Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/Pgl2i8l2ejy5eTIgrBrsJ6PHDmc.roa
File: Pgl2i8l2ejy5eTIgrBrsJ6PHDmc.roa (raw, json)
Hash identifier: CZHLa3FNNOCLxPRoyogn2WYgfuccXgQ3ai8hAmC+klw=
Subject key identifier: 3E:09:76:8B:C9:76:7A:3C:B9:79:32:20:AC:1A:EC:27:A3:C7:0E:67
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 018EC31E15ACC32695BCCFAA3D5F688C3A17
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/Pgl2i8l2ejy5eTIgrBrsJ6PHDmc.roa
Signing time: Tue 09 Apr 2024 13:48:32 +0000
ROA not before: Tue 09 Apr 2024 13:48:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 46.33.64.0/19 maxlen: 24
62.41.0.0/20 maxlen: 24
62.41.16.0/21 maxlen: 24
62.41.24.0/22 maxlen: 24
62.41.32.0/24 maxlen: 24
62.41.37.0/24 maxlen: 24
62.41.56.0/21 maxlen: 24
62.41.64.0/20 maxlen: 24
62.41.80.0/22 maxlen: 24
62.41.84.0/23 maxlen: 24
62.41.102.0/24 maxlen: 24
62.41.160.0/24 maxlen: 24
62.50.128.0/19 maxlen: 19
62.132.0.0/22 maxlen: 22
62.132.16.0/22 maxlen: 22
62.132.24.0/23 maxlen: 23
62.132.28.0/24 maxlen: 24
62.132.42.0/23 maxlen: 23
62.132.114.0/23 maxlen: 23
62.132.116.0/23 maxlen: 23
62.132.132.0/23 maxlen: 23
77.67.0.0/17 maxlen: 24
77.77.128.0/18 maxlen: 24
87.119.64.0/18 maxlen: 24
89.149.128.0/18 maxlen: 24
92.71.0.0/17 maxlen: 17
92.71.128.0/18 maxlen: 18
134.222.0.0/16 maxlen: 16
141.136.96.0/20 maxlen: 20
185.160.40.0/22 maxlen: 22
192.16.202.0/24 maxlen: 24
192.54.104.0/24 maxlen: 24
192.67.190.0/23 maxlen: 23
192.67.192.0/22 maxlen: 22
192.67.196.0/24 maxlen: 24
192.129.32.0/23 maxlen: 23
192.129.36.0/24 maxlen: 24
192.129.43.0/24 maxlen: 24
192.129.44.0/24 maxlen: 24
192.129.46.0/23 maxlen: 23
192.129.48.0/23 maxlen: 23
192.129.54.0/24 maxlen: 24
192.129.56.0/23 maxlen: 24
193.141.0.0/23 maxlen: 23
193.141.2.0/24 maxlen: 24
193.141.40.0/22 maxlen: 22
193.141.44.0/23 maxlen: 23
193.141.140.0/23 maxlen: 23
193.242.80.0/20 maxlen: 20
194.41.62.0/24 maxlen: 24
194.45.4.0/23 maxlen: 23
194.45.12.0/23 maxlen: 23
194.45.47.0/24 maxlen: 24
194.45.98.0/23 maxlen: 23
194.45.182.0/23 maxlen: 23
194.120.0.0/24 maxlen: 24
194.120.43.0/24 maxlen: 24
194.120.112.0/22 maxlen: 22
194.120.120.0/22 maxlen: 22
194.121.52.0/22 maxlen: 22
194.121.104.0/23 maxlen: 23
194.121.123.0/24 maxlen: 24
194.121.203.0/24 maxlen: 24
194.121.220.0/22 maxlen: 22
194.122.76.0/22 maxlen: 22
194.122.80.0/21 maxlen: 21
194.122.120.0/21 maxlen: 21
194.122.224.0/20 maxlen: 20
194.122.248.0/22 maxlen: 22
194.123.122.0/24 maxlen: 24
194.123.164.0/24 maxlen: 24
195.143.0.0/16 maxlen: 24
212.0.224.0/19 maxlen: 19
212.1.0.0/19 maxlen: 19
212.14.64.0/19 maxlen: 19
212.27.160.0/19 maxlen: 19
212.56.0.0/19 maxlen: 19
212.81.64.0/18 maxlen: 18
212.115.128.0/18 maxlen: 24
212.189.0.0/17 maxlen: 17
212.221.0.0/17 maxlen: 24
212.222.0.0/16 maxlen: 24
213.200.64.0/18 maxlen: 18
213.251.0.0/18 maxlen: 24
213.254.192.0/18 maxlen: 24
217.114.112.0/20 maxlen: 20
217.117.160.0/20 maxlen: 20
217.118.112.0/20 maxlen: 20
217.195.224.0/19 maxlen: 19
2001:668::/29 maxlen: 64
2001:680::/32 maxlen: 32
2001:680:12::/48 maxlen: 48
2001:680:16::/48 maxlen: 48
2001:680:19::/48 maxlen: 48
2001:680:20::/48 maxlen: 48
2a00:1750::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c3:1e:15:ac:c3:26:95:bc:cf:aa:3d:5f:68:8c:3a:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Apr 9 13:48:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e09768bc9767a3cb9793220ac1aec27a3c70e67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a2:31:27:f6:f9:ca:08:ae:a4:d6:f5:cf:58:
ee:ce:e0:1b:94:bb:bc:83:60:7a:9a:db:0d:19:02:
cc:2c:df:04:c1:85:f1:6d:33:d8:08:b1:09:15:fb:
41:b1:00:d1:5c:f4:c1:e5:f7:57:c8:a8:cd:ee:44:
f9:96:c6:77:a3:ce:98:03:04:e3:2a:45:a7:ec:1a:
ac:fe:26:63:23:05:e0:47:8c:1e:e4:01:65:a9:f1:
fa:1e:83:b2:ef:8d:99:9f:f0:df:1c:ff:2d:29:3a:
e6:d4:f3:89:48:26:93:6b:0f:ca:d8:c0:e9:89:17:
70:84:83:38:91:fa:56:23:73:25:ab:c3:5c:d9:cd:
78:07:47:56:5b:cb:79:11:71:bf:2c:30:96:1d:e7:
c2:89:1d:a1:b1:93:2a:ea:d8:71:0e:ac:08:bf:d6:
db:46:bb:02:d6:14:f4:ac:c5:26:9f:09:e6:54:91:
30:f4:b5:8a:dd:70:14:df:38:e2:92:6d:6d:40:22:
dc:86:4e:9b:55:54:59:21:e8:09:c7:38:4a:fb:c2:
a7:84:65:92:9f:d4:c6:51:da:07:5e:65:15:34:15:
27:e5:92:e4:cc:35:c0:76:f3:7c:99:5a:e5:cc:33:
e7:b7:97:3b:d2:5b:4d:8e:79:28:5f:31:6d:62:7a:
96:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:09:76:8B:C9:76:7A:3C:B9:79:32:20:AC:1A:EC:27:A3:C7:0E:67
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/Pgl2i8l2ejy5eTIgrBrsJ6PHDmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.64.0/19
62.41.0.0-62.41.27.255
62.41.32.0/24
62.41.37.0/24
62.41.56.0-62.41.85.255
62.41.102.0/24
62.41.160.0/24
62.50.128.0/19
62.132.0.0/22
62.132.16.0/22
62.132.24.0/23
62.132.28.0/24
62.132.42.0/23
62.132.114.0-62.132.117.255
62.132.132.0/23
77.67.0.0/17
77.77.128.0/18
87.119.64.0/18
89.149.128.0/18
92.71.0.0-92.71.191.255
134.222.0.0/16
141.136.96.0/20
185.160.40.0/22
192.16.202.0/24
192.54.104.0/24
192.67.190.0-192.67.196.255
192.129.32.0/23
192.129.36.0/24
192.129.43.0-192.129.44.255
192.129.46.0-192.129.49.255
192.129.54.0/24
192.129.56.0/23
193.141.0.0-193.141.2.255
193.141.40.0-193.141.45.255
193.141.140.0/23
193.242.80.0/20
194.41.62.0/24
194.45.4.0/23
194.45.12.0/23
194.45.47.0/24
194.45.98.0/23
194.45.182.0/23
194.120.0.0/24
194.120.43.0/24
194.120.112.0/22
194.120.120.0/22
194.121.52.0/22
194.121.104.0/23
194.121.123.0/24
194.121.203.0/24
194.121.220.0/22
194.122.76.0-194.122.87.255
194.122.120.0/21
194.122.224.0/20
194.122.248.0/22
194.123.122.0/24
194.123.164.0/24
195.143.0.0/16
212.0.224.0-212.1.31.255
212.14.64.0/19
212.27.160.0/19
212.56.0.0/19
212.81.64.0/18
212.115.128.0/18
212.189.0.0/17
212.221.0.0/17
212.222.0.0/16
213.200.64.0/18
213.251.0.0/18
213.254.192.0/18
217.114.112.0/20
217.117.160.0/20
217.118.112.0/20
217.195.224.0/19
IPv6:
2001:668::/29
2001:680::/32
2a00:1750::/32
Signature Algorithm: sha256WithRSAEncryption
50:03:c2:24:91:03:b0:c0:ba:d2:3f:34:7d:78:7d:3b:15:ec:
53:5b:83:12:07:3e:11:cf:2e:a7:ac:b7:b7:e3:b8:fd:c7:4b:
2a:f7:6f:02:3e:b0:55:0f:a6:b2:11:9d:69:62:0b:41:8c:b7:
b1:58:27:3a:d7:1d:c1:d0:7f:fc:6d:cb:0a:30:c5:58:d3:8f:
96:8a:55:3a:59:b8:ee:f9:d0:40:1c:57:13:ce:41:c0:bf:89:
e4:65:2e:ce:ed:70:d7:df:b2:bd:17:62:d4:5a:b2:13:ba:8c:
29:5d:b4:87:d4:9d:c1:a0:ba:19:82:12:eb:7a:c5:6a:00:60:
57:4a:15:6b:2f:fe:6c:1d:a7:2a:9d:a3:49:46:20:1f:81:4d:
6c:98:b2:94:57:5d:9e:e0:ba:67:98:8b:6f:60:97:2b:39:cd:
24:73:ef:72:ff:29:60:a5:ac:bf:40:f1:70:79:18:b2:fd:72:
58:f6:6d:39:ff:40:33:6a:89:f0:49:75:3e:ed:6f:39:06:0f:
7d:a2:92:70:7b:f2:49:d2:98:60:0e:ec:19:6d:78:63:78:a5:
16:2f:e2:d3:4c:9f:ca:7a:2a:54:50:d8:c4:f0:a8:0d:72:7d:
c2:1b:55:2d:ab:dc:86:49:34:58:87:96:a6:e1:b5:17:93:df:
49:d9:9e:20
-----BEGIN CERTIFICATE-----
MIIHLDCCBhSgAwIBAgISAY7DHhWswyaVvM+qPV9ojDoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjQwNDA5MTM0ODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTA5NzY4YmM5NzY3YTNjYjk3OTMyMjBhYzFhZWMyN2EzYzcwZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaIxJ/b5ygiupNb1z1juzuAblLu8
g2B6mtsNGQLMLN8EwYXxbTPYCLEJFftBsQDRXPTB5fdXyKjN7kT5lsZ3o86YAwTj
KkWn7Bqs/iZjIwXgR4we5AFlqfH6HoOy742Zn/DfHP8tKTrm1POJSCaTaw/K2MDp
iRdwhIM4kfpWI3Mlq8Nc2c14B0dWW8t5EXG/LDCWHefCiR2hsZMq6thxDqwIv9bb
RrsC1hT0rMUmnwnmVJEw9LWK3XAU3zjikm1tQCLchk6bVVRZIegJxzhK+8KnhGWS
n9TGUdoHXmUVNBUn5ZLkzDXAdvN8mVrlzDPnt5c70ltNjnkoXzFtYnqWpwIDAQAB
o4IEODCCBDQwHQYDVR0OBBYEFD4JdovJdno8uXkyIKwa7Cejxw5nMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvUGdsMmk4bDJlank1ZVRJZ3JCcnNKNlBIRG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICTAYIKwYBBQUHAQcBAf8EggI7MIICNzCCAhYEAgABMIIC
DgMEBS4hQDALAwMAPikDBAI+KRgDBAA+KSADBAA+KSUwDAMEAz4pOAMEAT4pVAME
AD4pZgMEAD4poAMEBT4ygAMEAj6EAAMEAj6EEAMEAT6EGAMEAD6EHAMEAT6EKjAM
AwQBPoRyAwQBPoR0AwQBPoSEAwQHTUMAAwQGTU2AAwQGV3dAAwQGWZWAMAsDAwBc
RwMEBlxHgAMDAIbeAwQEjYhgAwQCuaAoAwQAwBDKAwQAwDZoMAwDBAHAQ74DBADA
Q8QDBAHAgSADBADAgSQwDAMEAMCBKwMEAMCBLDAMAwQBwIEuAwQBwIEwAwQAwIE2
AwQBwIE4MAsDAwDBjQMEAMGNAjAMAwQDwY0oAwQBwY0sAwQBwY2MAwQEwfJQAwQA
wik+AwQBwi0EAwQBwi0MAwQAwi0vAwQBwi1iAwQBwi22AwQAwngAAwQAwngrAwQC
wnhwAwQCwnh4AwQCwnk0AwQBwnloAwQAwnl7AwQAwnnLAwQCwnncMAwDBALCekwD
BAPCelADBAPCengDBATCeuADBALCevgDBADCe3oDBADCe6QDAwDDjzAMAwQF1ADg
AwQF1AEAAwQF1A5AAwQF1BugAwQF1DgAAwQG1FFAAwQG1HOAAwQH1L0AAwQH1N0A
AwMA1N4DBAbVyEADBAbV+wADBAbV/sADBATZcnADBATZdaADBATZdnADBAXZw+Aw
GwQCAAIwFQMFAyABBmgDBQAgAQaAAwUAKgAXUDANBgkqhkiG9w0BAQsFAAOCAQEA
UAPCJJEDsMC60j80fXh9OxXsU1uDEgc+Ec8up6y3t+O4/cdLKvdvAj6wVQ+mshGd
aWILQYy3sVgnOtcdwdB//G3LCjDFWNOPlopVOlm47vnQQBxXE85BwL+J5GUuzu1w
19+yvRdi1FqyE7qMKV20h9SdwaC6GYIS63rFagBgV0oVay/+bB2nKp2jSUYgH4FN
bJiylFddnuC6Z5iLb2CXKznNJHPvcv8pYKWsv0DxcHkYsv1yWPZtOf9AM2qJ8El1
Pu1vOQYPfaKScHvySdKYYA7sGW14Y3ilFi/i00yfynoqVFDYxPCoDXJ9whtVLavc
hkk0WIeWpuG1F5PfSdmeIA==
-----END CERTIFICATE-----
Generated at Sat May 4 09:05:50 2024 by rpki-client on console-ams.rpki-client.org