Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/JM0QcLsrwT_eugusMmdMbrHJgBU.roa
File: JM0QcLsrwT_eugusMmdMbrHJgBU.roa (raw, json)
Hash identifier: k9PhP6FnC8suh0XvxnjFZIavQZ38oGedxbmkq9050Xw=
Subject key identifier: 24:CD:10:70:BB:2B:C1:3F:DE:BA:0B:AC:32:67:4C:6E:B1:C9:80:15
Certificate issuer: /CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Certificate serial: 0194266B490A31BA455F646E595076F2D17F
Authority key identifier: BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/JM0QcLsrwT_eugusMmdMbrHJgBU.roa
Signing time: Thu 02 Jan 2025 09:49:12 +0000
ROA not before: Thu 02 Jan 2025 09:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204170
IP address blocks: 5.102.176.0/21 maxlen: 21
5.102.176.0/24 maxlen: 24
5.102.178.0/24 maxlen: 24
5.102.179.0/24 maxlen: 24
5.102.180.0/24 maxlen: 24
5.102.181.0/24 maxlen: 24
5.102.182.0/24 maxlen: 24
5.102.183.0/24 maxlen: 24
78.111.32.0/20 maxlen: 20
78.111.32.0/24 maxlen: 24
78.111.33.0/24 maxlen: 24
78.111.34.0/24 maxlen: 24
78.111.35.0/24 maxlen: 24
78.111.36.0/24 maxlen: 24
78.111.37.0/24 maxlen: 24
78.111.38.0/24 maxlen: 24
78.111.39.0/24 maxlen: 24
78.111.40.0/24 maxlen: 24
78.111.41.0/24 maxlen: 24
78.111.42.0/24 maxlen: 24
78.111.43.0/24 maxlen: 24
78.111.44.0/24 maxlen: 24
78.111.45.0/24 maxlen: 24
78.111.46.0/24 maxlen: 24
78.111.47.0/24 maxlen: 24
84.242.32.0/20 maxlen: 20
84.242.32.0/24 maxlen: 24
84.242.33.0/24 maxlen: 24
84.242.34.0/24 maxlen: 24
84.242.35.0/24 maxlen: 24
84.242.36.0/24 maxlen: 24
84.242.37.0/24 maxlen: 24
84.242.38.0/24 maxlen: 24
84.242.39.0/24 maxlen: 24
84.242.40.0/24 maxlen: 24
84.242.41.0/24 maxlen: 24
84.242.42.0/24 maxlen: 24
84.242.43.0/24 maxlen: 24
84.242.44.0/24 maxlen: 24
84.242.45.0/24 maxlen: 24
84.242.46.0/24 maxlen: 24
84.242.47.0/24 maxlen: 24
94.176.16.0/20 maxlen: 20
94.176.16.0/24 maxlen: 24
94.176.17.0/24 maxlen: 24
94.176.18.0/24 maxlen: 24
94.176.19.0/24 maxlen: 24
94.176.20.0/24 maxlen: 24
94.176.21.0/24 maxlen: 24
94.176.22.0/24 maxlen: 24
94.176.23.0/24 maxlen: 24
94.176.24.0/24 maxlen: 24
94.176.25.0/24 maxlen: 24
94.176.26.0/24 maxlen: 24
94.176.27.0/24 maxlen: 24
94.176.28.0/24 maxlen: 24
94.176.29.0/24 maxlen: 24
94.176.30.0/24 maxlen: 24
94.176.31.0/24 maxlen: 24
96.9.128.0/19 maxlen: 19
96.9.128.0/24 maxlen: 24
96.9.129.0/24 maxlen: 24
96.9.130.0/24 maxlen: 24
96.9.131.0/24 maxlen: 24
96.9.132.0/24 maxlen: 24
96.9.133.0/24 maxlen: 24
96.9.134.0/24 maxlen: 24
96.9.135.0/24 maxlen: 24
96.9.136.0/24 maxlen: 24
96.9.137.0/24 maxlen: 24
96.9.138.0/24 maxlen: 24
96.9.139.0/24 maxlen: 24
96.9.140.0/24 maxlen: 24
96.9.141.0/24 maxlen: 24
96.9.142.0/24 maxlen: 24
96.9.143.0/24 maxlen: 24
96.9.144.0/24 maxlen: 24
96.9.146.0/24 maxlen: 24
96.9.147.0/24 maxlen: 24
96.9.148.0/24 maxlen: 24
96.9.149.0/24 maxlen: 24
96.9.150.0/24 maxlen: 24
96.9.151.0/24 maxlen: 24
96.9.152.0/24 maxlen: 24
96.9.153.0/24 maxlen: 24
96.9.154.0/24 maxlen: 24
96.9.155.0/24 maxlen: 24
96.9.156.0/24 maxlen: 24
96.9.157.0/24 maxlen: 24
96.9.158.0/24 maxlen: 24
96.9.159.0/24 maxlen: 24
141.105.168.0/21 maxlen: 21
141.105.168.0/24 maxlen: 24
141.105.169.0/24 maxlen: 24
141.105.170.0/24 maxlen: 24
141.105.171.0/24 maxlen: 24
141.105.172.0/24 maxlen: 24
141.105.173.0/24 maxlen: 24
141.105.174.0/24 maxlen: 24
141.105.175.0/24 maxlen: 24
178.20.16.0/21 maxlen: 21
178.20.16.0/24 maxlen: 24
178.20.17.0/24 maxlen: 24
178.20.18.0/24 maxlen: 24
178.20.19.0/24 maxlen: 24
178.20.20.0/24 maxlen: 24
178.20.21.0/24 maxlen: 24
178.20.22.0/24 maxlen: 24
178.20.23.0/24 maxlen: 24
185.29.140.0/22 maxlen: 22
185.29.140.0/24 maxlen: 24
185.29.141.0/24 maxlen: 24
185.29.142.0/24 maxlen: 24
185.29.143.0/24 maxlen: 24
185.112.104.0/22 maxlen: 22
185.112.104.0/24 maxlen: 24
185.112.105.0/24 maxlen: 24
185.112.106.0/24 maxlen: 24
185.112.107.0/24 maxlen: 24
199.48.224.0/24 maxlen: 24
206.167.33.0/24 maxlen: 24
2a0a:c740:2::/48 maxlen: 48
2a0a:c740:4::/48 maxlen: 48
2a0a:c740:5::/48 maxlen: 48
2a0a:c740:7::/48 maxlen: 48
2a0a:c740:8::/48 maxlen: 48
2a0a:c740:100::/48 maxlen: 48
2a0a:c740:2000::/48 maxlen: 48
2a0a:c740:9998::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.mft
rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 03:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:49:0a:31:ba:45:5f:64:6e:59:50:76:f2:d1:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Validity
Not Before: Jan 2 09:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24cd1070bb2bc13fdeba0bac32674c6eb1c98015
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6d:77:e8:44:a3:51:fe:7b:1b:c8:85:35:5e:
ce:6c:51:30:b5:98:e6:52:16:3d:5c:9c:e0:74:ff:
63:d0:3f:33:30:bd:25:2c:95:d3:bb:b5:02:04:89:
82:aa:9e:9f:76:4c:08:4b:bb:55:ab:5c:e8:87:91:
0f:90:5b:7c:1e:08:e2:c3:54:3f:f8:59:af:b5:a1:
51:ad:f7:f9:b2:b5:15:37:be:f3:1e:03:e4:43:98:
fc:8c:cc:ef:73:fa:c5:2d:5e:d0:cc:61:71:a1:1a:
69:a2:7a:27:47:cd:86:eb:70:20:d1:a5:6b:99:6a:
b0:07:47:e8:46:93:ab:fe:42:8b:2f:e9:1f:45:3c:
45:3a:05:c2:04:94:65:ca:42:ee:6a:de:77:5c:7c:
dc:55:19:8c:c4:7a:2b:60:6b:57:51:eb:5d:2d:31:
11:af:ff:36:08:3d:db:cc:d9:c6:ab:89:af:2e:68:
cc:30:cd:c6:02:a7:60:9d:d4:c5:73:4d:a8:41:bc:
94:c8:11:5a:cf:33:19:5b:f8:e3:10:2f:f3:41:3b:
b2:c3:32:cd:a1:da:34:e9:52:66:30:2b:31:b9:c7:
3d:7e:54:b9:f7:39:80:fe:31:a8:b9:9c:f0:bd:7c:
23:33:e5:c9:0f:f2:5b:87:cc:a4:1f:3b:85:67:fa:
c5:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:CD:10:70:BB:2B:C1:3F:DE:BA:0B:AC:32:67:4C:6E:B1:C9:80:15
X509v3 Authority Key Identifier:
keyid:BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/JM0QcLsrwT_eugusMmdMbrHJgBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.176.0/21
78.111.32.0/20
84.242.32.0/20
94.176.16.0/20
96.9.128.0/19
141.105.168.0/21
178.20.16.0/21
185.29.140.0/22
185.112.104.0/22
199.48.224.0/24
206.167.33.0/24
IPv6:
2a0a:c740:2::/48
2a0a:c740:4::/47
2a0a:c740:7::-2a0a:c740:8:ffff:ffff:ffff:ffff:ffff
2a0a:c740:100::/48
2a0a:c740:2000::/48
2a0a:c740:9998::/48
Signature Algorithm: sha256WithRSAEncryption
1f:02:b2:33:44:45:db:31:0e:c7:21:ab:d6:1a:01:c2:0f:21:
5f:de:12:65:3a:8b:d6:8e:3e:43:1a:eb:c7:03:d2:20:88:2e:
6b:d1:41:4b:c6:4f:68:af:09:d2:d0:49:49:a1:6b:6e:b4:22:
ab:bd:ef:34:4b:84:66:1e:bf:5c:cd:82:48:10:82:ab:91:92:
30:b6:9b:68:b0:46:1c:c5:8c:8e:dd:d2:3d:78:bb:f4:4c:6a:
c7:55:40:7c:27:5d:31:3c:a2:14:9c:44:31:8d:ae:81:93:df:
41:03:ff:99:fc:55:12:50:da:49:02:b5:f2:68:f6:b0:be:58:
5b:aa:b5:19:ca:1f:71:03:33:a6:cc:6e:0b:8e:60:55:a2:66:
39:3d:7f:96:1a:a5:03:62:30:2d:e0:3b:60:8e:14:25:d3:bd:
71:82:38:bb:af:a7:e4:f6:e9:a4:81:2f:15:b1:ed:58:ff:15:
00:7c:d3:ad:73:c1:d9:6f:e3:0b:49:26:38:23:e4:b7:de:cf:
33:cf:f5:cd:a2:67:62:b3:da:42:1b:73:22:88:b6:74:ba:bc:
ef:0f:9f:0d:50:bd:ec:d5:79:7c:9c:02:dc:48:bc:e7:92:9c:
18:01:f9:3e:a5:53:d6:e1:b4:de:53:33:e8:45:49:a6:a5:89:
fa:97:af:f3
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgISAZQma0kKMbpFX2RuWVB28tF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNTUwYjhlZmY5MGNjY2VlOWY4ZDMxMzRiNjQzODk5NmI3
ZDI3Y2QwHhcNMjUwMTAyMDk0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGNkMTA3MGJiMmJjMTNmZGViYTBiYWMzMjY3NGM2ZWIxYzk4MDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm136ESjUf57G8iFNV7ObFEwtZjm
UhY9XJzgdP9j0D8zML0lLJXTu7UCBImCqp6fdkwIS7tVq1zoh5EPkFt8Hgjiw1Q/
+FmvtaFRrff5srUVN77zHgPkQ5j8jMzvc/rFLV7QzGFxoRppononR82G63Ag0aVr
mWqwB0foRpOr/kKLL+kfRTxFOgXCBJRlykLuat53XHzcVRmMxHorYGtXUetdLTER
r/82CD3bzNnGq4mvLmjMMM3GAqdgndTFc02oQbyUyBFazzMZW/jjEC/zQTuywzLN
odo06VJmMCsxucc9flS59zmA/jGouZzwvXwjM+XJD/Jbh8ykHzuFZ/rFJwIDAQAB
o4ICkTCCAo0wHQYDVR0OBBYEFCTNEHC7K8E/3roLrDJnTG6xyYAVMB8GA1UdIwQY
MBaAFL5VC47/kMzO6fjTE0tkOJlrfSfNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmxVTGp2LVF6TTdwLU5NVFMyUTRtV3Q5SjgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8zNDBkY2QtM2FlZS00MDEyLTkyMzMt
YzE1NTMyYmFmZjdkLzEvSk0wUWNMc3J3VF9ldWd1c01tZE1ickhKZ0JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8zNDBkY2QtM2FlZS00MDEyLTkyMzMtYzE1NTMyYmFmZjdk
LzEvdmxVTGp2LVF6TTdwLU5NVFMyUTRtV3Q5SjgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGmBggrBgEFBQcBBwEB/wSBljCBkzBIBAIAATBCAwQDBWaw
AwQETm8gAwQEVPIgAwQEXrAQAwQFYAmAAwQDjWmoAwQDshQQAwQCuR2MAwQCuXBo
AwQAxzDgAwQAzqchMEcEAgACMEEDBwAqCsdAAAIDBwEqCsdAAAQwEgMHACoKx0AA
BwMHACoKx0AACAMHACoKx0ABAAMHACoKx0AgAAMHACoKx0CZmDANBgkqhkiG9w0B
AQsFAAOCAQEAHwKyM0RF2zEOxyGr1hoBwg8hX94SZTqL1o4+QxrrxwPSIIgua9FB
S8ZPaK8J0tBJSaFrbrQiq73vNEuEZh6/XM2CSBCCq5GSMLabaLBGHMWMjt3SPXi7
9Exqx1VAfCddMTyiFJxEMY2ugZPfQQP/mfxVElDaSQK18mj2sL5YW6q1GcofcQMz
psxuC45gVaJmOT1/lhqlA2IwLeA7YI4UJdO9cYI4u6+n5PbppIEvFbHtWP8VAHzT
rXPB2W/jC0kmOCPkt97PM8/1zaJnYrPaQhtzIoi2dLq87w+fDVC97NV5fJwC3Ei8
55KcGAH5PqVT1uG03lMz6EVJpqWJ+pev8w==
-----END CERTIFICATE-----
Generated at Tue Apr 15 12:45:54 2025 by rpki-client