Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/jlqWkVmNIsjq7VYXjgnpQ2RxwGE.roa
File: jlqWkVmNIsjq7VYXjgnpQ2RxwGE.roa (raw, json)
Hash identifier: sUEEtPRv0u+1e2e5rOq/eTVykfBmB2RlzIAlBa5Fi1M=
Subject key identifier: 8E:5A:96:91:59:8D:22:C8:EA:ED:56:17:8E:09:E9:43:64:71:C0:61
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 0190FEA6D5804C671321351CA89187DD98D5
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/jlqWkVmNIsjq7VYXjgnpQ2RxwGE.roa
Signing time: Mon 29 Jul 2024 13:21:04 +0000
ROA not before: Mon 29 Jul 2024 13:21:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48309
IP address blocks: 31.25.104.0/22 maxlen: 22
31.25.108.0/24 maxlen: 24
31.25.109.0/24 maxlen: 24
31.25.110.0/23 maxlen: 23
37.191.64.0/22 maxlen: 22
37.191.68.0/22 maxlen: 22
37.191.72.0/22 maxlen: 22
37.191.74.0/24 maxlen: 24
37.191.76.0/22 maxlen: 22
37.191.80.0/21 maxlen: 24
37.191.88.0/22 maxlen: 22
37.191.92.0/22 maxlen: 24
185.85.68.0/22 maxlen: 22
188.136.128.0/24 maxlen: 24
188.136.129.0/24 maxlen: 24
188.136.130.0/24 maxlen: 24
188.136.131.0/24 maxlen: 24
188.136.132.0/24 maxlen: 24
188.136.133.0/24 maxlen: 24
188.136.134.0/24 maxlen: 24
188.136.135.0/24 maxlen: 24
188.136.140.0/22 maxlen: 24
188.136.141.0/24 maxlen: 24
188.136.142.0/24 maxlen: 24
188.136.143.0/24 maxlen: 24
188.136.144.0/22 maxlen: 22
188.136.144.0/24 maxlen: 24
188.136.145.0/24 maxlen: 24
188.136.146.0/24 maxlen: 24
188.136.147.0/24 maxlen: 24
188.136.149.0/24 maxlen: 24
188.136.150.0/24 maxlen: 24
188.136.151.0/24 maxlen: 24
188.136.152.0/24 maxlen: 24
188.136.153.0/24 maxlen: 24
188.136.154.0/24 maxlen: 24
188.136.155.0/24 maxlen: 24
188.136.156.0/24 maxlen: 24
188.136.157.0/24 maxlen: 24
188.136.158.0/24 maxlen: 24
188.136.159.0/24 maxlen: 24
188.136.160.0/24 maxlen: 24
188.136.161.0/24 maxlen: 24
188.136.162.0/24 maxlen: 24
188.136.163.0/24 maxlen: 24
188.136.164.0/24 maxlen: 24
188.136.165.0/24 maxlen: 24
188.136.166.0/24 maxlen: 24
188.136.167.0/24 maxlen: 24
188.136.168.0/24 maxlen: 24
188.136.169.0/24 maxlen: 24
188.136.170.0/24 maxlen: 24
188.136.171.0/24 maxlen: 24
188.136.172.0/24 maxlen: 24
188.136.173.0/24 maxlen: 24
188.136.175.0/24 maxlen: 24
188.136.185.0/24 maxlen: 24
188.136.187.0/24 maxlen: 24
188.136.189.0/24 maxlen: 24
188.136.190.0/24 maxlen: 24
188.136.191.0/24 maxlen: 24
188.136.192.0/23 maxlen: 23
188.136.194.0/24 maxlen: 24
188.136.196.0/22 maxlen: 22
188.136.196.0/24 maxlen: 24
188.136.200.0/24 maxlen: 24
188.136.209.0/24 maxlen: 24
188.136.210.0/24 maxlen: 24
188.136.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Oct 2024 05:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fe:a6:d5:80:4c:67:13:21:35:1c:a8:91:87:dd:98:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Jul 29 13:21:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e5a9691598d22c8eaed56178e09e9436471c061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:32:1b:ef:d9:ba:c5:94:7b:01:53:e8:5f:5b:
a8:f0:e7:51:0c:49:98:31:ab:e8:df:46:99:75:c2:
61:7a:66:80:e3:6f:a4:8e:a0:40:bf:92:0e:19:ba:
3f:e3:de:95:ee:4e:aa:69:a2:ff:8c:e0:65:47:5f:
d0:1d:c7:c4:16:2d:9d:db:4b:05:6d:06:b1:0a:49:
79:8f:90:7f:83:d0:1b:bc:9e:80:da:4d:51:3e:49:
02:64:10:f0:65:6f:d0:3f:a6:6f:ac:26:ad:b7:fe:
8e:b5:84:85:a4:1c:72:30:cc:b3:26:00:3d:a6:9b:
6d:92:5d:ad:71:e4:f3:86:6a:87:eb:96:8d:29:57:
b9:f4:da:89:c8:76:ad:7c:33:bb:0e:f4:4d:6a:44:
f8:07:65:95:5e:93:f1:ef:3f:26:42:0c:8b:99:08:
ff:7e:dc:a3:b9:2f:2b:ec:1c:2f:34:f4:70:a1:71:
62:f9:7b:e6:cb:7b:78:50:de:ca:f1:48:d7:e9:84:
7f:56:cf:dd:37:d8:0e:f7:f5:a0:c8:d7:e8:a9:bf:
e1:e8:36:3f:3f:ed:0c:a4:a8:98:84:79:84:c4:28:
9c:94:52:f1:bc:b6:fe:b1:de:98:63:9a:e9:9f:99:
8c:63:6d:1d:5e:63:b3:fe:b3:cd:13:b3:c5:5b:de:
70:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:5A:96:91:59:8D:22:C8:EA:ED:56:17:8E:09:E9:43:64:71:C0:61
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/jlqWkVmNIsjq7VYXjgnpQ2RxwGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.104.0/21
37.191.64.0/19
185.85.68.0/22
188.136.128.0/21
188.136.140.0-188.136.147.255
188.136.149.0-188.136.173.255
188.136.175.0/24
188.136.185.0/24
188.136.187.0/24
188.136.189.0-188.136.194.255
188.136.196.0-188.136.200.255
188.136.209.0-188.136.211.255
Signature Algorithm: sha256WithRSAEncryption
54:7d:02:74:76:b4:fd:c7:09:f8:96:d7:a8:80:23:23:0d:67:
6d:24:70:c6:ae:a1:7b:48:1d:92:eb:2c:73:5c:5f:0e:79:2c:
97:f8:04:af:f9:24:39:10:4d:9b:70:c6:ad:b7:56:9c:92:8e:
5f:f8:e1:71:e5:e8:6c:32:eb:07:4a:47:5a:d6:31:96:2f:cd:
d2:2e:ef:fe:3e:65:8b:02:dd:a1:0f:62:e8:13:ba:9b:30:e0:
c2:45:c5:23:e6:98:9b:2d:bc:5f:9a:8f:92:2b:d5:f2:83:fc:
f4:20:df:64:1b:a1:cd:c4:02:65:9d:1a:21:a4:cf:9c:45:27:
9b:9b:b9:79:d9:24:79:67:34:9c:4c:73:8d:9d:9f:f8:2f:f4:
a9:75:84:79:9c:21:4e:8f:43:2c:05:18:34:4f:e7:67:65:ff:
67:07:11:e0:f9:43:c8:7f:9d:16:1b:1d:09:ec:83:c5:42:0f:
8a:52:21:38:29:c0:49:3c:23:5b:4b:f9:f2:e9:e7:44:b0:69:
b9:bf:99:a6:d1:c4:7e:a6:9f:d0:6b:c1:04:8c:98:33:9d:ff:
0c:82:bd:1d:cc:2c:fb:58:b1:6d:31:0c:9d:61:e9:06:3e:8d:
24:06:2d:44:79:fb:6a:46:ee:5f:61:5f:47:63:13:7b:37:3e:
9a:8c:03:e0
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZD+ptWATGcTITUcqJGH3ZjVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjQwNzI5MTMyMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTVhOTY5MTU5OGQyMmM4ZWFlZDU2MTc4ZTA5ZTk0MzY0NzFjMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDIb79m6xZR7AVPoX1uo8OdRDEmY
Mavo30aZdcJhemaA42+kjqBAv5IOGbo/496V7k6qaaL/jOBlR1/QHcfEFi2d20sF
bQaxCkl5j5B/g9AbvJ6A2k1RPkkCZBDwZW/QP6ZvrCatt/6OtYSFpBxyMMyzJgA9
ppttkl2tceTzhmqH65aNKVe59NqJyHatfDO7DvRNakT4B2WVXpPx7z8mQgyLmQj/
ftyjuS8r7BwvNPRwoXFi+Xvmy3t4UN7K8UjX6YR/Vs/dN9gO9/WgyNfoqb/h6DY/
P+0MpKiYhHmExCiclFLxvLb+sd6YY5rpn5mMY20dXmOz/rPNE7PFW95wiwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFI5alpFZjSLI6u1WF44J6UNkccBhMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvamxxV2tWbU5Jc2pxN1ZZWGpnbnBRMlJ4d0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAx8ZaAME
BSW/QAMEArlVRAMEA7yIgDAMAwQCvIiMAwQCvIiQMAwDBAC8iJUDBAG8iKwDBAC8
iK8DBAC8iLkDBAC8iLswDAMEALyIvQMEALyIwjAMAwQCvIjEAwQAvIjIMAwDBAC8
iNEDBAK8iNAwDQYJKoZIhvcNAQELBQADggEBAFR9AnR2tP3HCfiW16iAIyMNZ20k
cMauoXtIHZLrLHNcXw55LJf4BK/5JDkQTZtwxq23VpySjl/44XHl6Gwy6wdKR1rW
MZYvzdIu7/4+ZYsC3aEPYugTupsw4MJFxSPmmJstvF+aj5Ir1fKD/PQg32Qboc3E
AmWdGiGkz5xFJ5ubuXnZJHlnNJxMc42dn/gv9Kl1hHmcIU6PQywFGDRP52dl/2cH
EeD5Q8h/nRYbHQnsg8VCD4pSITgpwEk8I1tL+fLp50Swabm/mabRxH6mn9BrwQSM
mDOd/wyCvR3MLPtYsW0xDJ1h6QY+jSQGLUR5+2pG7l9hX0djE3s3PpqMA+A=
-----END CERTIFICATE-----
Generated at Sun Oct 6 16:23:06 2024 by rpki-client on console-fra.rpki-client.org