Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/94wMGNW9xeBGF_v2nySo_nv9_cw.roa
File: 94wMGNW9xeBGF_v2nySo_nv9_cw.roa (raw, json)
Hash identifier: huHlipSHrKaD1hfcia5B3lrZAT947kk5H7G2rMHKlb8=
Subject key identifier: F7:8C:0C:18:D5:BD:C5:E0:46:17:FB:F6:9F:24:A8:FE:7B:FD:FD:CC
Certificate issuer: /CN=f416539e74934d23a0572f6625dbfdb54e820873
Certificate serial: 018E561DEBCE02B5450F1356120468BE1B96
Authority key identifier: F4:16:53:9E:74:93:4D:23:A0:57:2F:66:25:DB:FD:B5:4E:82:08:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9BZTnnSTTSOgVy9mJdv9tU6CCHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/94wMGNW9xeBGF_v2nySo_nv9_cw.roa
Signing time: Tue 19 Mar 2024 09:49:45 +0000
ROA not before: Tue 19 Mar 2024 09:49:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47394
IP address blocks: 46.255.144.0/21 maxlen: 21
46.255.144.0/22 maxlen: 22
46.255.144.0/24 maxlen: 24
46.255.145.0/24 maxlen: 24
46.255.146.0/24 maxlen: 24
46.255.147.0/24 maxlen: 24
46.255.148.0/22 maxlen: 22
46.255.148.0/24 maxlen: 24
46.255.149.0/24 maxlen: 24
46.255.150.0/24 maxlen: 24
46.255.151.0/24 maxlen: 24
95.107.128.0/21 maxlen: 21
95.107.129.0/24 maxlen: 24
95.107.132.0/24 maxlen: 24
95.107.135.0/24 maxlen: 24
95.107.136.0/21 maxlen: 21
95.107.136.0/24 maxlen: 24
95.107.141.0/24 maxlen: 24
95.107.144.0/23 maxlen: 23
95.107.145.0/24 maxlen: 24
95.107.146.0/23 maxlen: 23
95.107.150.0/24 maxlen: 24
95.107.156.0/24 maxlen: 24
95.107.157.0/24 maxlen: 24
95.107.159.0/24 maxlen: 24
95.107.160.0/21 maxlen: 21
95.107.160.0/22 maxlen: 22
95.107.160.0/24 maxlen: 24
95.107.162.0/23 maxlen: 23
95.107.162.0/24 maxlen: 24
95.107.164.0/22 maxlen: 22
95.107.164.0/24 maxlen: 24
95.107.165.0/24 maxlen: 24
95.107.166.0/24 maxlen: 24
95.107.167.0/24 maxlen: 24
95.107.168.0/22 maxlen: 22
95.107.168.0/23 maxlen: 23
95.107.170.0/23 maxlen: 23
95.107.172.0/23 maxlen: 23
95.107.174.0/24 maxlen: 24
95.107.176.0/21 maxlen: 21
95.107.177.0/24 maxlen: 24
95.107.180.0/22 maxlen: 22
95.107.182.0/24 maxlen: 24
95.107.184.0/21 maxlen: 21
95.107.184.0/22 maxlen: 22
95.107.188.0/22 maxlen: 22
95.107.188.0/24 maxlen: 24
95.107.192.0/22 maxlen: 22
95.107.192.0/24 maxlen: 24
95.107.193.0/24 maxlen: 24
95.107.194.0/23 maxlen: 23
95.107.194.0/24 maxlen: 24
95.107.195.0/24 maxlen: 24
95.107.196.0/22 maxlen: 22
95.107.196.0/23 maxlen: 23
95.107.196.0/24 maxlen: 24
95.107.198.0/23 maxlen: 23
95.107.200.0/21 maxlen: 21
95.107.200.0/24 maxlen: 24
95.107.201.0/24 maxlen: 24
95.107.202.0/23 maxlen: 23
95.107.204.0/22 maxlen: 22
95.107.208.0/20 maxlen: 20
95.107.208.0/21 maxlen: 21
95.107.208.0/22 maxlen: 22
95.107.208.0/23 maxlen: 23
95.107.209.0/24 maxlen: 24
95.107.212.0/22 maxlen: 22
95.107.212.0/23 maxlen: 23
95.107.212.0/24 maxlen: 24
95.107.216.0/21 maxlen: 21
95.107.216.0/22 maxlen: 22
95.107.216.0/23 maxlen: 23
95.107.218.0/23 maxlen: 23
95.107.220.0/22 maxlen: 22
95.107.220.0/23 maxlen: 23
95.107.222.0/23 maxlen: 23
95.107.224.0/20 maxlen: 20
95.107.224.0/22 maxlen: 22
95.107.228.0/22 maxlen: 22
95.107.228.0/24 maxlen: 24
95.107.232.0/22 maxlen: 22
95.107.234.0/23 maxlen: 23
95.107.236.0/22 maxlen: 22
95.107.238.0/23 maxlen: 23
95.107.240.0/20 maxlen: 20
95.107.240.0/22 maxlen: 22
95.107.244.0/22 maxlen: 22
95.107.248.0/22 maxlen: 22
95.107.248.0/23 maxlen: 23
95.107.248.0/24 maxlen: 24
95.107.252.0/22 maxlen: 22
95.107.254.0/23 maxlen: 23
141.8.200.0/21 maxlen: 21
185.118.148.0/22 maxlen: 22
185.118.148.0/23 maxlen: 23
185.118.150.0/23 maxlen: 23
185.122.228.0/22 maxlen: 22
185.122.228.0/23 maxlen: 23
185.122.228.0/24 maxlen: 24
2a03:8480::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/9BZTnnSTTSOgVy9mJdv9tU6CCHM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/9BZTnnSTTSOgVy9mJdv9tU6CCHM.mft
rsync://rpki.ripe.net/repository/DEFAULT/9BZTnnSTTSOgVy9mJdv9tU6CCHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 06:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:1d:eb:ce:02:b5:45:0f:13:56:12:04:68:be:1b:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f416539e74934d23a0572f6625dbfdb54e820873
Validity
Not Before: Mar 19 09:49:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f78c0c18d5bdc5e04617fbf69f24a8fe7bfdfdcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2c:a7:2c:89:e1:5b:7d:28:77:ad:7a:9e:93:
1a:16:dc:eb:9e:84:ec:47:70:40:1d:09:98:83:04:
15:fe:14:80:14:8c:23:5d:58:54:e3:27:20:94:3b:
c9:8c:77:62:e6:a0:85:b4:75:c0:e6:5d:d9:1d:e0:
8a:9d:89:19:73:d4:b6:0b:11:50:a8:9f:53:36:c7:
ae:85:95:cb:90:e5:e4:9d:ab:79:78:10:54:15:b3:
98:9b:c2:7b:4c:cd:0b:04:21:f6:a4:ac:d4:ca:db:
aa:a5:31:59:8c:86:5a:9b:12:7d:fc:fd:41:73:50:
0d:4c:fd:69:91:93:b0:4d:38:ec:f2:8f:86:d7:2a:
40:d6:b9:d0:ec:bd:4a:00:a0:d3:90:7a:5b:8c:9b:
c0:d7:36:ba:65:74:8d:f4:41:83:67:e7:51:db:0c:
e9:f7:5f:3c:e7:fc:a1:58:67:e4:3b:a9:a5:87:d6:
3c:42:0a:90:4a:e1:09:ff:58:08:1c:50:ce:2c:39:
03:9b:b6:d7:2b:f2:87:0b:cd:98:e7:dc:c6:ee:83:
9f:94:0e:68:a6:74:a5:aa:dc:af:ca:3a:72:40:1b:
18:2b:4e:2f:51:76:57:12:bf:1f:d3:f9:bb:8e:aa:
87:88:13:c5:da:ba:93:73:7f:4d:a9:ba:8b:02:12:
72:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:8C:0C:18:D5:BD:C5:E0:46:17:FB:F6:9F:24:A8:FE:7B:FD:FD:CC
X509v3 Authority Key Identifier:
keyid:F4:16:53:9E:74:93:4D:23:A0:57:2F:66:25:DB:FD:B5:4E:82:08:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9BZTnnSTTSOgVy9mJdv9tU6CCHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/94wMGNW9xeBGF_v2nySo_nv9_cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/9BZTnnSTTSOgVy9mJdv9tU6CCHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.144.0/21
95.107.128.0-95.107.147.255
95.107.150.0/24
95.107.156.0/23
95.107.159.0-95.107.174.255
95.107.176.0-95.107.255.255
141.8.200.0/21
185.118.148.0/22
185.122.228.0/22
IPv6:
2a03:8480::/32
Signature Algorithm: sha256WithRSAEncryption
43:46:59:38:a0:24:7f:f3:c0:19:d1:5b:8b:b6:73:e8:7e:78:
9f:c1:9a:17:9d:38:be:99:56:1e:58:3b:72:b7:e5:d2:a7:64:
d6:75:2d:4c:8f:70:68:60:2d:36:92:ae:dc:56:f2:f2:53:39:
52:7e:fe:13:31:01:80:93:f1:c0:25:1a:98:59:0b:8c:95:cb:
24:67:c8:5a:41:cb:8d:5a:d0:37:a3:a1:70:3a:ef:f9:ed:67:
a1:53:61:8a:43:0e:96:3d:09:6c:3a:f0:c7:0d:83:04:82:a9:
5a:e3:7f:58:50:5d:1d:47:a9:05:ad:cd:81:85:76:47:78:ef:
ab:3e:3c:6a:aa:7a:fe:c6:6a:db:28:7c:3e:53:ed:bd:f7:16:
f0:31:d2:42:5f:59:0e:de:8e:02:af:71:bf:63:a0:1c:09:bc:
64:1c:4a:0e:e0:d6:5c:2d:c9:86:0b:96:4c:5a:5d:0e:91:15:
46:3a:31:78:92:4e:7c:c6:0b:29:f6:aa:b8:02:6b:08:88:6e:
18:b3:b1:4d:0f:a9:95:df:cf:b4:c4:ee:d8:6e:16:c4:44:b1:
ac:52:13:e2:d9:a8:0c:9b:d2:e3:5b:37:cc:85:4e:fc:3e:26:
39:39:0a:36:d1:aa:0c:ba:b7:66:38:af:dc:b8:d7:34:de:99:
30:01:07:07
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAY5WHevOArVFDxNWEgRovhuWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0MTY1MzllNzQ5MzRkMjNhMDU3MmY2NjI1ZGJmZGI1NGU4
MjA4NzMwHhcNMjQwMzE5MDk0OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzhjMGMxOGQ1YmRjNWUwNDYxN2ZiZjY5ZjI0YThmZTdiZmRmZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCynLInhW30od616npMaFtzrnoTs
R3BAHQmYgwQV/hSAFIwjXVhU4ycglDvJjHdi5qCFtHXA5l3ZHeCKnYkZc9S2CxFQ
qJ9TNseuhZXLkOXknat5eBBUFbOYm8J7TM0LBCH2pKzUytuqpTFZjIZamxJ9/P1B
c1ANTP1pkZOwTTjs8o+G1ypA1rnQ7L1KAKDTkHpbjJvA1za6ZXSN9EGDZ+dR2wzp
91885/yhWGfkO6mlh9Y8QgqQSuEJ/1gIHFDOLDkDm7bXK/KHC82Y59zG7oOflA5o
pnSlqtyvyjpyQBsYK04vUXZXEr8f0/m7jqqHiBPF2rqTc39NqbqLAhJyrQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFPeMDBjVvcXgRhf79p8kqP57/f3MMB8GA1UdIwQY
MBaAFPQWU550k00joFcvZiXb/bVOgghzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUJaVG5uU1RUU09nVnk5bUpkdjl0VTZDQ0hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy81M2U0OTYtMDA5Ny00NjJhLWE5ODkt
ZDY3YTYxZDU0MTZkLzEvOTR3TUdOVzl4ZUJHRl92Mm55U29fbnY5X2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy81M2U0OTYtMDA5Ny00NjJhLWE5ODktZDY3YTYxZDU0MTZk
LzEvOUJaVG5uU1RUU09nVnk5bUpkdjl0VTZDQ0hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBTBAIAATBNAwQDLv+QMAwD
BAdfa4ADBAJfa5ADBABfa5YDBAFfa5wwDAMEAF9rnwMEAF9rrjALAwQEX2uwAwMC
X2gDBAONCMgDBAK5dpQDBAK5euQwDQQCAAIwBwMFACoDhIAwDQYJKoZIhvcNAQEL
BQADggEBAENGWTigJH/zwBnRW4u2c+h+eJ/BmhedOL6ZVh5YO3K35dKnZNZ1LUyP
cGhgLTaSrtxW8vJTOVJ+/hMxAYCT8cAlGphZC4yVyyRnyFpBy41a0DejoXA67/nt
Z6FTYYpDDpY9CWw68McNgwSCqVrjf1hQXR1HqQWtzYGFdkd476s+PGqqev7Gatso
fD5T7b33FvAx0kJfWQ7ejgKvcb9joBwJvGQcSg7g1lwtyYYLlkxaXQ6RFUY6MXiS
TnzGCyn2qrgCawiIbhizsU0PqZXfz7TE7thuFsREsaxSE+LZqAyb0uNbN8yFTvw+
Jjk5CjbRqgy6t2Y4r9y41zTemTABBwc=
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:05:38 2024 by rpki-client on console-ams.rpki-client.org