Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/wyBaSgonGwiIlmefwzF7uGRhW5g.roa
File: wyBaSgonGwiIlmefwzF7uGRhW5g.roa (raw, json)
Hash identifier: TlSw1+r01sWQ1upG1LPV9MMtjaHmh3rZeFfWbVSMTcc=
Subject key identifier: C3:20:5A:4A:0A:27:1B:08:88:96:67:9F:C3:31:7B:B8:64:61:5B:98
Certificate issuer: /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Certificate serial: 018F5E48708619E4E98B54F0B66B0F1CCE4F
Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/wyBaSgonGwiIlmefwzF7uGRhW5g.roa
Signing time: Thu 09 May 2024 16:55:56 +0000
ROA not before: Thu 09 May 2024 16:55:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198610
IP address blocks: 5.35.80.0/20 maxlen: 24
5.101.152.0/21 maxlen: 24
5.101.152.0/24 maxlen: 24
5.101.153.0/24 maxlen: 24
5.101.153.242/32 maxlen: 32
5.101.153.244/32 maxlen: 32
5.101.154.0/24 maxlen: 24
5.101.154.191/32 maxlen: 32
5.101.155.0/24 maxlen: 24
5.101.156.0/24 maxlen: 24
5.101.157.0/24 maxlen: 24
5.101.158.0/24 maxlen: 24
5.101.159.0/24 maxlen: 24
5.181.108.0/22 maxlen: 24
5.181.108.0/24 maxlen: 24
5.181.109.0/24 maxlen: 24
5.181.110.0/24 maxlen: 24
5.181.111.0/24 maxlen: 24
31.128.32.0/22 maxlen: 24
31.128.36.0/22 maxlen: 24
31.129.96.0/20 maxlen: 24
31.129.96.0/24 maxlen: 24
31.129.98.0/24 maxlen: 24
45.9.40.0/22 maxlen: 24
45.9.40.0/24 maxlen: 24
45.9.41.0/24 maxlen: 24
45.9.42.0/24 maxlen: 24
45.9.43.0/24 maxlen: 24
45.12.16.0/22 maxlen: 24
45.12.16.0/24 maxlen: 24
45.12.17.0/24 maxlen: 24
45.12.18.0/24 maxlen: 24
45.12.19.0/24 maxlen: 24
45.12.72.0/22 maxlen: 24
45.12.236.0/22 maxlen: 24
45.12.236.0/24 maxlen: 24
45.12.237.0/24 maxlen: 24
45.12.238.0/24 maxlen: 24
45.12.239.0/24 maxlen: 24
45.67.56.0/22 maxlen: 24
45.67.56.0/24 maxlen: 24
45.67.57.0/24 maxlen: 24
45.67.58.0/24 maxlen: 24
45.67.59.0/24 maxlen: 24
45.80.68.0/22 maxlen: 24
45.80.68.0/24 maxlen: 24
45.80.69.0/24 maxlen: 24
45.80.70.0/24 maxlen: 24
45.80.71.0/24 maxlen: 24
45.84.224.0/22 maxlen: 24
45.84.224.0/24 maxlen: 24
45.84.225.0/24 maxlen: 24
45.84.226.0/24 maxlen: 24
45.84.227.0/24 maxlen: 24
45.90.32.0/22 maxlen: 24
45.90.32.0/24 maxlen: 24
45.90.33.0/24 maxlen: 24
45.90.34.0/24 maxlen: 24
45.90.35.0/24 maxlen: 24
45.130.40.0/22 maxlen: 24
45.130.40.0/24 maxlen: 24
45.130.41.0/24 maxlen: 24
45.130.42.0/24 maxlen: 24
45.130.43.0/24 maxlen: 24
45.141.76.0/22 maxlen: 24
45.141.76.0/24 maxlen: 24
45.141.77.0/24 maxlen: 24
45.141.78.0/24 maxlen: 24
45.141.79.0/24 maxlen: 24
45.146.164.0/22 maxlen: 24
45.146.164.0/24 maxlen: 24
45.146.165.0/24 maxlen: 24
45.146.166.0/24 maxlen: 24
45.146.167.0/24 maxlen: 24
45.147.176.0/22 maxlen: 24
45.147.176.0/24 maxlen: 24
45.147.177.0/24 maxlen: 24
45.147.178.0/24 maxlen: 24
45.147.179.0/24 maxlen: 24
62.113.96.0/20 maxlen: 24
62.113.96.0/24 maxlen: 24
62.113.97.0/24 maxlen: 24
62.113.98.0/24 maxlen: 24
62.113.99.0/24 maxlen: 24
62.113.100.0/24 maxlen: 24
62.113.101.0/24 maxlen: 24
62.113.102.0/24 maxlen: 24
62.113.103.0/24 maxlen: 24
62.113.104.0/24 maxlen: 24
62.113.105.0/24 maxlen: 24
62.113.106.0/24 maxlen: 24
62.113.107.0/24 maxlen: 24
62.113.108.0/24 maxlen: 24
62.113.109.0/24 maxlen: 24
62.113.110.0/24 maxlen: 24
62.113.111.0/24 maxlen: 24
62.217.176.0/21 maxlen: 24
62.217.176.0/24 maxlen: 24
62.217.177.0/24 maxlen: 24
62.217.178.0/24 maxlen: 24
62.217.179.0/24 maxlen: 24
62.217.180.0/24 maxlen: 24
62.217.181.0/24 maxlen: 24
62.217.182.0/24 maxlen: 24
62.217.183.0/24 maxlen: 24
81.200.112.0/21 maxlen: 24
81.200.112.0/24 maxlen: 24
81.200.113.0/24 maxlen: 24
81.200.114.0/24 maxlen: 24
81.200.115.0/24 maxlen: 24
81.200.116.0/24 maxlen: 24
81.200.117.0/24 maxlen: 24
81.200.118.0/24 maxlen: 24
81.200.119.0/24 maxlen: 24
87.236.16.0/21 maxlen: 24
87.236.16.0/24 maxlen: 24
87.236.17.0/24 maxlen: 24
87.236.17.122/32 maxlen: 32
87.236.18.0/24 maxlen: 24
87.236.19.0/24 maxlen: 24
87.236.20.0/24 maxlen: 24
87.236.21.0/24 maxlen: 24
87.236.22.0/24 maxlen: 24
87.236.23.0/24 maxlen: 24
91.106.200.0/21 maxlen: 24
91.106.200.0/24 maxlen: 24
91.106.201.0/24 maxlen: 24
91.106.202.0/24 maxlen: 24
91.106.203.0/24 maxlen: 24
91.106.204.0/24 maxlen: 24
91.106.205.0/24 maxlen: 24
91.106.206.0/24 maxlen: 24
91.106.207.0/24 maxlen: 24
95.214.60.0/22 maxlen: 24
95.214.60.0/24 maxlen: 24
95.214.61.0/24 maxlen: 24
95.214.62.0/24 maxlen: 24
95.214.63.0/24 maxlen: 24
185.19.204.0/22 maxlen: 24
185.19.204.0/24 maxlen: 24
185.19.205.0/24 maxlen: 24
185.19.206.0/24 maxlen: 24
185.19.207.0/24 maxlen: 24
185.50.24.0/22 maxlen: 24
185.50.24.0/24 maxlen: 24
185.50.25.0/24 maxlen: 24
185.50.26.0/24 maxlen: 24
185.50.27.0/24 maxlen: 24
185.78.28.0/22 maxlen: 24
185.78.28.0/24 maxlen: 24
185.78.29.0/24 maxlen: 24
185.78.30.0/24 maxlen: 24
185.78.31.0/24 maxlen: 24
185.155.118.0/24 maxlen: 24
185.225.32.0/22 maxlen: 24
185.225.32.0/24 maxlen: 24
185.225.33.0/24 maxlen: 24
185.225.34.0/24 maxlen: 24
185.225.35.0/24 maxlen: 24
193.168.46.0/23 maxlen: 24
193.168.46.0/24 maxlen: 24
193.168.47.0/24 maxlen: 24
193.168.48.0/23 maxlen: 24
193.168.48.0/24 maxlen: 24
193.168.49.0/24 maxlen: 24
193.176.76.0/22 maxlen: 24
193.176.76.0/24 maxlen: 24
193.176.77.0/24 maxlen: 24
193.176.78.0/24 maxlen: 24
193.176.79.0/24 maxlen: 24
193.200.72.0/22 maxlen: 24
193.200.72.0/24 maxlen: 24
193.200.73.0/24 maxlen: 24
193.200.74.0/24 maxlen: 24
193.200.75.0/24 maxlen: 24
213.139.208.0/22 maxlen: 24
213.139.208.0/24 maxlen: 24
213.139.209.0/24 maxlen: 24
213.139.210.0/24 maxlen: 24
213.139.211.0/24 maxlen: 24
217.172.24.0/22 maxlen: 24
217.172.24.0/24 maxlen: 24
217.172.25.0/24 maxlen: 24
217.172.26.0/24 maxlen: 24
217.172.27.0/24 maxlen: 24
2a04:bac0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.mft
rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5e:48:70:86:19:e4:e9:8b:54:f0:b6:6b:0f:1c:ce:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Validity
Not Before: May 9 16:55:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3205a4a0a271b088896679fc3317bb864615b98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:95:67:ec:d0:87:ff:8a:e8:06:f8:f1:d1:34:
30:79:e4:9d:fb:dc:88:8e:07:ba:78:d0:00:e5:34:
43:3b:9e:ab:da:a6:6f:4e:74:7f:64:96:06:d4:cd:
2e:55:a1:43:ee:37:a5:91:62:55:72:02:c9:f5:63:
9e:82:93:75:57:79:91:db:c2:77:50:60:a5:e3:83:
51:27:3d:55:81:e7:db:e0:9e:71:aa:46:1c:af:e5:
4e:fa:57:ae:fe:c3:c6:d0:d7:ce:28:b7:9f:57:35:
6b:b0:63:d0:5b:8e:e1:dd:18:3d:4e:5f:78:b7:1a:
dd:5b:fe:96:af:e1:d8:3f:84:d4:91:88:b2:bf:e2:
98:bd:54:25:97:d3:8f:45:4c:58:12:4a:e8:33:89:
0f:d1:35:64:c0:a9:41:21:5c:67:9a:61:c9:01:ae:
cc:59:5e:7b:1d:44:16:8c:a2:60:d7:dc:d1:0d:96:
62:53:cc:c5:0c:ae:d5:91:34:16:67:57:5e:54:50:
ac:b8:73:21:6e:77:f0:d4:89:01:1e:18:4c:7f:7e:
95:05:46:3c:32:b9:d6:ef:a9:7c:91:c5:72:96:65:
a1:c7:c1:dc:a6:58:64:a8:86:17:4a:37:23:19:26:
d0:5b:4e:4c:f5:24:15:e6:95:91:1f:8d:0c:0a:4c:
79:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:20:5A:4A:0A:27:1B:08:88:96:67:9F:C3:31:7B:B8:64:61:5B:98
X509v3 Authority Key Identifier:
keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/wyBaSgonGwiIlmefwzF7uGRhW5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.80.0/20
5.101.152.0/21
5.181.108.0/22
31.128.32.0/21
31.129.96.0/20
45.9.40.0/22
45.12.16.0/22
45.12.72.0/22
45.12.236.0/22
45.67.56.0/22
45.80.68.0/22
45.84.224.0/22
45.90.32.0/22
45.130.40.0/22
45.141.76.0/22
45.146.164.0/22
45.147.176.0/22
62.113.96.0/20
62.217.176.0/21
81.200.112.0/21
87.236.16.0/21
91.106.200.0/21
95.214.60.0/22
185.19.204.0/22
185.50.24.0/22
185.78.28.0/22
185.155.118.0/24
185.225.32.0/22
193.168.46.0-193.168.49.255
193.176.76.0/22
193.200.72.0/22
213.139.208.0/22
217.172.24.0/22
IPv6:
2a04:bac0::/29
Signature Algorithm: sha256WithRSAEncryption
0a:3a:81:91:94:ef:df:93:a0:36:89:5c:58:29:fb:6d:20:97:
94:05:08:45:24:1b:a1:a8:77:05:2c:9b:d7:bf:1c:57:1e:a5:
7c:e4:af:a9:7a:1e:9d:f3:af:75:a8:bb:42:2b:da:a8:64:4b:
51:b4:80:72:6e:c1:a1:50:6c:e6:26:0a:62:e1:a1:65:db:28:
7a:af:4c:4b:c0:f7:8b:a2:d9:59:b4:e7:af:02:7b:81:2e:0a:
2d:66:94:53:f6:f9:4a:6c:da:e6:13:bc:4e:8e:2a:c4:4e:12:
dd:34:a0:24:d2:2f:e6:61:09:4b:09:64:78:82:6f:ec:5d:5f:
b0:80:18:ee:94:fa:3f:3b:cb:d1:f2:70:c3:54:57:9e:ba:16:
d5:d8:e3:8a:92:b2:aa:c4:1a:30:69:3e:0d:20:a3:86:d7:f9:
e2:84:ca:ae:9d:32:77:4e:69:ad:25:dd:b8:0c:10:54:93:35:
61:d2:d6:21:87:24:b2:7a:0b:3d:aa:72:1b:d4:f2:4e:30:55:
5b:cb:a4:68:34:1d:fe:75:aa:81:34:18:bc:af:3b:04:c4:a1:
4f:24:b8:bb:50:b6:d4:34:17:7b:f1:f2:f3:0d:06:09:b8:7d:
fa:55:79:ff:23:f9:7d:be:37:47:0f:c1:59:ff:8a:df:89:40:
52:10:81:44
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgISAY9eSHCGGeTpi1TwtmsPHM5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzNlZWI4ZDAyZjVmNjQ3ODhiM2ZkYzc4ZDZiYWI4YTU1
ZmQxNmEwHhcNMjQwNTA5MTY1NTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzIwNWE0YTBhMjcxYjA4ODg5NjY3OWZjMzMxN2JiODY0NjE1Yjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ZVn7NCH/4roBvjx0TQweeSd+9yI
jge6eNAA5TRDO56r2qZvTnR/ZJYG1M0uVaFD7jelkWJVcgLJ9WOegpN1V3mR28J3
UGCl44NRJz1Vgefb4J5xqkYcr+VO+leu/sPG0NfOKLefVzVrsGPQW47h3Rg9Tl94
txrdW/6Wr+HYP4TUkYiyv+KYvVQll9OPRUxYEkroM4kP0TVkwKlBIVxnmmHJAa7M
WV57HUQWjKJg19zRDZZiU8zFDK7VkTQWZ1deVFCsuHMhbnfw1IkBHhhMf36VBUY8
MrnW76l8kcVylmWhx8HcplhkqIYXSjcjGSbQW05M9SQV5pWRH40MCkx5+wIDAQAB
o4IC5TCCAuEwHQYDVR0OBBYEFMMgWkoKJxsIiJZnn8Mxe7hkYVuYMB8GA1UdIwQY
MBaAFEFz7rjQL19keIs/3HjWurilX9FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmIt
ZDgzZWQxNDBkMjhkLzEvd3lCYVNnb25Hd2lJbG1lZnd6Rjd1R1JoVzVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmItZDgzZWQxNDBkMjhk
LzEvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH6BggrBgEFBQcBBwEB/wSB6jCB5zCB1QQCAAEwgc4DBAQF
I1ADBAMFZZgDBAIFtWwDBAMfgCADBAQfgWADBAItCSgDBAItDBADBAItDEgDBAIt
DOwDBAItQzgDBAItUEQDBAItVOADBAItWiADBAItgigDBAItjUwDBAItkqQDBAIt
k7ADBAQ+cWADBAM+2bADBANRyHADBANX7BADBANbasgDBAJf1jwDBAK5E8wDBAK5
MhgDBAK5ThwDBAC5m3YDBAK54SAwDAMEAcGoLgMEAcGoMAMEAsGwTAMEAsHISAME
AtWL0AMEAtmsGDANBAIAAjAHAwUDKgS6wDANBgkqhkiG9w0BAQsFAAOCAQEACjqB
kZTv35OgNolcWCn7bSCXlAUIRSQboah3BSyb178cVx6lfOSvqXoenfOvdai7Qiva
qGRLUbSAcm7BoVBs5iYKYuGhZdsoeq9MS8D3i6LZWbTnrwJ7gS4KLWaUU/b5Smza
5hO8To4qxE4S3TSgJNIv5mEJSwlkeIJv7F1fsIAY7pT6PzvL0fJww1RXnroW1djj
ipKyqsQaMGk+DSCjhtf54oTKrp0yd05prSXduAwQVJM1YdLWIYcksnoLPapyG9Ty
TjBVW8ukaDQd/nWqgTQYvK87BMShTyS4u1C21DQXe/Hy8w0GCbh9+lV5/yP5fb43
Rw/BWf+K34lAUhCBRA==
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:42:08 2024 by rpki-client on console-fra.rpki-client.org