Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/Jgk8CMAkZQAqhA-6unpFrRw_8fs.roa
File: Jgk8CMAkZQAqhA-6unpFrRw_8fs.roa (raw, json)
Hash identifier: qZrCc+AbahtG5NKcNARb9ddYhZngo0EXCkePbPBVKdA=
Subject key identifier: 26:09:3C:08:C0:24:65:00:2A:84:0F:BA:BA:7A:45:AD:1C:3F:F1:FB
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 0191A80CE4ADB0C3C1BDA0E5DC98DCFCE072
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/Jgk8CMAkZQAqhA-6unpFrRw_8fs.roa
Signing time: Sat 31 Aug 2024 10:48:22 +0000
ROA not before: Sat 31 Aug 2024 10:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 2.59.49.0/24 maxlen: 24
31.216.60.0/24 maxlen: 24
37.221.82.0/23 maxlen: 23
45.10.64.0/22 maxlen: 22
45.10.80.0/22 maxlen: 22
45.11.124.0/22 maxlen: 22
45.11.196.0/24 maxlen: 24
45.15.238.0/24 maxlen: 24
45.81.76.0/22 maxlen: 22
45.93.80.0/24 maxlen: 24
45.129.204.0/22 maxlen: 22
45.132.20.0/22 maxlen: 22
45.132.38.0/24 maxlen: 24
45.132.128.0/24 maxlen: 24
45.132.129.0/24 maxlen: 24
45.133.224.0/22 maxlen: 22
45.134.52.0/22 maxlen: 22
45.135.28.0/22 maxlen: 22
45.138.213.0/24 maxlen: 24
45.138.214.0/24 maxlen: 24
45.139.52.0/24 maxlen: 24
45.139.53.0/24 maxlen: 24
45.139.55.0/24 maxlen: 24
45.139.108.0/22 maxlen: 22
45.139.168.0/22 maxlen: 22
45.140.64.0/24 maxlen: 24
45.140.72.0/22 maxlen: 22
45.143.244.0/22 maxlen: 22
45.144.168.0/22 maxlen: 22
45.146.24.0/24 maxlen: 24
45.146.25.0/24 maxlen: 24
45.146.27.0/24 maxlen: 24
45.147.12.0/24 maxlen: 24
45.147.13.0/24 maxlen: 24
45.147.14.0/24 maxlen: 24
45.147.15.0/24 maxlen: 24
45.149.129.0/24 maxlen: 24
45.152.116.0/24 maxlen: 24
45.152.117.0/24 maxlen: 24
45.159.84.0/24 maxlen: 24
45.159.87.0/24 maxlen: 24
62.233.34.0/24 maxlen: 24
62.233.48.0/24 maxlen: 24
84.246.81.0/24 maxlen: 24
84.246.110.0/24 maxlen: 24
87.236.150.0/24 maxlen: 24
89.107.12.0/24 maxlen: 24
91.199.189.0/24 maxlen: 24
91.206.68.0/24 maxlen: 24
91.236.121.0/24 maxlen: 24
93.157.111.0/24 maxlen: 24
93.190.120.0/24 maxlen: 24
93.190.121.0/24 maxlen: 24
94.124.75.0/24 maxlen: 24
94.124.77.0/24 maxlen: 24
176.116.8.0/24 maxlen: 24
176.116.12.0/24 maxlen: 24
176.116.24.0/24 maxlen: 24
176.116.28.0/24 maxlen: 24
176.222.56.0/24 maxlen: 24
176.222.57.0/24 maxlen: 24
176.222.59.0/24 maxlen: 24
185.188.41.0/24 maxlen: 24
192.109.91.0/24 maxlen: 24
192.109.100.0/24 maxlen: 24
193.5.28.0/24 maxlen: 24
193.31.4.0/24 maxlen: 24
193.31.5.0/24 maxlen: 24
193.58.170.0/24 maxlen: 24
193.107.22.0/24 maxlen: 24
193.187.97.0/24 maxlen: 24
194.104.228.0/24 maxlen: 24
195.216.132.0/22 maxlen: 22
195.225.99.0/24 maxlen: 24
213.166.64.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a8:0c:e4:ad:b0:c3:c1:bd:a0:e5:dc:98:dc:fc:e0:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Aug 31 10:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26093c08c02465002a840fbaba7a45ad1c3ff1fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d5:84:0e:cf:40:40:52:cd:15:c7:11:fb:94:
a2:a6:3d:28:04:42:c4:17:f3:f0:ca:3a:c3:66:d3:
89:d1:8a:5e:19:f6:65:53:87:63:f0:5e:c6:67:37:
94:4d:a6:c3:14:2f:25:15:b5:b5:cc:36:74:0f:c9:
46:f0:d2:c4:0d:1d:40:bd:d0:11:c5:75:ea:91:1e:
a8:70:68:0c:3e:94:b9:e1:01:ea:0b:cd:a9:21:8c:
9c:e0:be:8d:b5:49:13:3b:55:cf:cf:4a:d1:53:0f:
69:e1:bf:07:91:c8:51:b0:05:32:8a:ca:84:f1:27:
6c:58:36:e7:76:01:72:ae:79:6e:c5:d8:22:b0:a3:
7e:98:38:ad:3e:6b:4e:c5:cf:85:ff:92:6a:90:a7:
46:41:1b:a7:ec:e6:7d:3f:b5:85:1f:61:93:d1:37:
3c:06:83:c6:e5:6e:35:4c:2a:c6:d9:ca:1c:fe:bb:
8f:6a:d9:f5:df:01:05:ca:cc:16:c9:5d:11:78:f6:
3e:bd:53:8c:77:67:03:95:c9:67:26:b5:f6:95:3e:
0b:43:3f:6a:3b:41:5f:b0:b1:ee:f6:75:b3:16:3b:
9d:e1:f8:60:e3:b3:f7:e2:82:a9:fd:5d:6a:a8:b7:
c8:bf:69:4c:88:1d:24:64:bd:bd:67:82:8c:cf:69:
64:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:09:3C:08:C0:24:65:00:2A:84:0F:BA:BA:7A:45:AD:1C:3F:F1:FB
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/Jgk8CMAkZQAqhA-6unpFrRw_8fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.49.0/24
31.216.60.0/24
37.221.82.0/23
45.10.64.0/22
45.10.80.0/22
45.11.124.0/22
45.11.196.0/24
45.15.238.0/24
45.81.76.0/22
45.93.80.0/24
45.129.204.0/22
45.132.20.0/22
45.132.38.0/24
45.132.128.0/23
45.133.224.0/22
45.134.52.0/22
45.135.28.0/22
45.138.213.0-45.138.214.255
45.139.52.0/23
45.139.55.0/24
45.139.108.0/22
45.139.168.0/22
45.140.64.0/24
45.140.72.0/22
45.143.244.0/22
45.144.168.0/22
45.146.24.0/23
45.146.27.0/24
45.147.12.0/22
45.149.129.0/24
45.152.116.0/23
45.159.84.0/24
45.159.87.0/24
62.233.34.0/24
62.233.48.0/24
84.246.81.0/24
84.246.110.0/24
87.236.150.0/24
89.107.12.0/24
91.199.189.0/24
91.206.68.0/24
91.236.121.0/24
93.157.111.0/24
93.190.120.0/23
94.124.75.0/24
94.124.77.0/24
176.116.8.0/24
176.116.12.0/24
176.116.24.0/24
176.116.28.0/24
176.222.56.0/23
176.222.59.0/24
185.188.41.0/24
192.109.91.0/24
192.109.100.0/24
193.5.28.0/24
193.31.4.0/23
193.58.170.0/24
193.107.22.0/24
193.187.97.0/24
194.104.228.0/24
195.216.132.0/22
195.225.99.0/24
213.166.64.0/22
Signature Algorithm: sha256WithRSAEncryption
25:60:da:40:52:c6:a9:9f:74:ed:7f:ff:70:97:2f:20:f0:e6:
ae:da:83:57:61:96:cf:9b:18:ec:55:71:7a:14:81:ac:f7:94:
eb:99:55:0f:aa:d6:00:6e:a8:93:7f:38:56:96:49:32:56:44:
ef:2b:c3:d0:25:0d:0c:74:12:76:ff:29:87:a6:95:09:ef:cc:
a9:81:43:0d:43:a3:64:48:16:68:97:35:ef:81:97:5b:65:d2:
70:dd:ab:58:52:8b:64:dd:5d:3b:5b:e9:e8:3b:33:73:a9:15:
7c:14:8a:52:ea:dd:ad:2c:76:23:d4:bd:91:9c:32:0d:ad:e0:
4b:08:f8:70:81:df:d6:4c:b7:fb:69:71:91:48:6b:b2:63:0a:
35:d2:90:d4:f4:ca:32:ab:de:e1:25:d9:a5:03:26:b5:42:50:
7d:32:82:c1:26:f4:d2:cf:d9:14:e3:7f:89:25:81:ac:c7:aa:
17:20:d5:c0:1c:10:52:1c:77:2d:cc:1e:22:9a:2f:a1:e1:c5:
0c:d4:02:bf:6c:4e:1b:79:a2:f7:7f:75:a9:21:a0:75:29:46:
e4:63:e9:9c:ea:1f:16:8b:c3:0d:e3:53:94:cb:18:7a:2d:21:
02:c9:b2:75:8e:a0:44:04:ba:1c:a5:18:85:9e:86:e3:d4:11:
50:e4:c6:cf
-----BEGIN CERTIFICATE-----
MIIGiTCCBXGgAwIBAgISAZGoDOStsMPBvaDl3Jjc/OByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwODMxMTA0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjA5M2MwOGMwMjQ2NTAwMmE4NDBmYmFiYTdhNDVhZDFjM2ZmMWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9WEDs9AQFLNFccR+5Sipj0oBELE
F/PwyjrDZtOJ0YpeGfZlU4dj8F7GZzeUTabDFC8lFbW1zDZ0D8lG8NLEDR1AvdAR
xXXqkR6ocGgMPpS54QHqC82pIYyc4L6NtUkTO1XPz0rRUw9p4b8HkchRsAUyisqE
8SdsWDbndgFyrnluxdgisKN+mDitPmtOxc+F/5JqkKdGQRun7OZ9P7WFH2GT0Tc8
BoPG5W41TCrG2coc/ruPatn13wEFyswWyV0RePY+vVOMd2cDlclnJrX2lT4LQz9q
O0FfsLHu9nWzFjud4fhg47P34oKp/V1qqLfIv2lMiB0kZL29Z4KMz2lkXQIDAQAB
o4IDlTCCA5EwHQYDVR0OBBYEFCYJPAjAJGUAKoQPurp6Ra0cP/H7MB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvSmdrOENNQWtaUUFxaEEtNnVucEZyUndfOGZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBqQYIKwYBBQUHAQcBAf8EggGYMIIBlDCCAZAEAgABMIIB
iAMEAAI7MQMEAB/YPAMEASXdUgMEAi0KQAMEAi0KUAMEAi0LfAMEAC0LxAMEAC0P
7gMEAi1RTAMEAC1dUAMEAi2BzAMEAi2EFAMEAC2EJgMEAS2EgAMEAi2F4AMEAi2G
NAMEAi2HHDAMAwQALYrVAwQALYrWAwQBLYs0AwQALYs3AwQCLYtsAwQCLYuoAwQA
LYxAAwQCLYxIAwQCLY/0AwQCLZCoAwQBLZIYAwQALZIbAwQCLZMMAwQALZWBAwQB
LZh0AwQALZ9UAwQALZ9XAwQAPukiAwQAPukwAwQAVPZRAwQAVPZuAwQAV+yWAwQA
WWsMAwQAW8e9AwQAW85EAwQAW+x5AwQAXZ1vAwQBXb54AwQAXnxLAwQAXnxNAwQA
sHQIAwQAsHQMAwQAsHQYAwQAsHQcAwQBsN44AwQAsN47AwQAubwpAwQAwG1bAwQA
wG1kAwQAwQUcAwQBwR8EAwQAwTqqAwQAwWsWAwQAwbthAwQAwmjkAwQCw9iEAwQA
w+FjAwQC1aZAMA0GCSqGSIb3DQEBCwUAA4IBAQAlYNpAUsapn3Ttf/9wly8g8Oau
2oNXYZbPmxjsVXF6FIGs95TrmVUPqtYAbqiTfzhWlkkyVkTvK8PQJQ0MdBJ2/ymH
ppUJ78ypgUMNQ6NkSBZolzXvgZdbZdJw3atYUotk3V07W+noOzNzqRV8FIpS6t2t
LHYj1L2RnDINreBLCPhwgd/WTLf7aXGRSGuyYwo10pDU9Moyq97hJdmlAya1QlB9
MoLBJvTSz9kU43+JJYGsx6oXINXAHBBSHHctzB4imi+h4cUM1AK/bE4beaL3f3Wp
IaB1KUbkY+mc6h8Wi8MN41OUyxh6LSECybJ1jqBEBLocpRiFnobj1BFQ5MbP
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:22:20 2024 by rpki-client on console-ams.rpki-client.org