Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/2Lz8ORnsyy6vet-hLftcncTZc9k.roa
File: 2Lz8ORnsyy6vet-hLftcncTZc9k.roa (raw, json)
Hash identifier: bbJObrDHf3fDE7oEm7E3XZkvB9u48PUwa6/mO/9HCw8=
Subject key identifier: D8:BC:FC:39:19:EC:CB:2E:AF:7A:DF:A1:2D:FB:5C:9D:C4:D9:73:D9
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018CC794500F9A1079476665579F6B9071F4
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/2Lz8ORnsyy6vet-hLftcncTZc9k.roa
Signing time: Tue 02 Jan 2024 00:30:34 +0000
ROA not before: Tue 02 Jan 2024 00:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42337
IP address blocks: 78.38.25.0/24 maxlen: 24
2.188.40.0/21 maxlen: 24
78.39.155.0/24 maxlen: 24
78.39.156.0/24 maxlen: 24
2.189.160.0/21 maxlen: 24
2.189.168.0/21 maxlen: 24
2.188.72.0/22 maxlen: 24
78.38.246.0/24 maxlen: 24
78.38.243.0/24 maxlen: 24
2.188.225.0/24 maxlen: 24
78.38.250.0/24 maxlen: 24
2.188.224.0/20 maxlen: 24
78.38.251.0/24 maxlen: 24
78.38.248.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 24
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.160.0/21 maxlen: 24
2.188.176.0/23 maxlen: 23
2.188.192.0/19 maxlen: 24
2.189.80.0/21 maxlen: 24
2.189.88.0/21 maxlen: 24
2.182.172.0/24 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
78.39.62.0/23 maxlen: 24
78.39.59.0/24 maxlen: 24
2.189.48.0/21 maxlen: 24
2.189.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 01:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:50:0f:9a:10:79:47:66:65:57:9f:6b:90:71:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 00:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8bcfc3919eccb2eaf7adfa12dfb5c9dc4d973d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a4:d9:7d:23:65:c6:f1:20:24:04:90:45:89:
f7:ec:0e:2c:d8:7e:d8:d4:b1:b5:b7:54:f8:3e:8b:
b3:1b:e3:fc:c7:2b:c1:5d:04:e5:63:04:0a:0f:9e:
a1:dd:ab:ae:84:dd:84:00:e2:65:fa:01:42:40:f2:
80:30:a6:1f:34:93:5b:a2:10:9e:6b:ea:88:17:db:
f9:67:88:5b:8d:66:c9:4a:fb:91:6d:02:82:4f:62:
ac:72:f6:82:b9:1d:f7:10:03:05:b0:4f:ba:f3:87:
77:75:f9:af:a3:5b:c6:25:ed:c8:ef:81:6f:83:53:
12:58:7b:bf:a4:fa:ca:c0:b9:dd:7a:c1:55:67:0f:
12:4e:f8:85:d7:48:b6:55:16:b7:4b:a2:a4:bc:a1:
29:d5:e8:ab:28:19:99:b4:69:3f:76:f1:26:31:c2:
dc:65:eb:0e:34:f9:8c:ee:49:5e:29:39:0c:19:b1:
ef:a7:a9:c8:15:48:dd:b6:b5:75:b9:55:54:51:d4:
ce:f0:2c:03:99:9f:f1:17:0c:13:44:be:30:22:c1:
cc:1b:b8:c3:79:b5:41:18:ff:bd:26:a9:91:09:cb:
02:69:6f:c0:bd:ee:57:09:0c:18:5f:5c:65:a1:cb:
c7:d7:e2:05:31:11:5e:6f:93:20:dc:05:8e:aa:7a:
90:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:BC:FC:39:19:EC:CB:2E:AF:7A:DF:A1:2D:FB:5C:9D:C4:D9:73:D9
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/2Lz8ORnsyy6vet-hLftcncTZc9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.182.172.0/24
2.188.40.0/21
2.188.72.0/22
2.188.160.0/21
2.188.176.0/23
2.188.192.0/18
2.189.48.0/21
2.189.64.0/22
2.189.80.0/20
2.189.160.0/20
78.38.25.0/24
78.38.243.0/24
78.38.246.0/24
78.38.248.0/24
78.38.250.0/23
78.38.254.0/24
78.39.40.0/24
78.39.43.0/24
78.39.46.0-78.39.51.255
78.39.53.0-78.39.59.255
78.39.62.0/23
78.39.155.0-78.39.156.255
Signature Algorithm: sha256WithRSAEncryption
a8:d8:46:b1:69:b9:14:88:97:f5:3d:39:00:08:f1:7c:65:dd:
31:4a:f2:fd:a4:0a:f8:eb:42:ce:5a:f0:f2:bb:5a:af:9d:ed:
d8:23:e3:27:f9:eb:f0:f3:20:fd:ba:00:0c:81:e4:58:0c:29:
18:0f:81:0f:78:2a:1c:ed:9a:39:d3:b9:01:a6:da:c1:34:48:
55:e9:eb:87:d1:2d:c1:b7:50:f6:ac:62:54:18:1e:05:a8:37:
fd:df:6c:af:1a:72:14:3c:6a:37:51:b5:29:48:71:ce:77:16:
6a:fe:f3:19:a6:40:43:f2:36:09:7b:8d:78:91:46:67:44:95:
10:fc:03:86:13:28:ef:47:96:eb:49:00:8f:ec:72:ea:16:cf:
56:3b:11:b5:cf:0c:3a:7e:3b:94:27:20:13:84:92:21:07:5a:
ed:1b:45:35:cb:6f:1b:66:c7:49:c7:25:72:5c:4e:4a:08:bf:
3d:7b:50:fc:cb:49:b9:0c:a6:5e:15:f3:3f:48:e6:7d:3a:81:
24:c1:4c:18:b2:f9:e1:77:7e:d1:ec:b5:90:85:28:fd:aa:f8:
a8:cb:fd:a2:b8:82:ab:44:dd:39:40:d1:38:b9:02:90:65:0c:
72:2c:48:e5:50:5c:0b:e7:84:56:4f:5d:d8:04:33:16:fc:09:
67:79:3c:6a
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYzHlFAPmhB5R2ZlV59rkHH0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjQwMTAyMDAzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGJjZmMzOTE5ZWNjYjJlYWY3YWRmYTEyZGZiNWM5ZGM0ZDk3M2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKTZfSNlxvEgJASQRYn37A4s2H7Y
1LG1t1T4PouzG+P8xyvBXQTlYwQKD56h3auuhN2EAOJl+gFCQPKAMKYfNJNbohCe
a+qIF9v5Z4hbjWbJSvuRbQKCT2KscvaCuR33EAMFsE+684d3dfmvo1vGJe3I74Fv
g1MSWHu/pPrKwLndesFVZw8STviF10i2VRa3S6KkvKEp1eirKBmZtGk/dvEmMcLc
ZesONPmM7kleKTkMGbHvp6nIFUjdtrV1uVVUUdTO8CwDmZ/xFwwTRL4wIsHMG7jD
ebVBGP+9JqmRCcsCaW/Ave5XCQwYX1xlocvH1+IFMRFeb5Mg3AWOqnqQzQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFNi8/DkZ7Msur3rfoS37XJ3E2XPZMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvMkx6OE9SbnN5eTZ2ZXQtaExmdGNuY1RaYzlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAAC
tqwDBAMCvCgDBAICvEgDBAMCvKADBAECvLADBAYCvMADBAMCvTADBAICvUADBAQC
vVADBAQCvaADBABOJhkDBABOJvMDBABOJvYDBABOJvgDBAFOJvoDBABOJv4DBABO
JygDBABOJyswDAMEAU4nLgMEAk4nMDAMAwQATic1AwQCTic4AwQBTic+MAwDBABO
J5sDBABOJ5wwDQYJKoZIhvcNAQELBQADggEBAKjYRrFpuRSIl/U9OQAI8Xxl3TFK
8v2kCvjrQs5a8PK7Wq+d7dgj4yf56/DzIP26AAyB5FgMKRgPgQ94KhztmjnTuQGm
2sE0SFXp64fRLcG3UPasYlQYHgWoN/3fbK8achQ8ajdRtSlIcc53Fmr+8xmmQEPy
Ngl7jXiRRmdElRD8A4YTKO9HlutJAI/scuoWz1Y7EbXPDDp+O5QnIBOEkiEHWu0b
RTXLbxtmx0nHJXJcTkoIvz17UPzLSbkMpl4V8z9I5n06gSTBTBiy+eF3ftHstZCF
KP2q+KjL/aK4gqtE3TlA0Ti5ApBlDHIsSOVQXAvnhFZPXdgEMxb8CWd5PGo=
-----END CERTIFICATE-----
Generated at Sat Jun 15 10:48:08 2024 by rpki-client on console-ams.rpki-client.org