Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/isJ9LJgTXZd5VCmtD47Digm_nKA.roa
File: isJ9LJgTXZd5VCmtD47Digm_nKA.roa (raw, json)
Hash identifier: L/r1tI8a8mXESOX2LvLVNUTDrA2V6mJ3oP0NLLUwrW8=
Subject key identifier: 8A:C2:7D:2C:98:13:5D:97:79:54:29:AD:0F:8E:C3:8A:09:BF:9C:A0
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 01931A814C68B954C26D6DAA3B1687AEAB45
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/isJ9LJgTXZd5VCmtD47Digm_nKA.roa
Signing time: Mon 11 Nov 2024 09:15:01 +0000
ROA not before: Mon 11 Nov 2024 09:15:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8641
IP address blocks: 77.73.24.0/21 maxlen: 21
77.94.160.0/19 maxlen: 19
77.94.175.0/24 maxlen: 24
81.26.144.0/21 maxlen: 21
81.26.144.0/24 maxlen: 24
81.26.152.0/22 maxlen: 22
81.26.154.0/24 maxlen: 24
81.26.155.0/24 maxlen: 24
84.47.128.0/23 maxlen: 23
84.47.131.0/24 maxlen: 24
84.47.134.0/23 maxlen: 23
84.47.135.0/24 maxlen: 24
84.47.136.0/24 maxlen: 24
84.47.140.0/22 maxlen: 22
84.47.143.0/24 maxlen: 24
84.47.144.0/23 maxlen: 23
84.47.147.0/24 maxlen: 24
84.47.150.0/23 maxlen: 32
84.47.152.0/23 maxlen: 23
84.47.156.0/22 maxlen: 22
84.47.160.0/24 maxlen: 24
84.47.161.0/24 maxlen: 24
84.47.162.0/24 maxlen: 24
84.47.163.0/24 maxlen: 24
84.47.164.0/23 maxlen: 23
84.47.164.0/24 maxlen: 24
84.47.168.0/22 maxlen: 22
84.47.172.0/24 maxlen: 24
84.47.174.0/23 maxlen: 23
84.47.176.0/23 maxlen: 23
84.47.176.0/24 maxlen: 24
84.47.177.0/24 maxlen: 24
84.47.178.0/24 maxlen: 24
84.47.181.0/24 maxlen: 24
84.47.182.0/23 maxlen: 23
84.47.186.0/23 maxlen: 23
84.47.190.0/23 maxlen: 23
85.91.96.0/21 maxlen: 21
85.91.112.0/22 maxlen: 22
85.91.118.0/23 maxlen: 23
85.91.120.0/23 maxlen: 23
85.91.122.0/24 maxlen: 24
185.106.107.0/24 maxlen: 24
213.135.64.0/23 maxlen: 23
213.135.67.0/24 maxlen: 24
213.135.69.0/24 maxlen: 24
213.135.70.0/24 maxlen: 24
213.135.72.0/23 maxlen: 23
213.135.77.0/24 maxlen: 24
213.135.80.0/24 maxlen: 24
213.135.82.0/23 maxlen: 23
213.135.84.0/22 maxlen: 22
213.135.88.0/22 maxlen: 22
213.208.160.0/21 maxlen: 21
213.208.168.0/23 maxlen: 23
213.208.170.0/24 maxlen: 24
213.208.172.0/23 maxlen: 23
213.208.174.0/23 maxlen: 23
213.208.176.0/21 maxlen: 21
213.208.184.0/24 maxlen: 24
213.208.188.0/22 maxlen: 22
2a02:bc8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.mft
rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:81:4c:68:b9:54:c2:6d:6d:aa:3b:16:87:ae:ab:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Nov 11 09:15:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ac27d2c98135d97795429ad0f8ec38a09bf9ca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:90:20:d3:20:94:f2:9b:a7:92:df:d2:fd:02:
6d:99:40:09:bf:47:75:a5:57:8d:2d:5a:35:c8:a1:
76:d4:74:fb:33:bb:cc:48:87:f5:3d:da:07:e0:b8:
c2:d0:92:22:86:38:56:5c:67:40:91:6c:4e:29:b6:
40:fe:ca:dd:a5:18:54:c8:46:55:63:18:37:33:81:
4b:9e:a3:77:55:ec:70:99:9d:14:eb:71:63:f6:55:
16:1d:f9:0a:ce:09:a8:3c:af:06:91:98:9b:1d:09:
00:69:bf:c4:f6:f1:fc:4d:71:02:37:49:5f:6a:0e:
da:41:85:e0:5e:a9:1b:6e:00:a0:7b:49:f8:b7:77:
cb:1e:da:ee:6c:58:bf:bb:03:ab:d1:3f:94:4e:6c:
5e:45:db:df:d2:6a:3c:91:92:35:52:f2:11:4b:87:
4d:78:a9:9c:13:3b:6e:cd:02:64:3a:5c:90:8f:4c:
dd:47:b2:5d:f7:f3:6d:37:51:b7:7f:9b:89:3a:19:
18:5d:e3:af:08:5e:aa:00:b2:51:54:49:be:93:db:
ff:51:1b:0e:99:fb:7e:b7:24:53:c2:66:78:fe:66:
c8:4d:46:2f:cb:f3:6a:ae:60:88:5a:7e:dd:0d:59:
b9:22:4b:ec:5e:83:31:59:71:37:e6:fb:b9:81:84:
15:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:C2:7D:2C:98:13:5D:97:79:54:29:AD:0F:8E:C3:8A:09:BF:9C:A0
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/isJ9LJgTXZd5VCmtD47Digm_nKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.24.0/21
77.94.160.0/19
81.26.144.0-81.26.155.255
84.47.128.0/23
84.47.131.0/24
84.47.134.0-84.47.136.255
84.47.140.0-84.47.145.255
84.47.147.0/24
84.47.150.0-84.47.153.255
84.47.156.0-84.47.165.255
84.47.168.0-84.47.172.255
84.47.174.0-84.47.178.255
84.47.181.0-84.47.183.255
84.47.186.0/23
84.47.190.0/23
85.91.96.0/21
85.91.112.0/22
85.91.118.0-85.91.122.255
185.106.107.0/24
213.135.64.0/23
213.135.67.0/24
213.135.69.0-213.135.70.255
213.135.72.0/23
213.135.77.0/24
213.135.80.0/24
213.135.82.0-213.135.91.255
213.208.160.0-213.208.170.255
213.208.172.0-213.208.184.255
213.208.188.0/22
IPv6:
2a02:bc8::/29
Signature Algorithm: sha256WithRSAEncryption
90:51:dc:eb:53:47:70:2b:c2:1a:2d:d6:30:20:5c:a0:18:ec:
ba:92:b8:21:f8:78:4f:d1:8f:9a:e4:84:46:91:af:07:06:1a:
5e:cb:79:bf:25:e8:a5:8a:78:86:3e:5c:8b:ed:fb:26:f3:d2:
9f:a9:11:0d:b0:d8:76:14:93:af:c8:4a:16:7b:51:31:fd:f0:
66:ce:0e:fa:c0:69:7a:74:b6:e8:62:d8:37:2e:96:57:db:1c:
1d:37:03:e3:ef:77:1f:d4:1d:da:2a:dd:a4:2e:26:5b:75:64:
3b:6b:1a:88:8a:7c:ca:c2:6d:1b:f1:7f:1f:1d:ec:07:a7:58:
12:7f:89:ea:cc:16:a2:80:46:87:ef:ae:39:73:49:d3:38:fa:
77:09:3a:3c:0d:c1:f8:94:b8:89:c3:0f:63:f0:7a:26:a4:07:
35:94:43:d8:eb:20:b5:26:c5:7c:a7:3e:e3:49:a6:3e:a3:cd:
d2:86:e9:4d:75:38:7f:2d:cd:fc:5b:6a:fa:25:30:5a:d9:50:
54:33:fe:61:ed:7c:20:be:b7:46:51:95:aa:38:3a:fe:39:9c:
b8:2d:56:a1:80:1f:92:7b:65:fe:cb:c0:0b:71:85:70:bb:b4:
68:ef:3c:2f:35:86:15:60:70:51:9b:4f:41:29:72:59:bd:77:
38:8d:1e:fe
-----BEGIN CERTIFICATE-----
MIIGJjCCBQ6gAwIBAgISAZMagUxouVTCbW2qOxaHrqtFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjQxMTExMDkxNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWMyN2QyYzk4MTM1ZDk3Nzk1NDI5YWQwZjhlYzM4YTA5YmY5Y2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5Ag0yCU8punkt/S/QJtmUAJv0d1
pVeNLVo1yKF21HT7M7vMSIf1PdoH4LjC0JIihjhWXGdAkWxOKbZA/srdpRhUyEZV
Yxg3M4FLnqN3VexwmZ0U63Fj9lUWHfkKzgmoPK8GkZibHQkAab/E9vH8TXECN0lf
ag7aQYXgXqkbbgCge0n4t3fLHtrubFi/uwOr0T+UTmxeRdvf0mo8kZI1UvIRS4dN
eKmcEztuzQJkOlyQj0zdR7Jd9/NtN1G3f5uJOhkYXeOvCF6qALJRVEm+k9v/URsO
mft+tyRTwmZ4/mbITUYvy/NqrmCIWn7dDVm5IkvsXoMxWXE35vu5gYQVxwIDAQAB
o4IDMjCCAy4wHQYDVR0OBBYEFIrCfSyYE12XeVQprQ+Ow4oJv5ygMB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEvaXNKOUxKZ1RYWmQ1VkNtdEQ0N0RpZ21fbktBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRgYIKwYBBQUHAQcBAf8EggE1MIIBMTCCAR4EAgABMIIB
FgMEA01JGAMEBU1eoDAMAwQEURqQAwQCURqYAwQBVC+AAwQAVC+DMAwDBAFUL4YD
BABUL4gwDAMEAlQvjAMEAVQvkAMEAFQvkzAMAwQBVC+WAwQBVC+YMAwDBAJUL5wD
BAFUL6QwDAMEA1QvqAMEAFQvrDAMAwQBVC+uAwQAVC+yMAwDBABUL7UDBANUL7AD
BAFUL7oDBAFUL74DBANVW2ADBAJVW3AwDAMEAVVbdgMEAFVbegMEALlqawMEAdWH
QAMEANWHQzAMAwQA1YdFAwQA1YdGAwQB1YdIAwQA1YdNAwQA1YdQMAwDBAHVh1ID
BALVh1gwDAMEBdXQoAMEANXQqjAMAwQC1dCsAwQA1dC4AwQC1dC8MA0EAgACMAcD
BQMqAgvIMA0GCSqGSIb3DQEBCwUAA4IBAQCQUdzrU0dwK8IaLdYwIFygGOy6krgh
+HhP0Y+a5IRGka8HBhpey3m/JeiliniGPlyL7fsm89KfqRENsNh2FJOvyEoWe1Ex
/fBmzg76wGl6dLboYtg3LpZX2xwdNwPj73cf1B3aKt2kLiZbdWQ7axqIinzKwm0b
8X8fHewHp1gSf4nqzBaigEaH7645c0nTOPp3CTo8DcH4lLiJww9j8HompAc1lEPY
6yC1JsV8pz7jSaY+o83ShulNdTh/Lc38W2r6JTBa2VBUM/5h7XwgvrdGUZWqODr+
OZy4LVahgB+Se2X+y8ALcYVwu7Ro7zwvNYYVYHBRm09BKXJZvXc4jR7+
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:05:39 2024 by rpki-client on console-ams.rpki-client.org