Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/XvtMWkgdKFLh23z8lTm8I6A0TBc.roa
File: XvtMWkgdKFLh23z8lTm8I6A0TBc.roa (raw, json)
Hash identifier: 3QvAWkztNo+YS9JH3Jk/Vx+XkNkgAyQEvAAPD7X2zKc=
Subject key identifier: 5E:FB:4C:5A:48:1D:28:52:E1:DB:7C:FC:95:39:BC:23:A0:34:4C:17
Certificate issuer: /CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Certificate serial: 01934430D17B8347BF436F7B8199F1D7D5E5
Authority key identifier: E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/XvtMWkgdKFLh23z8lTm8I6A0TBc.roa
Signing time: Tue 19 Nov 2024 11:31:10 +0000
ROA not before: Tue 19 Nov 2024 11:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8400
IP address blocks: 5.154.225.0/24 maxlen: 24
31.14.33.0/24 maxlen: 24
37.153.174.0/24 maxlen: 24
37.153.175.0/24 maxlen: 24
46.17.120.0/21 maxlen: 21
46.235.96.0/21 maxlen: 21
62.101.128.0/20 maxlen: 20
62.240.24.0/21 maxlen: 21
77.46.128.0/17 maxlen: 17
79.101.0.0/16 maxlen: 16
79.101.0.0/21 maxlen: 21
79.101.21.0/24 maxlen: 24
87.250.32.0/19 maxlen: 19
89.34.2.0/24 maxlen: 24
89.39.144.0/23 maxlen: 23
89.42.12.0/24 maxlen: 24
89.46.126.0/23 maxlen: 23
89.47.40.0/23 maxlen: 23
91.150.64.0/18 maxlen: 18
91.150.64.0/23 maxlen: 23
91.150.66.0/24 maxlen: 24
91.150.91.0/24 maxlen: 24
92.60.224.0/24 maxlen: 24
92.60.225.0/24 maxlen: 24
92.60.226.0/24 maxlen: 24
92.60.227.0/24 maxlen: 24
92.60.228.0/24 maxlen: 24
92.60.229.0/24 maxlen: 24
92.60.230.0/24 maxlen: 24
92.60.231.0/24 maxlen: 24
92.60.232.0/24 maxlen: 24
92.60.233.0/24 maxlen: 24
92.60.234.0/23 maxlen: 23
92.60.236.0/24 maxlen: 24
92.60.237.0/24 maxlen: 24
92.60.238.0/24 maxlen: 24
92.60.239.0/24 maxlen: 24
92.244.128.0/19 maxlen: 19
93.86.0.0/15 maxlen: 15
93.86.0.0/16 maxlen: 16
93.87.0.0/16 maxlen: 16
93.87.38.0/24 maxlen: 24
93.87.39.0/24 maxlen: 24
93.87.50.0/24 maxlen: 24
93.87.58.0/24 maxlen: 24
93.113.250.0/23 maxlen: 23
94.228.224.0/22 maxlen: 22
94.228.229.0/24 maxlen: 24
94.228.230.0/24 maxlen: 24
94.228.231.0/24 maxlen: 24
94.228.232.0/23 maxlen: 23
94.228.234.0/24 maxlen: 24
94.228.235.0/24 maxlen: 24
94.228.236.0/24 maxlen: 24
94.228.237.0/24 maxlen: 24
94.228.238.0/23 maxlen: 23
109.72.48.0/20 maxlen: 20
109.92.0.0/15 maxlen: 15
109.94.228.0/22 maxlen: 22
109.94.232.0/21 maxlen: 21
109.122.64.0/18 maxlen: 24
109.122.77.0/24 maxlen: 24
109.198.0.0/19 maxlen: 19
176.67.192.0/21 maxlen: 21
176.67.200.0/23 maxlen: 23
176.67.202.0/23 maxlen: 23
176.67.204.0/24 maxlen: 24
176.67.205.0/24 maxlen: 24
176.67.206.0/23 maxlen: 23
176.67.208.0/23 maxlen: 23
176.67.210.0/24 maxlen: 24
176.67.211.0/24 maxlen: 24
176.67.212.0/23 maxlen: 23
176.67.214.0/24 maxlen: 24
176.67.215.0/24 maxlen: 24
176.67.216.0/24 maxlen: 24
176.67.217.0/24 maxlen: 24
176.67.218.0/24 maxlen: 24
176.67.219.0/24 maxlen: 24
176.67.220.0/24 maxlen: 24
176.67.221.0/24 maxlen: 24
176.67.222.0/24 maxlen: 24
176.67.223.0/24 maxlen: 24
178.17.16.0/21 maxlen: 21
178.17.24.0/22 maxlen: 22
178.17.28.0/23 maxlen: 23
178.17.30.0/24 maxlen: 24
178.17.31.0/24 maxlen: 24
178.79.0.0/18 maxlen: 18
178.220.0.0/15 maxlen: 15
178.222.0.0/16 maxlen: 16
178.223.0.0/17 maxlen: 17
178.223.128.0/18 maxlen: 18
178.223.192.0/19 maxlen: 19
178.237.208.0/20 maxlen: 20
178.250.136.0/21 maxlen: 21
185.10.140.0/22 maxlen: 22
185.26.172.0/22 maxlen: 22
185.27.128.0/24 maxlen: 24
185.27.129.0/24 maxlen: 24
185.27.130.0/23 maxlen: 23
185.34.92.0/22 maxlen: 22
185.36.255.0/24 maxlen: 24
185.71.88.0/22 maxlen: 22
185.103.136.0/22 maxlen: 22
185.112.20.0/22 maxlen: 22
185.157.104.0/22 maxlen: 22
185.179.136.0/22 maxlen: 22
185.190.152.0/22 maxlen: 22
188.215.30.0/24 maxlen: 24
188.240.88.0/24 maxlen: 24
188.240.200.0/24 maxlen: 24
188.240.201.0/24 maxlen: 24
195.178.32.0/19 maxlen: 19
212.62.59.0/24 maxlen: 24
212.200.0.0/16 maxlen: 16
212.200.0.0/17 maxlen: 17
212.200.0.0/21 maxlen: 21
212.200.8.0/22 maxlen: 22
212.200.12.0/23 maxlen: 23
212.200.45.0/24 maxlen: 24
212.200.50.0/24 maxlen: 24
212.200.51.0/24 maxlen: 24
212.200.52.0/24 maxlen: 24
212.200.123.0/24 maxlen: 24
212.200.128.0/17 maxlen: 17
212.200.128.0/18 maxlen: 18
212.200.132.0/24 maxlen: 24
212.200.192.0/19 maxlen: 19
212.200.224.0/24 maxlen: 24
212.200.225.0/24 maxlen: 24
212.200.226.0/23 maxlen: 23
212.200.228.0/22 maxlen: 22
212.200.232.0/21 maxlen: 21
212.200.240.0/20 maxlen: 20
213.196.96.0/20 maxlen: 20
2a00:e90::/32 maxlen: 32
2a06:5b00::/29 maxlen: 29
2a06:63c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:30:d1:7b:83:47:bf:43:6f:7b:81:99:f1:d7:d5:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Validity
Not Before: Nov 19 11:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5efb4c5a481d2852e1db7cfc9539bc23a0344c17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5a:f3:03:8a:f7:3f:20:b6:e3:f2:71:49:28:
bb:76:82:c6:98:66:31:8b:c2:36:95:a1:68:22:2c:
64:c8:93:fe:3c:7e:a0:72:1e:cd:42:7f:bf:b7:ce:
f4:a5:0f:30:4f:77:2f:59:b4:dc:fc:d4:9f:cc:32:
a6:ff:1d:fc:47:69:e7:32:a7:75:5c:08:8c:5e:71:
ec:50:4e:d9:a9:a7:10:a8:69:a8:a5:da:b5:d9:29:
84:2e:3b:b9:27:b2:8b:07:d6:9c:0c:ac:f6:a0:fd:
8b:a5:68:5c:ec:f2:0e:d2:62:8b:fa:d1:2b:0d:8a:
c6:09:b1:c2:48:56:d4:d0:21:44:4a:26:34:ed:b3:
a3:28:98:8b:e9:03:4e:73:5d:a3:a6:95:d6:d8:ef:
b4:88:2e:33:f9:0f:20:dd:4b:0a:a8:d4:3d:3c:c5:
c3:f6:ae:08:f9:99:5d:38:58:f0:d2:20:e1:2e:3f:
b6:12:ea:a3:5f:d8:0e:18:15:d0:bb:e2:34:11:86:
de:31:56:32:fd:a8:03:79:9c:98:46:af:c2:51:b9:
73:24:5e:1c:82:73:52:cc:03:bf:d9:0b:de:5b:52:
87:66:3f:32:67:1f:8c:22:35:d1:aa:1a:09:8a:a8:
00:84:c5:33:27:9a:34:5a:a4:d6:72:4a:4d:eb:7d:
d0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:FB:4C:5A:48:1D:28:52:E1:DB:7C:FC:95:39:BC:23:A0:34:4C:17
X509v3 Authority Key Identifier:
keyid:E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/XvtMWkgdKFLh23z8lTm8I6A0TBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.225.0/24
31.14.33.0/24
37.153.174.0/23
46.17.120.0/21
46.235.96.0/21
62.101.128.0/20
62.240.24.0/21
77.46.128.0/17
79.101.0.0/16
87.250.32.0/19
89.34.2.0/24
89.39.144.0/23
89.42.12.0/24
89.46.126.0/23
89.47.40.0/23
91.150.64.0/18
92.60.224.0/20
92.244.128.0/19
93.86.0.0/15
93.113.250.0/23
94.228.224.0/22
94.228.229.0-94.228.239.255
109.72.48.0/20
109.92.0.0/15
109.94.228.0-109.94.239.255
109.122.64.0/18
109.198.0.0/19
176.67.192.0/19
178.17.16.0/20
178.79.0.0/18
178.220.0.0-178.223.223.255
178.237.208.0/20
178.250.136.0/21
185.10.140.0/22
185.26.172.0/22
185.27.128.0/22
185.34.92.0/22
185.36.255.0/24
185.71.88.0/22
185.103.136.0/22
185.112.20.0/22
185.157.104.0/22
185.179.136.0/22
185.190.152.0/22
188.215.30.0/24
188.240.88.0/24
188.240.200.0/23
195.178.32.0/19
212.62.59.0/24
212.200.0.0/16
213.196.96.0/20
IPv6:
2a00:e90::/32
2a06:5b00::/29
2a06:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:ed:bf:64:ca:bb:9e:46:4f:af:e7:79:6c:b1:f9:aa:5e:65:
d5:9c:a3:83:49:22:24:99:76:8f:f7:63:f4:be:9b:0d:a4:91:
d1:50:5c:ca:dc:a0:1b:2c:ce:f4:76:c5:c6:03:7c:2f:79:49:
18:64:0b:2c:1d:af:ea:63:03:46:dc:ab:fa:91:74:ec:92:d6:
b4:11:c8:22:ae:10:1c:39:a3:d4:0b:5c:23:61:68:2b:6c:35:
9c:3e:25:1e:8a:4f:ef:cc:8c:ec:1b:49:3f:f5:86:72:5b:bf:
d4:9d:16:e6:46:9c:3c:05:25:fe:9e:bf:52:72:97:1e:29:72:
1d:91:f3:de:73:ef:6e:b2:6a:42:42:7a:d3:07:6b:c8:8e:db:
de:1e:c8:6c:8a:8b:ac:93:41:53:56:3c:d2:c9:42:22:a4:94:
8d:49:51:12:a5:ca:ae:d9:96:81:dc:68:6e:b1:59:5c:7d:e0:
e1:5c:ed:fe:8f:96:ff:0c:18:f6:62:6a:b4:d5:9f:c6:ee:53:
c1:c3:95:68:8f:39:07:69:04:fc:b4:11:52:48:1b:08:d6:13:
ca:e8:73:c7:ca:fd:23:0f:75:eb:91:fc:9f:f4:1a:bf:7b:0b:
f2:5f:44:e1:9d:f9:08:e3:bb:1c:b5:df:2b:61:97:73:62:5a:
fb:0d:28:fc
-----BEGIN CERTIFICATE-----
MIIGYzCCBUugAwIBAgISAZNEMNF7g0e/Q297gZnx19XlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YjEzMjBmYmMyNGQ2ZjQzNjZjYjY0ZmNmNWVkMmQ3YjFi
NmJkZjcwHhcNMjQxMTE5MTEzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWZiNGM1YTQ4MWQyODUyZTFkYjdjZmM5NTM5YmMyM2EwMzQ0YzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFrzA4r3PyC24/JxSSi7doLGmGYx
i8I2laFoIixkyJP+PH6gch7NQn+/t870pQ8wT3cvWbTc/NSfzDKm/x38R2nnMqd1
XAiMXnHsUE7ZqacQqGmopdq12SmELju5J7KLB9acDKz2oP2LpWhc7PIO0mKL+tEr
DYrGCbHCSFbU0CFESiY07bOjKJiL6QNOc12jppXW2O+0iC4z+Q8g3UsKqNQ9PMXD
9q4I+ZldOFjw0iDhLj+2EuqjX9gOGBXQu+I0EYbeMVYy/agDeZyYRq/CUblzJF4c
gnNSzAO/2QveW1KHZj8yZx+MIjXRqhoJiqgAhMUzJ5o0WqTWckpN633Q/wIDAQAB
o4IDbzCCA2swHQYDVR0OBBYEFF77TFpIHShS4dt8/JU5vCOgNEwXMB8GA1UdIwQY
MBaAFOmxMg+8JNb0Nmy2T89e0textr33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUt
ZDNlMjgwMGJkNjQwLzEvWHZ0TVdrZ2RLRkxoMjN6OGxUbThJNkEwVEJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUtZDNlMjgwMGJkNjQw
LzEvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBgwYIKwYBBQUHAQcBAf8EggFyMIIBbjCCAU0EAgABMIIB
RQMEAAWa4QMEAB8OIQMEASWZrgMEAy4ReAMEAy7rYAMEBD5lgAMEAz7wGAMEB00u
gAMDAE9lAwQFV/ogAwQAWSICAwQBWSeQAwQAWSoMAwQBWS5+AwQBWS8oAwQGW5ZA
AwQEXDzgAwQFXPSAAwMBXVYDBAFdcfoDBAJe5OAwDAMEAF7k5QMEBF7k4AMEBG1I
MAMDAW1cMAwDBAJtXuQDBARtXuADBAZtekADBAVtxgADBAWwQ8ADBASyERADBAay
TwAwCwMDArLcAwQFst/AAwQEsu3QAwQDsvqIAwQCuQqMAwQCuRqsAwQCuRuAAwQC
uSJcAwQAuST/AwQCuUdYAwQCuWeIAwQCuXAUAwQCuZ1oAwQCubOIAwQCub6YAwQA
vNceAwQAvPBYAwQBvPDIAwQFw7IgAwQA1D47AwMA1MgDBATVxGAwGwQCAAIwFQMF
ACoADpADBQMqBlsAAwUDKgZjwDANBgkqhkiG9w0BAQsFAAOCAQEAju2/ZMq7nkZP
r+d5bLH5ql5l1Zyjg0kiJJl2j/dj9L6bDaSR0VBcytygGyzO9HbFxgN8L3lJGGQL
LB2v6mMDRtyr+pF07JLWtBHIIq4QHDmj1AtcI2FoK2w1nD4lHopP78yM7BtJP/WG
clu/1J0W5kacPAUl/p6/UnKXHilyHZHz3nPvbrJqQkJ60wdryI7b3h7IbIqLrJNB
U1Y80slCIqSUjUlREqXKrtmWgdxobrFZXH3g4Vzt/o+W/wwY9mJqtNWfxu5TwcOV
aI85B2kE/LQRUkgbCNYTyuhzx8r9Iw9165H8n/Qav3sL8l9E4Z35COO7HLXfK2GX
c2Ja+w0o/A==
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:17:36 2024 by rpki-client on console-ams.rpki-client.org