Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/My9GGVMb3nsRJK_wwRkR3BjurGk.roa
File: My9GGVMb3nsRJK_wwRkR3BjurGk.roa (raw, json)
Hash identifier: JaoMHcJuNzmxHQGSLg/S4RXUVcStrIlSWyx8j34lrGc=
Subject key identifier: 33:2F:46:19:53:1B:DE:7B:11:24:AF:F0:C1:19:11:DC:18:EE:AC:69
Certificate issuer: /CN=49ee1194bd81d1946c39f10f7fdfdf22d1a03112
Certificate serial: 018D92C5888E80D3B4101B383394E9354013
Authority key identifier: 49:EE:11:94:BD:81:D1:94:6C:39:F1:0F:7F:DF:DF:22:D1:A0:31:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Se4RlL2B0ZRsOfEPf9_fItGgMRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/My9GGVMb3nsRJK_wwRkR3BjurGk.roa
Signing time: Sat 10 Feb 2024 11:27:15 +0000
ROA not before: Sat 10 Feb 2024 11:27:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59441
IP address blocks: 5.144.128.0/21 maxlen: 21
5.144.128.0/22 maxlen: 22
5.144.128.0/23 maxlen: 23
5.144.128.0/24 maxlen: 24
5.144.129.0/24 maxlen: 24
5.144.130.0/23 maxlen: 24
5.144.130.0/24 maxlen: 24
5.144.131.0/24 maxlen: 24
5.144.132.0/22 maxlen: 22
5.144.132.0/23 maxlen: 24
5.144.132.0/24 maxlen: 24
5.144.133.0/24 maxlen: 24
5.144.134.0/23 maxlen: 24
5.144.134.0/24 maxlen: 24
5.144.135.0/24 maxlen: 24
45.92.92.0/22 maxlen: 24
45.92.92.0/23 maxlen: 24
45.92.92.0/24 maxlen: 24
45.92.93.0/24 maxlen: 24
45.92.94.0/23 maxlen: 24
45.92.94.0/24 maxlen: 24
45.92.95.0/24 maxlen: 24
45.138.132.0/22 maxlen: 24
45.138.132.0/23 maxlen: 24
45.138.132.0/24 maxlen: 24
45.138.133.0/24 maxlen: 24
45.138.134.0/24 maxlen: 24
45.138.135.0/24 maxlen: 24
185.83.112.0/22 maxlen: 22
185.83.112.0/23 maxlen: 23
185.83.112.0/24 maxlen: 24
185.83.113.0/24 maxlen: 24
185.83.114.0/23 maxlen: 24
185.83.114.0/24 maxlen: 24
185.83.115.0/24 maxlen: 24
185.83.181.0/24 maxlen: 24
185.83.183.0/24 maxlen: 24
185.169.6.0/24 maxlen: 24
185.173.104.0/22 maxlen: 24
185.173.104.0/24 maxlen: 24
185.173.105.0/24 maxlen: 24
185.173.106.0/24 maxlen: 24
185.173.107.0/24 maxlen: 24
185.205.203.0/24 maxlen: 24
185.208.76.0/23 maxlen: 23
185.208.78.0/23 maxlen: 24
185.208.78.0/24 maxlen: 24
185.208.79.0/24 maxlen: 24
193.3.231.0/24 maxlen: 24
2a05:9a00::/29 maxlen: 29
2a05:9a00::/48 maxlen: 48
2a05:9a00:1::/48 maxlen: 48
2a05:9a00:2::/48 maxlen: 48
2a05:9a00:3::/48 maxlen: 48
2a05:9a00:4::/48 maxlen: 48
2a05:9a00:1000::/48 maxlen: 48
2a05:9a00:1001::/48 maxlen: 48
2a05:9a00:1002::/48 maxlen: 48
2a05:9a00:1003::/48 maxlen: 48
2a07:e440::/29 maxlen: 29
2a10:4340::/29 maxlen: 29
2a10:5c40::/29 maxlen: 29
2a10:6140::/29 maxlen: 29
2a10:b800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/Se4RlL2B0ZRsOfEPf9_fItGgMRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/Se4RlL2B0ZRsOfEPf9_fItGgMRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Se4RlL2B0ZRsOfEPf9_fItGgMRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:92:c5:88:8e:80:d3:b4:10:1b:38:33:94:e9:35:40:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49ee1194bd81d1946c39f10f7fdfdf22d1a03112
Validity
Not Before: Feb 10 11:27:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=332f4619531bde7b1124aff0c11911dc18eeac69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:87:d5:18:ff:3d:08:1d:cb:54:ae:90:c6:63:
87:27:9f:e6:2d:b7:0f:30:74:b1:30:e7:90:ba:b2:
8d:90:25:c7:d2:b0:f1:d1:60:c4:0b:3f:0e:98:85:
a4:ea:24:f5:f1:17:04:74:d3:9d:28:aa:bc:4b:69:
7f:62:1a:ed:bf:11:39:41:c9:ef:92:64:5f:91:5d:
7d:b6:dc:e8:ea:a1:d7:cc:ca:72:6b:04:13:47:37:
77:b5:50:b6:c4:32:15:da:a9:14:b3:a0:20:77:b9:
ce:9d:ba:30:12:0d:43:d5:e0:f2:e7:0f:67:29:ee:
b9:54:a6:4f:42:51:91:8f:1b:99:a8:49:dc:c6:88:
79:fd:cf:df:5a:e7:27:e3:68:bb:6b:5e:7c:08:4e:
25:17:dc:ae:85:2b:fb:f8:5d:b2:60:06:43:e5:21:
77:77:c7:8d:2d:fd:3d:79:6c:d6:64:a1:6a:47:42:
48:e8:42:a2:48:bb:6f:79:9f:ca:58:71:20:3e:aa:
e3:8c:4a:5f:3e:a5:6e:18:d4:5f:4d:38:55:78:fa:
1e:8f:52:44:22:8e:86:2e:69:d3:2c:30:60:89:e6:
a1:f8:a9:91:05:ac:8a:e0:44:f5:22:8d:a1:e1:f9:
e9:82:e0:4a:02:54:02:ee:b0:fe:26:98:96:e5:2c:
fb:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:2F:46:19:53:1B:DE:7B:11:24:AF:F0:C1:19:11:DC:18:EE:AC:69
X509v3 Authority Key Identifier:
keyid:49:EE:11:94:BD:81:D1:94:6C:39:F1:0F:7F:DF:DF:22:D1:A0:31:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Se4RlL2B0ZRsOfEPf9_fItGgMRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/My9GGVMb3nsRJK_wwRkR3BjurGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/Se4RlL2B0ZRsOfEPf9_fItGgMRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.128.0/21
45.92.92.0/22
45.138.132.0/22
185.83.112.0/22
185.83.181.0/24
185.83.183.0/24
185.169.6.0/24
185.173.104.0/22
185.205.203.0/24
185.208.76.0/22
193.3.231.0/24
IPv6:
2a05:9a00::/29
2a07:e440::/29
2a10:4340::/29
2a10:5c40::/29
2a10:6140::/29
2a10:b800::/29
Signature Algorithm: sha256WithRSAEncryption
91:48:61:68:e1:04:4a:6e:78:ad:63:9b:aa:7d:66:40:09:61:
31:0e:3a:da:31:06:0c:f7:87:2d:58:d5:16:22:9c:e1:66:12:
6a:e6:8d:70:f0:61:e6:63:b6:7f:e9:4c:45:be:5a:b2:6b:38:
28:f9:fc:40:45:3b:d4:2b:45:f1:36:a0:1e:26:94:66:86:09:
e6:1d:58:83:31:36:c4:f7:13:89:ab:65:7f:b1:f1:f2:70:0c:
94:66:ab:ff:07:d1:14:5c:97:0e:65:6b:a9:d4:65:eb:5a:83:
7f:bb:33:08:5c:72:23:a7:8b:3f:cb:ba:6f:f3:2c:64:e4:3c:
2f:d8:e7:b8:fc:97:e7:b9:67:4a:99:4b:24:54:25:04:9b:23:
47:3b:b3:22:36:47:2e:2c:39:80:a3:21:65:f8:5a:e0:7c:ca:
f7:04:4a:8f:6c:1a:63:94:1b:7d:aa:d5:63:70:42:b3:3d:4e:
20:63:ef:e0:19:2a:e7:c3:94:61:b2:c3:e5:fd:de:f8:85:ef:
3c:78:de:7a:bb:0b:94:9c:df:1f:bc:2e:3f:3f:39:53:6e:43:
35:87:d2:ec:28:2e:6b:95:7e:e6:79:40:21:cf:54:eb:78:68:
29:27:71:7d:a9:f6:bc:3e:25:d6:b8:69:f4:d5:e1:5c:da:a6:
03:5f:27:92
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAY2SxYiOgNO0EBs4M5TpNUATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZWUxMTk0YmQ4MWQxOTQ2YzM5ZjEwZjdmZGZkZjIyZDFh
MDMxMTIwHhcNMjQwMjEwMTEyNzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzJmNDYxOTUzMWJkZTdiMTEyNGFmZjBjMTE5MTFkYzE4ZWVhYzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIfVGP89CB3LVK6QxmOHJ5/mLbcP
MHSxMOeQurKNkCXH0rDx0WDECz8OmIWk6iT18RcEdNOdKKq8S2l/YhrtvxE5Qcnv
kmRfkV19ttzo6qHXzMpyawQTRzd3tVC2xDIV2qkUs6Agd7nOnbowEg1D1eDy5w9n
Ke65VKZPQlGRjxuZqEncxoh5/c/fWucn42i7a158CE4lF9yuhSv7+F2yYAZD5SF3
d8eNLf09eWzWZKFqR0JI6EKiSLtveZ/KWHEgPqrjjEpfPqVuGNRfTThVePoej1JE
Io6GLmnTLDBgieah+KmRBayK4ET1Io2h4fnpguBKAlQC7rD+JpiW5Sz71wIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFDMvRhlTG957ESSv8MEZEdwY7qxpMB8GA1UdIwQY
MBaAFEnuEZS9gdGUbDnxD3/f3yLRoDESMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2U0UmxMMkIwWlJzT2ZFUGY5X2ZJdEdnTVJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hMzI0ZjQtOTc3MC00YTU4LWE2ZWYt
ZDYyZmE2MzE5ZmQ0LzEvTXk5R0dWTWIzbnNSSktfd3dSa1IzQmp1ckdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9hMzI0ZjQtOTc3MC00YTU4LWE2ZWYtZDYyZmE2MzE5ZmQ0
LzEvU2U0UmxMMkIwWlJzT2ZFUGY5X2ZJdEdnTVJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwSAQCAAEwQgMEAwWQgAME
Ai1cXAMEAi2KhAMEArlTcAMEALlTtQMEALlTtwMEALmpBgMEArmtaAMEALnNywME
ArnQTAMEAMED5zAwBAIAAjAqAwUDKgWaAAMFAyoH5EADBQMqEENAAwUDKhBcQAMF
AyoQYUADBQMqELgAMA0GCSqGSIb3DQEBCwUAA4IBAQCRSGFo4QRKbnitY5uqfWZA
CWExDjraMQYM94ctWNUWIpzhZhJq5o1w8GHmY7Z/6UxFvlqyazgo+fxARTvUK0Xx
NqAeJpRmhgnmHViDMTbE9xOJq2V/sfHycAyUZqv/B9EUXJcOZWup1GXrWoN/uzMI
XHIjp4s/y7pv8yxk5Dwv2Oe4/JfnuWdKmUskVCUEmyNHO7MiNkcuLDmAoyFl+Frg
fMr3BEqPbBpjlBt9qtVjcEKzPU4gY+/gGSrnw5RhssPl/d74he88eN56uwuUnN8f
vC4/PzlTbkM1h9LsKC5rlX7meUAhz1TreGgpJ3F9qfa8PiXWuGn01eFc2qYDXyeS
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:35 2024 by rpki-client on console-ams.rpki-client.org