Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/WT6z7jJl9jHN5xZ2wDiI_OKIUY0.roa
File: WT6z7jJl9jHN5xZ2wDiI_OKIUY0.roa (raw, json)
Hash identifier: 1QIEfl+tTAhdG757NK2toYcRtaz/OfPYczaJLZdUqoA=
Subject key identifier: 59:3E:B3:EE:32:65:F6:31:CD:E7:16:76:C0:38:88:FC:E2:88:51:8D
Certificate issuer: /CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Certificate serial: 018F386AD65753592627637F49261D2D9F45
Authority key identifier: A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/WT6z7jJl9jHN5xZ2wDiI_OKIUY0.roa
Signing time: Thu 02 May 2024 08:27:56 +0000
ROA not before: Thu 02 May 2024 08:27:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41704
IP address blocks: 46.191.184.0/21 maxlen: 21
46.191.184.0/23 maxlen: 23
46.191.184.0/24 maxlen: 24
46.191.185.0/24 maxlen: 24
46.191.186.0/23 maxlen: 23
46.191.186.0/24 maxlen: 24
46.191.187.0/24 maxlen: 24
46.191.188.0/23 maxlen: 23
46.191.188.0/24 maxlen: 24
46.191.189.0/24 maxlen: 24
46.191.190.0/23 maxlen: 23
46.191.190.0/24 maxlen: 24
46.191.191.0/24 maxlen: 24
46.191.240.0/20 maxlen: 20
46.191.240.0/22 maxlen: 22
46.191.244.0/22 maxlen: 22
46.191.248.0/22 maxlen: 22
46.191.248.0/24 maxlen: 24
46.191.249.0/24 maxlen: 24
46.191.250.0/24 maxlen: 24
46.191.251.0/24 maxlen: 24
46.191.252.0/22 maxlen: 22
79.140.16.0/20 maxlen: 20
79.140.16.0/22 maxlen: 22
79.140.16.0/24 maxlen: 24
79.140.17.0/24 maxlen: 24
79.140.18.0/24 maxlen: 24
79.140.19.0/24 maxlen: 24
79.140.20.0/22 maxlen: 22
79.140.20.0/23 maxlen: 23
79.140.20.0/24 maxlen: 24
79.140.21.0/24 maxlen: 24
79.140.22.0/24 maxlen: 24
79.140.23.0/24 maxlen: 24
79.140.24.0/22 maxlen: 22
79.140.24.0/24 maxlen: 24
79.140.25.0/24 maxlen: 24
79.140.26.0/24 maxlen: 24
79.140.27.0/24 maxlen: 24
79.140.28.0/22 maxlen: 22
79.140.28.0/24 maxlen: 24
79.140.29.0/24 maxlen: 24
79.140.30.0/24 maxlen: 24
79.140.31.0/24 maxlen: 24
84.39.248.0/22 maxlen: 22
84.39.248.0/24 maxlen: 24
84.39.249.0/24 maxlen: 24
84.39.250.0/24 maxlen: 24
84.39.251.0/24 maxlen: 24
84.39.252.0/22 maxlen: 22
84.39.252.0/24 maxlen: 24
84.39.253.0/24 maxlen: 24
84.39.254.0/24 maxlen: 24
84.39.255.0/24 maxlen: 24
94.41.128.0/20 maxlen: 20
94.41.128.0/22 maxlen: 22
94.41.128.0/24 maxlen: 24
94.41.132.0/22 maxlen: 22
94.41.136.0/22 maxlen: 22
94.41.140.0/22 maxlen: 22
94.41.140.0/24 maxlen: 24
94.41.141.0/24 maxlen: 24
94.41.160.0/19 maxlen: 19
94.41.160.0/21 maxlen: 21
94.41.160.0/22 maxlen: 22
94.41.164.0/22 maxlen: 22
94.41.168.0/22 maxlen: 22
94.41.172.0/22 maxlen: 22
94.41.176.0/22 maxlen: 22
94.41.180.0/22 maxlen: 22
94.41.184.0/22 maxlen: 22
94.41.188.0/22 maxlen: 22
95.105.96.0/19 maxlen: 19
95.105.96.0/22 maxlen: 22
95.105.100.0/22 maxlen: 22
95.105.100.0/23 maxlen: 23
95.105.102.0/23 maxlen: 23
95.105.104.0/22 maxlen: 22
95.105.104.0/24 maxlen: 24
95.105.105.0/24 maxlen: 24
95.105.106.0/23 maxlen: 23
95.105.108.0/22 maxlen: 22
95.105.112.0/22 maxlen: 22
95.105.112.0/24 maxlen: 24
95.105.113.0/24 maxlen: 24
95.105.114.0/24 maxlen: 24
95.105.115.0/24 maxlen: 24
95.105.116.0/22 maxlen: 22
95.105.116.0/24 maxlen: 24
95.105.117.0/24 maxlen: 24
95.105.118.0/24 maxlen: 24
95.105.119.0/24 maxlen: 24
95.105.120.0/22 maxlen: 22
95.105.124.0/22 maxlen: 22
95.105.124.0/24 maxlen: 24
95.105.125.0/24 maxlen: 24
95.105.126.0/24 maxlen: 24
95.105.127.0/24 maxlen: 24
136.169.240.0/20 maxlen: 20
136.169.240.0/22 maxlen: 22
136.169.241.0/24 maxlen: 24
136.169.243.0/24 maxlen: 24
136.169.244.0/22 maxlen: 22
136.169.248.0/22 maxlen: 22
136.169.252.0/22 maxlen: 22
136.169.252.0/24 maxlen: 24
136.169.253.0/24 maxlen: 24
136.169.254.0/24 maxlen: 24
136.169.255.0/24 maxlen: 24
145.255.16.0/21 maxlen: 21
145.255.16.0/22 maxlen: 22
145.255.18.0/24 maxlen: 24
145.255.19.0/24 maxlen: 24
145.255.20.0/22 maxlen: 22
145.255.20.0/24 maxlen: 24
145.255.21.0/24 maxlen: 24
145.255.22.0/24 maxlen: 24
145.255.23.0/24 maxlen: 24
2a02:1c8:7::/48 maxlen: 48
2a02:1c8:700::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:38:6a:d6:57:53:59:26:27:63:7f:49:26:1d:2d:9f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Validity
Not Before: May 2 08:27:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=593eb3ee3265f631cde71676c03888fce288518d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:03:5f:94:1f:c5:f6:43:6b:3c:15:fa:f6:f8:
6a:0d:4b:71:d0:a1:4f:e7:fb:e2:e2:7a:34:3f:e9:
29:2d:7d:e6:dc:50:4e:8c:f7:e5:44:0c:88:fe:1d:
a4:62:9c:7f:ac:e5:2a:71:36:e7:6b:73:be:5e:26:
61:31:37:16:b0:35:69:45:6f:8b:78:46:e3:5c:27:
94:f2:65:c4:d1:a0:1e:db:6d:c8:cb:e4:58:4d:70:
f2:8f:69:ed:3e:97:58:95:f0:bc:53:f5:3c:75:63:
76:a9:a3:42:69:d0:8c:2e:cc:97:0b:ee:23:bf:3a:
fb:5d:e4:77:49:e0:6c:e2:42:28:ec:eb:c1:6b:a5:
fc:5c:d9:f9:08:7c:ff:9c:2b:45:61:23:a2:8a:41:
b4:8d:d3:fb:50:90:24:d1:4e:81:16:b0:cd:1a:58:
61:a8:31:c9:c5:f0:f3:4f:f0:a9:e8:95:2d:ed:4c:
61:50:57:22:f6:19:33:53:7a:56:2d:6c:da:2c:9c:
5d:a2:10:7b:cd:5a:64:3b:36:ef:3b:10:66:ae:ac:
57:05:0d:0e:2a:83:d0:53:59:01:a9:27:c2:f6:87:
12:32:f1:9d:2a:e8:a3:75:d3:8d:b2:c1:3a:de:83:
4b:f9:bc:45:4a:44:5e:bf:db:0e:ac:0c:97:91:44:
df:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:3E:B3:EE:32:65:F6:31:CD:E7:16:76:C0:38:88:FC:E2:88:51:8D
X509v3 Authority Key Identifier:
keyid:A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/WT6z7jJl9jHN5xZ2wDiI_OKIUY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.191.184.0/21
46.191.240.0/20
79.140.16.0/20
84.39.248.0/21
94.41.128.0/20
94.41.160.0/19
95.105.96.0/19
136.169.240.0/20
145.255.16.0/21
IPv6:
2a02:1c8:7::/48
2a02:1c8:700::/40
Signature Algorithm: sha256WithRSAEncryption
a0:79:94:87:a4:c6:5d:d8:2b:26:e6:a1:e1:94:7f:81:28:e0:
d0:0a:2a:00:57:35:9b:27:4e:f8:67:56:7a:fb:ad:32:0d:fe:
2b:7c:e7:05:90:25:1a:03:a8:24:dc:7b:98:f2:8b:d9:c4:ea:
c6:0a:24:8b:d0:34:82:34:a2:24:0f:f5:db:9a:ec:75:98:32:
b3:30:64:ec:b2:59:23:df:94:56:67:7a:43:42:e3:0f:23:9a:
c2:2f:f6:10:1e:68:c0:58:33:32:60:46:26:54:f2:0e:46:a5:
60:a0:52:ba:c5:08:cb:a8:ab:bf:d0:37:22:8a:0c:12:88:05:
92:ad:f6:39:26:6c:21:af:9a:c9:e9:0b:ed:ee:7c:34:b6:5c:
a6:d9:56:63:1e:fc:fa:6c:7a:2a:0e:a1:e6:84:aa:4d:f7:42:
e0:cc:b5:2a:e3:ad:dc:4d:8e:6e:a2:f7:58:1a:7e:52:b2:2e:
f4:6b:75:10:57:c4:47:11:9b:78:a0:dd:ec:79:39:8e:a9:f9:
05:25:5c:ee:97:19:22:c2:5d:6d:7d:aa:77:33:01:88:0c:85:
a0:b5:0c:10:9e:42:85:22:80:ea:7e:1d:91:ca:e8:1b:d6:e3:
c6:0f:e6:d2:61:f7:88:e8:0e:cd:97:c4:e7:8c:1c:6c:cc:c3:
c4:dd:16:dc
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAY84atZXU1kmJ2N/SSYdLZ9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNmQwYWU1ZTJmYmZmY2NlMDg3NzBlYmMyMGMyMTZiOWZi
Zjk0ODUwHhcNMjQwNTAyMDgyNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTNlYjNlZTMyNjVmNjMxY2RlNzE2NzZjMDM4ODhmY2UyODg1MThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqANflB/F9kNrPBX69vhqDUtx0KFP
5/vi4no0P+kpLX3m3FBOjPflRAyI/h2kYpx/rOUqcTbna3O+XiZhMTcWsDVpRW+L
eEbjXCeU8mXE0aAe223Iy+RYTXDyj2ntPpdYlfC8U/U8dWN2qaNCadCMLsyXC+4j
vzr7XeR3SeBs4kIo7OvBa6X8XNn5CHz/nCtFYSOiikG0jdP7UJAk0U6BFrDNGlhh
qDHJxfDzT/Cp6JUt7UxhUFci9hkzU3pWLWzaLJxdohB7zVpkOzbvOxBmrqxXBQ0O
KoPQU1kBqSfC9ocSMvGdKuijddONssE63oNL+bxFSkRev9sOrAyXkUTfUwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFFk+s+4yZfYxzecWdsA4iPziiFGNMB8GA1UdIwQY
MBaAFKNtCuXi+//M4Idw68IMIWufv5SFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAt
Y2JiOTUxODNiMjdhLzEvV1Q2ejdqSmw5akhONXhaMndEaUlfT0tJVVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAtY2JiOTUxODNiMjdh
LzEvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzA8BAIAATA2AwQDLr+4AwQE
Lr/wAwQET4wQAwQDVCf4AwQEXimAAwQFXimgAwQFX2lgAwQEiKnwAwQDkf8QMBcE
AgACMBEDBwAqAgHIAAcDBgAqAgHIBzANBgkqhkiG9w0BAQsFAAOCAQEAoHmUh6TG
XdgrJuah4ZR/gSjg0AoqAFc1mydO+GdWevutMg3+K3znBZAlGgOoJNx7mPKL2cTq
xgoki9A0gjSiJA/125rsdZgyszBk7LJZI9+UVmd6Q0LjDyOawi/2EB5owFgzMmBG
JlTyDkalYKBSusUIy6irv9A3IooMEogFkq32OSZsIa+ayekL7e58NLZcptlWYx78
+mx6Kg6h5oSqTfdC4My1KuOt3E2ObqL3WBp+UrIu9Gt1EFfERxGbeKDd7Hk5jqn5
BSVc7pcZIsJdbX2qdzMBiAyFoLUMEJ5ChSKA6n4dkcroG9bjxg/m0mH3iOgOzZfE
54wcbMzDxN0W3A==
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:37:29 2024 by rpki-client on console-ams.rpki-client.org