Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/99SNmOHCw2nRSQVyFKGX3SFLsPg.roa
File: 99SNmOHCw2nRSQVyFKGX3SFLsPg.roa (raw, json)
Hash identifier: dsUJEsKPxG8dftxPJYh50uYwaSJ68qEqXglghDzWhXc=
Subject key identifier: F7:D4:8D:98:E1:C2:C3:69:D1:49:05:72:14:A1:97:DD:21:4B:B0:F8
Certificate issuer: /CN=5bea2b884c7067f58fff040a1f06e0df1e80ab3e
Certificate serial: 018CC493065E47708B40AF9B43D5F5E0454F
Authority key identifier: 5B:EA:2B:88:4C:70:67:F5:8F:FF:04:0A:1F:06:E0:DF:1E:80:AB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-oriExwZ_WP_wQKHwbg3x6Aqz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/99SNmOHCw2nRSQVyFKGX3SFLsPg.roa
Signing time: Mon 01 Jan 2024 10:30:18 +0000
ROA not before: Mon 01 Jan 2024 10:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9050
IP address blocks: 92.87.0.0/16 maxlen: 16
92.87.11.0/24 maxlen: 24
92.80.0.0/16 maxlen: 16
109.97.0.0/16 maxlen: 16
92.84.0.0/16 maxlen: 16
92.87.118.0/24 maxlen: 24
92.87.128.0/23 maxlen: 23
92.87.133.0/24 maxlen: 24
109.101.0.0/16 maxlen: 16
92.87.54.0/24 maxlen: 24
89.121.0.0/18 maxlen: 18
89.121.0.0/16 maxlen: 16
92.86.38.0/24 maxlen: 24
92.86.36.0/24 maxlen: 24
109.99.158.0/24 maxlen: 24
92.86.48.0/24 maxlen: 24
109.103.0.0/16 maxlen: 16
92.86.50.0/24 maxlen: 24
109.99.184.0/24 maxlen: 24
109.99.185.0/24 maxlen: 24
109.99.189.0/24 maxlen: 24
109.99.192.0/24 maxlen: 24
109.96.0.0/16 maxlen: 16
89.123.0.0/17 maxlen: 17
89.123.0.0/16 maxlen: 16
92.86.0.0/16 maxlen: 16
86.35.128.0/17 maxlen: 17
185.133.64.0/22 maxlen: 22
109.100.0.0/16 maxlen: 16
92.86.90.0/24 maxlen: 24
89.120.0.0/16 maxlen: 16
109.99.214.0/24 maxlen: 24
92.83.0.0/19 maxlen: 19
109.99.216.0/24 maxlen: 24
92.83.0.0/16 maxlen: 16
89.123.128.0/17 maxlen: 17
109.98.192.0/24 maxlen: 24
109.98.192.0/23 maxlen: 23
109.98.193.0/24 maxlen: 24
92.82.0.0/18 maxlen: 18
92.82.0.0/16 maxlen: 16
109.102.0.0/16 maxlen: 16
86.35.64.0/18 maxlen: 18
109.102.163.0/24 maxlen: 24
109.102.161.0/24 maxlen: 24
217.115.208.0/20 maxlen: 20
86.35.0.0/21 maxlen: 21
86.35.10.0/24 maxlen: 24
86.35.9.0/24 maxlen: 24
109.99.0.0/16 maxlen: 16
86.35.0.0/16 maxlen: 16
86.35.15.0/24 maxlen: 24
86.35.16.0/20 maxlen: 20
86.35.13.0/24 maxlen: 24
86.35.14.0/24 maxlen: 24
86.35.12.0/24 maxlen: 24
86.35.32.0/19 maxlen: 19
89.121.128.0/17 maxlen: 17
92.87.214.0/23 maxlen: 23
92.87.232.0/24 maxlen: 24
109.98.0.0/16 maxlen: 16
86.34.0.0/16 maxlen: 16
92.87.244.0/24 maxlen: 24
86.34.0.0/15 maxlen: 15
92.87.245.0/24 maxlen: 24
89.121.64.0/18 maxlen: 18
92.87.170.0/24 maxlen: 24
92.87.175.0/24 maxlen: 24
92.87.173.0/24 maxlen: 24
92.87.174.0/24 maxlen: 24
92.81.0.0/16 maxlen: 16
92.81.128.0/17 maxlen: 17
84.243.64.0/18 maxlen: 18
109.98.113.0/24 maxlen: 24
89.122.0.0/16 maxlen: 16
109.98.117.0/24 maxlen: 24
109.98.115.0/24 maxlen: 24
109.98.119.0/24 maxlen: 24
109.98.123.0/24 maxlen: 24
109.98.121.0/24 maxlen: 24
109.98.126.0/24 maxlen: 24
92.85.0.0/16 maxlen: 16
2a02:d10:800:1::/64 maxlen: 64
2a02:d10::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/W-oriExwZ_WP_wQKHwbg3x6Aqz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/W-oriExwZ_WP_wQKHwbg3x6Aqz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/W-oriExwZ_WP_wQKHwbg3x6Aqz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 07:02:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:06:5e:47:70:8b:40:af:9b:43:d5:f5:e0:45:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bea2b884c7067f58fff040a1f06e0df1e80ab3e
Validity
Not Before: Jan 1 10:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7d48d98e1c2c369d149057214a197dd214bb0f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:85:b5:32:19:74:f5:a4:9e:eb:b2:19:45:96:
e3:68:5a:ef:23:b4:a5:b5:80:a6:c5:44:6f:15:ed:
2b:51:ac:50:63:d2:fd:fc:61:d6:ec:c7:99:97:bc:
45:85:98:3d:62:df:a8:5f:c8:d6:e7:08:e9:b6:c6:
21:c2:d1:01:c0:53:43:a0:fa:6d:b8:92:3d:27:70:
6e:14:f0:c5:ac:87:a1:99:1b:60:f3:40:e0:ca:05:
3a:92:48:6f:cd:12:dc:bb:36:d4:cf:42:cb:89:55:
12:17:b3:9b:5a:e8:7c:b5:69:0a:fe:57:37:18:12:
80:2a:66:7c:72:ae:53:db:e9:74:5c:f5:2d:e8:66:
37:c6:a9:c4:63:ef:44:3a:a1:1f:30:e3:30:56:d2:
2f:ad:4c:ec:5c:52:9d:41:a1:83:72:04:b7:8e:b7:
d1:f9:a9:b1:b1:80:d4:78:c2:4e:62:55:12:d6:83:
60:b1:57:d2:7d:ed:54:03:0c:1c:78:6c:42:fe:4e:
5f:58:4f:7c:29:56:95:28:23:8b:77:85:4f:7a:10:
9e:02:99:25:8c:b5:72:94:81:26:a1:2e:d2:43:11:
0f:f2:08:b8:eb:f4:66:35:99:dd:fe:07:b9:75:62:
c4:a8:89:5c:65:1c:9e:c5:3e:10:de:c2:b1:cc:7e:
e3:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:D4:8D:98:E1:C2:C3:69:D1:49:05:72:14:A1:97:DD:21:4B:B0:F8
X509v3 Authority Key Identifier:
keyid:5B:EA:2B:88:4C:70:67:F5:8F:FF:04:0A:1F:06:E0:DF:1E:80:AB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-oriExwZ_WP_wQKHwbg3x6Aqz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/99SNmOHCw2nRSQVyFKGX3SFLsPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/W-oriExwZ_WP_wQKHwbg3x6Aqz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.243.64.0/18
86.34.0.0/15
89.120.0.0/14
92.80.0.0/13
109.96.0.0/13
185.133.64.0/22
217.115.208.0/20
IPv6:
2a02:d10::/32
Signature Algorithm: sha256WithRSAEncryption
0e:94:eb:d3:30:c1:7e:10:64:9d:5e:c4:78:e0:d0:de:13:2e:
3c:cd:e1:4d:76:fa:46:0b:de:79:d6:f5:ec:4b:82:50:6a:7c:
eb:8b:8e:24:af:f2:a5:4f:49:17:54:b1:f7:d2:a9:65:5b:94:
bc:cc:1f:df:16:e9:7c:b3:27:23:24:23:24:b4:e8:a2:6b:9a:
5a:d4:a3:8c:05:5a:2d:bf:d2:fc:3a:60:f5:dc:aa:50:8a:c5:
c0:40:39:c4:66:78:b9:53:76:42:a4:22:b2:c1:35:53:3e:46:
6e:4e:a9:53:bf:b6:30:0e:43:5e:6d:6d:ad:65:e8:ec:3e:0d:
68:b8:c7:84:32:d7:f0:22:ea:8f:4c:b8:42:0d:1d:b4:e1:91:
70:7d:d4:f1:b7:2d:8c:7b:e9:6d:32:89:af:7e:55:71:0c:cb:
00:50:44:fa:90:01:f1:2b:78:56:38:06:15:ba:09:2f:b9:0a:
1f:db:b8:6c:a4:d6:c1:de:a4:6d:1f:be:23:3b:c5:dc:5f:66:
6c:01:f1:3e:04:b0:59:9d:35:87:be:ae:96:58:50:7d:40:ef:
25:b3:6a:4a:a6:fe:bd:2d:1c:50:9e:3f:83:3c:26:b2:b2:c2:
99:47:22:6e:90:3d:45:18:44:a2:a8:e3:06:4a:3d:4f:a4:8b:
c0:1e:3f:0e
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzEkwZeR3CLQK+bQ9X14EVPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWEyYjg4NGM3MDY3ZjU4ZmZmMDQwYTFmMDZlMGRmMWU4
MGFiM2UwHhcNMjQwMTAxMTAzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2Q0OGQ5OGUxYzJjMzY5ZDE0OTA1NzIxNGExOTdkZDIxNGJiMGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYW1Mhl09aSe67IZRZbjaFrvI7Sl
tYCmxURvFe0rUaxQY9L9/GHW7MeZl7xFhZg9Yt+oX8jW5wjptsYhwtEBwFNDoPpt
uJI9J3BuFPDFrIehmRtg80DgygU6kkhvzRLcuzbUz0LLiVUSF7ObWuh8tWkK/lc3
GBKAKmZ8cq5T2+l0XPUt6GY3xqnEY+9EOqEfMOMwVtIvrUzsXFKdQaGDcgS3jrfR
+amxsYDUeMJOYlUS1oNgsVfSfe1UAwwceGxC/k5fWE98KVaVKCOLd4VPehCeApkl
jLVylIEmoS7SQxEP8gi46/RmNZnd/ge5dWLEqIlcZRyexT4Q3sKxzH7jcwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFPfUjZjhwsNp0UkFchShl90hS7D4MB8GA1UdIwQY
MBaAFFvqK4hMcGf1j/8ECh8G4N8egKs+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy1vcmlFeHdaX1dQX3dRS0h3YmczeDZBcXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMzM0ZjgtZGFjZS00OTdmLWE1YTMt
ODE0ZTgwOTA0YmU0LzEvOTlTTm1PSEN3Mm5SU1FWeUZLR1gzU0ZMc1BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMzM0ZjgtZGFjZS00OTdmLWE1YTMtODE0ZTgwOTA0YmU0
LzEvVy1vcmlFeHdaX1dQX3dRS0h3YmczeDZBcXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQGVPNAAwMB
ViIDAwJZeAMDA1xQAwMDbWADBAK5hUADBATZc9AwDQQCAAIwBwMFACoCDRAwDQYJ
KoZIhvcNAQELBQADggEBAA6U69MwwX4QZJ1exHjg0N4TLjzN4U12+kYL3nnW9exL
glBqfOuLjiSv8qVPSRdUsffSqWVblLzMH98W6XyzJyMkIyS06KJrmlrUo4wFWi2/
0vw6YPXcqlCKxcBAOcRmeLlTdkKkIrLBNVM+Rm5OqVO/tjAOQ15tba1l6Ow+DWi4
x4Qy1/Ai6o9MuEINHbThkXB91PG3LYx76W0yia9+VXEMywBQRPqQAfEreFY4BhW6
CS+5Ch/buGyk1sHepG0fviM7xdxfZmwB8T4EsFmdNYe+rpZYUH1A7yWzakqm/r0t
HFCeP4M8JrKywplHIm6QPUUYRKKo4wZKPU+ki8AePw4=
-----END CERTIFICATE-----
Generated at Mon May 20 10:57:52 2024 by rpki-client on console-ams.rpki-client.org