Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/jrN5d2yobT6oYqrUWqVAij8wVfw.roa
File: jrN5d2yobT6oYqrUWqVAij8wVfw.roa (raw, json)
Hash identifier: 1DXRWHbuUnM4i9FApmuhCW/jaCybpCUc+yERj6IkPHk=
Subject key identifier: 8E:B3:79:77:6C:A8:6D:3E:A8:62:AA:D4:5A:A5:40:8A:3F:30:55:FC
Certificate issuer: /CN=50741158f3ed65bee1bde12f34f895afb0dd50d5
Certificate serial: 018CCA2980D3A9EF70204969EA0D449B6525
Authority key identifier: 50:74:11:58:F3:ED:65:BE:E1:BD:E1:2F:34:F8:95:AF:B0:DD:50:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/jrN5d2yobT6oYqrUWqVAij8wVfw.roa
Signing time: Tue 02 Jan 2024 12:32:46 +0000
ROA not before: Tue 02 Jan 2024 12:32:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6810
IP address blocks: 147.235.59.0/24 maxlen: 24
147.235.70.0/24 maxlen: 24
147.235.70.0/23 maxlen: 23
147.235.71.0/24 maxlen: 24
147.235.0.0/16 maxlen: 24
147.235.31.0/24 maxlen: 24
147.235.154.0/24 maxlen: 24
147.235.182.0/23 maxlen: 23
147.235.182.0/24 maxlen: 24
147.235.183.0/24 maxlen: 24
147.235.192.0/22 maxlen: 22
147.235.192.0/24 maxlen: 24
147.235.192.0/19 maxlen: 24
147.235.196.0/22 maxlen: 22
147.235.194.0/24 maxlen: 24
147.235.199.0/24 maxlen: 24
147.235.194.0/23 maxlen: 24
147.235.195.0/24 maxlen: 24
147.235.193.0/24 maxlen: 24
147.235.198.0/24 maxlen: 24
147.235.196.0/23 maxlen: 24
147.235.197.0/24 maxlen: 24
147.235.198.0/23 maxlen: 24
147.235.196.0/24 maxlen: 24
147.235.96.0/22 maxlen: 22
147.235.97.0/24 maxlen: 24
147.235.96.0/24 maxlen: 24
147.235.96.0/23 maxlen: 23
147.235.98.0/23 maxlen: 23
147.235.98.0/24 maxlen: 24
147.235.99.0/24 maxlen: 24
147.235.111.0/24 maxlen: 24
147.235.144.0/21 maxlen: 24
149.106.128.0/19 maxlen: 24
149.106.224.0/19 maxlen: 24
147.235.254.0/23 maxlen: 24
147.235.202.0/23 maxlen: 24
147.235.206.0/24 maxlen: 24
147.235.206.0/23 maxlen: 24
147.235.200.0/21 maxlen: 21
147.235.200.0/22 maxlen: 22
147.235.201.0/24 maxlen: 24
147.235.202.0/24 maxlen: 24
147.235.203.0/24 maxlen: 24
147.235.204.0/24 maxlen: 24
147.235.204.0/23 maxlen: 24
147.235.204.0/22 maxlen: 22
147.235.205.0/24 maxlen: 24
147.235.200.0/24 maxlen: 24
147.235.200.0/23 maxlen: 24
147.235.211.0/24 maxlen: 24
147.235.213.0/24 maxlen: 24
147.235.208.0/22 maxlen: 23
147.235.208.0/24 maxlen: 24
147.235.209.0/24 maxlen: 24
147.235.210.0/24 maxlen: 24
147.235.207.0/24 maxlen: 24
147.235.212.0/23 maxlen: 23
147.235.212.0/24 maxlen: 24
147.235.212.0/22 maxlen: 23
147.235.215.0/24 maxlen: 24
147.235.216.0/24 maxlen: 24
147.235.216.0/22 maxlen: 23
147.235.214.0/24 maxlen: 24
147.235.218.0/23 maxlen: 23
147.235.218.0/24 maxlen: 24
147.235.219.0/24 maxlen: 24
147.235.216.0/21 maxlen: 21
147.235.217.0/24 maxlen: 24
147.235.222.0/24 maxlen: 24
147.235.222.0/23 maxlen: 23
147.235.220.0/22 maxlen: 22
147.235.223.0/24 maxlen: 24
147.235.220.0/24 maxlen: 24
147.235.220.0/23 maxlen: 23
147.235.221.0/24 maxlen: 24
147.235.226.0/24 maxlen: 24
147.235.228.0/22 maxlen: 24
2a06:c701::/32 maxlen: 32
2a06:c701:1000::/36 maxlen: 36
2a06:c700:2000::/36 maxlen: 36
2a06:c700::/32 maxlen: 48
2a06:c700::/44 maxlen: 44
2a06:c700::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/UHQRWPPtZb7hveEvNPiVr7DdUNU.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/UHQRWPPtZb7hveEvNPiVr7DdUNU.mft
rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 01:02:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:80:d3:a9:ef:70:20:49:69:ea:0d:44:9b:65:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50741158f3ed65bee1bde12f34f895afb0dd50d5
Validity
Not Before: Jan 2 12:32:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8eb379776ca86d3ea862aad45aa5408a3f3055fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:25:c9:07:99:e9:13:94:f4:ec:d2:ab:4d:da:
28:26:b2:28:1b:21:2d:9b:55:17:16:66:fd:94:58:
0a:40:16:76:1f:df:c5:3a:a2:a0:12:14:8f:fa:44:
ae:d7:84:28:3b:61:d7:14:16:ae:a3:f2:a4:c9:8f:
35:ca:4a:c3:30:51:25:2b:52:8b:4c:5b:a9:da:37:
00:b2:5b:db:49:8a:b2:ef:39:75:ad:7c:f8:84:51:
6f:7b:3f:4c:a3:9f:3f:1c:26:83:b0:21:6e:24:42:
ca:c0:06:e8:6d:1b:02:e1:fb:23:82:3f:26:d5:dc:
bf:07:6e:e5:d9:8d:d1:43:1a:ae:64:74:e0:68:a9:
1c:35:9b:29:4b:06:a2:bd:33:c9:28:b9:89:8b:7f:
be:93:da:b2:5a:8a:07:55:99:4a:e6:ef:e6:64:b7:
e1:89:df:2a:15:d3:b6:9f:c0:6c:0f:e4:1a:2c:94:
a0:0c:59:6b:a2:78:54:d8:3a:1e:14:10:fd:d2:cb:
6d:31:33:f3:71:73:e5:3e:91:63:90:14:2c:d4:48:
3a:cd:e0:cb:78:4c:f7:aa:45:f7:03:51:bf:98:0b:
ff:29:4b:25:4b:f3:26:ce:68:de:f7:09:f6:e3:d9:
15:35:0b:1f:ae:24:1a:1e:42:f3:2a:6b:3d:05:f4:
e5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B3:79:77:6C:A8:6D:3E:A8:62:AA:D4:5A:A5:40:8A:3F:30:55:FC
X509v3 Authority Key Identifier:
keyid:50:74:11:58:F3:ED:65:BE:E1:BD:E1:2F:34:F8:95:AF:B0:DD:50:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/jrN5d2yobT6oYqrUWqVAij8wVfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/UHQRWPPtZb7hveEvNPiVr7DdUNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.235.0.0/16
149.106.128.0/19
149.106.224.0/19
IPv6:
2a06:c700::/29
Signature Algorithm: sha256WithRSAEncryption
40:66:66:b9:be:84:08:14:03:04:4f:72:fd:3d:58:e3:c1:0b:
80:bc:a1:5b:9b:d3:0e:a2:7f:ac:5d:a5:7f:07:fa:2d:7a:49:
cc:0e:cc:26:c9:0f:e4:3d:8c:9b:d2:d2:fa:93:c0:fb:fc:1d:
1a:21:1d:9c:73:f9:d0:84:85:8d:69:fb:1b:72:be:64:e6:55:
e0:c1:11:89:5c:e4:79:bc:23:c9:c9:eb:34:4c:f9:d5:97:6b:
53:49:d2:10:c7:82:07:c4:a8:73:72:12:33:19:4b:ea:33:95:
5c:f2:dd:dc:14:c8:37:3d:12:99:76:7a:17:30:97:38:98:6d:
54:e9:09:d3:5d:4c:c5:ec:f6:d9:f1:e1:cf:ac:47:91:5e:22:
ed:7f:7e:67:3c:bd:0b:8a:3e:05:ab:85:4e:f3:28:e1:f7:63:
76:dc:16:f1:c2:80:5d:e7:5a:8b:eb:52:a7:9b:db:eb:ef:f1:
23:32:fe:d8:11:73:56:d0:48:cc:53:73:cd:c3:31:3f:4e:36:
48:79:2f:c5:6f:9c:1c:fc:a3:1a:f5:87:d2:bb:f3:ae:41:d2:
7f:18:e0:a7:23:6e:38:8a:2a:24:8a:52:79:16:bc:a2:47:28:
1c:17:2b:69:bd:92:ce:c3:d3:8d:53:13:19:ad:6e:18:b4:2b:
29:9a:7e:8e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzKKYDTqe9wIElp6g1Em2UlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNzQxMTU4ZjNlZDY1YmVlMWJkZTEyZjM0Zjg5NWFmYjBk
ZDUwZDUwHhcNMjQwMTAyMTIzMjQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWIzNzk3NzZjYTg2ZDNlYTg2MmFhZDQ1YWE1NDA4YTNmMzA1NWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCXJB5npE5T07NKrTdooJrIoGyEt
m1UXFmb9lFgKQBZ2H9/FOqKgEhSP+kSu14QoO2HXFBauo/KkyY81ykrDMFElK1KL
TFup2jcAslvbSYqy7zl1rXz4hFFvez9Mo58/HCaDsCFuJELKwAbobRsC4fsjgj8m
1dy/B27l2Y3RQxquZHTgaKkcNZspSwaivTPJKLmJi3++k9qyWooHVZlK5u/mZLfh
id8qFdO2n8BsD+QaLJSgDFlronhU2DoeFBD90sttMTPzcXPlPpFjkBQs1Eg6zeDL
eEz3qkX3A1G/mAv/KUslS/Mmzmje9wn249kVNQsfriQaHkLzKms9BfTlgQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFI6zeXdsqG0+qGKq1FqlQIo/MFX8MB8GA1UdIwQY
MBaAFFB0EVjz7WW+4b3hLzT4la+w3VDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUhRUldQUHRaYjdodmVFdk5QaVZyN0RkVU5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MzliODEtM2NkMy00NjljLWI5NTQt
MzU1M2I0ZWQ2Nzk0LzEvanJONWQyeW9iVDZvWXFyVVdxVkFpajh3VmZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MzliODEtM2NkMy00NjljLWI5NTQtMzU1M2I0ZWQ2Nzk0
LzEvVUhRUldQUHRaYjdodmVFdk5QaVZyN0RkVU5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMAk+sDBAWV
aoADBAWVauAwDQQCAAIwBwMFAyoGxwAwDQYJKoZIhvcNAQELBQADggEBAEBmZrm+
hAgUAwRPcv09WOPBC4C8oVub0w6if6xdpX8H+i16ScwOzCbJD+Q9jJvS0vqTwPv8
HRohHZxz+dCEhY1p+xtyvmTmVeDBEYlc5Hm8I8nJ6zRM+dWXa1NJ0hDHggfEqHNy
EjMZS+ozlVzy3dwUyDc9Epl2ehcwlziYbVTpCdNdTMXs9tnx4c+sR5FeIu1/fmc8
vQuKPgWrhU7zKOH3Y3bcFvHCgF3nWovrUqeb2+vv8SMy/tgRc1bQSMxTc83DMT9O
Nkh5L8VvnBz8oxr1h9K7865B0n8Y4KcjbjiKKiSKUnkWvKJHKBwXK2m9ks7D041T
Exmtbhi0Kymafo4=
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:07:45 2024 by rpki-client on console-ams.rpki-client.org