Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/2pMf7zNvtorw4lOihvfcF651Heg.roa
File: 2pMf7zNvtorw4lOihvfcF651Heg.roa (raw, json)
Hash identifier: J+c/4KuRIY4TGg37PixzJzUU/PYWs3jH8e2eKZx+tQk=
Subject key identifier: DA:93:1F:EF:33:6F:B6:8A:F0:E2:53:A2:86:F7:DC:17:AE:75:1D:E8
Certificate issuer: /CN=edb926f8c603aab79cb46a883bf632564a3faabf
Certificate serial: 018CC2DACB2ED1A2CA89690C5644E551A330
Authority key identifier: ED:B9:26:F8:C6:03:AA:B7:9C:B4:6A:88:3B:F6:32:56:4A:3F:AA:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7bkm-MYDqrectGqIO_YyVko_qr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/2pMf7zNvtorw4lOihvfcF651Heg.roa
Signing time: Mon 01 Jan 2024 02:29:27 +0000
ROA not before: Mon 01 Jan 2024 02:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42695
IP address blocks: 86.107.49.0/24 maxlen: 24
86.107.48.0/23 maxlen: 24
185.16.84.0/22 maxlen: 24
89.46.81.0/24 maxlen: 24
89.46.80.0/24 maxlen: 24
89.46.83.0/24 maxlen: 24
89.46.82.0/24 maxlen: 24
89.46.84.0/23 maxlen: 23
89.46.86.0/24 maxlen: 24
89.46.87.0/24 maxlen: 24
185.2.152.0/22 maxlen: 24
188.241.198.0/23 maxlen: 24
188.241.198.0/24 maxlen: 24
89.36.90.0/23 maxlen: 23
45.114.121.0/24 maxlen: 24
45.114.120.0/22 maxlen: 24
45.114.123.0/24 maxlen: 24
45.114.122.0/24 maxlen: 24
141.255.184.0/21 maxlen: 24
37.153.138.0/23 maxlen: 24
185.52.156.0/22 maxlen: 24
89.45.226.0/23 maxlen: 24
89.45.226.0/24 maxlen: 24
37.153.172.0/23 maxlen: 24
188.240.222.0/23 maxlen: 24
91.106.192.0/21 maxlen: 24
91.123.192.0/20 maxlen: 24
89.45.227.0/24 maxlen: 24
185.103.48.0/23 maxlen: 23
185.103.51.0/24 maxlen: 24
185.103.50.0/24 maxlen: 24
89.42.140.0/23 maxlen: 24
185.62.204.0/22 maxlen: 24
185.62.204.0/24 maxlen: 24
185.62.205.0/24 maxlen: 24
185.62.207.0/24 maxlen: 24
31.12.84.0/22 maxlen: 24
116.206.168.0/22 maxlen: 24
188.240.92.0/22 maxlen: 24
31.132.58.0/24 maxlen: 24
31.132.56.0/24 maxlen: 24
77.81.188.0/23 maxlen: 24
188.240.18.0/23 maxlen: 24
188.95.224.0/21 maxlen: 24
46.254.10.0/23 maxlen: 23
46.254.8.0/21 maxlen: 24
46.254.13.0/24 maxlen: 24
46.254.12.0/24 maxlen: 24
46.254.15.0/24 maxlen: 24
46.254.14.0/24 maxlen: 24
188.212.108.0/23 maxlen: 24
103.57.72.0/22 maxlen: 24
103.57.74.0/24 maxlen: 24
86.107.242.0/23 maxlen: 24
77.81.6.0/23 maxlen: 24
103.81.140.0/23 maxlen: 24
103.81.142.0/24 maxlen: 24
103.81.143.0/24 maxlen: 24
89.40.216.0/23 maxlen: 23
2a03:d7c0::/29 maxlen: 48
2a03:b000:400::/40 maxlen: 40
2a03:b000:700::/40 maxlen: 40
2a03:b000:800::/40 maxlen: 40
2a03:b000:b00::/40 maxlen: 40
2a03:b000:200::/40 maxlen: 40
2a03:b000:600::/40 maxlen: 40
2a03:b000:900::/40 maxlen: 40
2a04:f180::/29 maxlen: 48
2a06:2980::/29 maxlen: 48
2a00:16d8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/7bkm-MYDqrectGqIO_YyVko_qr8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/7bkm-MYDqrectGqIO_YyVko_qr8.mft
rsync://rpki.ripe.net/repository/DEFAULT/7bkm-MYDqrectGqIO_YyVko_qr8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:cb:2e:d1:a2:ca:89:69:0c:56:44:e5:51:a3:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edb926f8c603aab79cb46a883bf632564a3faabf
Validity
Not Before: Jan 1 02:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da931fef336fb68af0e253a286f7dc17ae751de8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:20:fe:91:d9:94:82:5b:79:c2:25:59:c1:3d:
7b:fc:eb:87:70:0a:88:62:89:1c:95:c5:b6:1f:62:
84:b8:e8:cd:3a:a4:48:e9:de:a4:7f:77:46:8b:dc:
bb:3f:9c:f6:9a:46:7f:96:7d:b1:02:12:ac:0d:43:
42:41:69:a9:a8:ca:15:ea:c9:6d:d7:16:fc:9e:25:
99:62:51:df:00:ec:d2:a8:03:1d:ee:4c:5b:c2:71:
e9:30:cf:d1:53:75:f2:cc:81:7a:6c:1d:11:ff:7a:
95:22:cd:ea:d8:96:e2:a3:5a:d3:42:ce:41:a9:d3:
da:53:ea:49:06:ca:24:b6:54:1f:f6:ac:16:a8:c0:
d3:d8:43:f6:c0:f0:17:16:04:a7:85:50:9f:78:e3:
c6:b7:89:6f:f3:43:f9:e5:de:3b:40:c8:c4:08:a7:
b2:5a:9a:37:c8:26:06:a6:10:7e:83:6c:e3:1c:3f:
74:05:cd:78:02:a8:88:3f:83:c0:ec:76:dd:a2:28:
d7:fc:88:d9:99:57:b3:3e:2f:24:98:95:55:91:5e:
23:69:23:2a:ec:6e:c0:9e:0a:d8:c8:e0:ea:0d:0b:
9f:ab:3f:27:b7:cb:3f:93:18:4b:3d:a0:b6:ef:8b:
0e:73:dc:8f:13:54:1c:78:a4:de:73:95:95:fb:01:
8c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:93:1F:EF:33:6F:B6:8A:F0:E2:53:A2:86:F7:DC:17:AE:75:1D:E8
X509v3 Authority Key Identifier:
keyid:ED:B9:26:F8:C6:03:AA:B7:9C:B4:6A:88:3B:F6:32:56:4A:3F:AA:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bkm-MYDqrectGqIO_YyVko_qr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/2pMf7zNvtorw4lOihvfcF651Heg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/7bkm-MYDqrectGqIO_YyVko_qr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.12.84.0/22
31.132.56.0/24
31.132.58.0/24
37.153.138.0/23
37.153.172.0/23
45.114.120.0/22
46.254.8.0/21
77.81.6.0/23
77.81.188.0/23
86.107.48.0/23
86.107.242.0/23
89.36.90.0/23
89.40.216.0/23
89.42.140.0/23
89.45.226.0/23
89.46.80.0/21
91.106.192.0/21
91.123.192.0/20
103.57.72.0/22
103.81.140.0/22
116.206.168.0/22
141.255.184.0/21
185.2.152.0/22
185.16.84.0/22
185.52.156.0/22
185.62.204.0/22
185.103.48.0/22
188.95.224.0/21
188.212.108.0/23
188.240.18.0/23
188.240.92.0/22
188.240.222.0/23
188.241.198.0/23
IPv6:
2a00:16d8::/32
2a03:b000:200::/40
2a03:b000:400::/40
2a03:b000:600::-2a03:b000:9ff:ffff:ffff:ffff:ffff:ffff
2a03:b000:b00::/40
2a03:d7c0::/29
2a04:f180::/29
2a06:2980::/29
Signature Algorithm: sha256WithRSAEncryption
9e:66:9d:ab:67:5c:4c:69:04:b3:8d:95:98:0c:d8:a0:d8:51:
a3:7e:27:bd:9b:14:bf:b0:ec:d3:63:3b:8d:52:02:0f:4d:f9:
f8:fb:ce:47:e2:4d:b5:6b:3f:c8:94:fe:eb:3d:61:d4:a1:19:
4d:3b:ec:10:af:26:b6:32:46:1c:dc:ca:d9:74:96:2c:09:cc:
c7:f7:0c:ed:2c:ab:ad:36:f1:6d:4b:db:a7:7b:c4:40:10:5c:
fb:f2:94:32:e5:66:9d:65:e7:57:ff:a6:88:c3:02:cb:0d:ff:
6f:32:83:97:42:ed:74:a6:e1:52:8b:29:da:78:aa:a7:99:d5:
18:f7:70:4a:6e:98:53:2c:af:08:b8:be:ca:9d:03:fe:75:b6:
0f:e0:b2:18:08:b7:cc:55:f5:3b:c9:5f:49:82:8f:cb:2c:16:
30:89:70:4f:cd:9d:e2:37:75:2b:c1:98:3a:fd:06:c4:35:98:
2b:cd:5e:81:b5:1c:80:68:57:06:66:7a:19:03:15:eb:91:58:
97:f9:fd:e9:49:5e:8d:85:12:7e:b6:92:db:26:a8:93:87:ea:
6b:34:c2:b8:43:3f:f2:7b:a8:c8:6b:f3:2d:ec:bc:ec:3b:61:
54:18:a2:60:14:a4:4c:2e:6a:10:07:07:ae:2d:18:67:8a:d7:
15:2c:0a:6d
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgISAYzC2ssu0aLKiWkMVkTlUaMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYjkyNmY4YzYwM2FhYjc5Y2I0NmE4ODNiZjYzMjU2NGEz
ZmFhYmYwHhcNMjQwMTAxMDIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTkzMWZlZjMzNmZiNjhhZjBlMjUzYTI4NmY3ZGMxN2FlNzUxZGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiD+kdmUglt5wiVZwT17/OuHcAqI
YokclcW2H2KEuOjNOqRI6d6kf3dGi9y7P5z2mkZ/ln2xAhKsDUNCQWmpqMoV6slt
1xb8niWZYlHfAOzSqAMd7kxbwnHpMM/RU3XyzIF6bB0R/3qVIs3q2Jbio1rTQs5B
qdPaU+pJBsoktlQf9qwWqMDT2EP2wPAXFgSnhVCfeOPGt4lv80P55d47QMjECKey
Wpo3yCYGphB+g2zjHD90Bc14AqiIP4PA7HbdoijX/IjZmVezPi8kmJVVkV4jaSMq
7G7AngrYyODqDQufqz8nt8s/kxhLPaC274sOc9yPE1QceKTec5WV+wGM6QIDAQAB
o4IDHzCCAxswHQYDVR0OBBYEFNqTH+8zb7aK8OJToob33BeudR3oMB8GA1UdIwQY
MBaAFO25JvjGA6q3nLRqiDv2MlZKP6q/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2JrbS1NWURxcmVjdEdxSU9fWXlWa29fcXI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81NmM5MzQtY2YxNC00YTRmLWFlN2Mt
M2JkMTk3OGJmMmY2LzEvMnBNZjd6TnZ0b3J3NGxPaWh2ZmNGNjUxSGVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81NmM5MzQtY2YxNC00YTRmLWFlN2MtM2JkMTk3OGJmMmY2
LzEvN2JrbS1NWURxcmVjdEdxSU9fWXlWa29fcXI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMwYIKwYBBQUHAQcBAf8EggEiMIIBHjCBzQQCAAEwgcYD
BAIfDFQDBAAfhDgDBAAfhDoDBAElmYoDBAElmawDBAItcngDBAMu/ggDBAFNUQYD
BAFNUbwDBAFWazADBAFWa/IDBAFZJFoDBAFZKNgDBAFZKowDBAFZLeIDBANZLlAD
BANbasADBARbe8ADBAJnOUgDBAJnUYwDBAJ0zqgDBAON/7gDBAK5ApgDBAK5EFQD
BAK5NJwDBAK5PswDBAK5ZzADBAO8X+ADBAG81GwDBAG88BIDBAK88FwDBAG88N4D
BAG88cYwTAQCAAIwRgMFACoAFtgDBgAqA7AAAgMGACoDsAAEMBADBgEqA7AABgMG
ASoDsAAIAwYAKgOwAAsDBQMqA9fAAwUDKgTxgAMFAyoGKYAwDQYJKoZIhvcNAQEL
BQADggEBAJ5mnatnXExpBLONlZgM2KDYUaN+J72bFL+w7NNjO41SAg9N+fj7zkfi
TbVrP8iU/us9YdShGU077BCvJrYyRhzcytl0liwJzMf3DO0sq6028W1L26d7xEAQ
XPvylDLlZp1l51f/pojDAssN/28yg5dC7XSm4VKLKdp4qqeZ1Rj3cEpumFMsrwi4
vsqdA/51tg/gshgIt8xV9TvJX0mCj8ssFjCJcE/NneI3dSvBmDr9BsQ1mCvNXoG1
HIBoVwZmehkDFeuRWJf5/elJXo2FEn62ktsmqJOH6ms0wrhDP/J7qMhr8y3svOw7
YVQYomAUpEwuahAHB64tGGeK1xUsCm0=
-----END CERTIFICATE-----
Generated at Sat May 18 02:15:28 2024 by rpki-client on console-ams.rpki-client.org