Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/NG8tooTdpaYRAjB4NVgNWQgmfiI.roa
File: NG8tooTdpaYRAjB4NVgNWQgmfiI.roa (raw, json)
Hash identifier: vNd85zwqLUVjufouWaKDplEfDUy0i5BRXIC5pFPgbPI=
Subject key identifier: 34:6F:2D:A2:84:DD:A5:A6:11:02:30:78:35:58:0D:59:08:26:7E:22
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 0193445BD828A9375AB2A1072BEE5BFDF3DC
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/NG8tooTdpaYRAjB4NVgNWQgmfiI.roa
Signing time: Tue 19 Nov 2024 12:18:09 +0000
ROA not before: Tue 19 Nov 2024 12:18:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 680
IP address blocks: 84.246.64.0/21 maxlen: 21
129.26.0.0/16 maxlen: 16
129.233.128.0/18 maxlen: 18
129.233.210.0/24 maxlen: 24
129.233.224.0/20 maxlen: 20
153.96.0.0/16 maxlen: 16
192.35.149.0/24 maxlen: 24
192.35.150.0/23 maxlen: 23
192.35.150.0/24 maxlen: 24
192.35.151.0/24 maxlen: 24
192.35.153.0/24 maxlen: 24
192.44.4.0/24 maxlen: 24
192.44.5.0/24 maxlen: 24
192.44.6.0/24 maxlen: 24
192.44.8.0/24 maxlen: 24
192.44.12.0/24 maxlen: 24
192.44.15.0/24 maxlen: 24
192.44.18.0/24 maxlen: 24
192.44.20.0/23 maxlen: 23
192.44.23.0/24 maxlen: 24
192.44.25.0/24 maxlen: 24
192.44.26.0/24 maxlen: 24
192.44.28.0/24 maxlen: 24
192.44.29.0/24 maxlen: 24
192.44.30.0/23 maxlen: 23
192.44.36.0/24 maxlen: 24
192.44.37.0/24 maxlen: 24
192.44.38.0/23 maxlen: 23
192.44.40.0/24 maxlen: 24
192.54.34.0/23 maxlen: 23
192.76.148.0/24 maxlen: 24
192.76.241.0/24 maxlen: 24
192.76.245.0/24 maxlen: 24
192.76.246.0/23 maxlen: 23
192.76.248.0/24 maxlen: 24
192.88.108.0/24 maxlen: 24
192.102.150.0/23 maxlen: 23
192.102.152.0/23 maxlen: 23
192.102.156.0/24 maxlen: 24
192.102.158.0/23 maxlen: 23
192.102.160.0/24 maxlen: 24
192.102.161.0/24 maxlen: 24
192.102.162.0/23 maxlen: 23
192.102.164.0/24 maxlen: 24
192.102.167.0/24 maxlen: 24
192.102.168.0/24 maxlen: 24
192.102.169.0/24 maxlen: 24
192.102.170.0/24 maxlen: 24
192.102.172.0/24 maxlen: 24
192.102.174.0/24 maxlen: 24
192.102.175.0/24 maxlen: 24
192.102.176.0/23 maxlen: 23
192.109.177.0/24 maxlen: 24
212.44.192.0/19 maxlen: 19
2a03:db80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:5b:d8:28:a9:37:5a:b2:a1:07:2b:ee:5b:fd:f3:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Nov 19 12:18:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=346f2da284dda5a61102307835580d5908267e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:79:b7:2e:ec:11:0d:fc:1a:e6:27:ae:f3:14:
42:fe:dd:4c:3d:79:8b:88:8e:27:66:34:a4:0e:46:
91:05:38:65:70:cb:15:d0:2d:d7:4a:24:8b:3e:81:
19:13:9c:73:bb:86:43:f3:c4:3b:b5:a0:89:4a:31:
2f:92:ea:f3:51:20:48:a4:29:dd:62:16:73:ef:6e:
31:4d:9a:e6:e0:94:cf:c5:cf:c6:26:77:a0:51:bc:
94:62:f8:55:d8:aa:d0:fa:8b:7e:bd:ba:03:38:7b:
bd:7a:a9:b1:a8:d8:8a:f8:d4:25:e8:68:52:27:d4:
11:a2:e7:f0:aa:4f:ec:bd:b5:7e:ec:6d:fc:b9:15:
d3:cb:61:04:b9:e4:0a:7f:68:93:97:1d:97:e1:45:
8b:5d:97:73:a8:78:53:30:a7:cc:f7:a2:e8:52:2a:
4d:1d:bb:c6:2e:ce:af:39:9f:9a:1f:69:d8:ac:8d:
9e:53:2b:b0:aa:1e:c9:2d:98:a7:2f:66:43:9f:78:
20:a3:51:72:46:7a:1b:e7:5f:d9:b2:bb:e9:20:ec:
c4:31:c1:44:2e:d8:1a:6c:31:d1:08:91:b4:ea:b7:
f7:f1:cd:49:cc:5d:2b:2a:cf:98:f9:02:2b:35:f3:
11:fb:45:23:b8:07:5a:97:01:b4:0b:d9:e3:fd:97:
23:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:6F:2D:A2:84:DD:A5:A6:11:02:30:78:35:58:0D:59:08:26:7E:22
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/NG8tooTdpaYRAjB4NVgNWQgmfiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.64.0/21
129.26.0.0/16
129.233.128.0/18
129.233.210.0/24
129.233.224.0/20
153.96.0.0/16
192.35.149.0-192.35.151.255
192.35.153.0/24
192.44.4.0-192.44.6.255
192.44.8.0/24
192.44.12.0/24
192.44.15.0/24
192.44.18.0/24
192.44.20.0/23
192.44.23.0/24
192.44.25.0-192.44.26.255
192.44.28.0/22
192.44.36.0-192.44.40.255
192.54.34.0/23
192.76.148.0/24
192.76.241.0/24
192.76.245.0-192.76.248.255
192.88.108.0/24
192.102.150.0-192.102.153.255
192.102.156.0/24
192.102.158.0-192.102.164.255
192.102.167.0-192.102.170.255
192.102.172.0/24
192.102.174.0-192.102.177.255
192.109.177.0/24
212.44.192.0/19
IPv6:
2a03:db80::/32
Signature Algorithm: sha256WithRSAEncryption
0d:1c:fe:1d:49:3b:cc:11:e9:5e:ed:6b:47:f7:e0:84:6a:58:
49:ca:67:28:d8:75:ec:38:a6:0b:ad:fe:c4:3d:c7:42:40:0e:
d5:c2:09:6e:48:df:03:a0:cc:7f:49:84:86:0d:50:32:8e:df:
bc:29:88:2e:ad:e2:19:89:0f:53:45:89:56:f7:f1:c7:68:a8:
4a:01:6e:73:19:0e:a2:1d:00:f8:de:5f:fd:19:66:6b:d2:9c:
bc:f2:24:73:3b:d8:8a:1f:b8:88:c5:f7:c7:68:38:a9:d9:ec:
b0:67:66:6b:79:f0:bf:69:a2:1f:f6:73:9d:7b:b3:e2:50:ce:
52:3f:5b:6e:e2:54:33:25:54:8c:9b:13:e9:67:c6:17:25:c8:
6f:79:80:52:be:57:68:00:38:ac:e8:88:bb:0c:cf:71:2d:ba:
5f:3a:a9:2f:99:88:86:d8:fa:7b:4b:1f:97:67:0a:e3:ef:5f:
20:99:34:f0:85:a4:04:3c:ed:dc:d5:1f:b4:25:3e:67:10:91:
2d:f5:93:0f:aa:42:a8:ea:6a:36:85:52:aa:e5:35:5a:c2:57:
ed:f5:55:e0:bd:e7:00:e0:ba:43:dd:02:e2:a3:87:0b:11:7a:
90:98:af:da:be:2d:94:3a:1d:fa:99:bf:ee:bc:7f:46:ce:97:
cb:c8:de:24
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgISAZNEW9goqTdasqEHK+5b/fPcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjQxMTE5MTIxODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDZmMmRhMjg0ZGRhNWE2MTEwMjMwNzgzNTU4MGQ1OTA4MjY3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA93m3LuwRDfwa5ieu8xRC/t1MPXmL
iI4nZjSkDkaRBThlcMsV0C3XSiSLPoEZE5xzu4ZD88Q7taCJSjEvkurzUSBIpCnd
YhZz724xTZrm4JTPxc/GJnegUbyUYvhV2KrQ+ot+vboDOHu9eqmxqNiK+NQl6GhS
J9QRoufwqk/svbV+7G38uRXTy2EEueQKf2iTlx2X4UWLXZdzqHhTMKfM96LoUipN
HbvGLs6vOZ+aH2nYrI2eUyuwqh7JLZinL2ZDn3ggo1FyRnob51/ZsrvpIOzEMcFE
LtgabDHRCJG06rf38c1JzF0rKs+Y+QIrNfMR+0UjuAdalwG0C9nj/ZcjJQIDAQAB
o4IDHDCCAxgwHQYDVR0OBBYEFDRvLaKE3aWmEQIweDVYDVkIJn4iMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvTkc4dG9vVGRwYVlSQWpCNE5WZ05XUWdtZmlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMAYIKwYBBQUHAQcBAf8EggEfMIIBGzCCAQgEAgABMIIB
AAMEA1T2QAMDAIEaAwQGgemAAwQAgenSAwQEgengAwMAmWAwDAMEAMAjlQMEA8Aj
kAMEAMAjmTAMAwQCwCwEAwQAwCwGAwQAwCwIAwQAwCwMAwQAwCwPAwQAwCwSAwQB
wCwUAwQAwCwXMAwDBADALBkDBADALBoDBALALBwwDAMEAsAsJAMEAMAsKAMEAcA2
IgMEAMBMlAMEAMBM8TAMAwQAwEz1AwQAwEz4AwQAwFhsMAwDBAHAZpYDBAHAZpgD
BADAZpwwDAMEAcBmngMEAMBmpDAMAwQAwGanAwQAwGaqAwQAwGasMAwDBAHAZq4D
BAHAZrADBADAbbEDBAXULMAwDQQCAAIwBwMFACoD24AwDQYJKoZIhvcNAQELBQAD
ggEBAA0c/h1JO8wR6V7ta0f34IRqWEnKZyjYdew4pgut/sQ9x0JADtXCCW5I3wOg
zH9JhIYNUDKO37wpiC6t4hmJD1NFiVb38cdoqEoBbnMZDqIdAPjeX/0ZZmvSnLzy
JHM72IofuIjF98doOKnZ7LBnZmt58L9poh/2c517s+JQzlI/W27iVDMlVIybE+ln
xhclyG95gFK+V2gAOKzoiLsMz3Etul86qS+ZiIbY+ntLH5dnCuPvXyCZNPCFpAQ8
7dzVH7QlPmcQkS31kw+qQqjqajaFUqrlNVrCV+31VeC95wDgukPdAuKjhwsRepCY
r9q+LZQ6HfqZv+68f0bOl8vI3iQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:12:33 2024 by rpki-client on console-fra.rpki-client.org