Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/itctnU6hiJNNmGb6bGykGTHe7E8.roa
File: itctnU6hiJNNmGb6bGykGTHe7E8.roa (raw, json)
Hash identifier: UZin/u9xZfl4zR4VDdTcbZ1iw+pkK2V1gzAfHb7NSec=
Subject key identifier: 8A:D7:2D:9D:4E:A1:88:93:4D:98:66:FA:6C:6C:A4:19:31:DE:EC:4F
Certificate issuer: /CN=01626ffd800eafa336bdf343141f03f7c393c364
Certificate serial: 018CC5DC8DDAE5E0E131251178061D7F477D
Authority key identifier: 01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/itctnU6hiJNNmGb6bGykGTHe7E8.roa
Signing time: Mon 01 Jan 2024 16:30:14 +0000
ROA not before: Mon 01 Jan 2024 16:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8315
IP address blocks: 162.248.196.0/22 maxlen: 24
185.113.196.0/22 maxlen: 24
94.198.24.0/21 maxlen: 24
185.113.224.0/22 maxlen: 24
5.100.224.0/21 maxlen: 24
213.171.128.0/19 maxlen: 24
213.171.144.0/20 maxlen: 24
79.99.184.0/21 maxlen: 24
185.113.52.0/22 maxlen: 24
89.18.160.0/22 maxlen: 24
89.18.168.0/21 maxlen: 24
162.251.32.0/21 maxlen: 24
89.18.180.0/22 maxlen: 24
185.12.132.0/22 maxlen: 24
178.251.192.0/21 maxlen: 24
176.62.192.0/21 maxlen: 24
213.214.96.0/19 maxlen: 24
83.98.192.0/21 maxlen: 24
194.105.128.0/23 maxlen: 24
83.98.200.0/22 maxlen: 24
83.98.208.0/20 maxlen: 24
213.247.32.0/19 maxlen: 24
91.216.113.0/24 maxlen: 24
83.98.140.0/24 maxlen: 24
193.34.150.0/23 maxlen: 24
91.216.141.0/24 maxlen: 24
185.38.156.0/22 maxlen: 24
85.92.128.0/20 maxlen: 24
85.92.144.0/22 maxlen: 24
91.200.51.0/24 maxlen: 24
91.200.48.0/23 maxlen: 24
85.158.160.0/21 maxlen: 24
134.0.88.0/21 maxlen: 24
89.30.171.0/24 maxlen: 24
213.189.0.0/21 maxlen: 24
185.77.120.0/22 maxlen: 24
194.165.34.0/24 maxlen: 24
217.195.112.0/20 maxlen: 24
185.74.77.0/24 maxlen: 24
185.74.76.0/24 maxlen: 24
89.30.128.0/18 maxlen: 24
83.98.128.0/18 maxlen: 24
89.30.192.0/19 maxlen: 24
213.189.16.0/20 maxlen: 24
85.222.192.0/21 maxlen: 24
89.30.208.0/20 maxlen: 24
89.30.224.0/21 maxlen: 24
185.30.236.0/22 maxlen: 24
2a00:1bd8::/32 maxlen: 48
2a02:2858::/29 maxlen: 48
2a02:20b0::/32 maxlen: 48
2a02:2858:500::/40 maxlen: 48
2a02:2858:400::/40 maxlen: 48
2a02:2858:300::/40 maxlen: 48
2a02:2858:200::/40 maxlen: 48
2001:16f8::/32 maxlen: 48
2a02:20b1::/32 maxlen: 48
2a03:5500::/31 maxlen: 48
2a01:40e0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 May 2024 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:8d:da:e5:e0:e1:31:25:11:78:06:1d:7f:47:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01626ffd800eafa336bdf343141f03f7c393c364
Validity
Not Before: Jan 1 16:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ad72d9d4ea188934d9866fa6c6ca41931deec4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:12:db:9c:6d:a1:4e:ed:b5:20:58:05:cc:3c:
b5:44:c8:d6:4a:8a:32:23:51:27:36:dc:99:22:08:
99:4e:d2:59:6b:6c:8a:66:05:b5:6c:15:1d:f3:a3:
9e:74:5b:10:7b:90:bf:c7:22:9f:9d:74:3a:df:82:
e4:a0:d4:a3:2e:4e:80:1c:07:2b:e1:ab:9a:bd:5b:
b2:07:a8:1b:52:ea:4d:7a:2b:4d:ca:63:5f:f8:75:
1d:62:2f:cb:20:4c:91:42:c1:9e:6a:83:4d:ab:6a:
96:cc:be:df:15:8e:b3:c2:0f:37:12:46:ea:1d:75:
b1:b0:53:72:ab:4d:17:7c:66:0a:07:fb:b2:f0:f8:
8a:42:da:21:4a:14:86:90:6b:37:06:d8:dd:dc:6f:
d8:2f:06:54:46:78:49:bb:40:f7:0a:a9:42:06:50:
25:48:ef:6a:67:23:8d:87:e4:4f:d9:2e:47:96:e0:
1e:f2:0a:4d:83:19:0c:58:79:45:22:bd:a5:43:a2:
c0:f5:2e:1d:a7:4e:3c:6e:49:4e:89:9e:ab:32:8c:
4b:60:ae:a0:94:25:7f:b0:39:19:32:c6:ad:ec:55:
a8:ac:8e:f9:91:5b:7f:4e:3f:1f:7e:7f:a6:83:72:
e2:40:5b:3f:d5:2e:0c:9d:ae:64:e2:ca:8c:c8:16:
f6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D7:2D:9D:4E:A1:88:93:4D:98:66:FA:6C:6C:A4:19:31:DE:EC:4F
X509v3 Authority Key Identifier:
keyid:01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/itctnU6hiJNNmGb6bGykGTHe7E8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.224.0/21
79.99.184.0/21
83.98.128.0-83.98.203.255
83.98.208.0/20
85.92.128.0-85.92.147.255
85.158.160.0/21
85.222.192.0/21
89.18.160.0/22
89.18.168.0/21
89.18.180.0/22
89.30.128.0-89.30.231.255
91.200.48.0/23
91.200.51.0/24
91.216.113.0/24
91.216.141.0/24
94.198.24.0/21
134.0.88.0/21
162.248.196.0/22
162.251.32.0/21
176.62.192.0/21
178.251.192.0/21
185.12.132.0/22
185.30.236.0/22
185.38.156.0/22
185.74.76.0/23
185.77.120.0/22
185.113.52.0/22
185.113.196.0/22
185.113.224.0/22
193.34.150.0/23
194.105.128.0/23
194.165.34.0/24
213.171.128.0/19
213.189.0.0/21
213.189.16.0/20
213.214.96.0/19
213.247.32.0/19
217.195.112.0/20
IPv6:
2001:16f8::/32
2a00:1bd8::/32
2a01:40e0::/32
2a02:20b0::/31
2a02:2858::/29
2a03:5500::/31
Signature Algorithm: sha256WithRSAEncryption
b5:58:33:3d:e4:df:03:3b:e4:23:b0:6e:84:ba:96:17:0a:80:
13:9e:96:b7:c7:06:63:f8:f9:76:a9:57:8a:91:91:61:81:dc:
97:5d:e9:d2:eb:e3:16:88:07:23:e8:21:69:39:b1:8c:fa:0f:
c6:15:dc:c1:eb:8b:26:63:0f:64:21:33:73:85:ca:e4:67:d0:
f8:92:aa:31:ee:6f:04:e7:a7:e0:7b:f2:a7:0c:5f:a0:df:03:
ef:6e:90:ce:b8:83:88:70:d3:12:b8:c5:e3:27:5f:1b:2a:74:
9d:2e:fa:d9:8c:0d:d8:32:0b:70:13:2f:d8:d5:5e:76:fe:2c:
ea:3b:b4:62:4a:1f:fa:18:b1:d3:0a:55:a8:03:8e:d2:7d:dc:
a4:9a:8e:84:9c:6f:e7:24:47:7e:85:95:f6:49:a8:54:45:3f:
6b:d6:8f:a2:c2:20:cf:98:d8:ca:a0:81:1d:00:c0:ad:71:4f:
df:94:85:eb:33:90:9a:a6:d2:9f:38:b3:af:06:7e:89:d2:58:
04:7c:98:f6:82:10:a8:9f:5d:98:57:73:b1:fd:73:ee:2c:e4:
9f:4b:51:e0:bf:80:42:8b:ec:fa:32:8a:1f:09:23:a4:d2:5a:
91:94:9a:73:2e:81:7e:e3:64:f2:78:b0:e3:21:28:c8:12:13:
65:58:33:98
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgISAYzF3I3a5eDhMSUReAYdf0d9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNjI2ZmZkODAwZWFmYTMzNmJkZjM0MzE0MWYwM2Y3YzM5
M2MzNjQwHhcNMjQwMTAxMTYzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWQ3MmQ5ZDRlYTE4ODkzNGQ5ODY2ZmE2YzZjYTQxOTMxZGVlYzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxLbnG2hTu21IFgFzDy1RMjWSooy
I1EnNtyZIgiZTtJZa2yKZgW1bBUd86OedFsQe5C/xyKfnXQ634LkoNSjLk6AHAcr
4auavVuyB6gbUupNeitNymNf+HUdYi/LIEyRQsGeaoNNq2qWzL7fFY6zwg83Ekbq
HXWxsFNyq00XfGYKB/uy8PiKQtohShSGkGs3Btjd3G/YLwZURnhJu0D3CqlCBlAl
SO9qZyONh+RP2S5HluAe8gpNgxkMWHlFIr2lQ6LA9S4dp048bklOiZ6rMoxLYK6g
lCV/sDkZMsat7FWorI75kVt/Tj8ffn+mg3LiQFs/1S4Mna5k4sqMyBb2nwIDAQAB
o4IDOjCCAzYwHQYDVR0OBBYEFIrXLZ1OoYiTTZhm+mxspBkx3uxPMB8GA1UdIwQY
MBaAFAFib/2ADq+jNr3zQxQfA/fDk8NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODct
MWY0YmVhMjNlNGM3LzEvaXRjdG5VNmhpSk5ObUdiNmJHeWtHVEhlN0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODctMWY0YmVhMjNlNGM3
LzEvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTgYIKwYBBQUHAQcBAf8EggE9MIIBOTCCAQMEAgABMIH8
AwQDBWTgAwQDT2O4MAwDBAdTYoADBAJTYsgDBARTYtAwDAMEB1VcgAMEAlVckAME
A1WeoAMEA1XewAMEAlkSoAMEA1kSqAMEAlkStDAMAwQHWR6AAwQDWR7gAwQBW8gw
AwQAW8gzAwQAW9hxAwQAW9iNAwQDXsYYAwQDhgBYAwQCovjEAwQDovsgAwQDsD7A
AwQDsvvAAwQCuQyEAwQCuR7sAwQCuSacAwQBuUpMAwQCuU14AwQCuXE0AwQCuXHE
AwQCuXHgAwQBwSKWAwQBwmmAAwQAwqUiAwQF1auAAwQD1b0AAwQE1b0QAwQF1dZg
AwQF1fcgAwQE2cNwMDAEAgACMCoDBQAgARb4AwUAKgAb2AMFACoBQOADBQEqAiCw
AwUDKgIoWAMFASoDVQAwDQYJKoZIhvcNAQELBQADggEBALVYMz3k3wM75COwboS6
lhcKgBOelrfHBmP4+XapV4qRkWGB3Jdd6dLr4xaIByPoIWk5sYz6D8YV3MHriyZj
D2QhM3OFyuRn0PiSqjHubwTnp+B78qcMX6DfA+9ukM64g4hw0xK4xeMnXxsqdJ0u
+tmMDdgyC3ATL9jVXnb+LOo7tGJKH/oYsdMKVagDjtJ93KSajoScb+ckR36FlfZJ
qFRFP2vWj6LCIM+Y2MqggR0AwK1xT9+UheszkJqm0p84s68GfonSWAR8mPaCEKif
XZhXc7H9c+4s5J9LUeC/gEKL7Poyih8JI6TSWpGUmnMugX7jZPJ4sOMhKMgSE2VY
M5g=
-----END CERTIFICATE-----
Generated at Sun May 26 17:23:28 2024 by rpki-client on console-fra.rpki-client.org