Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/PCVTCk4kJKdmWY5Gbhcohqq7yqY.roa
File: PCVTCk4kJKdmWY5Gbhcohqq7yqY.roa (raw, json)
Hash identifier: 0BvnuPjtWX2RRE04oQNDzS1IBFJjGsR8tpSiS60V8LY=
Subject key identifier: 3C:25:53:0A:4E:24:24:A7:66:59:8E:46:6E:17:28:86:AA:BB:CA:A6
Certificate issuer: /CN=4da4d6199aec828f6989e2e84cec17765bac5cd5
Certificate serial: 018EF5C3AE807465A2134F2FD07CF57D95EF
Authority key identifier: 4D:A4:D6:19:9A:EC:82:8F:69:89:E2:E8:4C:EC:17:76:5B:AC:5C:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TaTWGZrsgo9pieLoTOwXdlusXNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/PCVTCk4kJKdmWY5Gbhcohqq7yqY.roa
Signing time: Fri 19 Apr 2024 09:50:25 +0000
ROA not before: Fri 19 Apr 2024 09:50:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20776
IP address blocks: 80.243.240.0/20 maxlen: 20
80.243.240.0/21 maxlen: 21
80.243.248.0/21 maxlen: 21
82.197.96.0/19 maxlen: 23
82.197.112.0/20 maxlen: 20
82.197.126.0/24 maxlen: 24
89.16.0.0/19 maxlen: 19
89.16.0.0/20 maxlen: 20
89.16.0.0/21 maxlen: 21
89.16.8.0/21 maxlen: 21
89.16.16.0/20 maxlen: 20
89.16.16.0/21 maxlen: 21
89.16.24.0/21 maxlen: 21
92.49.64.0/19 maxlen: 19
92.49.64.0/20 maxlen: 20
92.49.80.0/20 maxlen: 20
92.49.96.0/19 maxlen: 19
92.49.96.0/20 maxlen: 20
92.49.96.0/21 maxlen: 21
92.49.104.0/24 maxlen: 24
92.49.105.0/24 maxlen: 24
92.49.106.0/24 maxlen: 24
92.49.107.0/24 maxlen: 24
92.49.108.0/22 maxlen: 22
92.49.112.0/20 maxlen: 20
92.49.112.0/21 maxlen: 21
92.49.120.0/21 maxlen: 21
92.49.125.0/24 maxlen: 24
93.176.0.0/19 maxlen: 19
93.176.0.0/20 maxlen: 20
93.176.16.0/20 maxlen: 20
93.176.32.0/20 maxlen: 20
93.176.48.0/20 maxlen: 20
109.62.0.0/17 maxlen: 24
109.62.0.0/19 maxlen: 19
109.62.0.0/21 maxlen: 21
109.62.4.0/22 maxlen: 22
109.62.8.0/24 maxlen: 24
109.62.9.0/24 maxlen: 24
109.62.10.0/23 maxlen: 23
109.62.12.0/23 maxlen: 23
109.62.14.0/24 maxlen: 24
109.62.15.0/24 maxlen: 24
109.62.16.0/21 maxlen: 21
109.62.24.0/23 maxlen: 23
109.62.26.0/24 maxlen: 24
109.62.27.0/24 maxlen: 24
109.62.28.0/22 maxlen: 22
109.62.56.0/21 maxlen: 21
109.62.56.0/22 maxlen: 22
109.62.60.0/22 maxlen: 22
109.62.64.0/24 maxlen: 24
109.62.66.0/24 maxlen: 24
109.62.67.0/24 maxlen: 24
109.62.68.0/22 maxlen: 23
109.62.68.0/23 maxlen: 23
109.62.70.0/23 maxlen: 23
109.62.72.0/21 maxlen: 21
109.62.72.0/22 maxlen: 22
109.62.76.0/22 maxlen: 22
109.62.80.0/20 maxlen: 20
109.62.80.0/21 maxlen: 21
109.62.88.0/21 maxlen: 21
109.62.96.0/20 maxlen: 20
188.115.64.0/18 maxlen: 18
188.115.64.0/19 maxlen: 19
188.115.64.0/20 maxlen: 20
188.115.80.0/20 maxlen: 20
188.115.96.0/19 maxlen: 19
188.115.96.0/21 maxlen: 21
188.115.104.0/21 maxlen: 21
188.115.112.0/22 maxlen: 22
188.115.116.0/22 maxlen: 22
188.115.120.0/21 maxlen: 21
217.175.160.0/19 maxlen: 24
217.175.168.0/21 maxlen: 21
217.175.168.0/24 maxlen: 24
217.175.169.0/24 maxlen: 24
217.175.170.0/24 maxlen: 24
217.175.171.0/24 maxlen: 24
217.175.172.0/24 maxlen: 24
217.175.174.0/23 maxlen: 23
217.175.176.0/21 maxlen: 21
217.175.176.0/22 maxlen: 22
217.175.180.0/22 maxlen: 22
217.175.184.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/TaTWGZrsgo9pieLoTOwXdlusXNU.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/TaTWGZrsgo9pieLoTOwXdlusXNU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TaTWGZrsgo9pieLoTOwXdlusXNU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f5:c3:ae:80:74:65:a2:13:4f:2f:d0:7c:f5:7d:95:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da4d6199aec828f6989e2e84cec17765bac5cd5
Validity
Not Before: Apr 19 09:50:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c25530a4e2424a766598e466e172886aabbcaa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:70:d4:d1:28:f3:81:bd:b1:21:31:49:4a:4b:
7b:e8:ba:67:38:c8:5a:95:0c:7f:86:ae:33:de:85:
fc:a6:0d:a4:55:03:bb:09:06:90:da:fd:89:03:10:
a9:88:fa:f2:6f:02:ef:07:77:de:56:1b:2e:81:46:
2b:e7:d0:a9:df:13:b9:fd:d3:77:25:2d:ec:b8:8d:
0d:5d:ee:74:96:3a:0d:09:78:cc:8b:f2:2b:55:a4:
07:90:50:51:2e:39:db:b3:67:0b:84:e7:93:58:a9:
6f:5e:45:38:7b:cb:e1:ea:c7:fe:27:f1:5c:2f:18:
50:35:2e:ec:67:77:fd:68:2f:5f:1f:eb:bb:a2:1d:
d0:89:ff:1e:20:8e:4e:7d:8d:8e:a4:08:bf:e9:f0:
01:e6:f9:3f:47:37:9c:70:22:58:57:f3:49:53:96:
7c:4e:0f:8e:06:51:c9:46:90:dc:63:4a:f7:58:b6:
9d:e4:81:5a:24:47:b6:18:59:6a:47:72:3d:e0:3d:
53:ef:3c:05:8e:f5:72:4f:4d:d2:1f:ee:7f:84:f8:
2a:d8:10:b0:d9:bd:96:bf:7d:1e:db:bb:80:75:7c:
ac:cb:90:58:52:8e:fb:0d:4e:13:92:7b:f2:22:34:
9d:05:61:36:79:3e:b6:3f:63:b9:20:72:9d:04:57:
64:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:25:53:0A:4E:24:24:A7:66:59:8E:46:6E:17:28:86:AA:BB:CA:A6
X509v3 Authority Key Identifier:
keyid:4D:A4:D6:19:9A:EC:82:8F:69:89:E2:E8:4C:EC:17:76:5B:AC:5C:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TaTWGZrsgo9pieLoTOwXdlusXNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/PCVTCk4kJKdmWY5Gbhcohqq7yqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/TaTWGZrsgo9pieLoTOwXdlusXNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.243.240.0/20
82.197.96.0/19
89.16.0.0/19
92.49.64.0/18
93.176.0.0/18
109.62.0.0/17
188.115.64.0/18
217.175.160.0/19
Signature Algorithm: sha256WithRSAEncryption
9b:0f:18:f6:21:8d:2b:a9:cd:bb:1e:84:49:7e:ed:1d:38:60:
0c:f3:fc:7a:75:b1:b4:f8:d7:96:3d:3b:ba:9d:53:52:95:23:
62:5d:e7:02:c2:d2:5f:18:77:91:95:2b:d4:43:3d:7f:50:42:
82:a0:35:e5:54:48:4a:af:f3:81:d7:44:b7:03:74:00:89:b0:
c8:06:f6:47:c8:16:fa:e1:f8:ba:bc:c9:00:cf:1b:e3:b8:e8:
aa:ad:33:06:ba:53:66:ee:ad:52:f9:e7:1d:f3:f8:b3:40:ff:
db:9b:d5:a6:40:dd:d1:11:50:b5:0b:2f:8a:40:27:30:94:c3:
30:cc:fd:c4:a9:7a:9b:93:91:c5:17:5b:22:d2:2d:0a:21:15:
1d:c0:76:3a:88:bf:14:2a:26:1a:74:e2:1f:5b:c7:8b:4b:0d:
6c:6d:7a:94:dc:64:14:41:af:41:be:4f:76:f2:99:73:c1:92:
58:7a:c2:fc:b0:c8:f3:db:99:5c:57:e5:f3:2c:27:27:95:b9:
09:ea:d8:f8:78:08:42:2b:74:cc:ed:52:b0:59:5b:55:60:ed:
1f:dd:a4:48:49:49:12:aa:39:fe:a6:5b:89:e6:40:c5:99:79:
22:5b:14:8d:13:22:04:75:aa:d6:d5:97:cc:6b:01:c2:cd:dd:
5f:6a:e1:f1
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY71w66AdGWiE08v0Hz1fZXvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTRkNjE5OWFlYzgyOGY2OTg5ZTJlODRjZWMxNzc2NWJh
YzVjZDUwHhcNMjQwNDE5MDk1MDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzI1NTMwYTRlMjQyNGE3NjY1OThlNDY2ZTE3Mjg4NmFhYmJjYWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHDU0Sjzgb2xITFJSkt76LpnOMha
lQx/hq4z3oX8pg2kVQO7CQaQ2v2JAxCpiPrybwLvB3feVhsugUYr59Cp3xO5/dN3
JS3suI0NXe50ljoNCXjMi/IrVaQHkFBRLjnbs2cLhOeTWKlvXkU4e8vh6sf+J/Fc
LxhQNS7sZ3f9aC9fH+u7oh3Qif8eII5OfY2OpAi/6fAB5vk/RzeccCJYV/NJU5Z8
Tg+OBlHJRpDcY0r3WLad5IFaJEe2GFlqR3I94D1T7zwFjvVyT03SH+5/hPgq2BCw
2b2Wv30e27uAdXysy5BYUo77DU4TknvyIjSdBWE2eT62P2O5IHKdBFdkwwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDwlUwpOJCSnZlmORm4XKIaqu8qmMB8GA1UdIwQY
MBaAFE2k1hma7IKPaYni6EzsF3ZbrFzVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFUV0dacnNnbzlwaWVMb1RPd1hkbHVzWE5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yYzg0ODItNTMzMS00ZTU3LTk5NzQt
NDA4MzdkNDg0NzNkLzEvUENWVENrNGtKS2RtV1k1R2JoY29ocXE3eXFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yYzg0ODItNTMzMS00ZTU3LTk5NzQtNDA4MzdkNDg0NzNk
LzEvVGFUV0dacnNnbzlwaWVMb1RPd1hkbHVzWE5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEUPPwAwQF
UsVgAwQFWRAAAwQGXDFAAwQGXbAAAwQHbT4AAwQGvHNAAwQF2a+gMA0GCSqGSIb3
DQEBCwUAA4IBAQCbDxj2IY0rqc27HoRJfu0dOGAM8/x6dbG0+NeWPTu6nVNSlSNi
XecCwtJfGHeRlSvUQz1/UEKCoDXlVEhKr/OB10S3A3QAibDIBvZHyBb64fi6vMkA
zxvjuOiqrTMGulNm7q1S+ecd8/izQP/bm9WmQN3REVC1Cy+KQCcwlMMwzP3EqXqb
k5HFF1si0i0KIRUdwHY6iL8UKiYadOIfW8eLSw1sbXqU3GQUQa9Bvk928plzwZJY
esL8sMjz25lcV+XzLCcnlbkJ6tj4eAhCK3TM7VKwWVtVYO0f3aRISUkSqjn+pluJ
5kDFmXkiWxSNEyIEdarW1ZfMawHCzd1fauHx
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:01:53 2024 by rpki-client on console-ams.rpki-client.org