Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/NA3sp4c7wP8wCx4ZlrqzJ0Gi8sA.roa
File: NA3sp4c7wP8wCx4ZlrqzJ0Gi8sA.roa (raw, json)
Hash identifier: Th2G2gofHUt87h/oaxBEmAMihSOFP9BDX+jnsstroT4=
Subject key identifier: 34:0D:EC:A7:87:3B:C0:FF:30:0B:1E:19:96:BA:B3:27:41:A2:F2:C0
Certificate issuer: /CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Certificate serial: 019300C43F1609C7A381621EC4D9C947BE17
Authority key identifier: C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/NA3sp4c7wP8wCx4ZlrqzJ0Gi8sA.roa
Signing time: Wed 06 Nov 2024 09:18:01 +0000
ROA not before: Wed 06 Nov 2024 09:18:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48011
IP address blocks: 5.172.177.0/24 maxlen: 24
45.89.236.0/22 maxlen: 24
45.93.168.0/22 maxlen: 24
45.93.168.0/24 maxlen: 24
45.252.180.0/23 maxlen: 23
45.252.180.0/24 maxlen: 24
45.252.181.0/24 maxlen: 24
45.252.182.0/23 maxlen: 23
45.252.182.0/24 maxlen: 24
45.252.183.0/24 maxlen: 24
62.204.58.0/24 maxlen: 24
77.87.122.0/24 maxlen: 24
87.236.161.0/24 maxlen: 24
91.247.188.0/24 maxlen: 24
103.130.145.0/24 maxlen: 24
103.130.147.0/24 maxlen: 24
103.215.238.0/23 maxlen: 24
185.182.105.0/24 maxlen: 24
185.211.79.0/24 maxlen: 24
185.217.143.0/24 maxlen: 24
185.227.136.0/24 maxlen: 24
185.227.137.0/24 maxlen: 24
185.227.138.0/24 maxlen: 24
185.227.139.0/24 maxlen: 24
193.163.72.0/24 maxlen: 24
213.217.31.0/24 maxlen: 24
213.232.203.0/24 maxlen: 24
2a0c:6600::/48 maxlen: 48
2a0c:6600:1::/48 maxlen: 48
2a0c:6600:2::/48 maxlen: 48
2a0c:6600:3::/48 maxlen: 48
2a0c:6600:4::/48 maxlen: 48
2a0c:6600:5::/48 maxlen: 48
2a0c:6600:6::/48 maxlen: 48
2a0c:6600:7::/48 maxlen: 48
2a0c:6600:8::/48 maxlen: 48
2a0c:6600:9::/48 maxlen: 48
2a0c:6600:1000::/48 maxlen: 48
2a0c:6600:2000::/48 maxlen: 48
2a0c:6600:3000::/48 maxlen: 48
2a0c:6600:4000::/48 maxlen: 48
2a0c:6600:6000::/48 maxlen: 48
2a0c:6600:6600::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:00:c4:3f:16:09:c7:a3:81:62:1e:c4:d9:c9:47:be:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Validity
Not Before: Nov 6 09:18:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=340deca7873bc0ff300b1e1996bab32741a2f2c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9b:63:f3:a7:d5:36:6e:31:0f:52:d6:7c:a3:
24:97:b0:ac:e1:04:7d:63:c8:58:f5:c6:3b:1d:32:
4a:af:6d:09:da:67:b9:b4:af:39:88:25:b7:da:65:
19:99:e6:1c:bc:a4:25:30:cb:0f:fb:0e:80:ec:21:
a4:e2:02:f8:19:9b:27:9c:85:c3:1f:0b:b2:6d:ef:
53:9a:d2:0c:82:42:d6:a5:0d:b4:fa:96:e8:a7:29:
a8:1d:22:a0:7f:a5:8e:9f:48:8f:7f:a1:8f:37:84:
48:5d:d4:fb:a8:48:f9:03:61:2c:ef:20:46:56:6d:
ee:c4:5a:07:f1:f7:5f:ec:46:1c:1d:00:65:a8:c2:
53:ec:8b:7e:1a:7d:a1:8f:69:50:2b:10:8e:c9:47:
bf:82:c1:2c:4b:bf:f5:ab:f7:ce:a3:dc:14:8d:7b:
9e:cc:91:ad:77:2b:77:33:8f:48:98:f5:6b:e9:b3:
74:da:ff:5b:f2:85:fb:78:7f:e1:57:f3:5e:12:73:
c3:d6:06:88:5a:46:a8:4f:a7:0c:15:b9:ef:ca:24:
79:f5:be:a0:ac:e0:8c:54:4e:17:9e:8c:cd:83:8d:
14:fb:cc:b7:8e:ee:26:02:92:c2:4d:72:01:4d:9d:
5a:52:85:f2:2a:af:ac:07:5d:f3:32:ce:b8:5a:29:
7f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:0D:EC:A7:87:3B:C0:FF:30:0B:1E:19:96:BA:B3:27:41:A2:F2:C0
X509v3 Authority Key Identifier:
keyid:C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/NA3sp4c7wP8wCx4ZlrqzJ0Gi8sA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.177.0/24
45.89.236.0/22
45.93.168.0/22
45.252.180.0/22
62.204.58.0/24
77.87.122.0/24
87.236.161.0/24
91.247.188.0/24
103.130.145.0/24
103.130.147.0/24
103.215.238.0/23
185.182.105.0/24
185.211.79.0/24
185.217.143.0/24
185.227.136.0/22
193.163.72.0/24
213.217.31.0/24
213.232.203.0/24
IPv6:
2a0c:6600::-2a0c:6600:9:ffff:ffff:ffff:ffff:ffff
2a0c:6600:1000::/48
2a0c:6600:2000::/48
2a0c:6600:3000::/48
2a0c:6600:4000::/48
2a0c:6600:6000::/48
2a0c:6600:6600::/48
Signature Algorithm: sha256WithRSAEncryption
61:43:b3:bb:5c:c1:8b:33:bf:b5:a2:65:5a:16:c1:f6:34:4c:
17:89:fc:95:bb:6f:c6:49:a4:88:d8:8b:44:63:17:f3:11:ad:
eb:93:05:f4:ff:b7:4a:b8:1c:d5:0b:15:f0:ba:74:7e:75:ca:
1c:73:4c:04:16:a7:1e:fe:3b:96:d1:21:a0:08:1a:ca:23:65:
87:0f:d3:c3:1c:dc:7a:ce:40:d0:18:e4:70:95:d4:16:b7:cd:
f8:57:2a:d0:a3:e0:64:f5:f2:e8:3c:49:e0:cb:f9:4c:e2:b6:
f1:7c:5a:dc:96:c3:35:38:e6:6a:f4:e2:60:ea:f9:fd:30:b9:
60:d9:b8:61:7c:34:cd:2c:bf:24:58:17:2f:ae:23:a2:df:8c:
61:17:33:dd:8c:88:f3:43:46:4f:01:e1:3b:38:f4:f1:4e:ea:
8d:7f:0f:20:af:70:f1:05:3f:67:ac:e3:ff:31:54:d6:de:2c:
c2:3d:16:a5:eb:67:49:91:77:ed:a7:e3:f7:4c:cc:ed:4f:ea:
f1:4b:83:d4:cc:25:41:81:4d:34:8a:d7:f1:9d:ca:80:59:64:
4b:bd:7f:41:51:40:63:2b:85:b2:48:ad:5d:6f:a4:f6:0a:ce:
f8:dc:60:d3:f9:0c:3a:06:97:23:14:e8:a1:08:92:56:fc:c9:
49:0f:f6:f3
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAZMAxD8WCcejgWIexNnJR74XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWJkMWU4YzU4ZjY0MWJkOTQ0MzA1ZjExYzU0ZWZlNWYz
YTBjZTIwHhcNMjQxMTA2MDkxODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDBkZWNhNzg3M2JjMGZmMzAwYjFlMTk5NmJhYjMyNzQxYTJmMmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJtj86fVNm4xD1LWfKMkl7Cs4QR9
Y8hY9cY7HTJKr20J2me5tK85iCW32mUZmeYcvKQlMMsP+w6A7CGk4gL4GZsnnIXD
Hwuybe9TmtIMgkLWpQ20+pbopymoHSKgf6WOn0iPf6GPN4RIXdT7qEj5A2Es7yBG
Vm3uxFoH8fdf7EYcHQBlqMJT7It+Gn2hj2lQKxCOyUe/gsEsS7/1q/fOo9wUjXue
zJGtdyt3M49ImPVr6bN02v9b8oX7eH/hV/NeEnPD1gaIWkaoT6cMFbnvyiR59b6g
rOCMVE4XnozNg40U+8y3ju4mApLCTXIBTZ1aUoXyKq+sB13zMs64Wil/uQIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFDQN7KeHO8D/MAseGZa6sydBovLAMB8GA1UdIwQY
MBaAFMWb0ejFj2Qb2UQwXxHFTv5fOgziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgt
NTZjYzM5ZGI2ZWQ2LzEvTkEzc3A0Yzd3UDh3Q3g0WmxycXpKMEdpOHNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgtNTZjYzM5ZGI2ZWQ2
LzEveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHWBggrBgEFBQcBBwEB/wSBxjCBwzByBAIAATBsAwQABayx
AwQCLVnsAwQCLV2oAwQCLfy0AwQAPsw6AwQATVd6AwQAV+yhAwQAW/e8AwQAZ4KR
AwQAZ4KTAwQBZ9fuAwQAubZpAwQAudNPAwQAudmPAwQCueOIAwQAwaNIAwQA1dkf
AwQA1ejLME0EAgACMEcwDwMEASoMZgMHASoMZgAACAMHACoMZgAQAAMHACoMZgAg
AAMHACoMZgAwAAMHACoMZgBAAAMHACoMZgBgAAMHACoMZgBmADANBgkqhkiG9w0B
AQsFAAOCAQEAYUOzu1zBizO/taJlWhbB9jRMF4n8lbtvxkmkiNiLRGMX8xGt65MF
9P+3Srgc1QsV8Lp0fnXKHHNMBBanHv47ltEhoAgayiNlhw/Twxzces5A0BjkcJXU
FrfN+Fcq0KPgZPXy6DxJ4Mv5TOK28Xxa3JbDNTjmavTiYOr5/TC5YNm4YXw0zSy/
JFgXL64jot+MYRcz3YyI80NGTwHhOzj08U7qjX8PIK9w8QU/Z6zj/zFU1t4swj0W
petnSZF37afj90zM7U/q8UuD1MwlQYFNNIrX8Z3KgFlkS71/QVFAYyuFskitXW+k
9grO+Nxg0/kMOgaXIxTooQiSVvzJSQ/28w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:03:38 2024 by rpki-client on console-ams.rpki-client.org