Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/lJP8YL7Q2WeJTeTfP88OZwF5md8.roa
File: lJP8YL7Q2WeJTeTfP88OZwF5md8.roa (raw, json)
Hash identifier: mKsnn2aEiPzlw2q1XJ+bkCZPt1QuzSrFk7fwji6YlTk=
Subject key identifier: 94:93:FC:60:BE:D0:D9:67:89:4D:E4:DF:3F:CF:0E:67:01:79:99:DF
Certificate issuer: /CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Certificate serial: 019320BF06078CB8B8D3B4AE689069DC88CA
Authority key identifier: 64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/lJP8YL7Q2WeJTeTfP88OZwF5md8.roa
Signing time: Tue 12 Nov 2024 14:20:10 +0000
ROA not before: Tue 12 Nov 2024 14:20:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49367
IP address blocks: 31.193.188.0/24 maxlen: 24
37.156.174.0/24 maxlen: 24
45.83.56.0/22 maxlen: 22
45.86.144.0/22 maxlen: 22
77.81.103.0/24 maxlen: 24
85.204.255.0/24 maxlen: 24
86.107.110.0/24 maxlen: 24
89.34.236.0/23 maxlen: 23
89.34.239.0/24 maxlen: 24
89.39.254.0/24 maxlen: 24
89.40.142.0/23 maxlen: 23
89.40.227.0/24 maxlen: 24
89.42.134.0/24 maxlen: 24
89.43.34.0/24 maxlen: 24
89.43.35.0/24 maxlen: 24
89.43.52.0/24 maxlen: 24
91.212.52.0/24 maxlen: 24
91.229.186.0/24 maxlen: 24
93.113.144.0/21 maxlen: 21
93.113.144.0/22 maxlen: 22
93.113.144.0/24 maxlen: 24
93.113.145.0/24 maxlen: 24
93.113.146.0/24 maxlen: 24
93.113.147.0/24 maxlen: 24
93.113.148.0/22 maxlen: 22
93.113.148.0/24 maxlen: 24
93.113.149.0/24 maxlen: 24
93.113.150.0/24 maxlen: 24
93.113.151.0/24 maxlen: 24
94.176.212.0/24 maxlen: 24
94.177.48.0/23 maxlen: 23
185.184.240.0/22 maxlen: 22
185.184.240.0/24 maxlen: 24
185.184.241.0/24 maxlen: 24
185.184.242.0/24 maxlen: 24
185.184.243.0/24 maxlen: 24
188.208.16.0/23 maxlen: 23
188.208.16.0/24 maxlen: 24
188.208.17.0/24 maxlen: 24
188.211.248.0/24 maxlen: 24
188.215.6.0/23 maxlen: 23
188.215.6.0/24 maxlen: 24
188.215.7.0/24 maxlen: 24
188.240.228.0/23 maxlen: 23
188.240.228.0/24 maxlen: 24
188.240.229.0/24 maxlen: 24
193.239.140.0/23 maxlen: 23
217.198.177.0/24 maxlen: 24
2a04:68c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:20:bf:06:07:8c:b8:b8:d3:b4:ae:68:90:69:dc:88:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Validity
Not Before: Nov 12 14:20:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9493fc60bed0d967894de4df3fcf0e67017999df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b3:d9:1e:c8:a5:0c:bd:41:10:9e:37:ac:4f:
78:ae:24:5d:6a:dc:94:56:87:07:04:1a:b7:5c:fa:
6a:1a:f6:82:a6:91:4a:bc:98:b6:18:00:85:b6:14:
b4:5f:1a:7d:5b:e3:ec:2c:b6:04:49:ab:7c:9a:3e:
f9:6e:8f:5d:06:68:af:e2:d5:49:f5:24:12:61:e2:
9a:07:be:33:26:12:30:05:e2:c5:1f:50:85:ea:12:
b7:e8:fd:77:75:91:55:83:94:e9:7a:83:cf:40:e7:
95:ab:71:5e:42:ba:eb:d2:19:22:49:ab:db:fa:74:
8c:22:5d:a2:ba:17:bf:42:36:07:5c:c1:84:dc:f0:
46:f6:4c:c7:23:f8:f8:11:33:10:45:b3:ff:f7:be:
0b:2c:51:c2:3d:d9:fa:79:17:1e:e0:9c:23:3e:52:
5d:1c:02:22:50:26:a9:98:f7:1d:05:3f:69:bf:4e:
ad:b7:08:c1:38:7c:e2:a6:c2:02:d2:18:9b:e3:e6:
57:e6:82:bb:2f:bd:c8:44:73:28:7b:51:47:a3:e1:
70:56:bf:6c:94:4b:c7:d6:86:7c:8b:96:89:b1:62:
5d:9e:83:5a:15:f7:7e:db:9c:76:4b:fa:36:4c:78:
19:a6:26:18:79:06:33:dc:a4:dc:00:f4:b8:79:20:
80:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:93:FC:60:BE:D0:D9:67:89:4D:E4:DF:3F:CF:0E:67:01:79:99:DF
X509v3 Authority Key Identifier:
keyid:64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/lJP8YL7Q2WeJTeTfP88OZwF5md8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.188.0/24
37.156.174.0/24
45.83.56.0/22
45.86.144.0/22
77.81.103.0/24
85.204.255.0/24
86.107.110.0/24
89.34.236.0/23
89.34.239.0/24
89.39.254.0/24
89.40.142.0/23
89.40.227.0/24
89.42.134.0/24
89.43.34.0/23
89.43.52.0/24
91.212.52.0/24
91.229.186.0/24
93.113.144.0/21
94.176.212.0/24
94.177.48.0/23
185.184.240.0/22
188.208.16.0/23
188.211.248.0/24
188.215.6.0/23
188.240.228.0/23
193.239.140.0/23
217.198.177.0/24
IPv6:
2a04:68c0::/32
Signature Algorithm: sha256WithRSAEncryption
0f:05:ec:fe:ba:7f:b1:f5:85:49:9d:92:11:0d:27:1d:d6:5a:
3f:9b:80:60:ff:5a:b2:64:55:c0:d8:2a:b8:db:31:3a:a5:dc:
36:40:c4:1b:27:ab:51:b7:92:54:e1:dd:32:ec:40:77:78:df:
db:83:ea:2f:03:de:b8:eb:7a:2b:64:30:91:2d:b7:a0:dd:06:
48:98:b5:38:f2:07:c7:6d:5f:db:04:b0:bc:56:be:61:c6:64:
17:70:c8:2c:f7:2a:fa:28:e1:a7:f6:c7:03:f1:b4:e5:3e:7f:
e1:4e:7d:17:08:30:60:cd:36:e1:1d:7a:5e:2d:52:43:5d:3f:
2d:9d:3b:bc:a6:4c:d3:4a:f8:09:0d:57:62:0b:39:63:2e:c0:
6a:6e:91:3a:79:2b:e0:60:ba:df:b0:95:72:54:f2:8b:7b:40:
76:6e:cb:bb:20:47:84:fd:93:62:a0:a6:6d:7d:f7:e6:b6:66:
97:75:3a:9a:46:f0:ad:b8:1f:fc:f7:76:f5:db:71:ea:ee:fb:
f9:d5:9c:35:28:71:9b:e8:dc:07:a9:d6:91:00:6a:4c:b4:d1:
36:db:40:c0:46:c0:00:60:a9:71:76:14:5d:d3:d0:c2:53:38:
98:bd:46:28:41:6c:07:0b:2b:12:31:95:0a:c9:97:3e:40:f9:
7d:67:80:90
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZMgvwYHjLi407SuaJBp3IjKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZmE2NmZiODRhNzgxYTA1ODRmZDBkMWMyZGYzOWJkYTQ3
NjA1MTkwHhcNMjQxMTEyMTQyMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDkzZmM2MGJlZDBkOTY3ODk0ZGU0ZGYzZmNmMGU2NzAxNzk5OWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LPZHsilDL1BEJ43rE94riRdatyU
VocHBBq3XPpqGvaCppFKvJi2GACFthS0Xxp9W+PsLLYESat8mj75bo9dBmiv4tVJ
9SQSYeKaB74zJhIwBeLFH1CF6hK36P13dZFVg5TpeoPPQOeVq3FeQrrr0hkiSavb
+nSMIl2iuhe/QjYHXMGE3PBG9kzHI/j4ETMQRbP/974LLFHCPdn6eRce4JwjPlJd
HAIiUCapmPcdBT9pv06ttwjBOHzipsIC0hib4+ZX5oK7L73IRHMoe1FHo+FwVr9s
lEvH1oZ8i5aJsWJdnoNaFfd+25x2S/o2THgZpiYYeQYz3KTcAPS4eSCA8wIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFJST/GC+0NlniU3k3z/PDmcBeZnfMB8GA1UdIwQY
MBaAFGT6ZvuEp4GgWE/Q0cLfOb2kdgUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQt
NzQwOGViOGJjNTg2LzEvbEpQOFlMN1EyV2VKVGVUZlA4OE9ad0Y1bWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQtNzQwOGViOGJjNTg2
LzEvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBqQQCAAEwgaIDBAAf
wbwDBAAlnK4DBAItUzgDBAItVpADBABNUWcDBABVzP8DBABWa24DBAFZIuwDBABZ
Iu8DBABZJ/4DBAFZKI4DBABZKOMDBABZKoYDBAFZKyIDBABZKzQDBABb1DQDBABb
5boDBANdcZADBABesNQDBAFesTADBAK5uPADBAG80BADBAC80/gDBAG81wYDBAG8
8OQDBAHB74wDBADZxrEwDQQCAAIwBwMFACoEaMAwDQYJKoZIhvcNAQELBQADggEB
AA8F7P66f7H1hUmdkhENJx3WWj+bgGD/WrJkVcDYKrjbMTql3DZAxBsnq1G3klTh
3TLsQHd439uD6i8D3rjreitkMJEtt6DdBkiYtTjyB8dtX9sEsLxWvmHGZBdwyCz3
Kvoo4af2xwPxtOU+f+FOfRcIMGDNNuEdel4tUkNdPy2dO7ymTNNK+AkNV2ILOWMu
wGpukTp5K+Bgut+wlXJU8ot7QHZuy7sgR4T9k2Kgpm199+a2Zpd1OppG8K24H/z3
dvXbceru+/nVnDUocZvo3Aep1pEAaky00TbbQMBGwABgqXF2FF3T0MJTOJi9RihB
bAcLKxIxlQrJlz5A+X1ngJA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:44 2024 by rpki-client on console-ams.rpki-client.org