Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/L3mBTJ-piXdE89uy66mEx3QXFz0.roa
File: L3mBTJ-piXdE89uy66mEx3QXFz0.roa (raw, json)
Hash identifier: JP9mvHIt/z4S+FHLNmEIK2so2616YMMx/UHOToEy0fw=
Subject key identifier: 2F:79:81:4C:9F:A9:89:77:44:F3:DB:B2:EB:A9:84:C7:74:17:17:3D
Certificate issuer: /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial: 0191E1380102A16602E00828949F111D5A4C
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/L3mBTJ-piXdE89uy66mEx3QXFz0.roa
Signing time: Wed 11 Sep 2024 13:13:49 +0000
ROA not before: Wed 11 Sep 2024 13:13:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 149.250.0.0/16 maxlen: 16
192.109.236.0/24 maxlen: 24
195.203.0.0/17 maxlen: 17
195.203.128.0/17 maxlen: 17
195.203.152.0/23 maxlen: 23
195.203.156.0/22 maxlen: 22
217.27.0.0/23 maxlen: 23
217.27.2.0/23 maxlen: 23
217.27.4.0/24 maxlen: 24
217.27.6.0/24 maxlen: 24
217.27.7.0/24 maxlen: 24
2a03:5000:1::/48 maxlen: 48
2a03:5000:2::/48 maxlen: 48
2a03:5000:11::/48 maxlen: 48
2a03:5000:12::/48 maxlen: 48
2a03:5000:20::/48 maxlen: 48
2a03:5000:21::/48 maxlen: 48
2a03:5000:22::/48 maxlen: 48
2a03:5000:30::/48 maxlen: 48
2a03:5000:31::/48 maxlen: 48
2a03:5000:32::/48 maxlen: 48
2a03:5000:41::/48 maxlen: 48
2a03:5000:42::/48 maxlen: 48
2a03:5000:51::/48 maxlen: 48
2a03:5000:52::/48 maxlen: 48
2a03:5000:61::/48 maxlen: 48
2a03:5000:62::/48 maxlen: 48
2a03:5000:71::/48 maxlen: 48
2a03:5000:72::/48 maxlen: 48
2a03:5000:81::/48 maxlen: 48
2a03:5000:82::/48 maxlen: 48
2a03:5000:91::/48 maxlen: 48
2a03:5000:92::/48 maxlen: 48
2a03:5000:101::/48 maxlen: 48
2a03:5000:102::/48 maxlen: 48
2a03:5000:111::/48 maxlen: 48
2a03:5000:112::/48 maxlen: 48
2a03:5000:121::/48 maxlen: 48
2a03:5000:122::/48 maxlen: 48
2a03:5000:131::/48 maxlen: 48
2a03:5000:132::/48 maxlen: 48
2a03:5000:141::/48 maxlen: 48
2a03:5000:142::/48 maxlen: 48
2a03:5000:151::/48 maxlen: 48
2a03:5000:152::/48 maxlen: 48
2a03:5000:161::/48 maxlen: 48
2a03:5000:162::/48 maxlen: 48
2a03:5000:171::/48 maxlen: 48
2a03:5000:172::/48 maxlen: 48
2a03:5000:181::/48 maxlen: 48
2a03:5000:182::/48 maxlen: 48
2a03:5000:191::/48 maxlen: 48
2a03:5000:192::/48 maxlen: 48
2a03:5000:201::/48 maxlen: 48
2a03:5000:202::/48 maxlen: 48
2a03:5000:211::/48 maxlen: 48
2a03:5000:212::/48 maxlen: 48
2a03:5000:221::/48 maxlen: 48
2a03:5000:222::/48 maxlen: 48
2a03:5000:231::/48 maxlen: 48
2a03:5000:232::/48 maxlen: 48
2a03:5000:241::/48 maxlen: 48
2a03:5000:242::/48 maxlen: 48
2a03:5000:251::/48 maxlen: 48
2a03:5000:252::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.mft
rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:38:01:02:a1:66:02:e0:08:28:94:9f:11:1d:5a:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Validity
Not Before: Sep 11 13:13:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f79814c9fa9897744f3dbb2eba984c77417173d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d6:e4:61:1c:66:3c:c8:ca:72:cc:24:da:ab:
0e:c8:4e:a4:9c:28:f2:62:88:c5:df:48:d2:9f:fe:
47:ac:64:f1:5f:d4:d9:ee:99:a8:c9:95:6b:5c:3c:
e5:19:35:08:36:f9:3d:70:93:75:e7:47:79:af:42:
9b:e6:de:09:71:24:2c:12:94:22:62:8c:50:a6:75:
d6:a2:3c:2b:f2:1d:8e:6f:94:87:79:1d:06:0c:4d:
65:5a:a7:f8:2e:cb:5c:0e:03:83:2d:85:57:fe:77:
f7:2a:0c:96:ff:6b:3e:26:86:b2:82:3f:75:40:79:
c4:76:e5:0a:db:62:03:b2:b7:fc:c5:5b:f4:a2:15:
8f:5f:7c:2d:68:62:0d:c0:23:bf:34:56:17:cf:45:
6e:bd:bd:39:7b:c3:7b:01:59:65:a2:4b:31:73:38:
2f:13:60:68:a3:a8:8c:6d:fb:aa:15:25:73:8e:df:
02:7d:00:a0:f2:70:2c:11:d6:29:3c:48:95:48:e1:
1d:26:2e:bb:34:1f:51:86:cf:44:e8:2b:39:66:ed:
a1:d7:98:bb:1f:31:a4:d1:74:9a:2a:12:4a:bd:80:
9f:3b:2a:a4:82:09:66:7a:4b:00:ea:b9:22:6f:ab:
ab:ac:ef:38:a7:00:4f:e0:e8:6e:c3:8e:ce:83:c8:
a5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:79:81:4C:9F:A9:89:77:44:F3:DB:B2:EB:A9:84:C7:74:17:17:3D
X509v3 Authority Key Identifier:
keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/L3mBTJ-piXdE89uy66mEx3QXFz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.250.0.0/16
192.109.236.0/24
195.203.0.0/16
217.27.0.0-217.27.4.255
217.27.6.0/23
IPv6:
2a03:5000:1::-2a03:5000:2:ffff:ffff:ffff:ffff:ffff
2a03:5000:11::-2a03:5000:12:ffff:ffff:ffff:ffff:ffff
2a03:5000:20::-2a03:5000:22:ffff:ffff:ffff:ffff:ffff
2a03:5000:30::-2a03:5000:32:ffff:ffff:ffff:ffff:ffff
2a03:5000:41::-2a03:5000:42:ffff:ffff:ffff:ffff:ffff
2a03:5000:51::-2a03:5000:52:ffff:ffff:ffff:ffff:ffff
2a03:5000:61::-2a03:5000:62:ffff:ffff:ffff:ffff:ffff
2a03:5000:71::-2a03:5000:72:ffff:ffff:ffff:ffff:ffff
2a03:5000:81::-2a03:5000:82:ffff:ffff:ffff:ffff:ffff
2a03:5000:91::-2a03:5000:92:ffff:ffff:ffff:ffff:ffff
2a03:5000:101::-2a03:5000:102:ffff:ffff:ffff:ffff:ffff
2a03:5000:111::-2a03:5000:112:ffff:ffff:ffff:ffff:ffff
2a03:5000:121::-2a03:5000:122:ffff:ffff:ffff:ffff:ffff
2a03:5000:131::-2a03:5000:132:ffff:ffff:ffff:ffff:ffff
2a03:5000:141::-2a03:5000:142:ffff:ffff:ffff:ffff:ffff
2a03:5000:151::-2a03:5000:152:ffff:ffff:ffff:ffff:ffff
2a03:5000:161::-2a03:5000:162:ffff:ffff:ffff:ffff:ffff
2a03:5000:171::-2a03:5000:172:ffff:ffff:ffff:ffff:ffff
2a03:5000:181::-2a03:5000:182:ffff:ffff:ffff:ffff:ffff
2a03:5000:191::-2a03:5000:192:ffff:ffff:ffff:ffff:ffff
2a03:5000:201::-2a03:5000:202:ffff:ffff:ffff:ffff:ffff
2a03:5000:211::-2a03:5000:212:ffff:ffff:ffff:ffff:ffff
2a03:5000:221::-2a03:5000:222:ffff:ffff:ffff:ffff:ffff
2a03:5000:231::-2a03:5000:232:ffff:ffff:ffff:ffff:ffff
2a03:5000:241::-2a03:5000:242:ffff:ffff:ffff:ffff:ffff
2a03:5000:251::-2a03:5000:252:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
90:d7:a0:40:a1:c8:e0:e6:c4:5a:9c:41:48:f4:c9:25:29:b0:
c2:67:03:f2:fd:a3:97:36:2f:40:22:e3:3e:34:f3:7d:bf:e5:
4e:e8:ce:7c:c3:0f:48:96:93:5b:8b:23:a4:46:fd:6f:0c:c5:
be:27:a4:fc:59:47:c0:6b:47:41:f2:6d:32:75:f1:bf:0c:31:
62:a4:ac:11:d7:a4:39:25:93:3c:28:f2:b3:db:43:24:e4:33:
80:7e:d8:dc:d0:b0:76:c7:be:e2:d4:86:89:39:79:a3:54:57:
2a:02:5c:a0:be:33:1a:ce:1c:81:54:54:54:a4:d0:fc:58:c4:
d5:f3:78:50:ae:96:56:ab:bd:35:43:f1:36:37:18:57:2c:12:
58:45:c8:eb:98:19:46:7f:49:64:b1:ad:62:21:cb:7c:3a:8e:
73:ec:1b:4f:df:59:07:96:93:fa:bc:e1:52:89:b3:dd:f4:55:
0d:91:55:e0:8f:1c:77:dd:c1:4c:82:1c:16:6c:f2:33:b0:8c:
8d:88:ca:05:f9:2c:3c:17:0b:a8:8b:e8:4a:ed:bb:1a:4d:29:
62:20:91:2f:5e:6d:41:a9:3f:7e:64:9a:c3:b5:80:d1:64:1e:
56:8a:67:d8:25:53:f2:e8:7e:d1:3b:4f:0e:79:b8:d9:f3:0a:
5b:db:3c:3e
-----BEGIN CERTIFICATE-----
MIIHNDCCBhygAwIBAgISAZHhOAECoWYC4AgolJ8RHVpMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjQwOTExMTMxMzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjc5ODE0YzlmYTk4OTc3NDRmM2RiYjJlYmE5ODRjNzc0MTcxNzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtbkYRxmPMjKcswk2qsOyE6knCjy
YojF30jSn/5HrGTxX9TZ7pmoyZVrXDzlGTUINvk9cJN150d5r0Kb5t4JcSQsEpQi
YoxQpnXWojwr8h2Ob5SHeR0GDE1lWqf4LstcDgODLYVX/nf3KgyW/2s+Joaygj91
QHnEduUK22IDsrf8xVv0ohWPX3wtaGINwCO/NFYXz0Vuvb05e8N7AVlloksxczgv
E2Boo6iMbfuqFSVzjt8CfQCg8nAsEdYpPEiVSOEdJi67NB9Rhs9E6Cs5Zu2h15i7
HzGk0XSaKhJKvYCfOyqkgglmeksA6rkib6urrO84pwBP4Ohuw47Og8ilCwIDAQAB
o4IEQDCCBDwwHQYDVR0OBBYEFC95gUyfqYl3RPPbsuuphMd0Fxc9MB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEvTDNtQlRKLXBpWGRFODl1eTY2bUV4M1FYRnowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICVAYIKwYBBQUHAQcBAf8EggJDMIICPzApBAIAATAjAwMA
lfoDBADAbewDAwDDyzALAwMA2RsDBADZGwQDBAHZGwYwggIQBAIAAjCCAggwEgMH
ACoDUAAAAQMHACoDUAAAAjASAwcAKgNQAAARAwcAKgNQAAASMBIDBwUqA1AAACAD
BwAqA1AAACIwEgMHBCoDUAAAMAMHACoDUAAAMjASAwcAKgNQAABBAwcAKgNQAABC
MBIDBwAqA1AAAFEDBwAqA1AAAFIwEgMHACoDUAAAYQMHACoDUAAAYjASAwcAKgNQ
AABxAwcAKgNQAAByMBIDBwAqA1AAAIEDBwAqA1AAAIIwEgMHACoDUAAAkQMHACoD
UAAAkjASAwcAKgNQAAEBAwcAKgNQAAECMBIDBwAqA1AAAREDBwAqA1AAARIwEgMH
ACoDUAABIQMHACoDUAABIjASAwcAKgNQAAExAwcAKgNQAAEyMBIDBwAqA1AAAUED
BwAqA1AAAUIwEgMHACoDUAABUQMHACoDUAABUjASAwcAKgNQAAFhAwcAKgNQAAFi
MBIDBwAqA1AAAXEDBwAqA1AAAXIwEgMHACoDUAABgQMHACoDUAABgjASAwcAKgNQ
AAGRAwcAKgNQAAGSMBIDBwAqA1AAAgEDBwAqA1AAAgIwEgMHACoDUAACEQMHACoD
UAACEjASAwcAKgNQAAIhAwcAKgNQAAIiMBIDBwAqA1AAAjEDBwAqA1AAAjIwEgMH
ACoDUAACQQMHACoDUAACQjASAwcAKgNQAAJRAwcAKgNQAAJSMA0GCSqGSIb3DQEB
CwUAA4IBAQCQ16BAocjg5sRanEFI9MklKbDCZwPy/aOXNi9AIuM+NPN9v+VO6M58
ww9IlpNbiyOkRv1vDMW+J6T8WUfAa0dB8m0ydfG/DDFipKwR16Q5JZM8KPKz20Mk
5DOAftjc0LB2x77i1IaJOXmjVFcqAlygvjMazhyBVFRUpND8WMTV83hQrpZWq701
Q/E2NxhXLBJYRcjrmBlGf0lksa1iIct8Oo5z7BtP31kHlpP6vOFSibPd9FUNkVXg
jxx33cFMghwWbPIzsIyNiMoF+Sw8Fwuoi+hK7bsaTSliIJEvXm1BqT9+ZJrDtYDR
ZB5WimfYJVPy6H7RO08OebjZ8wpb2zw+
-----END CERTIFICATE-----
Generated at Sat Sep 28 19:49:29 2024 by rpki-client on console-fra.rpki-client.org