Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/Qi2teiESa5ltFtiWGggjyR-nDvE.roa
File: Qi2teiESa5ltFtiWGggjyR-nDvE.roa (raw, json)
Hash identifier: sPV35YGJNMDQrfSo5i3Y72oKkH353pXY7qtFQcOJkKk=
Subject key identifier: 42:2D:AD:7A:21:12:6B:99:6D:16:D8:96:1A:08:23:C9:1F:A7:0E:F1
Certificate issuer: /CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Certificate serial: 018CED57741B483EA7EB90AE2A58E83480D3
Authority key identifier: 01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/Qi2teiESa5ltFtiWGggjyR-nDvE.roa
Signing time: Tue 09 Jan 2024 08:29:40 +0000
ROA not before: Tue 09 Jan 2024 08:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35699
IP address blocks: 45.145.244.0/22 maxlen: 24
62.56.192.0/20 maxlen: 24
70.34.224.0/20 maxlen: 24
216.147.96.0/20 maxlen: 24
87.236.180.0/22 maxlen: 24
45.230.12.0/22 maxlen: 24
45.137.240.0/22 maxlen: 24
91.126.32.0/19 maxlen: 24
91.126.64.0/19 maxlen: 24
185.239.36.0/22 maxlen: 24
147.161.64.0/18 maxlen: 24
212.97.88.0/21 maxlen: 24
91.126.16.0/20 maxlen: 24
45.151.224.0/22 maxlen: 24
91.126.160.0/19 maxlen: 24
74.126.176.0/20 maxlen: 24
143.131.192.0/18 maxlen: 24
110.93.8.0/22 maxlen: 24
185.203.208.0/22 maxlen: 24
91.126.96.0/19 maxlen: 24
86.111.60.0/22 maxlen: 24
64.190.114.0/23 maxlen: 24
91.126.128.0/19 maxlen: 24
135.129.224.0/20 maxlen: 24
98.96.184.0/21 maxlen: 24
103.202.232.0/22 maxlen: 24
45.130.132.0/22 maxlen: 24
91.126.192.0/19 maxlen: 24
45.133.138.0/23 maxlen: 24
147.136.252.0/23 maxlen: 24
91.126.224.0/19 maxlen: 24
91.126.232.0/21 maxlen: 24
173.243.32.0/20 maxlen: 24
2a00:1af4::/32 maxlen: 32
2a00:1af4:1000::/48 maxlen: 48
2a00:1af0::/29 maxlen: 29
2a00:1af4:1003::/48 maxlen: 48
2a00:1af1::/32 maxlen: 32
2a00:1af1::/36 maxlen: 36
2a00:1af2::/32 maxlen: 32
2a00:1af3::/32 maxlen: 32
2a00:1af0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.mft
rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:57:74:1b:48:3e:a7:eb:90:ae:2a:58:e8:34:80:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Validity
Not Before: Jan 9 08:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=422dad7a21126b996d16d8961a0823c91fa70ef1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ae:45:5a:99:83:5e:f7:ee:ff:52:88:70:d4:
5a:b0:40:ac:a0:42:a7:97:d4:e1:f8:7e:fd:40:00:
0f:a1:0c:1c:34:de:32:bc:6f:9d:59:35:6d:57:58:
fe:b7:b2:cc:5a:5d:b3:33:56:09:c8:29:7b:6f:76:
11:10:ea:e9:78:c7:5b:97:03:87:6c:0d:98:fb:c7:
b3:84:09:bb:3f:de:6d:2c:13:f5:aa:31:5e:f7:2f:
43:15:e4:7a:db:89:b6:f6:d3:b0:c2:e1:6c:e5:a3:
fa:80:96:a4:36:5b:30:f3:73:f9:f9:82:ee:29:ca:
2c:c0:b2:9b:4a:a6:f2:c0:65:b1:7b:5f:95:57:6f:
7a:a6:aa:3c:3b:28:85:5d:cb:b2:24:a4:5a:d2:79:
aa:c0:16:ba:49:08:36:fe:00:50:5a:13:14:d4:9c:
f5:e8:bb:d2:d5:66:f5:c8:62:25:53:87:7f:96:3c:
22:c7:51:d0:e9:86:c5:b8:46:90:b9:f7:51:7b:80:
90:e3:d3:e1:cf:a8:87:5a:93:14:de:aa:75:84:d6:
ee:f7:32:60:1a:f6:2a:7d:d3:31:3d:2e:73:21:27:
73:f5:bd:88:16:80:c5:6e:0d:ac:0c:eb:66:23:6a:
88:ef:03:fa:f3:cc:b6:79:89:a6:25:57:55:1b:c6:
fa:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:2D:AD:7A:21:12:6B:99:6D:16:D8:96:1A:08:23:C9:1F:A7:0E:F1
X509v3 Authority Key Identifier:
keyid:01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/Qi2teiESa5ltFtiWGggjyR-nDvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.132.0/22
45.133.138.0/23
45.137.240.0/22
45.145.244.0/22
45.151.224.0/22
45.230.12.0/22
62.56.192.0/20
64.190.114.0/23
70.34.224.0/20
74.126.176.0/20
86.111.60.0/22
87.236.180.0/22
91.126.16.0-91.126.255.255
98.96.184.0/21
103.202.232.0/22
110.93.8.0/22
135.129.224.0/20
143.131.192.0/18
147.136.252.0/23
147.161.64.0/18
173.243.32.0/20
185.203.208.0/22
185.239.36.0/22
212.97.88.0/21
216.147.96.0/20
IPv6:
2a00:1af0::/29
Signature Algorithm: sha256WithRSAEncryption
66:1a:12:e7:09:d5:4e:84:4f:7e:19:ea:bd:49:56:34:75:bd:
fc:87:2e:6b:1f:60:ec:3c:7c:1a:b6:19:9b:0c:11:49:c9:9f:
42:80:59:a0:f0:4c:19:7b:b1:84:25:d3:bc:65:04:7a:a3:4d:
f8:5f:e5:c2:a2:ad:2a:e0:8a:82:df:d6:59:97:1e:a8:a1:05:
14:b5:eb:bb:ac:ca:b1:df:26:1a:af:32:6d:db:c8:62:b8:cc:
58:ec:78:a2:72:b4:90:d4:b4:0d:2d:ea:f6:dc:df:47:92:24:
fd:88:fe:97:85:f6:05:b0:8b:4d:95:3c:44:4e:93:7f:b8:8b:
4e:cd:0d:ea:e4:b0:6c:6e:7d:17:c5:ca:2f:99:1a:fa:5f:c4:
a8:30:f8:a6:24:b7:d5:f9:9f:de:f5:b1:c7:03:cd:2a:0e:2b:
ed:84:f0:dd:b8:4b:74:ae:71:a2:9d:43:ba:47:43:ad:3a:0d:
38:57:d6:13:95:1c:d9:6f:a0:8e:28:be:ab:5f:f7:4d:20:1c:
a1:9d:26:48:e1:69:18:6f:b4:0a:e8:95:7e:57:c0:8f:9f:26:
c3:4b:13:f9:83:b1:ca:2c:6f:ca:a3:a4:07:e5:6d:9d:a9:fa:
bf:7c:53:57:71:75:b6:6d:ca:cd:23:89:d9:2c:81:71:e2:c3:
e5:50:69:3e
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYztV3QbSD6n65CuKljoNIDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNzBhMTY5YjZjZDQxMTAyMjI3OWU5ZmY5OTdmMTM0ZmY1
NGFiMWMwHhcNMjQwMTA5MDgyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjJkYWQ3YTIxMTI2Yjk5NmQxNmQ4OTYxYTA4MjNjOTFmYTcwZWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoa5FWpmDXvfu/1KIcNRasECsoEKn
l9Th+H79QAAPoQwcNN4yvG+dWTVtV1j+t7LMWl2zM1YJyCl7b3YREOrpeMdblwOH
bA2Y+8ezhAm7P95tLBP1qjFe9y9DFeR624m29tOwwuFs5aP6gJakNlsw83P5+YLu
KcoswLKbSqbywGWxe1+VV296pqo8OyiFXcuyJKRa0nmqwBa6SQg2/gBQWhMU1Jz1
6LvS1Wb1yGIlU4d/ljwix1HQ6YbFuEaQufdRe4CQ49Phz6iHWpMU3qp1hNbu9zJg
GvYqfdMxPS5zISdz9b2IFoDFbg2sDOtmI2qI7wP688y2eYmmJVdVG8b6fQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFEItrXohEmuZbRbYlhoII8kfpw7xMB8GA1UdIwQY
MBaAFAFwoWm2zUEQIieen/mX8TT/VKscMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVhDaGFiYk5RUkFpSjU2Zi1aZnhOUDlVcXh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8xZTc3N2YtOTg2Yi00ZTM0LThkODEt
N2Q0YmIyMzgwNDg3LzEvUWkydGVpRVNhNWx0RnRpV0dnZ2p5Ui1uRHZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8xZTc3N2YtOTg2Yi00ZTM0LThkODEtN2Q0YmIyMzgwNDg3
LzEvQVhDaGFiYk5RUkFpSjU2Zi1aZnhOUDlVcXh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBpAQCAAEwgZ0DBAIt
goQDBAEthYoDBAItifADBAItkfQDBAItl+ADBAIt5gwDBAQ+OMADBAFAvnIDBARG
IuADBARKfrADBAJWbzwDBAJX7LQwCwMEBFt+EAMDAFt+AwQDYmC4AwQCZ8roAwQC
bl0IAwQEh4HgAwQGj4PAAwQBk4j8AwQGk6FAAwQErfMgAwQCucvQAwQCue8kAwQD
1GFYAwQE2JNgMA0EAgACMAcDBQMqABrwMA0GCSqGSIb3DQEBCwUAA4IBAQBmGhLn
CdVOhE9+Geq9SVY0db38hy5rH2DsPHwathmbDBFJyZ9CgFmg8EwZe7GEJdO8ZQR6
o034X+XCoq0q4IqC39ZZlx6ooQUUteu7rMqx3yYarzJt28hiuMxY7HiicrSQ1LQN
Ler23N9HkiT9iP6XhfYFsItNlTxETpN/uItOzQ3q5LBsbn0XxcovmRr6X8SoMPim
JLfV+Z/e9bHHA80qDivthPDduEt0rnGinUO6R0OtOg04V9YTlRzZb6COKL6rX/dN
IByhnSZI4WkYb7QK6JV+V8CPnybDSxP5g7HKLG/Ko6QH5W2dqfq/fFNXcXW2bcrN
I4nZLIFx4sPlUGk+
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:57:35 2024 by rpki-client on console-fra.rpki-client.org