Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/jCGt4kcQy51coIqaTpYl3NKNRlU.roa
File: jCGt4kcQy51coIqaTpYl3NKNRlU.roa (raw, json)
Hash identifier: QjrgJHLCZDqthseLgZvqkFvIp45q0AIoiYFSXpuhv/U=
Subject key identifier: 8C:21:AD:E2:47:10:CB:9D:5C:A0:8A:9A:4E:96:25:DC:D2:8D:46:55
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 018CCA2BBAF028E1DDFDF5671A3C6B067D53
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/jCGt4kcQy51coIqaTpYl3NKNRlU.roa
Signing time: Tue 02 Jan 2024 12:35:12 +0000
ROA not before: Tue 02 Jan 2024 12:35:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57367
IP address blocks: 128.204.216.0/24 maxlen: 24
128.204.218.0/24 maxlen: 24
128.204.217.0/24 maxlen: 24
128.204.219.0/24 maxlen: 24
31.186.80.0/21 maxlen: 21
128.204.221.0/24 maxlen: 24
128.204.220.0/22 maxlen: 22
128.204.220.0/24 maxlen: 24
128.204.223.0/24 maxlen: 24
128.204.222.0/24 maxlen: 24
85.194.240.0/22 maxlen: 22
195.167.159.0/24 maxlen: 24
195.167.157.0/24 maxlen: 24
195.167.156.0/24 maxlen: 24
85.194.242.0/24 maxlen: 24
85.194.244.0/22 maxlen: 22
85.194.246.0/24 maxlen: 24
85.194.247.0/24 maxlen: 24
185.36.168.0/22 maxlen: 22
206.252.232.0/24 maxlen: 24
206.252.251.0/24 maxlen: 24
212.91.27.0/24 maxlen: 24
212.91.26.0/24 maxlen: 24
77.79.227.0/24 maxlen: 24
77.79.248.0/24 maxlen: 24
77.79.250.0/24 maxlen: 24
91.185.184.0/24 maxlen: 24
91.185.186.0/24 maxlen: 24
91.185.185.0/24 maxlen: 24
91.185.188.0/24 maxlen: 24
91.185.187.0/24 maxlen: 24
91.185.189.0/24 maxlen: 24
91.185.191.0/24 maxlen: 24
91.185.190.0/24 maxlen: 24
85.232.241.0/24 maxlen: 24
213.189.52.0/24 maxlen: 24
213.189.54.0/24 maxlen: 24
213.189.53.0/24 maxlen: 24
213.189.55.0/24 maxlen: 24
213.189.56.0/24 maxlen: 24
213.189.58.0/24 maxlen: 24
2001:1a68:1a::/48 maxlen: 48
2001:1a68:ec00::/40 maxlen: 40
2001:1a68:19::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:ba:f0:28:e1:dd:fd:f5:67:1a:3c:6b:06:7d:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 12:35:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c21ade24710cb9d5ca08a9a4e9625dcd28d4655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e5:bf:70:5e:7a:dc:99:44:f4:8e:28:d1:46:
90:aa:f8:29:d0:cd:64:35:6a:45:28:3f:b2:a8:ed:
b9:9c:7d:fe:81:83:34:76:de:84:e5:86:ce:14:cf:
fa:4e:f6:89:82:ed:8f:35:1c:40:8b:1f:a6:f8:97:
5a:5e:bd:f5:ad:e9:4a:4d:18:56:2d:42:d3:bc:d2:
e6:b8:2d:fe:05:a7:53:6c:cd:01:2c:99:d3:f9:c3:
fb:42:11:9a:35:38:05:10:6e:1a:d3:76:8f:12:63:
5e:ca:86:44:6a:b4:83:dd:fe:f8:8e:ae:54:26:10:
2f:34:e6:10:80:84:0d:ef:03:98:06:11:46:49:d8:
61:cb:89:61:d3:9f:a1:c5:2e:7c:39:1d:2b:f4:b9:
d1:83:72:b7:1e:f2:6b:9c:5b:31:5c:ad:54:3d:6e:
c0:1d:dd:8b:e9:6c:74:43:ec:04:5b:bd:49:6f:ab:
f0:ba:62:95:f2:9b:b7:7e:c8:fe:20:35:9f:53:f1:
e9:ef:84:12:7f:80:1a:29:6e:61:68:7a:97:90:45:
88:8e:6a:91:4e:f3:8e:b5:fe:d3:c3:45:53:28:93:
58:4f:1a:95:4c:f1:b6:40:0a:31:44:1d:c3:7c:66:
63:ea:d4:de:69:1b:97:2b:bc:10:e8:3a:49:46:8e:
19:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:21:AD:E2:47:10:CB:9D:5C:A0:8A:9A:4E:96:25:DC:D2:8D:46:55
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/jCGt4kcQy51coIqaTpYl3NKNRlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.80.0/21
77.79.227.0/24
77.79.248.0/24
77.79.250.0/24
85.194.240.0/21
85.232.241.0/24
91.185.184.0/21
128.204.216.0/21
185.36.168.0/22
195.167.156.0/23
195.167.159.0/24
206.252.232.0/24
206.252.251.0/24
212.91.26.0/23
213.189.52.0-213.189.56.255
213.189.58.0/24
IPv6:
2001:1a68:19::-2001:1a68:1a:ffff:ffff:ffff:ffff:ffff
2001:1a68:ec00::/40
Signature Algorithm: sha256WithRSAEncryption
48:da:e1:08:e2:9b:7d:ad:88:b0:f4:20:70:33:cf:f8:1d:99:
68:d8:e1:fb:9d:73:35:56:94:7d:cc:87:ce:76:d1:ab:cf:5a:
fc:f7:42:dd:e2:d6:45:c3:31:0f:d3:f7:38:bf:7d:f5:4f:45:
13:30:dc:d9:bd:dd:d8:0d:db:3e:70:6c:a5:03:3f:ea:be:f2:
a0:00:c0:02:29:86:fa:8f:58:9a:1a:2b:8c:97:85:4f:7a:91:
c0:e5:c0:15:e1:34:e5:43:01:99:40:75:bd:e0:92:c7:0a:6a:
5b:4b:0c:13:d5:7a:85:62:7a:b6:c2:4e:60:10:83:44:b0:18:
8c:25:8c:21:be:29:51:37:4f:b4:15:48:a2:51:06:0a:c2:84:
bb:6c:de:5b:00:9b:fa:12:21:ba:2d:ea:ee:fb:a7:31:74:54:
69:d2:a6:b2:ae:17:3d:e3:2c:c0:ae:6b:50:86:45:7c:37:49:
02:5c:f7:d6:4b:c1:7b:8a:62:23:7f:62:eb:eb:cd:e9:0a:0d:
5a:c9:a2:c8:9b:d5:75:e3:ce:eb:95:fe:49:cc:6d:e8:c6:80:
5a:d1:37:bf:c7:85:d3:37:cd:a6:e6:c3:aa:a2:77:ef:7c:17:
1c:86:0a:dd:74:6f:76:29:99:f4:5e:8b:b7:c5:dd:f0:8d:7e:
37:68:be:1f
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYzKK7rwKOHd/fVnGjxrBn1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjQwMTAyMTIzNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzIxYWRlMjQ3MTBjYjlkNWNhMDhhOWE0ZTk2MjVkY2QyOGQ0NjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOW/cF563JlE9I4o0UaQqvgp0M1k
NWpFKD+yqO25nH3+gYM0dt6E5YbOFM/6TvaJgu2PNRxAix+m+JdaXr31relKTRhW
LULTvNLmuC3+BadTbM0BLJnT+cP7QhGaNTgFEG4a03aPEmNeyoZEarSD3f74jq5U
JhAvNOYQgIQN7wOYBhFGSdhhy4lh05+hxS58OR0r9LnRg3K3HvJrnFsxXK1UPW7A
Hd2L6Wx0Q+wEW71Jb6vwumKV8pu3fsj+IDWfU/Hp74QSf4AaKW5haHqXkEWIjmqR
TvOOtf7Tw0VTKJNYTxqVTPG2QAoxRB3DfGZj6tTeaRuXK7wQ6DpJRo4ZNQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFIwhreJHEMudXKCKmk6WJdzSjUZVMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvakNHdDRrY1F5NTFjb0lxYVRwWWwzTktOUmxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDBuBAIAATBoAwQDH7pQ
AwQATU/jAwQATU/4AwQATU/6AwQDVcLwAwQAVejxAwQDW7m4AwQDgMzYAwQCuSSo
AwQBw6ecAwQAw6efAwQAzvzoAwQAzvz7AwQB1FsaMAwDBALVvTQDBADVvTgDBADV
vTowIgQCAAIwHDASAwcAIAEaaAAZAwcAIAEaaAAaAwYAIAEaaOwwDQYJKoZIhvcN
AQELBQADggEBAEja4Qjim32tiLD0IHAzz/gdmWjY4fudczVWlH3Mh8520avPWvz3
Qt3i1kXDMQ/T9zi/ffVPRRMw3Nm93dgN2z5wbKUDP+q+8qAAwAIphvqPWJoaK4yX
hU96kcDlwBXhNOVDAZlAdb3gkscKaltLDBPVeoVierbCTmAQg0SwGIwljCG+KVE3
T7QVSKJRBgrChLts3lsAm/oSIbot6u77pzF0VGnSprKuFz3jLMCua1CGRXw3SQJc
99ZLwXuKYiN/YuvrzekKDVrJosib1XXjzuuV/knMbejGgFrRN7/HhdM3zabmw6qi
d+98FxyGCt10b3YpmfRei7fF3fCNfjdovh8=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:14:15 2024 by rpki-client on console-ams.rpki-client.org