e4f7a302412c316a3bb599cdd2042b5ff485
Certificate serial: 0192486C47B9CFAA179121ABAF04214E1C95
Authority key identifier: 5D:88:E4:F7:A3:02:41:2C:31:6A:3B:B5:99:CD:D2:04:2B:5F:F4:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYjk96MCQSwxaju1mc3SBCtf9IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/760c0f-12ab-483d-8cdb-57e1d5b72b2d/1/hqPvGAm9K74-zW_lI3VgULKNQss.roa
Signing time: Tue 01 Oct 2024 14:11:48 +0000
ROA not before: Tue 01 Oct 2024 14:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29084
IP address blocks: 37.209.168.0/21 maxlen: 24
37.209.168.0/24 maxlen: 24
37.209.169.0/24 maxlen: 24
37.209.170.0/24 maxlen: 24
37.209.171.0/24 maxlen: 24
37.209.172.0/24 maxlen: 24
37.209.173.0/24 maxlen: 24
78.108.242.0/24 maxlen: 24
79.132.0.0/19 maxlen: 19
79.132.0.0/24 maxlen: 24
79.132.1.0/24 maxlen: 24
79.132.2.0/24 maxlen: 24
79.132.3.0/24 maxlen: 24
79.132.4.0/24 maxlen: 24
79.132.5.0/24 maxlen: 24
79.132.6.0/24 maxlen: 24
79.132.7.0/24 maxlen: 24
79.132.8.0/24 maxlen: 24
79.132.9.0/24 maxlen: 24
79.132.10.0/24 maxlen: 24
79.132.11.0/24 maxlen: 24
79.132.12.0/24 maxlen: 24
79.132.13.0/24 maxlen: 24
79.132.14.0/24 maxlen: 24
79.132.15.0/24 maxlen: 24
79.132.16.0/24 maxlen: 24
79.132.17.0/24 maxlen: 24
79.132.18.0/24 maxlen: 24
79.132.19.0/24 maxlen: 24
79.132.20.0/24 maxlen: 24
79.132.21.0/24 maxlen: 24
79.132.22.0/24 maxlen: 24
79.132.23.0/24 maxlen: 24
79.132.24.0/24 maxlen: 24
79.132.25.0/24 maxlen: 24
79.132.26.0/24 maxlen: 24
79.132.27.0/24 maxlen: 24
79.132.28.0/24 maxlen: 24
79.132.29.0/24 maxlen: 24
79.132.30.0/24 maxlen: 24
79.132.31.0/24 maxlen: 24
83.222.168.0/24 maxlen: 24
83.222.175.0/24 maxlen: 24
83.222.182.0/24 maxlen: 24
84.54.128.0/18 maxlen: 18
84.54.128.0/24 maxlen: 24
84.54.129.0/24 maxlen: 24
84.54.130.0/24 maxlen: 24
84.54.131.0/24 maxlen: 24
84.54.132.0/24 maxlen: 24
84.54.133.0/24 maxlen: 24
84.54.134.0/24 maxlen: 24
84.54.135.0/24 maxlen: 24
84.54.136.0/24 maxlen: 24
84.54.137.0/24 maxlen: 24
84.54.138.0/24 maxlen: 24
84.54.139.0/24 maxlen: 24
84.54.141.0/24 maxlen: 24
84.54.142.0/24 maxlen: 24
84.54.143.0/24 maxlen: 24
84.54.144.0/24 maxlen: 24
84.54.145.0/24 maxlen: 24
84.54.146.0/24 maxlen: 24
84.54.147.0/24 maxlen: 24
84.54.149.0/24 maxlen: 24
84.54.151.0/24 maxlen: 24
84.54.152.0/24 maxlen: 24
84.54.153.0/24 maxlen: 24
84.54.154.0/24 maxlen: 24
84.54.156.0/24 maxlen: 24
84.54.157.0/24 maxlen: 24
84.54.158.0/24 maxlen: 24
84.54.159.0/24 maxlen: 24
84.54.160.0/24 maxlen: 24
84.54.161.0/24 maxlen: 24
84.54.162.0/24 maxlen: 24
84.54.163.0/24 maxlen: 24
84.54.164.0/24 maxlen: 24
84.54.165.0/24 maxlen: 24
84.54.166.0/24 maxlen: 24
84.54.167.0/24 maxlen: 24
84.54.168.0/24 maxlen: 24
84.54.169.0/24 maxlen: 24
84.54.170.0/24 maxlen: 24
84.54.171.0/24 maxlen: 24
84.54.172.0/24 maxlen: 24
84.54.173.0/24 maxlen: 24
84.54.174.0/24 maxlen: 24
84.54.175.0/24 maxlen: 24
84.54.176.0/24 maxlen: 24
84.54.177.0/24 maxlen: 24
84.54.178.0/24 maxlen: 24
84.54.179.0/24 maxlen: 24
84.54.180.0/24 maxlen: 24
84.54.181.0/24 maxlen: 24
84.54.182.0/24 maxlen: 24
84.54.183.0/24 maxlen: 24
84.54.185.0/24 maxlen: 24
84.54.186.0/24 maxlen: 24
84.54.187.0/24 maxlen: 24
84.54.188.0/24 maxlen: 24
84.54.189.0/24 maxlen: 24
84.54.190.0/24 maxlen: 24
87.246.35.0/24 maxlen: 24
109.160.4.0/22 maxlen: 22
109.160.4.0/24 maxlen: 24
109.160.5.0/24 maxlen: 24
109.160.6.0/24 maxlen: 24
109.160.7.0/24 maxlen: 24
109.160.13.0/24 maxlen: 24
109.160.24.0/21 maxlen: 24
109.160.24.0/24 maxlen: 24
109.160.25.0/24 maxlen: 24
109.160.26.0/24 maxlen: 24
109.160.27.0/24 maxlen: 24
109.160.28.0/24 maxlen: 24
109.160.29.0/24 maxlen: 24
109.160.30.0/24 maxlen: 24
109.160.31.0/24 maxlen: 24
109.160.42.0/23 maxlen: 23
109.160.42.0/24 maxlen: 24
109.160.43.0/24 maxlen: 24
109.160.98.0/24 maxlen: 24
185.78.36.0/22 maxlen: 22
185.78.36.0/24 maxlen: 24
185.78.37.0/24 maxlen: 24
185.78.38.0/24 maxlen: 24
185.78.39.0/24 maxlen: 24
212.70.150.0/24 maxlen: 24
212.70.157.0/24 maxlen: 24
217.174.48.0/20 maxlen: 20
217.174.48.0/24 maxlen: 24
217.174.49.0/24 maxlen: 24
217.174.50.0/24 maxlen: 24
217.174.51.0/24 maxlen: 24
217.174.52.0/24 maxlen: 24
217.174.53.0/24 maxlen: 24
217.174.54.0/24 maxlen: 24
217.174.55.0/24 maxlen: 24
217.174.56.0/24 maxlen: 24
217.174.57.0/24 maxlen: 24
217.174.58.0/24 maxlen: 24
217.174.59.0/24 maxlen: 24
217.174.60.0/24 maxlen: 24
217.174.61.0/24 maxlen: 24
217.174.62.0/24 maxlen: 24
217.174.63.0/24 maxlen: 24
2a02:1c0::/29 maxlen: 29
2a02:1c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/760c0f-12ab-483d-8cdb-57e1d5b72b2d/1/XYjk96MCQSwxaju1mc3SBCtf9IU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/760c0f-12ab-483d-8cdb-57e1d5b72b2d/1/XYjk96MCQSwxaju1mc3SBCtf9IU.mft
rsync://rpki.ripe.net/repository/DEFAULT/XYjk96MCQSwxaju1mc3SBCtf9IU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:48:6c:47:b9:cf:aa:17:91:21:ab:af:04:21:4e:1c:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d88e4f7a302412c316a3bb599cdd2042b5ff485
Validity
Not Before: Oct 1 14:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86a3ef1809bd2bbe3ecd6fe523756050b28d42cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a4:a7:72:b6:d7:0d:df:be:f9:94:8d:ae:50:
09:35:78:48:76:dd:1f:07:3b:3c:ee:0f:ee:b9:a8:
39:2e:66:3a:e9:7d:fd:8c:e7:a3:bd:7c:b7:80:71:
c9:61:a4:cf:3e:f1:d9:99:f6:39:b8:b3:1c:ce:85:
45:67:72:79:a3:cb:c0:31:da:ad:5b:d9:f7:9e:8b:
82:4f:e4:f5:5b:91:8b:3b:2b:7c:1e:6e:2a:70:b6:
27:17:3d:f2:19:7a:1b:90:47:0e:b6:2c:ee:65:0e:
05:f0:ba:51:4b:5f:6e:02:c1:f2:95:6f:28:a3:3c:
02:bf:93:6f:4c:e9:a4:33:a2:1a:c9:72:a9:df:fa:
d6:8a:2d:ad:54:80:13:9b:21:28:f1:6d:49:17:40:
e3:57:c0:e8:78:33:82:3c:87:e9:c4:de:f3:9a:98:
09:51:7d:cb:f6:8b:24:e1:02:aa:30:8c:9d:35:cc:
f1:66:bf:98:62:42:d2:0d:5b:0e:37:ab:a8:49:b6:
7d:f0:7e:77:1c:aa:93:9d:3a:a6:aa:0c:f1:43:d4:
40:e0:d7:ec:41:44:f7:1b:67:b8:a7:a6:16:1d:6a:
ab:76:89:13:6e:8c:cf:16:fd:36:38:dc:72:dd:a3:
ce:7a:71:00:6d:00:19:79:90:bf:69:4d:be:15:1b:
7f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A3:EF:18:09:BD:2B:BE:3E:CD:6F:E5:23:75:60:50:B2:8D:42:CB
X509v3 Authority Key Identifier:
keyid:5D:88:E4:F7:A3:02:41:2C:31:6A:3B:B5:99:CD:D2:04:2B:5F:F4:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYjk96MCQSwxaju1mc3SBCtf9IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/760c0f-12ab-483d-8cdb-57e1d5b72b2d/1/hqPvGAm9K74-zW_lI3VgULKNQss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/760c0f-12ab-483d-8cdb-57e1d5b72b2d/1/XYjk96MCQSwxaju1mc3SBCtf9IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.168.0/21
78.108.242.0/24
79.132.0.0/19
83.222.168.0/24
83.222.175.0/24
83.222.182.0/24
84.54.128.0/18
87.246.35.0/24
109.160.4.0/22
109.160.13.0/24
109.160.24.0/21
109.160.42.0/23
109.160.98.0/24
185.78.36.0/22
212.70.150.0/24
212.70.157.0/24
217.174.48.0/20
IPv6:
2a02:1c0::/29
Signature Algorithm: sha256WithRSAEncryption
34:03:d5:75:c5:55:57:26:80:b7:63:11:6c:27:9c:29:a8:5c:
1a:32:81:4d:5f:a1:3c:69:ec:84:92:8f:23:ab:2f:33:6e:7a:
0d:23:97:59:7b:05:bd:b8:1e:d9:d2:e3:ba:b0:ce:93:b7:31:
cb:1c:5d:dc:1e:9a:fa:26:eb:8e:44:c1:c0:23:1b:24:cf:16:
42:e4:30:1b:89:c3:f9:8a:90:92:83:9b:ee:80:ff:3d:c4:42:
52:06:ad:20:78:5c:2b:a6:fe:12:b6:f7:bb:5c:d5:bd:31:86:
bd:8b:ba:a4:fb:56:93:f6:6c:23:8a:a5:ab:32:9f:7f:61:4d:
f2:54:45:9e:5e:23:52:bf:c2:60:ee:6b:d3:c1:f2:e9:1f:85:
7a:ab:35:27:27:83:1a:2b:3f:d6:f1:00:ec:be:9d:42:46:1e:
2b:8a:39:dd:15:66:19:c8:28:f6:ab:51:45:b9:7d:f4:9e:8a:
f8:0c:d3:df:e2:ba:6c:2e:56:d2:a6:9e:88:9a:23:34:11:05:
4b:78:df:f2:5e:85:52:d7:56:b9:b2:b6:91:80:f1:df:ec:a2:
49:64:25:83:c1:a3:fe:99:62:66:0e:8b:30:a9:d1:e1:dd:00:
14:b7:0a:ad:68:07:9b:97:97:13:7f:79:ed:d7:24:f6:c7:4b:
5f:67:4c:ac
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAZJIbEe5z6oXkSGrrwQhThyVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODhlNGY3YTMwMjQxMmMzMTZhM2JiNTk5Y2RkMjA0MmI1
ZmY0ODUwHhcNMjQxMDAxMTQxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmEzZWYxODA5YmQyYmJlM2VjZDZmZTUyMzc1NjA1MGIyOGQ0MmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqSncrbXDd+++ZSNrlAJNXhIdt0f
Bzs87g/uuag5LmY66X39jOejvXy3gHHJYaTPPvHZmfY5uLMczoVFZ3J5o8vAMdqt
W9n3nouCT+T1W5GLOyt8Hm4qcLYnFz3yGXobkEcOtizuZQ4F8LpRS19uAsHylW8o
ozwCv5NvTOmkM6IayXKp3/rWii2tVIATmyEo8W1JF0DjV8DoeDOCPIfpxN7zmpgJ
UX3L9osk4QKqMIydNczxZr+YYkLSDVsON6uoSbZ98H53HKqTnTqmqgzxQ9RA4Nfs
QUT3G2e4p6YWHWqrdokTbozPFv02ONxy3aPOenEAbQAZeZC/aU2+FRt/TwIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFIaj7xgJvSu+Ps1v5SN1YFCyjULLMB8GA1UdIwQY
MBaAFF2I5PejAkEsMWo7tZnN0gQrX/SFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlqazk2TUNRU3d4YWp1MW1jM1NCQ3RmOUlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83NjBjMGYtMTJhYi00ODNkLThjZGIt
NTdlMWQ1YjcyYjJkLzEvaHFQdkdBbTlLNzQteldfbEkzVmdVTEtOUXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83NjBjMGYtMTJhYi00ODNkLThjZGItNTdlMWQ1YjcyYjJk
LzEvWFlqazk2TUNRU3d4YWp1MW1jM1NCQ3RmOUlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAyXRqAME
AE5s8gMEBU+EAAMEAFPeqAMEAFPerwMEAFPetgMEBlQ2gAMEAFf2IwMEAm2gBAME
AG2gDQMEA22gGAMEAW2gKgMEAG2gYgMEArlOJAMEANRGlgMEANRGnQMEBNmuMDAN
BAIAAjAHAwUDKgIBwDANBgkqhkiG9w0BAQsFAAOCAQEANAPVdcVVVyaAt2MRbCec
KahcGjKBTV+hPGnshJKPI6svM256DSOXWXsFvbge2dLjurDOk7cxyxxd3B6a+ibr
jkTBwCMbJM8WQuQwG4nD+YqQkoOb7oD/PcRCUgatIHhcK6b+Erb3u1zVvTGGvYu6
pPtWk/ZsI4qlqzKff2FN8lRFnl4jUr/CYO5r08Hy6R+Feqs1JyeDGis/1vEA7L6d
QkYeK4o53RVmGcgo9qtRRbl99J6K+AzT3+K6bC5W0qaeiJojNBEFS3jf8l6FUtdW
ubK2kYDx3+yiSWQlg8Gj/pliZg6LMKnR4d0AFLcKrWgHm5eXE3957dck9sdLX2dM
rA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:45:11 2024 by rpki-client on console-ams.rpki-client.org