Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/48e1ae-90e8-4e42-af3d-5101be5dd615/1/G99cA0dJlbN6ZdXl-OVDwxMoum0.roa
File: G99cA0dJlbN6ZdXl-OVDwxMoum0.roa (raw, json)
Hash identifier: VjSrXoyOfWWbVE3uT7uHnypuZ1aB8+tV+yDZZTzxQl8=
Subject key identifier: 1B:DF:5C:03:47:49:95:B3:7A:65:D5:E5:F8:E5:43:C3:13:28:BA:6D
Certificate issuer: /CN=1fd5fef692b4c2d22bdd031fabfa7110b7b36e81
Certificate serial: 018CC8023EC71DB84C63DF39DA376AC19A6B
Authority key identifier: 1F:D5:FE:F6:92:B4:C2:D2:2B:DD:03:1F:AB:FA:71:10:B7:B3:6E:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9X-9pK0wtIr3QMfq_pxELezboE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/48e1ae-90e8-4e42-af3d-5101be5dd615/1/G99cA0dJlbN6ZdXl-OVDwxMoum0.roa
Signing time: Tue 02 Jan 2024 02:30:39 +0000
ROA not before: Tue 02 Jan 2024 02:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16086
IP address blocks: 87.100.128.0/17 maxlen: 17
85.23.0.0/16 maxlen: 16
62.241.192.0/18 maxlen: 18
37.130.160.0/19 maxlen: 19
212.90.64.0/19 maxlen: 19
37.33.0.0/16 maxlen: 16
159.255.224.0/19 maxlen: 19
213.141.96.0/19 maxlen: 19
188.94.64.0/21 maxlen: 21
212.50.128.0/19 maxlen: 19
85.131.0.0/17 maxlen: 17
188.67.0.0/16 maxlen: 16
193.143.94.0/23 maxlen: 23
193.143.93.0/24 maxlen: 24
176.93.0.0/16 maxlen: 16
212.86.0.0/19 maxlen: 19
193.143.70.0/23 maxlen: 23
193.143.73.0/24 maxlen: 24
193.143.80.0/21 maxlen: 21
193.143.79.0/24 maxlen: 24
193.143.91.0/24 maxlen: 24
193.143.88.0/23 maxlen: 23
83.100.0.0/17 maxlen: 17
185.15.212.0/22 maxlen: 22
194.100.0.0/16 maxlen: 16
62.113.160.0/19 maxlen: 19
82.181.0.0/16 maxlen: 16
62.197.160.0/19 maxlen: 19
178.55.0.0/16 maxlen: 16
84.253.192.0/18 maxlen: 18
212.146.0.0/18 maxlen: 18
87.92.0.0/14 maxlen: 14
213.216.192.0/18 maxlen: 18
62.78.96.0/19 maxlen: 19
83.102.0.0/17 maxlen: 17
89.166.0.0/17 maxlen: 17
213.243.128.0/18 maxlen: 18
62.44.192.0/18 maxlen: 18
62.78.128.0/17 maxlen: 17
213.139.160.0/19 maxlen: 19
213.186.224.0/19 maxlen: 19
213.186.224.0/24 maxlen: 24
62.183.128.0/17 maxlen: 17
217.78.192.0/19 maxlen: 19
212.149.128.0/17 maxlen: 17
37.136.0.0/16 maxlen: 16
82.203.128.0/17 maxlen: 17
178.75.128.0/18 maxlen: 18
109.108.0.0/19 maxlen: 19
62.236.0.0/15 maxlen: 15
88.148.128.0/17 maxlen: 17
78.27.64.0/18 maxlen: 18
81.175.128.0/17 maxlen: 17
195.10.128.0/18 maxlen: 18
192.107.200.0/21 maxlen: 21
80.64.0.0/20 maxlen: 20
192.107.208.0/20 maxlen: 20
89.27.0.0/17 maxlen: 17
37.219.0.0/16 maxlen: 16
192.107.224.0/21 maxlen: 21
91.145.64.0/18 maxlen: 18
62.165.128.0/18 maxlen: 18
82.128.128.0/17 maxlen: 17
2a01:a800::/29 maxlen: 29
2001:14b8::/29 maxlen: 29
2001:6e8::/29 maxlen: 29
2001:4078::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/48e1ae-90e8-4e42-af3d-5101be5dd615/1/H9X-9pK0wtIr3QMfq_pxELezboE.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/48e1ae-90e8-4e42-af3d-5101be5dd615/1/H9X-9pK0wtIr3QMfq_pxELezboE.mft
rsync://rpki.ripe.net/repository/DEFAULT/H9X-9pK0wtIr3QMfq_pxELezboE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:3e:c7:1d:b8:4c:63:df:39:da:37:6a:c1:9a:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd5fef692b4c2d22bdd031fabfa7110b7b36e81
Validity
Not Before: Jan 2 02:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bdf5c03474995b37a65d5e5f8e543c31328ba6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:47:8f:14:b2:7f:66:99:97:fb:11:d0:41:c9:
07:7b:33:82:de:03:2e:61:d7:0e:05:d7:bc:05:d2:
0e:7a:57:b5:53:43:6d:18:2e:61:10:2c:ad:0c:52:
c3:9b:c8:65:7d:3f:0a:49:d9:95:03:12:73:30:f7:
66:b4:a9:88:b6:2f:da:93:1c:c3:d1:17:4e:2f:2a:
8f:c5:36:67:c3:22:95:eb:be:8c:a4:a5:79:31:25:
29:1b:88:5f:37:89:e2:32:6c:12:53:64:6e:21:d4:
a1:4d:2a:a5:a9:e0:dd:16:0d:26:1e:d7:1b:3a:ed:
c9:cf:cc:79:0f:64:86:60:48:9e:83:7e:ec:34:7e:
45:72:d6:d4:80:01:2a:48:99:55:7b:ac:83:e6:69:
b5:0a:c6:d9:83:c7:91:92:07:17:3d:0a:0d:72:2b:
9f:e8:8f:1e:9b:d0:31:80:e4:af:75:6b:76:cc:2b:
d2:c6:41:a3:14:ce:df:b5:ca:3b:e8:39:bc:7f:14:
bc:b2:33:ce:ff:05:c9:d3:57:7d:a7:27:34:21:8b:
13:c3:c4:00:38:ea:83:63:cb:1a:0a:a0:eb:05:c2:
35:f9:26:36:a6:25:a1:b8:3d:f9:93:4f:c1:af:a9:
24:1f:67:a0:ec:ae:3c:f1:af:96:04:d5:f4:9a:c0:
87:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:DF:5C:03:47:49:95:B3:7A:65:D5:E5:F8:E5:43:C3:13:28:BA:6D
X509v3 Authority Key Identifier:
keyid:1F:D5:FE:F6:92:B4:C2:D2:2B:DD:03:1F:AB:FA:71:10:B7:B3:6E:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9X-9pK0wtIr3QMfq_pxELezboE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/48e1ae-90e8-4e42-af3d-5101be5dd615/1/G99cA0dJlbN6ZdXl-OVDwxMoum0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/48e1ae-90e8-4e42-af3d-5101be5dd615/1/H9X-9pK0wtIr3QMfq_pxELezboE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.33.0.0/16
37.130.160.0/19
37.136.0.0/16
37.219.0.0/16
62.44.192.0/18
62.78.96.0-62.78.255.255
62.113.160.0/19
62.165.128.0/18
62.183.128.0/17
62.197.160.0/19
62.236.0.0/15
62.241.192.0/18
78.27.64.0/18
80.64.0.0/20
81.175.128.0/17
82.128.128.0/17
82.181.0.0/16
82.203.128.0/17
83.100.0.0/17
83.102.0.0/17
84.253.192.0/18
85.23.0.0/16
85.131.0.0/17
87.92.0.0/14
87.100.128.0/17
88.148.128.0/17
89.27.0.0/17
89.166.0.0/17
91.145.64.0/18
109.108.0.0/19
159.255.224.0/19
176.93.0.0/16
178.55.0.0/16
178.75.128.0/18
185.15.212.0/22
188.67.0.0/16
188.94.64.0/21
192.107.200.0-192.107.231.255
193.143.70.0/23
193.143.73.0/24
193.143.79.0-193.143.89.255
193.143.91.0/24
193.143.93.0-193.143.95.255
194.100.0.0/16
195.10.128.0/18
212.50.128.0/19
212.86.0.0/19
212.90.64.0/19
212.146.0.0/18
212.149.128.0/17
213.139.160.0/19
213.141.96.0/19
213.186.224.0/19
213.216.192.0/18
213.243.128.0/18
217.78.192.0/19
IPv6:
2001:6e8::/29
2001:14b8::/29
2001:4078::/29
2a01:a800::/29
Signature Algorithm: sha256WithRSAEncryption
07:eb:35:5d:66:e9:60:de:99:a3:08:80:26:41:d2:0c:60:c1:
46:43:c8:16:ed:65:1a:c0:e8:f5:ae:17:a7:cf:eb:66:6b:6b:
39:60:4e:09:56:1e:6b:d7:dd:81:d4:a5:70:76:15:3f:12:51:
2d:e8:9e:a5:ef:61:38:57:f4:84:30:9d:8a:93:ba:f9:b4:56:
14:ac:ce:1e:43:0f:ab:09:a4:3b:a1:62:e0:d9:a6:09:84:d2:
02:60:9a:c3:26:fb:3d:b5:81:48:75:2c:6f:8a:7c:81:8a:42:
3a:08:91:d0:c4:f4:b3:81:56:8c:f7:99:70:e0:d3:88:77:ca:
e3:10:97:56:ea:82:02:6b:8a:37:37:c6:72:c9:af:2e:dd:a4:
0e:04:74:eb:a3:7e:07:5e:17:ad:3a:b4:c0:ba:91:fb:fb:cb:
b5:d3:ed:b3:df:75:86:1d:5f:dd:bd:a8:c3:eb:88:14:62:31:
b4:d6:af:aa:0d:0c:2e:73:84:17:58:f1:66:7a:62:e3:26:90:
f4:ce:e7:d2:c3:fa:cf:8a:4b:47:f9:fb:b6:36:23:96:ac:53:
e0:f6:58:04:66:6a:23:28:e4:76:6e:10:9e:59:5c:5a:26:df:
21:3c:ca:65:c3:8f:c6:88:6f:ec:e7:f5:b4:04:b2:55:7e:6a:
b3:9e:6e:05
-----BEGIN CERTIFICATE-----
MIIGiTCCBXGgAwIBAgISAYzIAj7HHbhMY9852jdqwZprMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDVmZWY2OTJiNGMyZDIyYmRkMDMxZmFiZmE3MTEwYjdi
MzZlODEwHhcNMjQwMTAyMDIzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmRmNWMwMzQ3NDk5NWIzN2E2NWQ1ZTVmOGU1NDNjMzEzMjhiYTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEePFLJ/ZpmX+xHQQckHezOC3gMu
YdcOBde8BdIOele1U0NtGC5hECytDFLDm8hlfT8KSdmVAxJzMPdmtKmIti/akxzD
0RdOLyqPxTZnwyKV676MpKV5MSUpG4hfN4niMmwSU2RuIdShTSqlqeDdFg0mHtcb
Ou3Jz8x5D2SGYEieg37sNH5FctbUgAEqSJlVe6yD5mm1CsbZg8eRkgcXPQoNciuf
6I8em9AxgOSvdWt2zCvSxkGjFM7ftco76Dm8fxS8sjPO/wXJ01d9pyc0IYsTw8QA
OOqDY8saCqDrBcI1+SY2piWhuD35k0/Br6kkH2eg7K488a+WBNX0msCHVQIDAQAB
o4IDlTCCA5EwHQYDVR0OBBYEFBvfXANHSZWzemXV5fjlQ8MTKLptMB8GA1UdIwQY
MBaAFB/V/vaStMLSK90DH6v6cRC3s26BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDlYLTlwSzB3dElyM1FNZnFfcHhFTGV6Ym9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80OGUxYWUtOTBlOC00ZTQyLWFmM2Qt
NTEwMWJlNWRkNjE1LzEvRzk5Y0EwZEpsYk42WmRYbC1PVkR3eE1vdW0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80OGUxYWUtOTBlOC00ZTQyLWFmM2QtNTEwMWJlNWRkNjE1
LzEvSDlYLTlwSzB3dElyM1FNZnFfcHhFTGV6Ym9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBqQYIKwYBBQUHAQcBAf8EggGYMIIBlDCCAWwEAgABMIIB
ZAMDACUhAwQFJYKgAwMAJYgDAwAl2wMEBj4swDALAwQFPk5gAwMAPk4DBAU+caAD
BAY+pYADBAc+t4ADBAU+xaADAwE+7AMEBj7xwAMEBk4bQAMEBFBAAAMEB1GvgAME
B1KAgAMDAFK1AwQHUsuAAwQHU2QAAwQHU2YAAwQGVP3AAwMAVRcDBAdVgwADAwJX
XAMEB1dkgAMEB1iUgAMEB1kbAAMEB1mmAAMEBluRQAMEBW1sAAMEBZ//4AMDALBd
AwMAsjcDBAayS4ADBAK5D9QDAwC8QwMEA7xeQDAMAwQDwGvIAwQDwGvgAwQBwY9G
AwQAwY9JMAwDBADBj08DBAHBj1gDBADBj1swDAMEAMGPXQMEBcGPQAMDAMJkAwQG
wwqAAwQF1DKAAwQF1FYAAwQF1FpAAwQG1JIAAwQH1JWAAwQF1YugAwQF1Y1gAwQF
1brgAwQG1djAAwQG1fOAAwQF2U7AMCIEAgACMBwDBQMgAQboAwUDIAEUuAMFAyAB
QHgDBQMqAagAMA0GCSqGSIb3DQEBCwUAA4IBAQAH6zVdZulg3pmjCIAmQdIMYMFG
Q8gW7WUawOj1rhenz+tma2s5YE4JVh5r192B1KVwdhU/ElEt6J6l72E4V/SEMJ2K
k7r5tFYUrM4eQw+rCaQ7oWLg2aYJhNICYJrDJvs9tYFIdSxvinyBikI6CJHQxPSz
gVaM95lw4NOId8rjEJdW6oICa4o3N8Zyya8u3aQOBHTro34HXhetOrTAupH7+8u1
0+2z33WGHV/dvajD64gUYjG01q+qDQwuc4QXWPFmemLjJpD0zufSw/rPiktH+fu2
NiOWrFPg9lgEZmojKOR2bhCeWVxaJt8hPMplw4/GiG/s5/W0BLJVfmqznm4F
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:04:50 2024 by rpki-client on console-fra.rpki-client.org