Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/wbXhMKzENi5zRqOPyYc8wYfOYR0.roa
File: wbXhMKzENi5zRqOPyYc8wYfOYR0.roa (raw, json)
Hash identifier: 1Qg6Bwi0Ej3fti3LmKtf+DPwk5NBBoTNl15M0T44xe0=
Subject key identifier: C1:B5:E1:30:AC:C4:36:2E:73:46:A3:8F:C9:87:3C:C1:87:CE:61:1D
Certificate issuer: /CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Certificate serial: 018CC5DC4C191E5BAD884454BE6B08DD6FCE
Authority key identifier: 99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/wbXhMKzENi5zRqOPyYc8wYfOYR0.roa
Signing time: Mon 01 Jan 2024 16:29:58 +0000
ROA not before: Mon 01 Jan 2024 16:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16333
IP address blocks: 185.2.188.0/22 maxlen: 22
217.16.64.0/19 maxlen: 19
217.16.64.0/20 maxlen: 20
217.16.80.0/20 maxlen: 20
217.16.88.0/22 maxlen: 22
217.16.87.0/24 maxlen: 24
212.110.80.0/21 maxlen: 21
212.110.88.0/22 maxlen: 22
146.255.69.0/24 maxlen: 24
146.255.86.0/24 maxlen: 24
185.80.164.0/22 maxlen: 22
185.100.244.0/22 maxlen: 22
85.30.64.0/19 maxlen: 19
85.30.64.0/21 maxlen: 21
85.30.64.0/18 maxlen: 18
85.30.72.0/22 maxlen: 22
78.157.4.0/24 maxlen: 24
78.157.3.0/24 maxlen: 24
78.157.2.0/24 maxlen: 24
78.157.1.0/24 maxlen: 24
78.157.0.0/24 maxlen: 24
78.157.10.0/24 maxlen: 24
78.157.9.0/24 maxlen: 24
78.157.8.0/24 maxlen: 24
78.157.7.0/24 maxlen: 24
78.157.6.0/24 maxlen: 24
78.157.5.0/24 maxlen: 24
109.69.40.0/21 maxlen: 21
79.126.128.0/18 maxlen: 18
79.126.128.0/17 maxlen: 17
5.32.178.0/23 maxlen: 23
185.89.244.0/22 maxlen: 22
5.32.180.0/24 maxlen: 24
5.32.182.0/24 maxlen: 24
212.110.64.0/23 maxlen: 23
79.126.192.0/18 maxlen: 18
78.157.24.0/24 maxlen: 24
78.157.23.0/24 maxlen: 24
78.157.22.0/24 maxlen: 24
78.157.21.0/24 maxlen: 24
78.157.20.0/24 maxlen: 24
78.157.31.0/24 maxlen: 24
78.157.30.0/24 maxlen: 24
78.157.29.0/24 maxlen: 24
78.157.28.0/24 maxlen: 24
78.157.27.0/24 maxlen: 24
78.157.26.0/24 maxlen: 24
78.157.25.0/24 maxlen: 24
31.11.68.0/22 maxlen: 22
31.11.64.0/18 maxlen: 19
31.11.72.0/21 maxlen: 21
31.11.80.0/21 maxlen: 21
31.11.88.0/21 maxlen: 21
185.5.4.0/22 maxlen: 22
89.31.152.0/21 maxlen: 21
31.11.96.0/21 maxlen: 21
31.11.104.0/21 maxlen: 21
31.11.112.0/21 maxlen: 21
217.196.192.0/20 maxlen: 20
31.11.120.0/21 maxlen: 21
212.158.176.0/20 maxlen: 24
85.30.80.0/22 maxlen: 22
85.30.92.0/22 maxlen: 22
85.30.96.0/19 maxlen: 19
85.30.96.0/22 maxlen: 22
85.30.101.0/24 maxlen: 24
85.30.104.0/22 maxlen: 22
85.30.112.0/24 maxlen: 24
85.30.110.0/24 maxlen: 24
85.30.120.0/21 maxlen: 21
85.30.119.0/24 maxlen: 24
95.128.186.0/24 maxlen: 24
2a01:5b8::/29 maxlen: 29
2a01:5b8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 13:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:4c:19:1e:5b:ad:88:44:54:be:6b:08:dd:6f:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Validity
Not Before: Jan 1 16:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1b5e130acc4362e7346a38fc9873cc187ce611d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0b:08:1b:12:8c:a0:6b:82:d5:e2:d7:7a:82:
ff:2d:b8:b9:57:c5:15:a1:79:d2:59:6c:fc:e1:b7:
bb:80:0a:a0:6d:44:13:bd:26:82:8e:11:3d:81:1a:
a7:bc:00:f9:88:c0:d5:d6:8f:10:3a:20:20:f0:60:
2f:95:18:23:b1:c0:75:e5:8c:bb:5a:d0:1e:0c:46:
73:5d:a3:87:8b:17:47:46:a1:2b:9b:61:53:e6:b8:
5d:f3:6e:88:98:a0:fa:b8:37:27:cd:df:ff:bc:d8:
68:4a:0c:ac:d7:9c:af:5d:f0:4b:0e:08:9f:6a:10:
09:09:6f:b0:18:bc:d9:ec:27:ae:01:87:a9:cd:38:
29:0c:bd:79:4b:2e:36:d9:fb:a5:31:aa:0f:9b:7f:
3f:fb:0f:71:a7:00:10:30:38:ab:7a:c0:14:00:1b:
5c:b4:bf:08:85:a1:07:25:98:e8:8e:9b:19:35:79:
e5:7f:e0:4d:42:e6:a0:2e:2d:3a:41:b6:a2:a5:27:
4f:74:08:b7:79:49:70:6e:53:e2:3b:9b:81:ad:cf:
50:c0:67:1e:28:bc:90:bb:14:06:4e:3e:e1:31:a2:
0b:4e:d7:15:23:46:dc:36:5a:ae:87:4f:ae:24:d9:
fb:9b:b6:73:d5:58:1b:1b:26:c4:aa:ed:60:cd:2a:
88:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:B5:E1:30:AC:C4:36:2E:73:46:A3:8F:C9:87:3C:C1:87:CE:61:1D
X509v3 Authority Key Identifier:
keyid:99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/wbXhMKzENi5zRqOPyYc8wYfOYR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.178.0-5.32.180.255
5.32.182.0/24
31.11.64.0/18
78.157.0.0-78.157.10.255
78.157.20.0-78.157.31.255
79.126.128.0/17
85.30.64.0/18
89.31.152.0/21
95.128.186.0/24
109.69.40.0/21
146.255.69.0/24
146.255.86.0/24
185.2.188.0/22
185.5.4.0/22
185.80.164.0/22
185.89.244.0/22
185.100.244.0/22
212.110.64.0/23
212.110.80.0-212.110.91.255
212.158.176.0/20
217.16.64.0/19
217.196.192.0/20
IPv6:
2a01:5b8::/29
Signature Algorithm: sha256WithRSAEncryption
49:10:72:cd:8d:04:e0:8b:d4:7a:87:09:5e:91:5f:a3:bc:25:
4f:ed:08:b7:9a:ee:42:b1:19:03:4e:fb:02:d7:91:80:50:85:
21:fc:e9:1f:51:86:b9:94:2d:d9:af:87:f1:41:e4:9e:51:c7:
75:8d:28:31:f5:5b:fe:3c:91:11:13:eb:12:3f:27:0e:59:8f:
5e:f9:3c:8e:ec:5d:57:1d:ef:1c:06:9e:49:17:e9:0c:c4:92:
c6:ad:58:cf:be:1d:88:bd:0b:d4:ec:20:ad:c0:55:7e:d4:d4:
64:ef:f5:85:c6:17:08:0b:78:cc:67:40:60:73:d0:f8:a9:ec:
39:39:ba:7b:bf:e9:d5:c2:64:cb:35:d4:85:a3:41:b8:15:1f:
fc:68:88:2b:91:da:9d:45:a3:d7:46:e7:05:5f:b5:6e:79:35:
f7:57:15:ba:a7:cb:7e:9d:34:e6:52:e6:83:28:c8:dd:69:8e:
f9:b7:ee:4f:2b:bc:2d:40:8c:37:b1:0f:dd:73:5a:43:25:0c:
cc:14:4a:99:49:12:06:0b:1a:96:89:07:0d:e6:37:5b:80:0f:
0e:4e:f4:68:96:8d:c8:bc:4e:19:ee:5b:69:c7:44:3d:4f:1c:
4f:90:0e:13:1a:cf:4a:08:84:b9:9c:62:ba:71:55:74:3a:91:
c9:38:de:d6
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYzF3EwZHlutiERUvmsI3W/OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZTcyMDlhOGM5YjE3NmZiZjYyM2VkZjNlZTBiODIwMDdm
YzJjNDAwHhcNMjQwMTAxMTYyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWI1ZTEzMGFjYzQzNjJlNzM0NmEzOGZjOTg3M2NjMTg3Y2U2MTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwsIGxKMoGuC1eLXeoL/Lbi5V8UV
oXnSWWz84be7gAqgbUQTvSaCjhE9gRqnvAD5iMDV1o8QOiAg8GAvlRgjscB15Yy7
WtAeDEZzXaOHixdHRqErm2FT5rhd826ImKD6uDcnzd//vNhoSgys15yvXfBLDgif
ahAJCW+wGLzZ7CeuAYepzTgpDL15Sy422fulMaoPm38/+w9xpwAQMDiresAUABtc
tL8IhaEHJZjojpsZNXnlf+BNQuagLi06QbaipSdPdAi3eUlwblPiO5uBrc9QwGce
KLyQuxQGTj7hMaILTtcVI0bcNlquh0+uJNn7m7Zz1VgbGybEqu1gzSqIHwIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFMG14TCsxDYuc0ajj8mHPMGHzmEdMB8GA1UdIwQY
MBaAFJnnIJqMmxdvv2I+3z7guCAH/CxAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUt
YjJkY2MxODYzZThiLzEvd2JYaE1LekVOaTV6UnFPUHlZYzh3WWZPWVIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUtYjJkY2MxODYzZThi
LzEvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBqgQCAAEwgaMwDAME
AQUgsgMEAAUgtAMEAAUgtgMEBh8LQDALAwMATp0DBABOnQowDAMEAk6dFAMEBU6d
AAMEB09+gAMEBlUeQAMEA1kfmAMEAF+AugMEA21FKAMEAJL/RQMEAJL/VgMEArkC
vAMEArkFBAMEArlQpAMEArlZ9AMEArlk9AMEAdRuQDAMAwQE1G5QAwQC1G5YAwQE
1J6wAwQF2RBAAwQE2cTAMA0EAgACMAcDBQMqAQW4MA0GCSqGSIb3DQEBCwUAA4IB
AQBJEHLNjQTgi9R6hwlekV+jvCVP7Qi3mu5CsRkDTvsC15GAUIUh/OkfUYa5lC3Z
r4fxQeSeUcd1jSgx9Vv+PJERE+sSPycOWY9e+TyO7F1XHe8cBp5JF+kMxJLGrVjP
vh2IvQvU7CCtwFV+1NRk7/WFxhcIC3jMZ0Bgc9D4qew5Obp7v+nVwmTLNdSFo0G4
FR/8aIgrkdqdRaPXRucFX7VueTX3VxW6p8t+nTTmUuaDKMjdaY75t+5PK7wtQIw3
sQ/dc1pDJQzMFEqZSRIGCxqWiQcN5jdbgA8OTvRolo3IvE4Z7ltpx0Q9TxxPkA4T
Gs9KCIS5nGK6cVV0OpHJON7W
-----END CERTIFICATE-----
Generated at Mon Jul 1 16:13:02 2024 by rpki-client on console-ams.rpki-client.org