Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/vlsxiNH70HlgXiA9qp15iO5WPJI.roa
File: vlsxiNH70HlgXiA9qp15iO5WPJI.roa (raw, json)
Hash identifier: cBqNzeEBFpRFeIovUiKnzOuuDaZGty5hFU0URT/TwJQ=
Subject key identifier: BE:5B:31:88:D1:FB:D0:79:60:5E:20:3D:AA:9D:79:88:EE:56:3C:92
Certificate issuer: /CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Certificate serial: 01921B9F797261B4801D4D05809EFF5E61EF
Authority key identifier: 42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/vlsxiNH70HlgXiA9qp15iO5WPJI.roa
Signing time: Sun 22 Sep 2024 21:24:48 +0000
ROA not before: Sun 22 Sep 2024 21:24:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29256
IP address blocks: 5.0.0.0/19 maxlen: 19
5.0.32.0/19 maxlen: 19
5.0.32.0/21 maxlen: 21
5.0.40.0/21 maxlen: 21
5.0.48.0/21 maxlen: 21
5.0.56.0/21 maxlen: 21
5.0.64.0/18 maxlen: 18
5.0.128.0/19 maxlen: 19
5.0.128.0/21 maxlen: 21
5.0.136.0/21 maxlen: 21
5.0.144.0/21 maxlen: 21
5.0.152.0/21 maxlen: 21
5.0.160.0/19 maxlen: 19
5.0.160.0/21 maxlen: 21
5.0.168.0/21 maxlen: 21
5.0.176.0/21 maxlen: 21
5.0.184.0/21 maxlen: 21
5.0.192.0/18 maxlen: 18
5.155.0.0/19 maxlen: 19
5.155.0.0/21 maxlen: 21
5.155.8.0/21 maxlen: 21
5.155.16.0/21 maxlen: 21
5.155.24.0/21 maxlen: 21
5.155.32.0/19 maxlen: 19
5.155.64.0/19 maxlen: 19
5.155.96.0/19 maxlen: 19
5.155.128.0/19 maxlen: 19
5.155.128.0/21 maxlen: 21
5.155.136.0/21 maxlen: 21
5.155.144.0/21 maxlen: 21
5.155.152.0/21 maxlen: 21
5.155.160.0/19 maxlen: 19
5.155.160.0/21 maxlen: 21
5.155.168.0/21 maxlen: 21
5.155.176.0/21 maxlen: 21
5.155.184.0/21 maxlen: 21
5.155.192.0/19 maxlen: 19
5.155.224.0/19 maxlen: 19
31.9.48.0/22 maxlen: 22
31.9.56.0/21 maxlen: 21
31.9.64.0/20 maxlen: 20
31.9.80.0/20 maxlen: 20
31.9.96.0/19 maxlen: 19
31.9.128.0/20 maxlen: 20
31.9.144.0/20 maxlen: 20
31.9.160.0/19 maxlen: 19
31.9.192.0/19 maxlen: 19
31.9.224.0/19 maxlen: 19
46.40.128.0/18 maxlen: 18
80.70.120.0/21 maxlen: 21
82.100.128.0/19 maxlen: 19
82.137.192.0/20 maxlen: 20
82.137.208.0/20 maxlen: 20
82.137.224.0/20 maxlen: 20
82.137.240.0/24 maxlen: 24
82.137.242.0/24 maxlen: 24
82.137.243.0/24 maxlen: 24
82.137.244.0/23 maxlen: 23
82.137.246.0/23 maxlen: 23
82.137.248.0/24 maxlen: 24
82.137.249.0/24 maxlen: 24
82.137.250.0/24 maxlen: 24
82.137.251.0/24 maxlen: 24
82.137.252.0/24 maxlen: 24
82.137.253.0/24 maxlen: 24
82.137.254.0/24 maxlen: 24
82.137.255.0/24 maxlen: 24
91.144.0.0/20 maxlen: 20
91.144.16.0/20 maxlen: 20
91.144.32.0/20 maxlen: 20
94.47.0.0/19 maxlen: 19
94.47.0.0/21 maxlen: 21
94.47.8.0/21 maxlen: 21
94.47.16.0/21 maxlen: 21
94.47.24.0/21 maxlen: 21
94.47.32.0/19 maxlen: 19
94.47.32.0/21 maxlen: 21
94.47.40.0/21 maxlen: 21
94.47.48.0/21 maxlen: 21
94.47.56.0/21 maxlen: 21
94.47.64.0/19 maxlen: 19
94.47.96.0/19 maxlen: 19
94.47.128.0/20 maxlen: 20
94.47.144.0/20 maxlen: 20
94.47.160.0/19 maxlen: 19
94.47.160.0/21 maxlen: 21
94.47.168.0/21 maxlen: 21
94.47.176.0/21 maxlen: 21
94.47.184.0/21 maxlen: 21
94.47.192.0/18 maxlen: 18
178.253.64.0/19 maxlen: 19
178.253.96.0/23 maxlen: 23
178.253.98.0/24 maxlen: 24
178.253.99.0/24 maxlen: 24
178.253.100.0/23 maxlen: 23
178.253.102.0/24 maxlen: 24
178.253.103.0/24 maxlen: 24
178.253.104.0/22 maxlen: 22
178.253.108.0/23 maxlen: 23
178.253.110.0/23 maxlen: 23
178.253.112.0/22 maxlen: 22
185.92.88.0/22 maxlen: 22
185.99.100.0/22 maxlen: 22
185.109.212.0/22 maxlen: 22
188.133.0.0/20 maxlen: 20
188.133.16.0/20 maxlen: 20
188.133.32.0/19 maxlen: 19
188.133.64.0/19 maxlen: 19
188.133.96.0/19 maxlen: 19
193.124.10.0/23 maxlen: 23
193.124.12.0/23 maxlen: 23
193.124.26.0/23 maxlen: 23
193.124.28.0/23 maxlen: 23
193.124.38.0/23 maxlen: 23
193.124.52.0/23 maxlen: 23
193.124.62.0/23 maxlen: 23
193.124.68.0/23 maxlen: 23
193.124.86.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.mft
rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 13:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1b:9f:79:72:61:b4:80:1d:4d:05:80:9e:ff:5e:61:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Validity
Not Before: Sep 22 21:24:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be5b3188d1fbd079605e203daa9d7988ee563c92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:90:52:73:79:ff:67:70:10:21:aa:08:a4:33:
89:f2:38:b7:53:fb:f2:f2:cf:ce:7b:e9:6e:72:6f:
8f:0b:6a:9a:ec:e8:4a:eb:fd:dd:c4:b3:2b:95:c5:
b6:68:6d:f2:de:cb:28:6e:a9:f1:76:d8:d3:ae:61:
e5:59:0f:70:27:46:20:45:8b:ae:d7:de:ca:aa:b8:
1b:b7:18:f2:49:54:24:e7:b1:4a:af:ec:21:fb:00:
fc:bc:13:9f:1a:5a:13:97:5d:52:e5:ff:73:68:e0:
99:69:4b:dd:5c:a0:86:c8:81:24:be:da:63:ba:c1:
55:52:c3:8f:85:50:e2:d3:61:7f:c4:c7:27:e9:35:
34:b3:33:0e:74:8f:9c:17:c7:37:a6:e4:d7:fe:b3:
fa:4b:15:b7:2d:01:5e:dd:c1:3d:d0:1d:31:af:a7:
39:f0:e9:78:90:84:99:29:d7:43:e4:02:86:c0:8f:
17:09:68:67:62:22:bc:19:99:51:a2:b3:b4:d1:c0:
26:c4:c9:8a:d1:a3:fb:ca:75:5e:85:06:11:22:26:
ae:8c:f8:71:06:02:ad:4b:fd:2d:1e:c5:a0:ea:a2:
49:b8:73:26:5a:70:cd:c1:5b:32:e8:1e:b6:e8:27:
df:fc:9d:f6:81:6f:da:73:02:38:11:4c:d7:d9:e0:
cf:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:5B:31:88:D1:FB:D0:79:60:5E:20:3D:AA:9D:79:88:EE:56:3C:92
X509v3 Authority Key Identifier:
keyid:42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/vlsxiNH70HlgXiA9qp15iO5WPJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.0.0.0/16
5.155.0.0/16
31.9.48.0/22
31.9.56.0-31.9.255.255
46.40.128.0/18
80.70.120.0/21
82.100.128.0/19
82.137.192.0-82.137.240.255
82.137.242.0-82.137.255.255
91.144.0.0-91.144.47.255
94.47.0.0/16
178.253.64.0-178.253.115.255
185.92.88.0/22
185.99.100.0/22
185.109.212.0/22
188.133.0.0/17
193.124.10.0-193.124.13.255
193.124.26.0-193.124.29.255
193.124.38.0/23
193.124.52.0/23
193.124.62.0/23
193.124.68.0/23
193.124.86.0/23
Signature Algorithm: sha256WithRSAEncryption
23:63:4a:82:ad:03:3a:c2:d0:83:3b:47:c1:90:55:be:2d:ea:
9d:53:9e:24:1c:18:4c:0c:f9:85:a4:73:91:0a:29:ba:1f:4d:
38:03:53:2c:7f:a5:49:7b:e6:55:a8:88:fa:44:b2:da:b2:32:
3d:a7:06:92:bc:cd:e5:bd:50:9a:be:b9:0f:fe:af:a6:e6:46:
31:83:fe:79:d5:35:8a:f7:90:51:ab:9f:3a:a1:b6:0a:57:12:
40:69:a0:88:6f:ef:85:21:0c:b0:9c:18:fe:06:59:8a:36:5e:
42:4a:97:8d:94:5e:b3:ce:d0:ea:c4:c1:a2:4c:f0:e7:81:12:
b0:ee:6b:a2:bf:76:38:5f:f9:f7:e2:08:c1:ef:29:04:3f:40:
b8:a6:08:f5:54:5b:a9:19:09:20:26:3b:16:52:6d:ee:f8:56:
39:c4:01:72:48:75:bd:10:e3:fb:4b:86:6e:4f:02:01:aa:7a:
8f:db:3e:1e:b7:f9:70:46:56:40:e8:4e:f3:24:94:cb:10:58:
2c:cd:22:87:35:30:76:ce:11:ce:d9:bb:48:1a:d6:8a:3c:48:
d1:53:ff:9d:e7:31:c5:6e:a8:4e:2f:89:28:26:62:87:1a:c5:
d7:2e:99:13:08:64:27:5c:1c:ac:32:9b:81:e9:8f:41:35:b2:
7e:78:4f:fd
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAZIbn3lyYbSAHU0FgJ7/XmHvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyODM2OTY3MTZkYmNjMzYwYjlhNjJlZjdkODRiNGQyOGY5
NThiZGQwHhcNMjQwOTIyMjEyNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTViMzE4OGQxZmJkMDc5NjA1ZTIwM2RhYTlkNzk4OGVlNTYzYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpBSc3n/Z3AQIaoIpDOJ8ji3U/vy
8s/Oe+lucm+PC2qa7OhK6/3dxLMrlcW2aG3y3ssobqnxdtjTrmHlWQ9wJ0YgRYuu
197KqrgbtxjySVQk57FKr+wh+wD8vBOfGloTl11S5f9zaOCZaUvdXKCGyIEkvtpj
usFVUsOPhVDi02F/xMcn6TU0szMOdI+cF8c3puTX/rP6SxW3LQFe3cE90B0xr6c5
8Ol4kISZKddD5AKGwI8XCWhnYiK8GZlRorO00cAmxMmK0aP7ynVehQYRIiaujPhx
BgKtS/0tHsWg6qJJuHMmWnDNwVsy6B626Cff/J32gW/acwI4EUzX2eDPQQIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFL5bMYjR+9B5YF4gPaqdeYjuVjySMB8GA1UdIwQY
MBaAFEKDaWcW28w2C5pi732EtNKPlYvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAt
OTI0MGQ5Zjc1YWU2LzEvdmxzeGlOSDcwSGxnWGlBOXFwMTVpTzVXUEpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAtOTI0MGQ5Zjc1YWU2
LzEvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDAwAF
AAMDAAWbAwQCHwkwMAsDBAMfCTgDAwEfCAMEBi4ogAMEA1BGeAMEBVJkgDAMAwQG
UonAAwQAUonwMAsDBAFSifIDAwFSiDALAwMEW5ADBARbkCADAwBeLzAMAwQGsv1A
AwQCsv1wAwQCuVxYAwQCuWNkAwQCuW3UAwQHvIUAMAwDBAHBfAoDBAHBfAwwDAME
AcF8GgMEAcF8HAMEAcF8JgMEAcF8NAMEAcF8PgMEAcF8RAMEAcF8VjANBgkqhkiG
9w0BAQsFAAOCAQEAI2NKgq0DOsLQgztHwZBVvi3qnVOeJBwYTAz5haRzkQopuh9N
OANTLH+lSXvmVaiI+kSy2rIyPacGkrzN5b1Qmr65D/6vpuZGMYP+edU1iveQUauf
OqG2ClcSQGmgiG/vhSEMsJwY/gZZijZeQkqXjZRes87Q6sTBokzw54ESsO5ror92
OF/59+IIwe8pBD9AuKYI9VRbqRkJICY7FlJt7vhWOcQBckh1vRDj+0uGbk8CAap6
j9s+Hrf5cEZWQOhO8ySUyxBYLM0ihzUwds4Rztm7SBrWijxI0VP/necxxW6oTi+J
KCZihxrF1y6ZEwhkJ1wcrDKbgemPQTWyfnhP/Q==
-----END CERTIFICATE-----
Generated at Fri Sep 27 22:15:48 2024 by rpki-client on console-ams.rpki-client.org