Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/ldgQZcisrklUJUQCJKOsGlha0fA.roa
File: ldgQZcisrklUJUQCJKOsGlha0fA.roa (raw, json)
Hash identifier: qJgpQaTKP7S/V0O+6cGJdrA/bz73j7/Nho48ZsP96T4=
Subject key identifier: 95:D8:10:65:C8:AC:AE:49:54:25:44:02:24:A3:AC:1A:58:5A:D1:F0
Certificate issuer: /CN=ab91d5262561a9dd713dfa39163dec849fee4636
Certificate serial: 018CC3B732A855BFBAA9B67A85B600BF058E
Authority key identifier: AB:91:D5:26:25:61:A9:DD:71:3D:FA:39:16:3D:EC:84:9F:EE:46:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/ldgQZcisrklUJUQCJKOsGlha0fA.roa
Signing time: Mon 01 Jan 2024 06:30:12 +0000
ROA not before: Mon 01 Jan 2024 06:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2119
IP address blocks: 195.134.32.0/19 maxlen: 19
77.16.0.0/14 maxlen: 14
80.212.0.0/15 maxlen: 15
134.47.0.0/16 maxlen: 16
2.148.0.0/14 maxlen: 14
193.212.0.0/14 maxlen: 14
84.202.0.0/16 maxlen: 16
87.252.64.0/19 maxlen: 19
130.67.0.0/16 maxlen: 16
62.16.128.0/17 maxlen: 17
46.66.0.0/15 maxlen: 15
82.116.64.0/19 maxlen: 19
148.123.0.0/16 maxlen: 16
82.164.0.0/16 maxlen: 16
85.164.0.0/14 maxlen: 14
193.160.192.0/22 maxlen: 22
193.160.196.0/22 maxlen: 22
84.53.0.0/18 maxlen: 18
193.160.200.0/22 maxlen: 22
194.248.0.0/16 maxlen: 16
148.120.0.0/15 maxlen: 15
212.251.128.0/17 maxlen: 17
46.9.0.0/16 maxlen: 16
62.92.0.0/16 maxlen: 16
46.156.0.0/15 maxlen: 15
31.45.0.0/17 maxlen: 17
62.128.224.0/19 maxlen: 19
176.75.0.0/16 maxlen: 16
144.193.0.0/16 maxlen: 16
194.143.0.0/17 maxlen: 17
62.102.160.0/19 maxlen: 19
37.200.0.0/18 maxlen: 18
185.4.172.0/22 maxlen: 22
146.172.0.0/16 maxlen: 16
83.108.0.0/15 maxlen: 15
95.34.0.0/16 maxlen: 16
217.148.144.0/20 maxlen: 20
62.249.160.0/19 maxlen: 19
217.199.32.0/19 maxlen: 19
37.253.0.0/16 maxlen: 16
109.189.0.0/16 maxlen: 16
148.118.0.0/15 maxlen: 15
88.88.0.0/13 maxlen: 13
212.17.128.0/19 maxlen: 19
148.122.0.0/16 maxlen: 16
212.4.32.0/19 maxlen: 19
213.142.64.0/19 maxlen: 19
62.209.64.0/18 maxlen: 18
109.179.0.0/16 maxlen: 16
78.158.224.0/19 maxlen: 19
2a02:a38::/32 maxlen: 32
2a02:2120::/30 maxlen: 30
2001:4600::/24 maxlen: 24
2001:67c:19e4::/48 maxlen: 48
2a02:2640::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 12:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:32:a8:55:bf:ba:a9:b6:7a:85:b6:00:bf:05:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab91d5262561a9dd713dfa39163dec849fee4636
Validity
Not Before: Jan 1 06:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95d81065c8acae495425440224a3ac1a585ad1f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:02:70:fc:4b:20:6a:bd:bf:ab:d4:d0:b3:09:
b0:2f:3b:a3:99:5c:a1:7f:b9:d7:0c:2c:2f:6d:4d:
6c:6e:5c:78:5e:79:e2:3b:59:f7:0c:f7:f1:2b:54:
cd:42:91:5e:c5:a2:67:0a:25:89:e7:bb:a1:c4:74:
ef:7b:67:c6:9b:23:71:81:c4:be:34:7b:7f:91:28:
95:03:41:19:86:87:3e:a5:24:0f:28:ac:ac:e5:c5:
33:61:68:49:9f:c3:4c:1b:d5:dd:63:db:a7:4b:76:
1b:a0:a2:b8:0c:36:6d:76:e5:37:28:db:1d:ed:36:
77:94:83:20:89:2a:3a:a2:5b:23:40:1d:cf:01:27:
54:f2:9b:8b:8e:3f:e6:79:89:89:9b:09:32:c2:94:
1a:15:64:fd:aa:1d:ad:27:8f:d9:86:5b:49:b6:3e:
d9:37:1a:45:b0:32:ca:41:41:0f:11:17:ce:22:fd:
1c:e8:48:44:d6:5a:f7:28:1b:d3:3a:2b:d6:d3:b1:
53:3c:e4:29:a6:31:0e:08:32:28:97:a9:54:5c:9d:
7e:60:88:42:8c:d3:a5:d7:de:8c:26:40:74:ee:d9:
c7:d9:f6:99:52:a0:22:17:85:4e:7f:be:59:0e:28:
16:82:1b:7a:de:5e:08:7b:43:44:1a:d0:8e:3a:1e:
55:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:D8:10:65:C8:AC:AE:49:54:25:44:02:24:A3:AC:1A:58:5A:D1:F0
X509v3 Authority Key Identifier:
keyid:AB:91:D5:26:25:61:A9:DD:71:3D:FA:39:16:3D:EC:84:9F:EE:46:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/ldgQZcisrklUJUQCJKOsGlha0fA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.148.0.0/14
31.45.0.0/17
37.200.0.0/18
37.253.0.0/16
46.9.0.0/16
46.66.0.0/15
46.156.0.0/15
62.16.128.0/17
62.92.0.0/16
62.102.160.0/19
62.128.224.0/19
62.209.64.0/18
62.249.160.0/19
77.16.0.0/14
78.158.224.0/19
80.212.0.0/15
82.116.64.0/19
82.164.0.0/16
83.108.0.0/15
84.53.0.0/18
84.202.0.0/16
85.164.0.0/14
87.252.64.0/19
88.88.0.0/13
95.34.0.0/16
109.179.0.0/16
109.189.0.0/16
130.67.0.0/16
134.47.0.0/16
144.193.0.0/16
146.172.0.0/16
148.118.0.0-148.123.255.255
176.75.0.0/16
185.4.172.0/22
193.160.192.0-193.160.203.255
193.212.0.0/14
194.143.0.0/17
194.248.0.0/16
195.134.32.0/19
212.4.32.0/19
212.17.128.0/19
212.251.128.0/17
213.142.64.0/19
217.148.144.0/20
217.199.32.0/19
IPv6:
2001:67c:19e4::/48
2001:4600::/24
2a02:a38::/32
2a02:2120::/30
2a02:2640::/32
Signature Algorithm: sha256WithRSAEncryption
54:af:12:93:d3:9f:0c:c5:1c:6e:1a:af:13:53:e4:6a:7b:b5:
d8:52:59:b1:7a:fd:28:5a:eb:62:63:a5:d7:7c:60:64:a7:b4:
ee:e9:0d:4d:d9:df:67:a5:14:12:e1:6d:f6:bb:f7:8c:21:6b:
ac:b7:3f:b4:14:32:8c:bd:b9:eb:60:a8:c2:b5:55:cc:0a:7c:
f3:95:19:d9:4b:10:ad:6c:3b:ac:5a:da:34:56:16:83:86:9a:
ed:cb:17:22:33:2d:f8:7a:0c:35:fe:e5:43:79:a0:e7:46:49:
5d:1d:e5:fd:81:f4:33:c2:5c:70:2a:ab:22:b8:54:49:09:da:
a2:80:80:e7:5c:97:11:e1:37:6a:23:89:bd:c6:0e:c9:94:1d:
f7:84:89:9f:03:ce:af:5c:fb:59:17:7b:e1:70:42:5e:0d:f2:
8c:d4:24:c8:02:a0:d6:da:7d:a6:82:1b:96:dd:4b:67:55:fd:
9e:93:f7:81:f7:37:74:91:1e:fa:05:02:a7:49:69:40:2a:e6:
5a:8b:77:69:8c:05:34:91:4b:38:a3:b2:bd:0e:94:14:ed:bf:
ce:5d:cf:f0:ca:4d:9b:db:2c:b4:ac:2c:c5:f9:c7:f2:eb:85:
4c:a9:23:9c:6b:7f:30:f6:62:7c:12:7b:26:c1:d9:ea:d9:b3:
55:b8:36:f9
-----BEGIN CERTIFICATE-----
MIIGMjCCBRqgAwIBAgISAYzDtzKoVb+6qbZ6hbYAvwWOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOTFkNTI2MjU2MWE5ZGQ3MTNkZmEzOTE2M2RlYzg0OWZl
ZTQ2MzYwHhcNMjQwMTAxMDYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWQ4MTA2NWM4YWNhZTQ5NTQyNTQ0MDIyNGEzYWMxYTU4NWFkMWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwJw/Esgar2/q9TQswmwLzujmVyh
f7nXDCwvbU1sblx4XnniO1n3DPfxK1TNQpFexaJnCiWJ57uhxHTve2fGmyNxgcS+
NHt/kSiVA0EZhoc+pSQPKKys5cUzYWhJn8NMG9XdY9unS3YboKK4DDZtduU3KNsd
7TZ3lIMgiSo6olsjQB3PASdU8puLjj/meYmJmwkywpQaFWT9qh2tJ4/ZhltJtj7Z
NxpFsDLKQUEPERfOIv0c6EhE1lr3KBvTOivW07FTPOQppjEOCDIol6lUXJ1+YIhC
jNOl196MJkB07tnH2faZUqAiF4VOf75ZDigWght63l4Ie0NEGtCOOh5VNwIDAQAB
o4IDPjCCAzowHQYDVR0OBBYEFJXYEGXIrK5JVCVEAiSjrBpYWtHwMB8GA1UdIwQY
MBaAFKuR1SYlYandcT36ORY97ISf7kY2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTVIVkppVmhxZDF4UGZvNUZqM3NoSl91UmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85MWU4ODItYmE4YS00NGM1LTliMGQt
Mjc1MjQyYWE2Nzc1LzEvbGRnUVpjaXNya2xVSlVRQ0pLT3NHbGhhMGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85MWU4ODItYmE4YS00NGM1LTliMGQtMjc1MjQyYWE2Nzc1
LzEvcTVIVkppVmhxZDF4UGZvNUZqM3NoSl91UmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUgYIKwYBBQUHAQcBAf8EggFBMIIBPTCCAQ0EAgABMIIB
BQMDAgKUAwQHHy0AAwQGJcgAAwMAJf0DAwAuCQMDAS5CAwMBLpwDBAc+EIADAwA+
XAMEBT5moAMEBT6A4AMEBj7RQAMEBT75oAMDAk0QAwQFTp7gAwMBUNQDBAVSdEAD
AwBSpAMDAVNsAwQGVDUAAwMAVMoDAwJVpAMEBVf8QAMDA1hYAwMAXyIDAwBtswMD
AG29AwMAgkMDAwCGLwMDAJDBAwMAkqwwCgMDAZR2AwMClHgDAwCwSwMEArkErDAM
AwQGwaDAAwQCwaDIAwMCwdQDBAfCjwADAwDC+AMEBcOGIAMEBdQEIAMEBdQRgAME
B9T7gAMEBdWOQAMEBNmUkAMEBdnHIDAqBAIAAjAkAwcAIAEGfBnkAwQAIAFGAwUA
KgIKOAMFAioCISADBQAqAiZAMA0GCSqGSIb3DQEBCwUAA4IBAQBUrxKT058MxRxu
Gq8TU+Rqe7XYUlmxev0oWutiY6XXfGBkp7Tu6Q1N2d9npRQS4W32u/eMIWustz+0
FDKMvbnrYKjCtVXMCnzzlRnZSxCtbDusWto0VhaDhprtyxciMy34egw1/uVDeaDn
RkldHeX9gfQzwlxwKqsiuFRJCdqigIDnXJcR4TdqI4m9xg7JlB33hImfA86vXPtZ
F3vhcEJeDfKM1CTIAqDW2n2mghuW3UtnVf2ek/eB9zd0kR76BQKnSWlAKuZai3dp
jAU0kUs4o7K9DpQU7b/OXc/wyk2b2yy0rCzF+cfy64VMqSOca38w9mJ8Ensmwdnq
2bNVuDb5
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:39:48 2024 by rpki-client on console-ams.rpki-client.org