Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/lqJVjFrexAi2CzGc5wsulYOrR2Y.roa
File: lqJVjFrexAi2CzGc5wsulYOrR2Y.roa (raw, json)
Hash identifier: RlIXFD1nvFqs7HBSORllB0yCzwTIWo5BGVqovDSvpR4=
Subject key identifier: 96:A2:55:8C:5A:DE:C4:08:B6:0B:31:9C:E7:0B:2E:95:83:AB:47:66
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 0192E1AFDA7662E0644756B81D08F90BA0ED
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/lqJVjFrexAi2CzGc5wsulYOrR2Y.roa
Signing time: Thu 31 Oct 2024 08:27:31 +0000
ROA not before: Thu 31 Oct 2024 08:27:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31122
IP address blocks: 37.46.16.0/21 maxlen: 21
46.183.104.0/23 maxlen: 23
78.137.128.0/18 maxlen: 18
78.143.128.0/18 maxlen: 18
80.93.16.0/20 maxlen: 20
83.147.128.0/18 maxlen: 18
84.203.0.0/16 maxlen: 16
89.16.64.0/19 maxlen: 19
89.184.32.0/22 maxlen: 22
89.184.40.0/21 maxlen: 21
89.184.48.0/21 maxlen: 21
89.184.56.0/23 maxlen: 23
89.234.64.0/18 maxlen: 18
91.142.96.0/20 maxlen: 20
92.51.192.0/19 maxlen: 19
92.51.208.0/20 maxlen: 20
92.51.240.0/21 maxlen: 21
93.92.8.0/21 maxlen: 21
94.247.48.0/21 maxlen: 21
109.106.96.0/20 maxlen: 20
109.106.112.0/21 maxlen: 21
109.106.124.0/22 maxlen: 22
176.52.216.0/22 maxlen: 22
176.52.220.0/23 maxlen: 23
185.47.144.0/22 maxlen: 22
185.53.32.0/24 maxlen: 24
185.53.35.0/24 maxlen: 24
185.182.72.0/22 maxlen: 22
185.205.228.0/22 maxlen: 22
185.233.176.0/22 maxlen: 22
185.242.236.0/23 maxlen: 23
212.126.32.0/19 maxlen: 19
212.126.60.0/22 maxlen: 22
217.78.0.0/20 maxlen: 20
2a00:15b8::/32 maxlen: 32
2a00:15b8:400::/40 maxlen: 40
2a01:258::/32 maxlen: 32
2a01:8aa0::/32 maxlen: 32
2a02:220::/32 maxlen: 32
2a0a:e780::/29 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e1:af:da:76:62:e0:64:47:56:b8:1d:08:f9:0b:a0:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Oct 31 08:27:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96a2558c5adec408b60b319ce70b2e9583ab4766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:dd:da:31:e2:d9:d8:c8:9d:03:56:38:b6:4a:
2a:60:09:29:72:67:f4:ed:6f:b5:a5:8b:31:7f:42:
35:e6:5d:a1:31:05:6d:7b:75:5f:df:cd:f3:56:b0:
f3:f8:5c:a4:e2:1e:d6:2c:bf:cf:e9:83:fa:29:19:
98:7e:23:45:10:54:24:c3:1f:13:95:68:ef:0d:cb:
2e:8c:a2:84:75:b3:90:04:89:08:29:f3:99:2e:f8:
e7:0b:ec:a6:0e:5e:55:6f:e9:1a:7c:77:4f:d6:26:
a5:6f:67:49:2b:53:16:7a:27:6f:dd:2e:17:66:5a:
04:52:21:67:de:a5:1e:a1:f7:86:53:bc:51:3e:0b:
c8:9a:c6:11:a1:d9:03:4c:f9:3d:5c:a3:2b:a6:1d:
7e:c6:4b:7b:a3:d7:95:7c:65:2b:a1:0d:09:10:e6:
9a:4b:f1:b8:35:3a:3e:78:d7:4a:f5:c9:d1:ac:ad:
48:61:17:cf:6a:4f:6c:ca:9b:b9:72:d5:27:1c:11:
c7:b2:16:a7:68:2e:09:02:25:6c:22:8b:e0:8a:d2:
14:ff:0c:04:5d:00:c4:4a:52:60:1d:79:d0:76:52:
b2:b9:16:5d:2e:e9:0a:07:15:73:dc:19:75:9f:52:
71:2c:c1:fe:10:00:4e:39:3c:bd:81:fb:7b:fd:a9:
64:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A2:55:8C:5A:DE:C4:08:B6:0B:31:9C:E7:0B:2E:95:83:AB:47:66
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/lqJVjFrexAi2CzGc5wsulYOrR2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.16.0/21
46.183.104.0/23
78.137.128.0/18
78.143.128.0/18
80.93.16.0/20
83.147.128.0/18
84.203.0.0/16
89.16.64.0/19
89.184.32.0/22
89.184.40.0-89.184.57.255
89.234.64.0/18
91.142.96.0/20
92.51.192.0/19
92.51.240.0/21
93.92.8.0/21
94.247.48.0/21
109.106.96.0-109.106.119.255
109.106.124.0/22
176.52.216.0-176.52.221.255
185.47.144.0/22
185.53.32.0/24
185.53.35.0/24
185.182.72.0/22
185.205.228.0/22
185.233.176.0/22
185.242.236.0/23
212.126.32.0/19
217.78.0.0/20
IPv6:
2a00:15b8::/32
2a01:258::/32
2a01:8aa0::/32
2a02:220::/32
2a0a:e780::/29
Signature Algorithm: sha256WithRSAEncryption
1e:84:f2:e7:c7:17:b9:8a:b8:13:98:48:99:fb:46:e6:c1:24:
70:04:43:6d:3a:0a:43:b6:6d:36:6b:3c:ac:72:94:b4:e6:23:
6b:bf:b0:1a:91:1e:fc:87:f1:04:56:b3:dd:92:7f:ab:40:33:
c2:d3:ec:e3:24:58:5b:95:cd:fe:c1:60:28:aa:5e:b5:cc:db:
35:d8:1e:a7:23:22:54:c1:74:ba:f1:3c:ec:61:60:4f:f7:eb:
37:48:73:f2:d2:7f:53:70:f5:f7:b3:6b:b1:60:b3:e0:ba:1e:
22:82:8f:24:1c:59:3e:06:aa:0a:7d:7b:79:1b:6e:68:36:2c:
1a:95:da:61:5c:8d:a3:55:df:69:6f:aa:fc:8a:96:c4:82:cc:
c7:29:11:50:a2:0b:4e:a1:9c:f6:c4:5c:59:20:05:4e:b1:74:
a7:e6:da:08:05:4a:fd:5c:a4:52:77:f9:c7:9f:3b:3e:d3:61:
fd:97:0c:de:c5:42:9e:b5:4f:a7:44:31:24:5a:a5:95:76:4c:
55:72:8d:dd:7a:18:ca:c7:24:3a:06:c7:fd:b8:43:0d:63:1b:
a1:11:35:72:ba:76:07:22:87:3d:51:a6:58:f1:dd:14:10:9a:
c8:01:24:53:be:47:58:49:87:0f:3d:7d:b3:e6:3d:35:d8:4b:
eb:15:f5:56
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAZLhr9p2YuBkR1a4HQj5C6DtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjQxMDMxMDgyNzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmEyNTU4YzVhZGVjNDA4YjYwYjMxOWNlNzBiMmU5NTgzYWI0NzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN3aMeLZ2MidA1Y4tkoqYAkpcmf0
7W+1pYsxf0I15l2hMQVte3Vf383zVrDz+Fyk4h7WLL/P6YP6KRmYfiNFEFQkwx8T
lWjvDcsujKKEdbOQBIkIKfOZLvjnC+ymDl5Vb+kafHdP1ialb2dJK1MWeidv3S4X
ZloEUiFn3qUeofeGU7xRPgvImsYRodkDTPk9XKMrph1+xkt7o9eVfGUroQ0JEOaa
S/G4NTo+eNdK9cnRrK1IYRfPak9sypu5ctUnHBHHshanaC4JAiVsIovgitIU/wwE
XQDESlJgHXnQdlKyuRZdLukKBxVz3Bl1n1JxLMH+EABOOTy9gft7/alkeQIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFJaiVYxa3sQItgsxnOcLLpWDq0dmMB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvbHFKVmpGcmV4QWkyQ3pHYzV3c3VsWU9yUjJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgcYEAgABMIG/AwQD
JS4QAwQBLrdoAwQGTomAAwQGTo+AAwQEUF0QAwQGU5OAAwMAVMsDBAVZEEADBAJZ
uCAwDAMEA1m4KAMEAVm4OAMEBlnqQAMEBFuOYAMEBVwzwAMEA1wz8AMEA11cCAME
A173MDAMAwQFbWpgAwQDbWpwAwQCbWp8MAwDBAOwNNgDBAGwNNwDBAK5L5ADBAC5
NSADBAC5NSMDBAK5tkgDBAK5zeQDBAK56bADBAG58uwDBAXUfiADBATZTgAwKQQC
AAIwIwMFACoAFbgDBQAqAQJYAwUAKgGKoAMFACoCAiADBQMqCueAMA0GCSqGSIb3
DQEBCwUAA4IBAQAehPLnxxe5irgTmEiZ+0bmwSRwBENtOgpDtm02azyscpS05iNr
v7AakR78h/EEVrPdkn+rQDPC0+zjJFhblc3+wWAoql61zNs12B6nIyJUwXS68Tzs
YWBP9+s3SHPy0n9TcPX3s2uxYLPguh4igo8kHFk+BqoKfXt5G25oNiwaldphXI2j
Vd9pb6r8ipbEgszHKRFQogtOoZz2xFxZIAVOsXSn5toIBUr9XKRSd/nHnzs+02H9
lwzexUKetU+nRDEkWqWVdkxVco3dehjKxyQ6Bsf9uEMNYxuhETVyunYHIoc9UaZY
8d0UEJrIASRTvkdYSYcPPX2z5j012EvrFfVW
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:24:37 2024 by rpki-client on console-fra.rpki-client.org