Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/gLgUPQtDha0hsGHR3kl2d5OHsvk.roa
File: gLgUPQtDha0hsGHR3kl2d5OHsvk.roa (raw, json)
Hash identifier: tr7QxLR/V68VG/yUWSwxmBDEFDc3djng62FWYELQsRI=
Subject key identifier: 80:B8:14:3D:0B:43:85:AD:21:B0:61:D1:DE:49:76:77:93:87:B2:F9
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 019121727FF5995F6486BA15143AED29924B
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/gLgUPQtDha0hsGHR3kl2d5OHsvk.roa
Signing time: Mon 05 Aug 2024 07:30:37 +0000
ROA not before: Mon 05 Aug 2024 07:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8447
IP address blocks: 46.74.0.0/15 maxlen: 23
46.206.0.0/15 maxlen: 15
62.46.0.0/15 maxlen: 15
62.116.32.0/19 maxlen: 19
80.75.32.0/19 maxlen: 22
80.75.34.0/24 maxlen: 24
80.75.56.0/21 maxlen: 21
80.89.96.0/20 maxlen: 20
80.120.0.0/14 maxlen: 24
80.240.224.0/20 maxlen: 24
81.5.192.0/18 maxlen: 18
84.20.160.0/19 maxlen: 19
85.90.128.0/19 maxlen: 19
88.116.0.0/15 maxlen: 15
88.116.217.0/24 maxlen: 24
89.144.192.0/18 maxlen: 18
91.112.0.0/14 maxlen: 14
92.248.0.0/17 maxlen: 17
93.82.0.0/15 maxlen: 15
93.111.0.0/16 maxlen: 23
176.66.0.0/18 maxlen: 18
176.66.128.0/17 maxlen: 17
178.188.0.0/14 maxlen: 14
185.157.248.0/22 maxlen: 22
188.20.0.0/14 maxlen: 24
188.45.0.0/16 maxlen: 16
192.164.0.0/19 maxlen: 19
192.164.32.0/22 maxlen: 22
192.164.39.0/24 maxlen: 24
192.164.40.0/21 maxlen: 21
192.164.48.0/20 maxlen: 20
192.164.64.0/21 maxlen: 21
192.164.80.0/20 maxlen: 20
192.164.96.0/19 maxlen: 19
192.164.128.0/19 maxlen: 19
192.164.208.0/20 maxlen: 20
192.164.224.0/19 maxlen: 19
193.80.0.0/15 maxlen: 15
193.83.0.0/16 maxlen: 16
193.154.0.0/16 maxlen: 16
193.187.212.0/22 maxlen: 22
193.187.216.0/21 maxlen: 21
193.187.224.0/20 maxlen: 20
193.187.240.0/22 maxlen: 22
194.48.124.0/22 maxlen: 22
194.48.128.0/21 maxlen: 21
194.48.136.0/22 maxlen: 22
194.48.136.0/24 maxlen: 24
194.96.0.0/16 maxlen: 16
194.118.0.0/16 maxlen: 16
194.152.96.0/19 maxlen: 19
194.152.160.0/19 maxlen: 19
194.166.0.0/16 maxlen: 16
195.3.64.0/18 maxlen: 18
195.64.0.0/19 maxlen: 19
195.170.64.0/19 maxlen: 19
195.230.32.0/19 maxlen: 19
212.16.32.0/19 maxlen: 19
212.60.160.0/19 maxlen: 19
212.88.0.0/19 maxlen: 19
212.88.160.0/19 maxlen: 24
212.124.128.0/19 maxlen: 19
212.183.0.0/17 maxlen: 24
212.197.128.0/18 maxlen: 18
213.33.0.0/17 maxlen: 17
213.33.63.0/24 maxlen: 24
213.147.160.0/19 maxlen: 19
213.157.128.0/19 maxlen: 19
213.225.0.0/18 maxlen: 18
213.240.64.0/18 maxlen: 18
217.149.160.0/20 maxlen: 20
2001:850::/29 maxlen: 29
2001:870::/29 maxlen: 29
2001:890::/29 maxlen: 29
2001:4bb8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:21:72:7f:f5:99:5f:64:86:ba:15:14:3a:ed:29:92:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Aug 5 07:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80b8143d0b4385ad21b061d1de4976779387b2f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:41:3c:2f:e2:48:fe:11:a4:17:c8:2a:92:e9:
10:76:18:fe:15:6b:0c:ee:68:bc:ee:ab:c4:df:47:
9a:5e:df:5c:36:48:98:81:e8:90:86:10:14:8d:92:
94:a8:9c:e4:5d:fc:00:12:6e:c5:3a:36:bb:9d:66:
63:9f:23:03:93:d7:3c:5d:c1:5d:4f:33:56:e8:1d:
c3:3a:95:c2:44:47:3a:8b:dd:51:f4:1e:da:9f:1c:
9a:52:7a:38:64:3a:8b:0d:c9:75:55:77:44:d1:36:
14:3e:c7:ef:44:ad:a5:36:b6:7f:6a:dd:eb:3c:32:
95:70:00:bb:ff:2c:d1:1b:92:ab:2f:6f:79:19:36:
9e:ba:9c:e3:03:1e:da:ed:c4:01:92:3e:be:d6:18:
90:ff:44:cb:d5:fd:3f:c0:c2:b8:78:a2:93:79:7e:
ae:52:90:a0:0a:23:65:3d:9e:ec:8f:5b:95:22:78:
c6:7c:2a:51:80:31:95:63:6b:4f:09:11:df:67:d3:
5d:42:2f:4e:3e:d4:e4:20:f9:05:b4:36:4c:e3:ed:
dc:5a:06:3b:8d:27:88:d8:98:cd:27:8f:1b:11:58:
3c:52:77:e1:7a:cd:8b:de:41:f5:05:b8:ae:e3:1f:
4a:fe:2a:04:f3:8d:3d:0e:e4:4f:ed:91:88:da:54:
2e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:B8:14:3D:0B:43:85:AD:21:B0:61:D1:DE:49:76:77:93:87:B2:F9
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/gLgUPQtDha0hsGHR3kl2d5OHsvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.74.0.0/15
46.206.0.0/15
62.46.0.0/15
62.116.32.0/19
80.75.32.0/19
80.89.96.0/20
80.120.0.0/14
80.240.224.0/20
81.5.192.0/18
84.20.160.0/19
85.90.128.0/19
88.116.0.0/15
89.144.192.0/18
91.112.0.0/14
92.248.0.0/17
93.82.0.0/15
93.111.0.0/16
176.66.0.0/18
176.66.128.0/17
178.188.0.0/14
185.157.248.0/22
188.20.0.0/14
188.45.0.0/16
192.164.0.0-192.164.35.255
192.164.39.0-192.164.71.255
192.164.80.0-192.164.159.255
192.164.208.0-192.164.255.255
193.80.0.0/15
193.83.0.0/16
193.154.0.0/16
193.187.212.0-193.187.243.255
194.48.124.0-194.48.139.255
194.96.0.0/16
194.118.0.0/16
194.152.96.0/19
194.152.160.0/19
194.166.0.0/16
195.3.64.0/18
195.64.0.0/19
195.170.64.0/19
195.230.32.0/19
212.16.32.0/19
212.60.160.0/19
212.88.0.0/19
212.88.160.0/19
212.124.128.0/19
212.183.0.0/17
212.197.128.0/18
213.33.0.0/17
213.147.160.0/19
213.157.128.0/19
213.225.0.0/18
213.240.64.0/18
217.149.160.0/20
IPv6:
2001:850::/29
2001:870::/29
2001:890::/29
2001:4bb8::/29
Signature Algorithm: sha256WithRSAEncryption
8a:a0:1e:2f:4c:58:12:16:a6:ea:09:ff:41:bb:0b:79:86:7c:
8c:f8:76:9b:29:3e:35:f9:10:b8:99:08:12:1d:f9:fa:34:83:
48:db:73:46:6a:74:ec:cb:0c:0d:55:e7:eb:d7:11:b5:0b:38:
ac:fb:77:75:1e:78:6b:4d:ff:32:bb:6f:9d:fb:5a:af:7f:a5:
54:86:ee:ee:dd:34:c6:ea:b6:0e:14:b3:cf:f9:18:e3:c4:ee:
7d:cd:89:ce:b8:34:88:09:1d:c3:f5:3d:33:00:7d:11:bc:a7:
f3:76:67:00:bc:38:45:48:da:1f:4c:58:7d:38:55:5d:0a:7a:
5d:fa:86:b1:b8:c4:c1:ec:c0:35:9f:92:5a:c8:a9:96:23:1d:
36:f9:71:4b:af:f5:bb:d7:c9:43:2f:f9:98:11:57:bc:d6:ce:
5e:44:06:56:1b:4f:0f:07:d4:ef:74:36:39:14:bf:0d:07:29:
37:7f:ac:c8:16:2b:42:10:aa:16:5c:1c:8b:c6:47:15:49:38:
c7:e5:87:69:ea:4a:87:5e:7c:bf:75:d7:60:32:24:81:32:04:
d8:be:47:82:41:20:ac:f6:c6:87:66:12:25:b7:ca:3a:ce:cd:
3a:1b:ac:f8:3a:9d:c5:3d:b5:07:c7:6a:80:7f:b4:de:50:56:
90:69:68:98
-----BEGIN CERTIFICATE-----
MIIGhjCCBW6gAwIBAgISAZEhcn/1mV9khroVFDrtKZJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjQwODA1MDczMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGI4MTQzZDBiNDM4NWFkMjFiMDYxZDFkZTQ5NzY3NzkzODdiMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskE8L+JI/hGkF8gqkukQdhj+FWsM
7mi87qvE30eaXt9cNkiYgeiQhhAUjZKUqJzkXfwAEm7FOja7nWZjnyMDk9c8XcFd
TzNW6B3DOpXCREc6i91R9B7anxyaUno4ZDqLDcl1VXdE0TYUPsfvRK2lNrZ/at3r
PDKVcAC7/yzRG5KrL295GTaeupzjAx7a7cQBkj6+1hiQ/0TL1f0/wMK4eKKTeX6u
UpCgCiNlPZ7sj1uVInjGfCpRgDGVY2tPCRHfZ9NdQi9OPtTkIPkFtDZM4+3cWgY7
jSeI2JjNJ48bEVg8Unfhes2L3kH1Bbiu4x9K/ioE8409DuRP7ZGI2lQu2QIDAQAB
o4IDkjCCA44wHQYDVR0OBBYEFIC4FD0LQ4WtIbBh0d5JdneTh7L5MB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvZ0xnVVBRdERoYTBoc0dIUjNrbDJkNU9Ic3ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBpgYIKwYBBQUHAQcBAf8EggGVMIIBkTCCAWkEAgABMIIB
YQMDAS5KAwMBLs4DAwE+LgMEBT50IAMEBVBLIAMEBFBZYAMDAlB4AwQEUPDgAwQG
UQXAAwQFVBSgAwQFVVqAAwMBWHQDBAZZkMADAwJbcAMEB1z4AAMDAV1SAwMAXW8D
BAawQgADBAewQoADAwKyvAMEArmd+AMDArwUAwMAvC0wCwMDAsCkAwQCwKQgMAwD
BADApCcDBAPApEAwDAMEBMCkUAMEBcCkgDALAwQEwKTQAwMAwKQDAwHBUAMDAMFT
AwMAwZowDAMEAsG71AMEAsG78DAMAwQCwjB8AwQCwjCIAwMAwmADAwDCdgMEBcKY
YAMEBcKYoAMDAMKmAwQGwwNAAwQFw0AAAwQFw6pAAwQFw+YgAwQF1BAgAwQF1Dyg
AwQF1FgAAwQF1FigAwQF1HyAAwQH1LcAAwQG1MWAAwQH1SEAAwQF1ZOgAwQF1Z2A
AwQG1eEAAwQG1fBAAwQE2ZWgMCIEAgACMBwDBQMgAQhQAwUDIAEIcAMFAyABCJAD
BQMgAUu4MA0GCSqGSIb3DQEBCwUAA4IBAQCKoB4vTFgSFqbqCf9Buwt5hnyM+Hab
KT41+RC4mQgSHfn6NINI23NGanTsywwNVefr1xG1Czis+3d1HnhrTf8yu2+d+1qv
f6VUhu7u3TTG6rYOFLPP+RjjxO59zYnOuDSICR3D9T0zAH0RvKfzdmcAvDhFSNof
TFh9OFVdCnpd+oaxuMTB7MA1n5JayKmWIx02+XFLr/W718lDL/mYEVe81s5eRAZW
G08PB9TvdDY5FL8NByk3f6zIFitCEKoWXByLxkcVSTjH5Ydp6kqHXny/dddgMiSB
MgTYvkeCQSCs9saHZhIlt8o6zs06G6z4Op3FPbUHx2qAf7TeUFaQaWiY
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:22:20 2024 by rpki-client on console-fra.rpki-client.org