Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/ML9DXyMJzByBK1y6IcZs6ZLmnG0.roa
File: ML9DXyMJzByBK1y6IcZs6ZLmnG0.roa (raw, json)
Hash identifier: Fsnp61B3QdHqx9yS2al3cTcIoC5jnTNan0SzBCxUF4w=
Subject key identifier: 30:BF:43:5F:23:09:CC:1C:81:2B:5C:BA:21:C6:6C:E9:92:E6:9C:6D
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 019290E0E96625EECAC7E0C90AE938D9E465
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/ML9DXyMJzByBK1y6IcZs6ZLmnG0.roa
Signing time: Tue 15 Oct 2024 15:51:51 +0000
ROA not before: Tue 15 Oct 2024 15:51:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 46.16.128.0/24 maxlen: 24
46.16.129.0/24 maxlen: 24
46.16.130.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.237.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.20.0/24 maxlen: 24
185.213.21.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:1::/48 maxlen: 48
2a11:840:3::/48 maxlen: 48
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:22::/48 maxlen: 48
2a11:840:23::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:57::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
2a11:840:61::/48 maxlen: 48
2a11:840:62::/48 maxlen: 48
2a11:840:63::/48 maxlen: 48
2a11:840:64::/48 maxlen: 48
2a11:840:65::/48 maxlen: 48
2a11:840:66::/48 maxlen: 48
2a11:840:67::/48 maxlen: 48
2a11:840:68::/48 maxlen: 48
2a11:840:69::/48 maxlen: 48
2a11:840:70::/48 maxlen: 48
2a11:840:71::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.mft
rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:90:e0:e9:66:25:ee:ca:c7:e0:c9:0a:e9:38:d9:e4:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Oct 15 15:51:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30bf435f2309cc1c812b5cba21c66ce992e69c6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e3:93:2b:a9:31:dd:74:29:62:28:7f:77:fd:
45:ad:3e:17:b2:46:51:58:b2:10:2d:3d:e1:f9:d3:
17:53:4a:fc:b6:c0:59:b7:61:24:15:e9:69:62:37:
70:57:fd:55:1f:f6:e4:c7:fe:86:9c:ad:e3:3c:95:
cf:12:c0:43:7e:f9:15:4e:f5:33:60:91:c5:bd:84:
bf:ba:16:3a:09:3d:81:1f:00:fb:1e:75:fc:d0:c9:
18:14:05:f2:df:31:4b:60:3b:bf:70:38:87:fc:d2:
53:f0:ac:47:a0:04:24:35:42:a3:32:bf:51:ca:0a:
5e:88:88:74:53:cd:a6:ad:79:6b:30:79:33:bd:12:
44:f2:58:90:b1:61:03:74:c6:55:af:2a:35:4b:c6:
a6:67:bf:67:40:00:d7:98:12:77:c5:2e:af:09:e7:
36:81:59:50:7f:65:00:30:b3:83:02:58:1f:b7:c4:
c3:b0:65:05:60:f5:50:d6:77:ee:75:bf:17:28:b1:
45:61:0a:2c:33:56:f0:79:5f:b7:92:10:79:3e:9d:
c4:df:df:b9:3c:4f:48:8f:b6:cb:60:f8:88:1e:fe:
52:28:b0:e6:ca:fc:28:f9:b8:c6:52:0d:7e:45:5f:
e9:37:a8:10:ea:5d:7e:be:75:4b:1d:54:2b:46:32:
72:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:BF:43:5F:23:09:CC:1C:81:2B:5C:BA:21:C6:6C:E9:92:E6:9C:6D
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/ML9DXyMJzByBK1y6IcZs6ZLmnG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.128.0-46.16.130.255
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.237.0-185.126.239.255
185.213.20.0/23
185.213.23.0/24
IPv6:
2a11:840:1::/48
2a11:840:3::/48
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
2a11:840:57::/48
2a11:840:60::-2a11:840:69:ffff:ffff:ffff:ffff:ffff
2a11:840:70::/47
Signature Algorithm: sha256WithRSAEncryption
94:b4:ac:ef:a0:f2:1a:8a:16:24:e5:99:07:09:26:7a:1d:b0:
e2:bd:81:ec:bd:5e:9c:40:b6:01:31:89:0c:12:7f:6b:f2:ad:
84:f9:a6:05:4c:41:11:b2:4c:7a:e6:99:e7:d0:03:12:d6:ba:
ef:d8:33:78:b0:61:a2:f9:c7:28:87:81:b7:2e:de:f5:71:4a:
f5:2b:16:38:7a:4c:c5:1a:6e:ac:27:99:de:30:8e:83:e2:36:
b1:fc:cd:4a:d3:43:14:6e:51:4c:a6:2b:67:e3:83:4b:47:16:
1c:1f:db:b0:cd:88:7a:31:20:83:6a:ba:5a:d6:f4:c8:eb:49:
42:9a:ee:7f:89:c6:93:33:07:4b:84:d2:fd:89:9b:ca:21:bc:
e4:7c:5b:be:2e:f4:79:f8:2c:21:dc:e2:4e:a4:4e:1d:a2:e1:
63:a4:07:9f:0f:a2:73:52:a1:cc:17:af:e8:79:d4:67:48:c5:
7d:e5:3a:e2:25:36:52:70:ae:85:f6:24:26:b1:0e:ea:6d:4e:
e3:2d:9e:4c:d1:70:de:ba:37:03:32:3e:4c:eb:ab:a9:a8:1a:
15:da:92:a9:54:04:f7:c9:0b:d1:a7:44:ad:0f:28:8b:71:10:
f2:49:67:8f:1d:f2:af:49:b6:ae:35:ae:66:5a:dc:4a:ef:1a:
df:95:46:46
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgISAZKQ4OlmJe7Kx+DJCuk42eRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQxMDE1MTU1MTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGJmNDM1ZjIzMDljYzFjODEyYjVjYmEyMWM2NmNlOTkyZTY5YzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOOTK6kx3XQpYih/d/1FrT4XskZR
WLIQLT3h+dMXU0r8tsBZt2EkFelpYjdwV/1VH/bkx/6GnK3jPJXPEsBDfvkVTvUz
YJHFvYS/uhY6CT2BHwD7HnX80MkYFAXy3zFLYDu/cDiH/NJT8KxHoAQkNUKjMr9R
ygpeiIh0U82mrXlrMHkzvRJE8liQsWEDdMZVryo1S8amZ79nQADXmBJ3xS6vCec2
gVlQf2UAMLODAlgft8TDsGUFYPVQ1nfudb8XKLFFYQosM1bweV+3khB5Pp3E39+5
PE9Ij7bLYPiIHv5SKLDmyvwo+bjGUg1+RV/pN6gQ6l1+vnVLHVQrRjJyHQIDAQAB
o4IDDTCCAwkwHQYDVR0OBBYEFDC/Q18jCcwcgStcuiHGbOmS5pxtMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvTUw5RFh5TUp6QnlCSzF5NkljWnM2WkxtbkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIQYIKwYBBQUHAQcBAf8EggEQMIIBDDBABAIAATA6MAwD
BAcuEIADBAAuEIIDBAFtaJgDBABtaJsDBAKTTgAwDAMEALl+7QMEBLl+4AMEAbnV
FAMEALnVFzCBxwQCAAIwgcADBwAqEQhAAAEDBwAqEQhAAAMwEgMHASoRCEAABgMH
ACoRCEAACDASAwcEKhEIQAAQAwcAKhEIQAAUMBIDBwAqEQhAABcDBwEqEQhAABgw
EgMHBSoRCEAAIAMHACoRCEAAJgMHACoRCEAAMAMHACoRCEAAMwMHASoRCEAAQDAS
AwcAKhEIQABHAwcAKhEIQABIAwcAKhEIQABUAwcAKhEIQABXMBIDBwUqEQhAAGAD
BwEqEQhAAGgDBwEqEQhAAHAwDQYJKoZIhvcNAQELBQADggEBAJS0rO+g8hqKFiTl
mQcJJnodsOK9gey9XpxAtgExiQwSf2vyrYT5pgVMQRGyTHrmmefQAxLWuu/YM3iw
YaL5xyiHgbcu3vVxSvUrFjh6TMUabqwnmd4wjoPiNrH8zUrTQxRuUUymK2fjg0tH
Fhwf27DNiHoxIINqulrW9MjrSUKa7n+JxpMzB0uE0v2Jm8ohvOR8W74u9Hn4LCHc
4k6kTh2i4WOkB58PonNSocwXr+h51GdIxX3lOuIlNlJwroX2JCaxDuptTuMtnkzR
cN66NwMyPkzrq6moGhXakqlUBPfJC9GnRK0PKItxEPJJZ48d8q9Jtq41rmZa3Erv
Gt+VRkY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:54:41 2024 by rpki-client on console-fra.rpki-client.org