Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/G4nSbHJ0Trk4n8caD3IyXQf0u9g.roa
File: G4nSbHJ0Trk4n8caD3IyXQf0u9g.roa (raw, json)
Hash identifier: CnwaqBzdCBsNaA2556VZMiLfwvRT2KcabSNR9DZU7yw=
Subject key identifier: 1B:89:D2:6C:72:74:4E:B9:38:9F:C7:1A:0F:72:32:5D:07:F4:BB:D8
Certificate issuer: /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial: 0193082F0D5F1156C3B2AE5714FB0ABC8CE2
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/G4nSbHJ0Trk4n8caD3IyXQf0u9g.roa
Signing time: Thu 07 Nov 2024 19:52:01 +0000
ROA not before: Thu 07 Nov 2024 19:52:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208677
IP address blocks: 31.40.248.0/23 maxlen: 23
37.18.8.0/23 maxlen: 23
37.18.10.0/24 maxlen: 24
37.18.22.0/24 maxlen: 24
37.18.72.0/23 maxlen: 23
37.18.100.0/23 maxlen: 23
37.18.102.0/24 maxlen: 24
37.18.107.0/24 maxlen: 24
37.18.108.0/22 maxlen: 22
37.18.112.0/23 maxlen: 23
37.18.114.0/24 maxlen: 24
37.18.115.0/24 maxlen: 24
37.18.116.0/22 maxlen: 22
37.18.120.0/23 maxlen: 23
37.18.122.0/24 maxlen: 24
37.44.196.0/23 maxlen: 23
37.44.198.0/24 maxlen: 24
37.230.139.0/24 maxlen: 24
37.230.179.0/24 maxlen: 24
37.230.180.0/23 maxlen: 23
37.230.180.0/24 maxlen: 24
37.230.184.0/23 maxlen: 23
37.230.186.0/24 maxlen: 24
37.230.192.0/21 maxlen: 21
37.230.224.0/24 maxlen: 24
37.230.233.0/24 maxlen: 24
45.9.24.0/22 maxlen: 22
45.89.224.0/22 maxlen: 22
45.132.176.0/22 maxlen: 22
45.136.146.0/23 maxlen: 23
45.151.30.0/23 maxlen: 23
45.155.204.0/23 maxlen: 23
46.16.36.0/24 maxlen: 24
46.243.141.0/24 maxlen: 24
46.243.142.0/23 maxlen: 23
46.243.172.0/24 maxlen: 24
46.243.201.0/24 maxlen: 24
46.243.205.0/24 maxlen: 24
46.243.206.0/24 maxlen: 24
46.243.226.0/23 maxlen: 23
46.243.244.0/23 maxlen: 23
46.253.132.0/24 maxlen: 24
62.233.43.0/24 maxlen: 24
82.202.136.0/21 maxlen: 21
82.202.156.0/22 maxlen: 22
84.54.56.0/22 maxlen: 22
85.208.85.0/24 maxlen: 24
85.208.86.0/23 maxlen: 23
85.208.209.0/24 maxlen: 24
85.208.210.0/23 maxlen: 23
85.209.149.0/24 maxlen: 24
85.209.150.0/23 maxlen: 23
85.235.82.0/23 maxlen: 23
87.242.84.0/22 maxlen: 22
87.242.88.0/21 maxlen: 21
87.242.100.0/22 maxlen: 22
87.242.116.0/22 maxlen: 22
87.242.120.0/21 maxlen: 21
88.218.65.0/24 maxlen: 24
88.218.66.0/23 maxlen: 23
89.232.160.0/21 maxlen: 21
89.232.168.0/22 maxlen: 22
89.232.176.0/22 maxlen: 22
91.224.86.0/23 maxlen: 23
94.139.252.0/22 maxlen: 22
94.158.22.0/23 maxlen: 23
95.174.88.0/21 maxlen: 21
141.101.151.0/24 maxlen: 24
141.101.152.0/24 maxlen: 24
141.101.201.0/24 maxlen: 24
152.89.196.0/24 maxlen: 24
176.108.240.0/20 maxlen: 20
176.109.96.0/20 maxlen: 20
176.123.160.0/21 maxlen: 21
178.170.191.0/24 maxlen: 24
178.170.192.0/22 maxlen: 22
178.170.196.0/23 maxlen: 23
178.170.242.0/24 maxlen: 24
185.50.200.0/22 maxlen: 22
185.234.11.0/24 maxlen: 24
185.241.57.0/24 maxlen: 24
188.72.96.0/24 maxlen: 24
188.72.106.0/23 maxlen: 23
188.72.108.0/23 maxlen: 23
188.72.117.0/24 maxlen: 24
188.72.118.0/24 maxlen: 24
192.144.12.0/22 maxlen: 22
192.144.28.0/24 maxlen: 24
193.42.116.0/23 maxlen: 23
193.105.4.0/24 maxlen: 24
193.163.94.0/24 maxlen: 24
193.201.8.0/24 maxlen: 24
194.5.92.0/23 maxlen: 23
194.26.228.0/24 maxlen: 24
194.50.72.0/24 maxlen: 24
194.113.34.0/23 maxlen: 23
195.128.152.0/24 maxlen: 24
213.171.24.0/21 maxlen: 21
213.178.153.0/24 maxlen: 24
213.178.154.0/24 maxlen: 24
2a0c:2b80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:08:2f:0d:5f:11:56:c3:b2:ae:57:14:fb:0a:bc:8c:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Validity
Not Before: Nov 7 19:52:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b89d26c72744eb9389fc71a0f72325d07f4bbd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:34:77:86:b6:79:d1:b9:9f:42:6a:28:da:79:
4d:77:46:06:4f:75:fb:0d:cf:7b:79:bd:d3:e9:c7:
f4:0c:40:e3:1a:b1:db:17:59:0f:56:47:62:fd:01:
6d:0a:91:5d:0a:87:80:16:a0:6a:77:01:0d:af:c1:
8c:8a:ff:55:1c:fb:17:df:3f:2c:c4:f7:6d:5e:a7:
3b:ab:78:6c:21:8d:5b:f3:98:45:31:fb:f9:c6:b4:
c6:95:dc:d7:f9:0a:a9:4d:f6:ce:50:f6:b0:4e:09:
63:7b:d6:f0:b4:f7:85:45:28:d6:6e:3d:65:22:d9:
67:4f:a6:a5:cd:7c:84:0a:b7:df:cb:89:d6:82:35:
f1:10:7b:9f:95:df:71:87:1d:2c:a4:b4:5f:c6:e8:
9d:c5:ff:d8:4f:bb:5e:cc:59:0f:54:5d:4e:c9:ac:
5e:29:89:18:ad:fd:42:5a:92:c4:d5:eb:c4:82:30:
98:29:84:7f:a1:95:cf:60:db:06:ae:5e:42:f9:a1:
78:d2:0f:22:3a:f7:76:b1:01:6e:1a:81:f0:a0:f6:
53:72:74:1a:72:df:4b:1a:fa:be:63:8c:5f:d0:fa:
b9:d5:de:92:ea:43:0b:14:03:b2:89:2e:ca:63:57:
59:72:01:b5:c7:bb:6d:84:6a:eb:52:17:2e:57:99:
47:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:89:D2:6C:72:74:4E:B9:38:9F:C7:1A:0F:72:32:5D:07:F4:BB:D8
X509v3 Authority Key Identifier:
keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/G4nSbHJ0Trk4n8caD3IyXQf0u9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.248.0/23
37.18.8.0-37.18.10.255
37.18.22.0/24
37.18.72.0/23
37.18.100.0-37.18.102.255
37.18.107.0-37.18.122.255
37.44.196.0-37.44.198.255
37.230.139.0/24
37.230.179.0-37.230.181.255
37.230.184.0-37.230.186.255
37.230.192.0/21
37.230.224.0/24
37.230.233.0/24
45.9.24.0/22
45.89.224.0/22
45.132.176.0/22
45.136.146.0/23
45.151.30.0/23
45.155.204.0/23
46.16.36.0/24
46.243.141.0-46.243.143.255
46.243.172.0/24
46.243.201.0/24
46.243.205.0-46.243.206.255
46.243.226.0/23
46.243.244.0/23
46.253.132.0/24
62.233.43.0/24
82.202.136.0/21
82.202.156.0/22
84.54.56.0/22
85.208.85.0-85.208.87.255
85.208.209.0-85.208.211.255
85.209.149.0-85.209.151.255
85.235.82.0/23
87.242.84.0-87.242.95.255
87.242.100.0/22
87.242.116.0-87.242.127.255
88.218.65.0-88.218.67.255
89.232.160.0-89.232.171.255
89.232.176.0/22
91.224.86.0/23
94.139.252.0/22
94.158.22.0/23
95.174.88.0/21
141.101.151.0-141.101.152.255
141.101.201.0/24
152.89.196.0/24
176.108.240.0/20
176.109.96.0/20
176.123.160.0/21
178.170.191.0-178.170.197.255
178.170.242.0/24
185.50.200.0/22
185.234.11.0/24
185.241.57.0/24
188.72.96.0/24
188.72.106.0-188.72.109.255
188.72.117.0-188.72.118.255
192.144.12.0/22
192.144.28.0/24
193.42.116.0/23
193.105.4.0/24
193.163.94.0/24
193.201.8.0/24
194.5.92.0/23
194.26.228.0/24
194.50.72.0/24
194.113.34.0/23
195.128.152.0/24
213.171.24.0/21
213.178.153.0-213.178.154.255
IPv6:
2a0c:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
69:be:a7:54:fa:a4:16:b4:da:5f:19:bc:2f:d6:d7:f4:df:04:
47:1e:0f:de:83:5a:5d:88:4d:6e:0a:4f:dc:8a:f2:f5:10:ec:
ed:a4:ba:a7:ff:da:fd:cd:ac:ac:00:13:6c:e4:c4:9e:6e:7a:
37:ed:42:d8:3a:46:9d:de:62:cb:ae:db:7a:3d:76:19:36:bb:
d3:fd:e8:3a:8b:bf:ad:5a:0f:53:5c:c6:47:11:1f:b0:78:f2:
4b:8d:f2:a7:f6:90:17:bf:d4:4e:06:28:44:bd:17:d1:93:79:
6b:92:99:62:50:fd:10:d2:59:22:9b:02:c8:20:f9:ea:8a:f9:
9b:7c:a1:80:75:8c:01:97:03:16:5a:23:68:88:3c:04:f1:e1:
30:d8:5a:47:41:bc:4b:78:67:01:0b:02:5a:e2:c9:52:7a:ef:
a3:17:5f:d6:55:ad:d1:91:56:a0:d8:9a:84:5a:32:c3:b4:f9:
22:a9:7c:22:00:0c:d5:88:37:96:6b:cf:a6:30:c0:23:dd:6d:
3c:93:ce:64:30:1d:4a:d6:3c:ff:ad:a4:45:b8:f3:7d:a0:43:
dc:98:c2:89:19:0d:a9:f9:12:96:a6:ca:8b:16:b5:a2:cb:d2:
97:c3:a9:ef:15:09:e5:c6:f6:4f:a5:b9:32:2d:be:c3:94:29:
b2:e4:38:75
-----BEGIN CERTIFICATE-----
MIIHYjCCBkqgAwIBAgISAZMILw1fEVbDsq5XFPsKvIziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MTllMWYzZmU2OWI0ZWJkZmYwMmE5YTg1N2U3YzZjMmIy
NTMwMWEwHhcNMjQxMTA3MTk1MjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjg5ZDI2YzcyNzQ0ZWI5Mzg5ZmM3MWEwZjcyMzI1ZDA3ZjRiYmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTR3hrZ50bmfQmoo2nlNd0YGT3X7
Dc97eb3T6cf0DEDjGrHbF1kPVkdi/QFtCpFdCoeAFqBqdwENr8GMiv9VHPsX3z8s
xPdtXqc7q3hsIY1b85hFMfv5xrTGldzX+QqpTfbOUPawTglje9bwtPeFRSjWbj1l
ItlnT6alzXyECrffy4nWgjXxEHufld9xhx0spLRfxuidxf/YT7tezFkPVF1Oyaxe
KYkYrf1CWpLE1evEgjCYKYR/oZXPYNsGrl5C+aF40g8iOvd2sQFuGoHwoPZTcnQa
ct9LGvq+Y4xf0Pq51d6S6kMLFAOyiS7KY1dZcgG1x7tthGrrUhcuV5lH1QIDAQAB
o4IEbjCCBGowHQYDVR0OBBYEFBuJ0mxydE65OJ/HGg9yMl0H9LvYMB8GA1UdIwQY
MBaAFPkZ4fP+abTr3/AqmoV+fGwrJTAaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Sbmg4XzVwdE92ZjhDcWFoWDU4YkNzbE1Cby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAz
LWRhZDA0MjBiODVkMy8xL0c0blNiSEowVHJrNG44Y2FEM0l5WFFmMHU5Zy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAzLWRhZDA0MjBiODVk
My8xLzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggKABggrBgEFBQcBBwEB/wSCAm8wggJrMIICWAQCAAEw
ggJQAwQBHyj4MAwDBAMlEggDBAAlEgoDBAAlEhYDBAElEkgwDAMEAiUSZAMEACUS
ZjAMAwQAJRJrAwQAJRJ6MAwDBAIlLMQDBAAlLMYDBAAl5oswDAMEACXmswMEASXm
tDAMAwQDJea4AwQAJea6AwQDJebAAwQAJebgAwQAJebpAwQCLQkYAwQCLVngAwQC
LYSwAwQBLYiSAwQBLZceAwQBLZvMAwQALhAkMAwDBAAu840DBAQu84ADBAAu86wD
BAAu88kwDAMEAC7zzQMEAC7zzgMEAS7z4gMEAS7z9AMEAC79hAMEAD7pKwMEA1LK
iAMEAlLKnAMEAlQ2ODAMAwQAVdBVAwQDVdBQMAwDBABV0NEDBAJV0NAwDAMEAFXR
lQMEA1XRkAMEAVXrUjAMAwQCV/JUAwQFV/JAAwQCV/JkMAwDBAJX8nQDBAdX8gAw
DAMEAFjaQQMEAljaQDAMAwQFWeigAwQCWeioAwQCWeiwAwQBW+BWAwQCXov8AwQB
Xp4WAwQDX65YMAwDBACNZZcDBACNZZgDBACNZckDBACYWcQDBASwbPADBASwbWAD
BAOwe6AwDAMEALKqvwMEAbKqxAMEALKq8gMEArkyyAMEALnqCwMEALnxOQMEALxI
YDAMAwQBvEhqAwQBvEhsMAwDBAC8SHUDBAC8SHYDBALAkAwDBADAkBwDBAHBKnQD
BADBaQQDBADBo14DBADByQgDBAHCBVwDBADCGuQDBADCMkgDBAHCcSIDBADDgJgD
BAPVqxgwDAMEANWymQMEANWymjANBAIAAjAHAwUDKgwrgDANBgkqhkiG9w0BAQsF
AAOCAQEAab6nVPqkFrTaXxm8L9bX9N8ERx4P3oNaXYhNbgpP3Iry9RDs7aS6p//a
/c2srAATbOTEnm56N+1C2DpGnd5iy67bej12GTa70/3oOou/rVoPU1zGRxEfsHjy
S43yp/aQF7/UTgYoRL0X0ZN5a5KZYlD9ENJZIpsCyCD56or5m3yhgHWMAZcDFloj
aIg8BPHhMNhaR0G8S3hnAQsCWuLJUnrvoxdf1lWt0ZFWoNiahFoyw7T5Iql8IgAM
1Yg3lmvPpjDAI91tPJPOZDAdStY8/62kRbjzfaBD3JjCiRkNqfkSlqbKixa1osvS
l8Op7xUJ5cb2T6W5Mi2+w5QpsuQ4dQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:18:29 2024 by rpki-client on console-fra.rpki-client.org