Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/LmGToeEBX_SIbYOWCv1Hlpnv_Ss.roa
File: LmGToeEBX_SIbYOWCv1Hlpnv_Ss.roa (raw, json)
Hash identifier: zWhBc5b9fYPzFQKPNB+tnQDinlLhE7/5aivzx/I5CYo=
Subject key identifier: 2E:61:93:A1:E1:01:5F:F4:88:6D:83:96:0A:FD:47:96:99:EF:FD:2B
Certificate issuer: /CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Certificate serial: 01925236FFDE377A0FF91D9D4EC23C4DE3FE
Authority key identifier: 99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/LmGToeEBX_SIbYOWCv1Hlpnv_Ss.roa
Signing time: Thu 03 Oct 2024 11:49:48 +0000
ROA not before: Thu 03 Oct 2024 11:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6848
IP address blocks: 5.23.128.0/17 maxlen: 17
46.253.160.0/20 maxlen: 20
62.205.64.0/18 maxlen: 18
78.20.0.0/14 maxlen: 14
78.29.192.0/18 maxlen: 18
81.82.0.0/15 maxlen: 15
81.164.0.0/15 maxlen: 15
82.143.64.0/18 maxlen: 18
82.210.64.0/19 maxlen: 19
83.217.128.0/19 maxlen: 19
84.192.0.0/13 maxlen: 13
85.28.64.0/18 maxlen: 18
85.255.193.0/24 maxlen: 24
85.255.195.0/24 maxlen: 24
85.255.197.0/24 maxlen: 24
85.255.200.0/24 maxlen: 24
85.255.201.0/24 maxlen: 24
85.255.205.0/24 maxlen: 24
85.255.207.0/24 maxlen: 24
94.72.64.0/19 maxlen: 19
94.224.0.0/14 maxlen: 14
141.134.0.0/15 maxlen: 15
157.173.128.0/18 maxlen: 18
178.116.0.0/14 maxlen: 14
185.23.244.0/22 maxlen: 22
185.30.52.0/22 maxlen: 22
185.248.40.0/22 maxlen: 22
188.44.64.0/19 maxlen: 19
188.95.146.0/23 maxlen: 23
188.188.0.0/15 maxlen: 15
195.16.0.0/19 maxlen: 19
195.130.128.0/19 maxlen: 19
195.162.192.0/19 maxlen: 19
212.76.224.0/19 maxlen: 19
212.88.224.0/19 maxlen: 19
212.123.0.0/19 maxlen: 19
213.118.0.0/15 maxlen: 15
213.132.128.0/19 maxlen: 19
213.214.32.0/19 maxlen: 19
213.224.0.0/16 maxlen: 16
213.251.64.0/18 maxlen: 18
217.72.224.0/20 maxlen: 20
217.168.120.0/21 maxlen: 21
2a00:1cf8::/32 maxlen: 32
2a02:1800::/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:52:36:ff:de:37:7a:0f:f9:1d:9d:4e:c2:3c:4d:e3:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Validity
Not Before: Oct 3 11:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e6193a1e1015ff4886d83960afd479699effd2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:33:7a:e5:c9:10:fd:f9:f2:32:1a:33:f0:f7:
43:b0:5d:6e:30:59:94:e6:0a:f5:ac:60:df:c1:db:
aa:71:eb:d6:bc:16:09:c7:4c:c7:dc:a5:8f:d7:ee:
81:eb:4a:ce:aa:d3:63:5f:87:09:9d:3a:2e:2e:cc:
01:10:2d:09:2e:ce:03:ff:79:95:bc:46:f3:81:48:
b3:a7:96:f3:29:c6:55:c6:ed:3e:81:70:45:ef:94:
a5:3c:f1:59:8c:aa:c2:91:20:8e:d8:87:35:7d:94:
d4:f5:78:b2:e0:19:56:a0:97:55:b8:49:ba:51:39:
64:37:4e:e7:47:fd:6d:db:18:e7:17:fc:e1:44:d5:
e7:e7:7f:c0:c2:88:a6:44:e4:84:4d:50:aa:26:6d:
9f:1e:14:36:18:f9:49:69:b0:a4:5c:2d:10:2e:9e:
95:1a:3b:50:18:ad:2b:76:e0:17:fa:f2:3e:a4:43:
d6:97:70:45:2f:1a:5e:25:ab:d9:ef:24:73:25:e5:
ff:ad:3f:75:31:da:0f:c1:ce:c5:9b:e6:87:00:69:
5f:7a:cc:0d:59:84:fb:a6:05:3e:07:00:2a:89:31:
fc:62:69:47:b6:36:1f:d6:78:3d:f3:f3:9b:85:fe:
f8:08:2c:ab:1d:34:bb:0a:2f:38:76:26:78:c8:59:
d5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:61:93:A1:E1:01:5F:F4:88:6D:83:96:0A:FD:47:96:99:EF:FD:2B
X509v3 Authority Key Identifier:
keyid:99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/LmGToeEBX_SIbYOWCv1Hlpnv_Ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.128.0/17
46.253.160.0/20
62.205.64.0/18
78.20.0.0/14
78.29.192.0/18
81.82.0.0/15
81.164.0.0/15
82.143.64.0/18
82.210.64.0/19
83.217.128.0/19
84.192.0.0/13
85.28.64.0/18
85.255.193.0/24
85.255.195.0/24
85.255.197.0/24
85.255.200.0/23
85.255.205.0/24
85.255.207.0/24
94.72.64.0/19
94.224.0.0/14
141.134.0.0/15
157.173.128.0/18
178.116.0.0/14
185.23.244.0/22
185.30.52.0/22
185.248.40.0/22
188.44.64.0/19
188.95.146.0/23
188.188.0.0/15
195.16.0.0/19
195.130.128.0/19
195.162.192.0/19
212.76.224.0/19
212.88.224.0/19
212.123.0.0/19
213.118.0.0/15
213.132.128.0/19
213.214.32.0/19
213.224.0.0/16
213.251.64.0/18
217.72.224.0/20
217.168.120.0/21
IPv6:
2a00:1cf8::/32
2a02:1800::/24
Signature Algorithm: sha256WithRSAEncryption
bc:98:32:4a:22:94:fb:df:33:c8:12:9d:32:60:8e:32:09:93:
ab:e9:aa:69:45:25:4d:a2:21:a8:87:d1:87:6c:6f:87:ab:4a:
9e:a2:ff:05:62:cb:be:50:76:f1:e7:34:03:84:7b:35:18:b3:
8d:71:c8:34:a9:33:e5:41:5e:6d:21:c1:6b:b1:6d:91:64:22:
65:cb:36:23:e1:1e:57:76:d6:04:8a:9a:40:7e:54:37:56:40:
db:53:4b:0c:1c:c3:6a:2e:45:d6:52:ed:c5:91:f2:65:44:60:
ce:41:fd:65:25:e4:1c:97:08:ab:b9:54:fd:e5:dc:7b:0c:f7:
55:97:63:e8:63:bd:5b:7a:cd:d5:4d:10:2f:30:ef:4c:99:91:
42:11:99:07:27:aa:ee:58:eb:0e:b3:eb:b3:f8:2c:df:a6:cc:
b6:97:54:0b:5d:27:1f:59:c5:da:37:11:72:e0:f2:62:fa:6f:
fa:73:6a:d1:a7:45:76:d2:67:e2:d6:bb:40:14:32:5f:38:2a:
f8:3e:a2:9c:73:3d:0f:e2:82:89:08:b2:cd:6d:76:d0:17:8c:
68:47:52:4a:61:b2:45:83:9b:16:5c:42:20:5e:20:7f:8d:7a:
58:cf:78:22:24:17:24:ee:43:82:6f:3d:31:ce:89:a1:e8:d0:
64:ad:d1:c8
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgISAZJSNv/eN3oP+R2dTsI8TeP+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5OWRmN2RjMGVkNTE4ZjFlYzY5OTc0Y2Y5OGNlY2FhZGEx
YTg2ODAwHhcNMjQxMDAzMTE0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTYxOTNhMWUxMDE1ZmY0ODg2ZDgzOTYwYWZkNDc5Njk5ZWZmZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjN65ckQ/fnyMhoz8PdDsF1uMFmU
5gr1rGDfwduqcevWvBYJx0zH3KWP1+6B60rOqtNjX4cJnTouLswBEC0JLs4D/3mV
vEbzgUizp5bzKcZVxu0+gXBF75SlPPFZjKrCkSCO2Ic1fZTU9Xiy4BlWoJdVuEm6
UTlkN07nR/1t2xjnF/zhRNXn53/AwoimROSETVCqJm2fHhQ2GPlJabCkXC0QLp6V
GjtQGK0rduAX+vI+pEPWl3BFLxpeJavZ7yRzJeX/rT91MdoPwc7Fm+aHAGlfeswN
WYT7pgU+BwAqiTH8YmlHtjYf1ng98/Obhf74CCyrHTS7Ci84diZ4yFnVTwIDAQAB
o4IDEjCCAw4wHQYDVR0OBBYEFC5hk6HhAV/0iG2Dlgr9R5aZ7/0rMB8GA1UdIwQY
MBaAFJmd99wO1Rjx7GmXTPmM7KraGoaAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYt
MTM4Yjc4N2RlM2UzLzEvTG1HVG9lRUJYX1NJYllPV0N2MUhscG52X1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYtMTM4Yjc4N2RlM2Uz
LzEvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJgYIKwYBBQUHAQcBAf8EggEVMIIBETCB+QQCAAEwgfID
BAcFF4ADBAQu/aADBAY+zUADAwJOFAMEBk4dwAMDAVFSAwMBUaQDBAZSj0ADBAVS
0kADBAVT2YADAwNUwAMEBlUcQAMEAFX/wQMEAFX/wwMEAFX/xQMEAVX/yAMEAFX/
zQMEAFX/zwMEBV5IQAMDAl7gAwMBjYYDBAadrYADAwKydAMEArkX9AMEArkeNAME
Arn4KAMEBbwsQAMEAbxfkgMDAby8AwQFwxAAAwQFw4KAAwQFw6LAAwQF1EzgAwQF
1FjgAwQF1HsAAwMB1XYDBAXVhIADBAXV1iADAwDV4AMEBtX7QAMEBNlI4AMEA9mo
eDATBAIAAjANAwUAKgAc+AMEACoCGDANBgkqhkiG9w0BAQsFAAOCAQEAvJgySiKU
+98zyBKdMmCOMgmTq+mqaUUlTaIhqIfRh2xvh6tKnqL/BWLLvlB28ec0A4R7NRiz
jXHINKkz5UFebSHBa7FtkWQiZcs2I+EeV3bWBIqaQH5UN1ZA21NLDBzDai5F1lLt
xZHyZURgzkH9ZSXkHJcIq7lU/eXcewz3VZdj6GO9W3rN1U0QLzDvTJmRQhGZByeq
7ljrDrPrs/gs36bMtpdUC10nH1nF2jcRcuDyYvpv+nNq0adFdtJn4ta7QBQyXzgq
+D6inHM9D+KCiQiyzW120BeMaEdSSmGyRYObFlxCIF4gf416WM94IiQXJO5Dgm89
Mc6JoejQZK3RyA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:26:53 2024 by rpki-client on console-ams.rpki-client.org