Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/mApTfZeMKpXZyApSN_EyRr0WTBU.roa
File: mApTfZeMKpXZyApSN_EyRr0WTBU.roa (raw, json)
Hash identifier: Do8828YtqP1xUd/bHTQtOApp2nCMLCy3sv+jWKhAWmM=
Subject key identifier: 98:0A:53:7D:97:8C:2A:95:D9:C8:0A:52:37:F1:32:46:BD:16:4C:15
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01929FCEB5C410FBEA01DC5FCF00CF822B49
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/mApTfZeMKpXZyApSN_EyRr0WTBU.roa
Signing time: Fri 18 Oct 2024 13:26:16 +0000
ROA not before: Fri 18 Oct 2024 13:26:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200740
IP address blocks: 45.9.72.0/24 maxlen: 24
45.138.73.0/24 maxlen: 24
46.17.105.0/24 maxlen: 24
80.76.32.0/23 maxlen: 23
80.76.34.0/23 maxlen: 23
91.217.76.0/24 maxlen: 24
92.118.8.0/23 maxlen: 23
94.142.136.0/23 maxlen: 23
94.142.136.0/24 maxlen: 24
94.142.137.0/24 maxlen: 24
95.214.9.0/24 maxlen: 24
95.214.10.0/23 maxlen: 23
95.214.10.0/24 maxlen: 24
95.214.11.0/24 maxlen: 24
185.40.7.0/24 maxlen: 24
185.58.204.0/24 maxlen: 24
185.94.164.0/23 maxlen: 23
185.94.164.0/24 maxlen: 24
185.94.165.0/24 maxlen: 24
185.102.136.0/24 maxlen: 24
185.103.252.0/23 maxlen: 23
185.103.252.0/24 maxlen: 24
185.103.253.0/24 maxlen: 24
185.103.254.0/23 maxlen: 23
185.103.254.0/24 maxlen: 24
185.103.255.0/24 maxlen: 24
185.112.81.0/24 maxlen: 24
185.114.72.0/23 maxlen: 23
185.114.72.0/24 maxlen: 24
185.114.73.0/24 maxlen: 24
185.117.116.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.200.190.0/24 maxlen: 24
185.232.170.0/23 maxlen: 23
185.233.80.0/23 maxlen: 23
185.233.82.0/24 maxlen: 24
185.233.202.0/23 maxlen: 23
185.252.144.0/24 maxlen: 24
193.124.182.0/24 maxlen: 24
193.124.183.0/24 maxlen: 24
193.124.188.0/23 maxlen: 23
193.124.190.0/24 maxlen: 24
193.239.160.0/23 maxlen: 23
193.239.166.0/23 maxlen: 23
194.36.178.0/23 maxlen: 23
2a04:5200:68::/48 maxlen: 48
2a04:5201:2::/48 maxlen: 48
2a04:5201:4::/48 maxlen: 48
2a04:5201:6::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:9::/48 maxlen: 48
2a04:5201:10::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 06:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9f:ce:b5:c4:10:fb:ea:01:dc:5f:cf:00:cf:82:2b:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Oct 18 13:26:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=980a537d978c2a95d9c80a5237f13246bd164c15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:11:19:10:8d:b3:1e:77:0f:47:31:c3:fe:ef:
de:ca:14:32:00:0a:3c:51:ee:93:f0:2b:5c:36:ec:
f6:aa:2f:df:be:67:09:2b:2e:0a:ab:70:83:92:3f:
7e:b0:a4:7d:0d:ea:8b:17:24:9e:5e:9b:10:81:ec:
db:37:44:c8:0b:09:7e:01:e6:cf:bc:ed:38:2b:f9:
68:92:ed:14:0e:52:85:e5:a3:8a:f6:cc:9e:73:0c:
71:db:c7:a4:e7:f7:e1:f3:53:3e:c5:a5:ec:59:69:
3d:36:d3:c7:db:2e:8c:77:40:b6:bf:e1:4a:c6:a8:
cd:28:b1:7e:e7:c1:0c:b5:80:f8:ab:1c:9b:3b:3e:
af:32:d0:e9:cd:fc:6f:e1:fc:0e:ed:1d:3d:c9:0c:
88:b3:ff:b2:94:aa:79:b1:7f:11:66:1c:a3:49:fe:
93:98:b4:5f:52:0c:7d:83:66:ed:71:0f:5b:1f:64:
fa:40:08:1c:07:12:6b:a4:4e:0f:b1:12:12:6f:89:
f8:a7:37:7a:84:f2:97:39:be:51:95:be:11:9d:9f:
c0:54:4d:df:e9:91:83:f4:ae:5b:dd:98:fc:47:a2:
7a:38:a7:34:ef:52:87:a6:23:e5:16:ab:b4:37:14:
32:ce:c0:37:3b:d7:0c:39:d3:0d:03:88:8c:17:71:
4b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:0A:53:7D:97:8C:2A:95:D9:C8:0A:52:37:F1:32:46:BD:16:4C:15
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/mApTfZeMKpXZyApSN_EyRr0WTBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
45.138.73.0/24
46.17.105.0/24
80.76.32.0/22
91.217.76.0/24
92.118.8.0/23
94.142.136.0/23
95.214.9.0-95.214.11.255
185.40.7.0/24
185.58.204.0/24
185.94.164.0/23
185.102.136.0/24
185.103.252.0/22
185.112.81.0/24
185.114.72.0/23
185.117.116.0/24
185.117.119.0/24
185.200.190.0/24
185.232.170.0/23
185.233.80.0-185.233.82.255
185.233.202.0/23
185.252.144.0/24
193.124.182.0/23
193.124.188.0-193.124.190.255
193.239.160.0/23
193.239.166.0/23
194.36.178.0/23
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:9::/48
2a04:5201:10::/48
2a04:5201:8018::/48
Signature Algorithm: sha256WithRSAEncryption
0a:d2:5b:bc:84:88:30:1c:11:9b:f3:54:4f:a5:e8:57:19:8a:
90:6e:c8:8a:86:39:80:78:a3:e2:30:e2:be:14:4a:14:6a:e0:
83:7a:16:b2:6f:e2:77:b6:50:bf:05:7b:c9:67:b2:6e:02:7d:
b4:2a:d1:8f:13:3d:f2:e1:cc:91:4a:51:46:8e:05:78:92:77:
ed:ad:b0:8c:85:c2:8d:59:7c:3b:7a:a6:df:bb:57:47:78:80:
1f:c7:6e:72:f0:6d:8b:00:82:1d:24:9c:4f:72:e7:cb:9e:92:
2d:2a:58:9d:f4:28:1e:a1:4a:26:a6:59:09:b2:e9:b3:1e:ee:
83:34:eb:95:ce:b1:71:c5:fa:64:6c:c1:3a:17:36:c3:d2:d8:
19:ee:b6:56:05:47:eb:ab:c8:d1:04:e3:b5:58:7c:e1:9f:3f:
5a:14:91:60:c2:50:7c:bc:59:4f:a5:e7:55:57:dc:bc:a4:81:
3e:7c:65:b3:20:9e:55:fa:d5:07:91:e4:93:ef:9b:ca:fd:25:
5a:d6:a0:21:a9:f9:5d:63:69:2d:d7:7f:85:3d:ec:f2:37:57:
18:aa:5b:f9:ee:63:ff:1c:70:1e:e3:38:f9:8e:c5:8a:78:d1:
16:1f:a2:42:5e:bb:25:59:a6:a7:14:79:0e:ed:72:0c:98:38:
27:b5:49:22
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISAZKfzrXEEPvqAdxfzwDPgitJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQxMDE4MTMyNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODBhNTM3ZDk3OGMyYTk1ZDljODBhNTIzN2YxMzI0NmJkMTY0YzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxEZEI2zHncPRzHD/u/eyhQyAAo8
Ue6T8CtcNuz2qi/fvmcJKy4Kq3CDkj9+sKR9DeqLFySeXpsQgezbN0TICwl+AebP
vO04K/loku0UDlKF5aOK9syecwxx28ek5/fh81M+xaXsWWk9NtPH2y6Md0C2v+FK
xqjNKLF+58EMtYD4qxybOz6vMtDpzfxv4fwO7R09yQyIs/+ylKp5sX8RZhyjSf6T
mLRfUgx9g2btcQ9bH2T6QAgcBxJrpE4PsRISb4n4pzd6hPKXOb5Rlb4RnZ/AVE3f
6ZGD9K5b3Zj8R6J6OKc071KHpiPlFqu0NxQyzsA3O9cMOdMNA4iMF3FLpwIDAQAB
o4IDDDCCAwgwHQYDVR0OBBYEFJgKU32XjCqV2cgKUjfxMka9FkwVMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvbUFwVGZaZU1LcFhaeUFwU05fRXlScjBXVEJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIAYIKwYBBQUHAQcBAf8EggEPMIIBCzCBwQQCAAEwgboD
BAAtCUgDBAAtikkDBAAuEWkDBAJQTCADBABb2UwDBAFcdggDBAFejogwDAMEAF/W
CQMEAl/WCAMEALkoBwMEALk6zAMEAblepAMEALlmiAMEArln/AMEALlwUQMEAbly
SAMEALl1dAMEALl1dwMEALnIvgMEAbnoqjAMAwQEuelQAwQAuelSAwQBuenKAwQA
ufyQAwQBwXy2MAwDBALBfLwDBADBfL4DBAHB76ADBAHB76YDBAHCJLIwRQQCAAIw
PwMHACoEUgAAaAMHACoEUgEAAgMHACoEUgEABAMHASoEUgEABgMHACoEUgEACQMH
ACoEUgEAEAMHACoEUgGAGDANBgkqhkiG9w0BAQsFAAOCAQEACtJbvISIMBwRm/NU
T6XoVxmKkG7IioY5gHij4jDivhRKFGrgg3oWsm/id7ZQvwV7yWeybgJ9tCrRjxM9
8uHMkUpRRo4FeJJ37a2wjIXCjVl8O3qm37tXR3iAH8ducvBtiwCCHSScT3Lny56S
LSpYnfQoHqFKJqZZCbLpsx7ugzTrlc6xccX6ZGzBOhc2w9LYGe62VgVH66vI0QTj
tVh84Z8/WhSRYMJQfLxZT6XnVVfcvKSBPnxlsyCeVfrVB5Hkk++byv0lWtagIan5
XWNpLdd/hT3s8jdXGKpb+e5j/xxwHuM4+Y7FinjRFh+iQl67JVmmpxR5Du1yDJg4
J7VJIg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:33:24 2024 by rpki-client on console-fra.rpki-client.org