Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/eb22fa-fba4-47a9-ab53-363e2d6643f2/1/1UUi7RNxsKiwh6Wl81jrhYvrci4.roa
File: 1UUi7RNxsKiwh6Wl81jrhYvrci4.roa (raw, json)
Hash identifier: UWEiWw0MPnfgjJadtpqsDI48pLOKqz6h27VmB2MTWaA=
Subject key identifier: D5:45:22:ED:13:71:B0:A8:B0:87:A5:A5:F3:58:EB:85:8B:EB:72:2E
Certificate issuer: /CN=f3ace3cafb9e26c1a60564f70d2aceb457bf5009
Certificate serial: 018CC424B499D34470FEBB1532506A8312D9
Authority key identifier: F3:AC:E3:CA:FB:9E:26:C1:A6:05:64:F7:0D:2A:CE:B4:57:BF:50:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/86zjyvueJsGmBWT3DSrOtFe_UAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/eb22fa-fba4-47a9-ab53-363e2d6643f2/1/1UUi7RNxsKiwh6Wl81jrhYvrci4.roa
Signing time: Mon 01 Jan 2024 08:29:48 +0000
ROA not before: Mon 01 Jan 2024 08:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35567
IP address blocks: 91.191.42.0/24 maxlen: 24
91.191.41.0/24 maxlen: 24
91.191.40.0/24 maxlen: 24
91.191.39.0/24 maxlen: 24
91.191.44.0/24 maxlen: 24
91.191.43.0/24 maxlen: 24
91.191.51.0/24 maxlen: 24
91.191.50.0/24 maxlen: 24
91.191.49.0/24 maxlen: 24
91.191.48.0/24 maxlen: 24
91.191.47.0/24 maxlen: 24
91.191.46.0/24 maxlen: 24
91.191.45.0/24 maxlen: 24
91.191.52.0/24 maxlen: 24
91.191.56.0/24 maxlen: 24
91.191.55.0/24 maxlen: 24
185.16.14.0/24 maxlen: 24
91.191.54.0/24 maxlen: 24
91.191.53.0/24 maxlen: 24
185.16.12.0/22 maxlen: 24
91.191.58.0/24 maxlen: 24
91.191.57.0/24 maxlen: 24
91.191.63.0/24 maxlen: 24
91.191.62.0/24 maxlen: 24
91.191.61.0/24 maxlen: 24
91.191.60.0/24 maxlen: 24
91.191.59.0/24 maxlen: 24
91.191.1.0/24 maxlen: 24
91.191.0.0/24 maxlen: 24
91.191.4.0/24 maxlen: 24
91.191.3.0/24 maxlen: 24
91.191.2.0/24 maxlen: 24
91.191.11.0/24 maxlen: 24
91.191.10.0/24 maxlen: 24
91.191.9.0/24 maxlen: 24
91.191.8.0/24 maxlen: 24
91.191.7.0/24 maxlen: 24
91.191.6.0/24 maxlen: 24
91.191.5.0/24 maxlen: 24
91.191.14.0/24 maxlen: 24
91.191.13.0/24 maxlen: 24
91.191.12.0/24 maxlen: 24
91.191.17.0/24 maxlen: 24
91.191.16.0/24 maxlen: 24
91.191.15.0/24 maxlen: 24
91.191.24.0/21 maxlen: 24
91.191.24.0/24 maxlen: 24
91.191.23.0/24 maxlen: 24
91.191.22.0/24 maxlen: 24
91.191.21.0/24 maxlen: 24
91.191.20.0/24 maxlen: 24
91.191.19.0/24 maxlen: 24
91.191.18.0/24 maxlen: 24
91.191.31.0/24 maxlen: 24
91.191.30.0/24 maxlen: 24
91.191.29.0/24 maxlen: 24
91.191.27.0/24 maxlen: 24
91.191.26.0/24 maxlen: 24
91.191.38.0/24 maxlen: 24
91.191.37.0/24 maxlen: 24
91.191.36.0/24 maxlen: 24
91.191.35.0/24 maxlen: 24
91.191.34.0/24 maxlen: 24
91.191.33.0/24 maxlen: 24
91.191.32.0/24 maxlen: 24
213.196.112.0/24 maxlen: 24
213.196.118.0/24 maxlen: 24
213.196.117.0/24 maxlen: 24
213.196.116.0/24 maxlen: 24
213.196.115.0/24 maxlen: 24
213.196.114.0/23 maxlen: 23
213.196.114.0/24 maxlen: 24
213.196.113.0/24 maxlen: 24
213.196.121.0/24 maxlen: 24
87.250.96.0/19 maxlen: 24
87.250.98.0/24 maxlen: 24
213.196.125.0/24 maxlen: 24
213.196.124.0/24 maxlen: 24
87.250.97.0/24 maxlen: 24
87.250.96.0/24 maxlen: 24
213.196.123.0/24 maxlen: 24
213.196.122.0/24 maxlen: 24
213.196.120.0/24 maxlen: 24
213.196.119.0/24 maxlen: 24
87.250.105.0/24 maxlen: 24
87.250.104.0/24 maxlen: 24
87.250.103.0/24 maxlen: 24
87.250.102.0/24 maxlen: 24
87.250.101.0/24 maxlen: 24
213.196.127.0/24 maxlen: 24
213.196.126.0/24 maxlen: 24
87.250.99.0/24 maxlen: 24
87.250.112.0/24 maxlen: 24
87.250.109.0/24 maxlen: 24
87.250.108.0/24 maxlen: 24
87.250.107.0/24 maxlen: 24
87.250.106.0/24 maxlen: 24
87.250.118.0/24 maxlen: 24
87.250.117.0/24 maxlen: 24
87.250.115.0/24 maxlen: 24
87.250.114.0/24 maxlen: 24
87.250.113.0/24 maxlen: 24
87.250.125.0/24 maxlen: 24
87.250.124.0/24 maxlen: 24
87.250.123.0/24 maxlen: 24
87.250.122.0/24 maxlen: 24
87.250.121.0/24 maxlen: 24
87.250.120.0/24 maxlen: 24
87.250.119.0/24 maxlen: 24
87.250.127.0/24 maxlen: 24
2a02:17a8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/eb22fa-fba4-47a9-ab53-363e2d6643f2/1/86zjyvueJsGmBWT3DSrOtFe_UAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/eb22fa-fba4-47a9-ab53-363e2d6643f2/1/86zjyvueJsGmBWT3DSrOtFe_UAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/86zjyvueJsGmBWT3DSrOtFe_UAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 01:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:b4:99:d3:44:70:fe:bb:15:32:50:6a:83:12:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3ace3cafb9e26c1a60564f70d2aceb457bf5009
Validity
Not Before: Jan 1 08:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d54522ed1371b0a8b087a5a5f358eb858beb722e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0b:69:04:9d:88:67:48:12:b7:85:95:41:56:
e8:a9:7c:77:43:c2:3e:e3:5b:0b:9d:2c:61:77:8c:
94:9d:73:5e:7b:44:d0:dc:82:e3:90:92:de:0f:3c:
5e:f0:33:e3:62:cd:4b:f6:ee:ed:dc:d7:ff:26:c2:
39:72:f8:b1:c6:3e:f5:b8:f7:16:30:80:ef:dc:e5:
68:c2:a9:22:f3:83:f3:74:15:9f:8a:d3:c8:f1:3e:
9f:44:68:69:0a:fe:5d:80:e5:42:8c:9f:35:6d:24:
f8:45:40:9c:3d:cc:7d:cb:e2:0d:6a:57:99:a4:22:
e2:50:ff:4d:33:ab:4b:67:01:8d:2e:fc:77:2e:36:
d8:31:4a:b4:6d:5a:b1:cb:1c:2a:76:57:f1:87:02:
d8:5b:5f:1b:23:31:d9:58:7c:8e:c4:3c:47:17:d7:
e0:83:c6:b3:0b:36:cf:b1:8b:f3:86:97:4b:55:56:
22:e6:d0:28:19:6a:02:af:95:c4:0e:df:73:e3:1b:
fb:4c:43:28:b9:df:4f:5e:f2:be:d4:1e:14:76:50:
2d:9e:e8:f1:d6:dd:a8:27:bc:6d:cb:05:51:64:91:
76:44:13:38:c2:7f:4f:d1:c0:3d:2a:5e:80:70:d2:
ae:8b:9a:92:92:cd:0e:52:48:da:de:c0:fe:56:24:
58:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:45:22:ED:13:71:B0:A8:B0:87:A5:A5:F3:58:EB:85:8B:EB:72:2E
X509v3 Authority Key Identifier:
keyid:F3:AC:E3:CA:FB:9E:26:C1:A6:05:64:F7:0D:2A:CE:B4:57:BF:50:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/86zjyvueJsGmBWT3DSrOtFe_UAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/eb22fa-fba4-47a9-ab53-363e2d6643f2/1/1UUi7RNxsKiwh6Wl81jrhYvrci4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/eb22fa-fba4-47a9-ab53-363e2d6643f2/1/86zjyvueJsGmBWT3DSrOtFe_UAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.250.96.0/19
91.191.0.0/18
185.16.12.0/22
213.196.112.0/20
IPv6:
2a02:17a8::/32
Signature Algorithm: sha256WithRSAEncryption
6f:2a:6f:5a:de:09:e5:cd:91:00:f4:df:4c:08:fe:3e:26:4a:
f1:c0:7c:33:fb:40:75:35:b3:a4:7b:3c:81:29:d3:ba:eb:08:
ed:26:1e:4d:16:5c:11:68:f6:6d:21:f8:4b:0f:4c:c1:43:d0:
9b:16:dc:f3:e3:af:4c:24:b7:71:1a:19:85:2c:a5:cb:07:af:
e4:2a:eb:e4:71:cd:79:10:89:6d:ce:c6:ff:47:38:ac:74:ce:
dd:75:e5:e4:1d:37:ae:55:80:4d:c4:fc:fa:fb:83:75:51:bc:
62:1d:23:63:fa:41:60:a7:e3:b4:fc:ac:41:01:b6:2c:0e:7d:
e0:8f:86:21:67:f5:12:9f:c9:e8:59:f6:1d:4d:92:c1:84:e0:
cb:e1:c0:55:bb:5f:6c:71:d3:d7:ac:5e:fd:4c:b9:a2:40:0f:
91:e7:67:90:d4:fa:e4:41:f1:a9:ac:62:d8:6b:23:e9:b6:c6:
d4:06:2d:ae:38:35:46:08:d1:2f:6d:a9:e3:0d:f8:01:f0:61:
e0:fd:59:7f:8c:59:72:ab:ba:76:4e:56:88:45:4a:2a:ca:78:
9b:8e:fd:8b:93:82:5f:a1:d1:89:31:32:fa:56:80:48:1b:6b:
0c:9f:98:19:33:f0:bc:7d:cb:73:17:a7:79:50:6c:34:f0:61:
e3:4d:f4:bd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzEJLSZ00Rw/rsVMlBqgxLZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYWNlM2NhZmI5ZTI2YzFhNjA1NjRmNzBkMmFjZWI0NTdi
ZjUwMDkwHhcNMjQwMTAxMDgyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQ1MjJlZDEzNzFiMGE4YjA4N2E1YTVmMzU4ZWI4NThiZWI3MjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgtpBJ2IZ0gSt4WVQVboqXx3Q8I+
41sLnSxhd4yUnXNee0TQ3ILjkJLeDzxe8DPjYs1L9u7t3Nf/JsI5cvixxj71uPcW
MIDv3OVowqki84PzdBWfitPI8T6fRGhpCv5dgOVCjJ81bST4RUCcPcx9y+INaleZ
pCLiUP9NM6tLZwGNLvx3LjbYMUq0bVqxyxwqdlfxhwLYW18bIzHZWHyOxDxHF9fg
g8azCzbPsYvzhpdLVVYi5tAoGWoCr5XEDt9z4xv7TEMoud9PXvK+1B4UdlAtnujx
1t2oJ7xtywVRZJF2RBM4wn9P0cA9Kl6AcNKui5qSks0OUkja3sD+ViRY1wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNVFIu0TcbCosIelpfNY64WL63IuMB8GA1UdIwQY
MBaAFPOs48r7nibBpgVk9w0qzrRXv1AJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODZ6anl2dWVKc0dtQldUM0RTck90RmVfVUFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9lYjIyZmEtZmJhNC00N2E5LWFiNTMt
MzYzZTJkNjY0M2YyLzEvMVVVaTdSTnhzS2l3aDZXbDgxanJoWXZyY2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9lYjIyZmEtZmJhNC00N2E5LWFiNTMtMzYzZTJkNjY0M2Yy
LzEvODZ6anl2dWVKc0dtQldUM0RTck90RmVfVUFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFV/pgAwQG
W78AAwQCuRAMAwQE1cRwMA0EAgACMAcDBQAqAheoMA0GCSqGSIb3DQEBCwUAA4IB
AQBvKm9a3gnlzZEA9N9MCP4+JkrxwHwz+0B1NbOkezyBKdO66wjtJh5NFlwRaPZt
IfhLD0zBQ9CbFtzz469MJLdxGhmFLKXLB6/kKuvkcc15EIltzsb/RzisdM7ddeXk
HTeuVYBNxPz6+4N1UbxiHSNj+kFgp+O0/KxBAbYsDn3gj4YhZ/USn8noWfYdTZLB
hODL4cBVu19scdPXrF79TLmiQA+R52eQ1PrkQfGprGLYayPptsbUBi2uODVGCNEv
banjDfgB8GHg/Vl/jFlyq7p2TlaIRUoqynibjv2Lk4JfodGJMTL6VoBIG2sMn5gZ
M/C8fctzF6d5UGw08GHjTfS9
-----END CERTIFICATE-----
Generated at Fri May 24 07:13:54 2024 by rpki-client on console-ams.rpki-client.org