Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/2iUdHX2Q8Mo6LgDG6_iHPAF7WuU.roa
File: 2iUdHX2Q8Mo6LgDG6_iHPAF7WuU.roa (raw, json)
Hash identifier: ddYr0+MuAKZxYrCOCoPiS7I9dnfqlTnM5bMLGDOMjrw=
Subject key identifier: DA:25:1D:1D:7D:90:F0:CA:3A:2E:00:C6:EB:F8:87:3C:01:7B:5A:E5
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 0191ED798176CB57FE6A485CE13AA5EBEB6A
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/2iUdHX2Q8Mo6LgDG6_iHPAF7WuU.roa
Signing time: Fri 13 Sep 2024 22:20:48 +0000
ROA not before: Fri 13 Sep 2024 22:20:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 46.16.128.0/24 maxlen: 24
46.16.129.0/24 maxlen: 24
46.16.130.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.20.0/24 maxlen: 24
185.213.21.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:22::/48 maxlen: 48
2a11:840:23::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
2a11:840:61::/48 maxlen: 48
2a11:840:62::/48 maxlen: 48
2a11:840:63::/48 maxlen: 48
2a11:840:64::/48 maxlen: 48
2a11:840:65::/48 maxlen: 48
2a11:840:66::/48 maxlen: 48
2a11:840:67::/48 maxlen: 48
2a11:840:68::/48 maxlen: 48
2a11:840:69::/48 maxlen: 48
2a11:840:70::/48 maxlen: 48
2a11:840:71::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.mft
rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Sep 2024 04:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ed:79:81:76:cb:57:fe:6a:48:5c:e1:3a:a5:eb:eb:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Sep 13 22:20:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da251d1d7d90f0ca3a2e00c6ebf8873c017b5ae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5d:3e:1e:a5:6c:fd:f2:6e:ca:03:16:ab:05:
04:db:e1:1a:76:95:81:f8:cd:4b:c5:8e:6f:ea:98:
97:0e:21:29:c2:31:09:7f:d0:a2:f9:25:23:27:15:
0b:bb:38:99:bd:40:c2:92:a5:49:08:08:79:be:13:
b5:e3:92:e5:b7:f4:a9:12:a6:60:26:32:8e:94:28:
0a:e4:b8:8a:49:0a:89:60:89:22:4f:f2:56:ab:53:
a0:79:b5:92:73:3d:c2:f7:35:20:57:a2:7c:44:08:
c1:bc:b7:93:a8:c2:5a:31:b2:6f:30:a5:3c:a6:0b:
d9:f9:23:88:be:f3:2d:78:67:91:29:94:55:50:0a:
5d:1b:1a:49:94:c9:68:a0:78:39:25:10:88:39:1e:
06:66:ed:b6:e9:49:7b:cd:90:98:da:e8:91:dc:c9:
de:71:2a:6a:e4:85:47:cc:1e:83:7b:ca:55:47:81:
85:24:72:f1:3e:13:cb:55:34:12:c3:86:a3:3b:42:
80:a1:2f:64:5e:61:c9:14:de:da:03:80:1b:f6:44:
88:db:5c:3b:88:29:76:94:dd:01:69:36:5a:f1:8e:
e7:8b:64:1e:b6:ff:4f:34:c1:c6:b7:f3:ed:70:c5:
86:36:9f:bc:13:19:c6:78:b4:8b:c4:de:6d:3b:20:
e5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:25:1D:1D:7D:90:F0:CA:3A:2E:00:C6:EB:F8:87:3C:01:7B:5A:E5
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/2iUdHX2Q8Mo6LgDG6_iHPAF7WuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.128.0-46.16.130.255
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.238.0/23
185.213.20.0/23
185.213.23.0/24
IPv6:
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
2a11:840:60::-2a11:840:69:ffff:ffff:ffff:ffff:ffff
2a11:840:70::/47
Signature Algorithm: sha256WithRSAEncryption
94:b1:ce:57:32:19:b3:5c:8c:1e:27:96:48:1b:02:74:ac:1a:
d2:b0:ee:a6:05:76:03:a7:29:b4:a1:bf:2f:b7:6d:4c:53:13:
c7:30:98:79:49:5f:9b:49:df:26:63:3b:70:81:3d:57:f6:5b:
9d:b2:c0:d0:41:6c:76:42:a6:8d:2e:a5:7c:0f:53:0a:25:93:
e1:6d:f0:d1:72:5a:f3:fe:95:9c:e8:d2:07:94:1d:80:3c:68:
81:ce:84:ff:65:26:0b:83:ce:e3:85:e7:1b:dc:6c:47:ab:fe:
45:56:9a:f6:08:62:17:3d:c9:24:ca:4a:9a:0c:44:9a:01:3b:
54:9d:ba:b9:28:a2:68:50:92:78:a3:3f:47:1d:3e:eb:5c:6a:
9f:a8:a5:b1:8f:bb:1a:f3:11:42:df:c8:7e:79:76:9e:c7:7f:
b6:a4:22:9b:d3:22:bd:ce:7a:2a:ea:4b:5a:4a:88:a6:45:dd:
73:3b:3d:96:2f:4a:2c:80:7b:d3:58:7c:e9:58:40:1b:78:02:
63:3e:c7:57:5b:66:4a:5d:e9:b8:17:80:ad:dd:60:97:87:3e:
c6:83:fb:64:51:d8:1a:2a:06:1b:c1:95:58:2a:54:1d:fe:a3:
0e:36:30:72:cd:52:5f:a1:77:83:dd:18:bf:7b:b8:d6:80:b0:
94:3b:d9:2e
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAZHteYF2y1f+akhc4Tql6+tqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwOTEzMjIyMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTI1MWQxZDdkOTBmMGNhM2EyZTAwYzZlYmY4ODczYzAxN2I1YWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiV0+HqVs/fJuygMWqwUE2+EadpWB
+M1LxY5v6piXDiEpwjEJf9Ci+SUjJxULuziZvUDCkqVJCAh5vhO145Llt/SpEqZg
JjKOlCgK5LiKSQqJYIkiT/JWq1OgebWScz3C9zUgV6J8RAjBvLeTqMJaMbJvMKU8
pgvZ+SOIvvMteGeRKZRVUApdGxpJlMlooHg5JRCIOR4GZu226Ul7zZCY2uiR3Mne
cSpq5IVHzB6De8pVR4GFJHLxPhPLVTQSw4ajO0KAoS9kXmHJFN7aA4Ab9kSI21w7
iCl2lN0BaTZa8Y7ni2Qetv9PNMHGt/PtcMWGNp+8ExnGeLSLxN5tOyDlzwIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFNolHR19kPDKOi4Axuv4hzwBe1rlMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvMmlVZEhYMlE4TW82TGdERzZfaUhQQUY3V3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH8BggrBgEFBQcBBwEB/wSB7DCB6TA4BAIAATAyMAwDBAcu
EIADBAAuEIIDBAFtaJgDBABtaJsDBAKTTgADBAG5fu4DBAG51RQDBAC51RcwgawE
AgACMIGlMBIDBwEqEQhAAAYDBwAqEQhAAAgwEgMHBCoRCEAAEAMHACoRCEAAFDAS
AwcAKhEIQAAXAwcBKhEIQAAYMBIDBwUqEQhAACADBwAqEQhAACYDBwAqEQhAADAD
BwAqEQhAADMDBwEqEQhAAEAwEgMHACoRCEAARwMHACoRCEAASAMHACoRCEAAVDAS
AwcFKhEIQABgAwcBKhEIQABoAwcBKhEIQABwMA0GCSqGSIb3DQEBCwUAA4IBAQCU
sc5XMhmzXIweJ5ZIGwJ0rBrSsO6mBXYDpym0ob8vt21MUxPHMJh5SV+bSd8mYztw
gT1X9ludssDQQWx2QqaNLqV8D1MKJZPhbfDRclrz/pWc6NIHlB2APGiBzoT/ZSYL
g87jhecb3GxHq/5FVpr2CGIXPckkykqaDESaATtUnbq5KKJoUJJ4oz9HHT7rXGqf
qKWxj7sa8xFC38h+eXaex3+2pCKb0yK9znoq6ktaSoimRd1zOz2WL0osgHvTWHzp
WEAbeAJjPsdXW2ZKXem4F4Ct3WCXhz7Gg/tkUdgaKgYbwZVYKlQd/qMONjByzVJf
oXeD3Ri/e7jWgLCUO9ku
-----END CERTIFICATE-----
Generated at Mon Sep 16 14:44:36 2024 by rpki-client on console-ams.rpki-client.org