Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/1-pOo3cfmCltZlg91MIGTVuNTLuA.roa
File: 1-pOo3cfmCltZlg91MIGTVuNTLuA.roa (raw, json)
Hash identifier: HwqDaaGGHXTVd1MTQ0rcHuxsPOkaaV6qLGwXjWnU9AY=
Subject key identifier: FA:93:A8:DD:C7:E6:0A:5B:59:96:0F:75:30:81:93:56:E3:53:2E:E0
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 018DC82F556BF4C9821E440682A4AA2FD7E6
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/1-pOo3cfmCltZlg91MIGTVuNTLuA.roa
Signing time: Tue 20 Feb 2024 20:22:41 +0000
ROA not before: Tue 20 Feb 2024 20:22:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16347
IP address blocks: 5.182.252.0/22 maxlen: 24
37.18.160.0/20 maxlen: 24
37.58.128.0/17 maxlen: 24
45.142.172.0/22 maxlen: 24
45.145.124.0/22 maxlen: 24
46.20.160.0/20 maxlen: 24
62.102.224.0/19 maxlen: 24
79.98.96.0/21 maxlen: 24
81.22.216.0/21 maxlen: 24
91.103.232.0/21 maxlen: 24
91.206.156.0/23 maxlen: 24
91.217.94.0/23 maxlen: 24
91.229.230.0/23 maxlen: 24
92.61.72.0/21 maxlen: 24
94.127.8.0/21 maxlen: 24
103.77.32.0/22 maxlen: 24
103.229.36.0/23 maxlen: 24
103.232.172.0/22 maxlen: 24
109.69.192.0/21 maxlen: 24
109.237.240.0/20 maxlen: 24
128.127.128.0/20 maxlen: 24
146.247.88.0/21 maxlen: 24
149.255.136.0/21 maxlen: 24
149.255.136.0/22 maxlen: 24
178.249.160.0/21 maxlen: 24
185.15.128.0/22 maxlen: 24
185.42.132.0/22 maxlen: 24
185.65.224.0/22 maxlen: 24
185.67.88.0/22 maxlen: 24
185.79.148.0/22 maxlen: 24
185.90.96.0/22 maxlen: 24
185.95.120.0/22 maxlen: 24
185.149.8.0/22 maxlen: 24
185.172.16.0/22 maxlen: 24
185.196.248.0/22 maxlen: 24
185.204.140.0/22 maxlen: 24
185.208.248.0/22 maxlen: 24
188.66.56.0/22 maxlen: 24
193.27.194.0/23 maxlen: 24
193.108.197.0/24 maxlen: 24
194.177.32.0/19 maxlen: 24
195.214.240.0/21 maxlen: 24
212.51.160.0/19 maxlen: 24
213.108.64.0/21 maxlen: 24
213.151.166.0/24 maxlen: 24
213.151.168.0/23 maxlen: 24
213.151.171.0/24 maxlen: 24
213.151.172.0/23 maxlen: 24
213.151.174.0/24 maxlen: 24
213.151.175.0/24 maxlen: 24
2a01:6d8::/32 maxlen: 32
2a01:728::/29 maxlen: 48
2a03:4c00::/29 maxlen: 48
2a03:bf40::/32 maxlen: 32
2a05:df00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c8:2f:55:6b:f4:c9:82:1e:44:06:82:a4:aa:2f:d7:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Feb 20 20:22:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa93a8ddc7e60a5b59960f7530819356e3532ee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:00:4e:61:27:ed:37:02:58:0e:a8:ff:f0:9e:
98:11:ab:66:b3:32:47:dd:08:b1:2f:67:c2:53:30:
3d:12:47:d7:8e:99:87:b0:2f:f9:25:1a:24:2f:38:
84:97:56:f7:f3:4f:6b:04:51:9d:ed:c2:3f:d1:2e:
8e:a2:c9:a2:47:a5:e1:32:2d:db:b4:c3:00:28:5c:
98:31:d3:04:21:c3:48:e8:b5:f6:61:8f:a4:a2:ba:
5f:48:d8:15:6e:73:6b:72:3a:e5:fd:f2:e0:d0:e9:
ff:02:5f:57:da:c5:22:51:b4:f3:28:dd:e2:87:53:
64:0e:01:e0:39:ec:8f:0e:e9:44:97:9f:ed:56:e4:
1b:12:45:2f:e9:5e:79:12:98:ae:26:dd:31:0c:8e:
5b:e3:ab:d2:28:a0:be:59:9f:07:41:ce:c4:3a:22:
42:73:07:f7:b0:eb:08:a2:15:79:6d:8d:dc:5f:51:
b1:4b:a2:2d:e6:2a:dc:2e:b6:ed:43:eb:78:dc:71:
a6:f1:f4:91:51:da:c4:40:32:af:ad:c3:a9:3f:ea:
78:d6:be:de:71:2f:b1:2f:49:98:63:54:49:7a:f2:
d1:a3:0c:45:f2:0d:b7:2b:01:f0:98:1e:63:00:b3:
41:04:54:77:85:8e:47:c1:06:8e:b9:46:5c:f8:23:
1c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:93:A8:DD:C7:E6:0A:5B:59:96:0F:75:30:81:93:56:E3:53:2E:E0
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/1-pOo3cfmCltZlg91MIGTVuNTLuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.252.0/22
37.18.160.0/20
37.58.128.0/17
45.142.172.0/22
45.145.124.0/22
46.20.160.0/20
62.102.224.0/19
79.98.96.0/21
81.22.216.0/21
91.103.232.0/21
91.206.156.0/23
91.217.94.0/23
91.229.230.0/23
92.61.72.0/21
94.127.8.0/21
103.77.32.0/22
103.229.36.0/23
103.232.172.0/22
109.69.192.0/21
109.237.240.0/20
128.127.128.0/20
146.247.88.0/21
149.255.136.0/21
178.249.160.0/21
185.15.128.0/22
185.42.132.0/22
185.65.224.0/22
185.67.88.0/22
185.79.148.0/22
185.90.96.0/22
185.95.120.0/22
185.149.8.0/22
185.172.16.0/22
185.196.248.0/22
185.204.140.0/22
185.208.248.0/22
188.66.56.0/22
193.27.194.0/23
193.108.197.0/24
194.177.32.0/19
195.214.240.0/21
212.51.160.0/19
213.108.64.0/21
213.151.166.0/24
213.151.168.0/23
213.151.171.0-213.151.175.255
IPv6:
2a01:6d8::/32
2a01:728::/29
2a03:4c00::/29
2a03:bf40::/32
2a05:df00::/29
Signature Algorithm: sha256WithRSAEncryption
06:28:d1:02:bf:cc:0f:98:98:01:5c:d8:1c:ca:90:12:eb:7d:
c9:8b:44:ac:88:a4:61:74:68:05:c9:39:11:30:c5:26:b0:d3:
f2:90:77:35:16:ee:02:91:33:08:86:1a:9d:73:af:b2:c9:bc:
21:04:21:29:b9:bd:3b:7c:7e:26:5a:62:dd:4c:98:ed:35:c2:
bd:c2:74:d9:1c:73:5e:83:c9:1c:ea:f4:11:06:d8:6f:f7:a8:
d0:f4:f3:12:57:f1:7e:a5:31:ba:8a:64:e2:13:e4:d8:0f:50:
e3:40:90:30:d6:9d:48:ae:fc:a8:3a:08:5d:a7:f9:17:b8:37:
6d:b7:62:85:31:41:92:20:d0:c2:1d:05:ad:58:e9:be:58:41:
86:a5:f6:d1:ca:6b:3c:e9:e9:25:6d:a8:a3:31:0b:c4:ce:b6:
0d:d7:df:53:15:be:2b:b3:fa:43:92:ff:66:3f:44:6f:c8:86:
80:f0:97:de:bb:a9:5e:a2:40:8e:c8:44:a6:9a:81:da:03:08:
5f:e8:73:60:7f:73:50:1b:1d:9f:d4:b1:ea:d1:82:a6:98:b6:
3c:a0:22:b7:1c:00:9d:5a:b1:58:f5:02:b0:7b:97:4a:b1:f7:
3d:d8:77:6c:56:de:2e:7d:eb:10:c3:6b:38:48:f0:83:ff:d9:
72:59:14:37
-----BEGIN CERTIFICATE-----
MIIGSTCCBTGgAwIBAgISAY3IL1Vr9MmCHkQGgqSqL9fmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjQwMjIwMjAyMjQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTkzYThkZGM3ZTYwYTViNTk5NjBmNzUzMDgxOTM1NmUzNTMyZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgBOYSftNwJYDqj/8J6YEatmszJH
3QixL2fCUzA9EkfXjpmHsC/5JRokLziEl1b3809rBFGd7cI/0S6OosmiR6XhMi3b
tMMAKFyYMdMEIcNI6LX2YY+korpfSNgVbnNrcjrl/fLg0On/Al9X2sUiUbTzKN3i
h1NkDgHgOeyPDulEl5/tVuQbEkUv6V55EpiuJt0xDI5b46vSKKC+WZ8HQc7EOiJC
cwf3sOsIohV5bY3cX1GxS6It5ircLrbtQ+t43HGm8fSRUdrEQDKvrcOpP+p41r7e
cS+xL0mYY1RJevLRowxF8g23KwHwmB5jALNBBFR3hY5HwQaOuUZc+CMczQIDAQAB
o4IDVTCCA1EwHQYDVR0OBBYEFPqTqN3H5gpbWZYPdTCBk1bjUy7gMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvMS1wT28zY2ZtQ2x0WmxnOTFNSUdUVnVOVEx1QS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzkvNDA0OThlLWQxYzAtNDg0Yy1hYmNiLTYxZTdmNDBkNWRk
Ni8xL3JyODVUaThiSlJ5STJZaW9jV0VJUllCNGJ2VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAWgGCCsGAQUFBwEHAQH/BIIBVzCCAVMwggEkBAIAATCC
ARwDBAIFtvwDBAQlEqADBAclOoADBAItjqwDBAItkXwDBAQuFKADBAU+ZuADBANP
YmADBANRFtgDBANbZ+gDBAFbzpwDBAFb2V4DBAFb5eYDBANcPUgDBANefwgDBAJn
TSADBAFn5SQDBAJn6KwDBANtRcADBARt7fADBASAf4ADBAOS91gDBAOV/4gDBAOy
+aADBAK5D4ADBAK5KoQDBAK5QeADBAK5Q1gDBAK5T5QDBAK5WmADBAK5X3gDBAK5
lQgDBAK5rBADBAK5xPgDBAK5zIwDBAK50PgDBAK8QjgDBAHBG8IDBADBbMUDBAXC
sSADBAPD1vADBAXUM6ADBAPVbEADBADVl6YDBAHVl6gwDAMEANWXqwMEBNWXoDAp
BAIAAjAjAwUAKgEG2AMFAyoBBygDBQMqA0wAAwUAKgO/QAMFAyoF3wAwDQYJKoZI
hvcNAQELBQADggEBAAYo0QK/zA+YmAFc2BzKkBLrfcmLRKyIpGF0aAXJOREwxSaw
0/KQdzUW7gKRMwiGGp1zr7LJvCEEISm5vTt8fiZaYt1MmO01wr3CdNkcc16DyRzq
9BEG2G/3qND08xJX8X6lMbqKZOIT5NgPUONAkDDWnUiu/Kg6CF2n+Re4N223YoUx
QZIg0MIdBa1Y6b5YQYal9tHKazzp6SVtqKMxC8TOtg3X31MVviuz+kOS/2Y/RG/I
hoDwl967qV6iQI7IRKaagdoDCF/oc2B/c1AbHZ/UserRgqaYtjygIrccAJ1asVj1
ArB7l0qx9z3Yd2xW3i596xDDazhI8IP/2XJZFDc=
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:21:15 2024 by rpki-client on console-fra.rpki-client.org