Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/JVGgdRtMwO2Ihnai_FXQVqlIxY0.roa
File: JVGgdRtMwO2Ihnai_FXQVqlIxY0.roa (raw, json)
Hash identifier: yQK7biuoga/tA3nfKp5o6dmrDFY3QQQyXhRynF3ACJ4=
Subject key identifier: 25:51:A0:75:1B:4C:C0:ED:88:86:76:A2:FC:55:D0:56:A9:48:C5:8D
Certificate issuer: /CN=ba31bcf923c5f25cafbdabdfdd46e511f95df0d1
Certificate serial: 0192E16628EFA3793A9C74FAB2FC0CBFE505
Authority key identifier: BA:31:BC:F9:23:C5:F2:5C:AF:BD:AB:DF:DD:46:E5:11:F9:5D:F0:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/JVGgdRtMwO2Ihnai_FXQVqlIxY0.roa
Signing time: Thu 31 Oct 2024 07:07:01 +0000
ROA not before: Thu 31 Oct 2024 07:07:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20904
IP address blocks: 5.61.88.0/21 maxlen: 24
37.35.80.0/21 maxlen: 21
46.254.208.0/21 maxlen: 21
46.254.208.0/22 maxlen: 22
77.95.242.0/24 maxlen: 24
77.95.245.0/24 maxlen: 24
77.95.246.0/23 maxlen: 23
80.75.96.0/20 maxlen: 20
80.75.106.0/24 maxlen: 24
84.240.64.0/19 maxlen: 19
93.174.192.0/21 maxlen: 22
149.126.176.0/21 maxlen: 21
185.16.168.0/22 maxlen: 22
185.25.76.0/22 maxlen: 22
185.67.80.0/22 maxlen: 22
188.64.0.0/21 maxlen: 21
2a00:1a58::/32 maxlen: 32
2a00:74a0::/32 maxlen: 32
2a04:240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Nov 2024 07:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e1:66:28:ef:a3:79:3a:9c:74:fa:b2:fc:0c:bf:e5:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba31bcf923c5f25cafbdabdfdd46e511f95df0d1
Validity
Not Before: Oct 31 07:07:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2551a0751b4cc0ed888676a2fc55d056a948c58d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:96:62:a9:9b:4e:43:76:b7:16:8e:f3:f3:49:
26:78:3d:23:53:18:37:34:f9:e3:98:84:ee:76:c5:
03:ac:ea:0f:46:f1:f4:a3:15:96:59:31:26:86:13:
2d:0f:aa:4e:39:1a:ae:82:8e:08:2e:79:3d:38:de:
90:77:25:47:5a:7c:f3:a9:87:80:3f:b2:71:95:9b:
d5:ca:be:ff:49:66:48:2e:b3:9a:4d:da:fa:dd:df:
2d:34:9c:eb:dd:6e:ca:d5:2f:bf:ce:fe:58:32:df:
90:00:84:a9:a5:69:19:a5:47:9e:a9:88:a8:5a:cd:
86:c2:98:55:c6:fc:b8:e2:b3:e4:58:4c:73:1b:10:
db:db:46:84:99:20:d7:88:6b:65:54:81:57:ab:29:
28:c0:8f:81:45:65:15:7b:cc:93:6f:5a:84:e3:f4:
d9:76:9b:c7:30:e0:44:8f:43:16:42:69:9d:ae:f4:
ef:bd:61:a9:60:33:a8:f5:fc:53:d1:9f:89:a7:59:
53:f5:98:f1:80:f2:a5:47:46:29:31:c5:f0:2c:8e:
25:d6:ba:a1:59:17:5f:c4:b2:49:bb:10:de:46:7f:
49:86:18:c7:0f:bf:5a:4d:be:6f:57:c5:0c:ec:28:
18:a5:03:bd:5d:1d:f9:36:ae:56:9f:85:90:48:ee:
f7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:51:A0:75:1B:4C:C0:ED:88:86:76:A2:FC:55:D0:56:A9:48:C5:8D
X509v3 Authority Key Identifier:
keyid:BA:31:BC:F9:23:C5:F2:5C:AF:BD:AB:DF:DD:46:E5:11:F9:5D:F0:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/JVGgdRtMwO2Ihnai_FXQVqlIxY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.88.0/21
37.35.80.0/21
46.254.208.0/21
77.95.242.0/24
77.95.245.0-77.95.247.255
80.75.96.0/20
84.240.64.0/19
93.174.192.0/21
149.126.176.0/21
185.16.168.0/22
185.25.76.0/22
185.67.80.0/22
188.64.0.0/21
IPv6:
2a00:1a58::/32
2a00:74a0::/32
2a04:240::/29
Signature Algorithm: sha256WithRSAEncryption
54:f6:9d:dd:a9:40:52:9d:1d:bd:57:8c:50:71:70:95:96:93:
34:88:16:1a:c2:cc:49:61:48:09:c2:90:e4:58:01:76:0b:b2:
15:27:b0:2b:11:11:cb:f7:f7:a9:d7:22:dc:f3:e8:2e:da:8a:
19:9b:05:9f:50:49:b0:77:81:ea:8f:62:b2:fb:68:38:80:6e:
aa:c3:33:20:50:5e:5d:31:96:e4:8e:7f:45:fc:92:6e:04:9f:
9d:70:2e:b3:26:5a:c8:c5:26:39:e0:f0:6c:84:47:98:92:92:
df:23:f6:f8:f2:67:eb:f1:5c:c1:d8:62:b1:15:b4:3a:3d:e0:
2b:e5:23:ed:3b:da:04:e5:27:92:1a:ff:ab:ef:5c:10:57:16:
6f:69:77:5f:6d:d2:49:be:d5:07:1b:0a:97:bb:9e:f4:44:bb:
c0:5b:99:08:cf:0e:07:0a:04:b8:c7:f4:61:69:d3:88:5c:af:
ff:12:1b:a6:c1:bf:89:ec:64:92:4d:ec:df:7b:82:ad:40:b7:
51:85:ec:6d:7e:6b:7c:33:28:93:cc:e5:fa:87:f1:58:57:1d:
06:79:8d:34:b5:c4:b0:86:06:d2:9d:d5:25:7f:85:8e:c3:f7:
5b:8b:50:5c:80:af:0e:4e:bc:de:19:97:ab:54:e9:b3:28:4e:
33:69:80:60
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAZLhZijvo3k6nHT6svwMv+UFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMzFiY2Y5MjNjNWYyNWNhZmJkYWJkZmRkNDZlNTExZjk1
ZGYwZDEwHhcNMjQxMDMxMDcwNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTUxYTA3NTFiNGNjMGVkODg4Njc2YTJmYzU1ZDA1NmE5NDhjNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZZiqZtOQ3a3Fo7z80kmeD0jUxg3
NPnjmITudsUDrOoPRvH0oxWWWTEmhhMtD6pOORqugo4ILnk9ON6QdyVHWnzzqYeA
P7JxlZvVyr7/SWZILrOaTdr63d8tNJzr3W7K1S+/zv5YMt+QAISppWkZpUeeqYio
Ws2GwphVxvy44rPkWExzGxDb20aEmSDXiGtlVIFXqykowI+BRWUVe8yTb1qE4/TZ
dpvHMOBEj0MWQmmdrvTvvWGpYDOo9fxT0Z+Jp1lT9ZjxgPKlR0YpMcXwLI4l1rqh
WRdfxLJJuxDeRn9JhhjHD79aTb5vV8UM7CgYpQO9XR35Nq5Wn4WQSO73fwIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFCVRoHUbTMDtiIZ2ovxV0FapSMWNMB8GA1UdIwQY
MBaAFLoxvPkjxfJcr72r391G5RH5XfDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWpHOC1TUEY4bHl2dmF2ZjNVYmxFZmxkOE5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83NmE3ZjEtNzQ4ZC00MDZjLWE1MWYt
MWJhMzQzZjE3ZWMyLzEvSlZHZ2RSdE13TzJJaG5haV9GWFFWcWxJeFkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83NmE3ZjEtNzQ4ZC00MDZjLWE1MWYtMWJhMzQzZjE3ZWMy
LzEvdWpHOC1TUEY4bHl2dmF2ZjNVYmxFZmxkOE5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswXAQCAAEwVgMEAwU9WAME
AyUjUAMEAy7+0AMEAE1f8jAMAwQATV/1AwQDTV/wAwQEUEtgAwQFVPBAAwQDXa7A
AwQDlX6wAwQCuRCoAwQCuRlMAwQCuUNQAwQDvEAAMBsEAgACMBUDBQAqABpYAwUA
KgB0oAMFAyoEAkAwDQYJKoZIhvcNAQELBQADggEBAFT2nd2pQFKdHb1XjFBxcJWW
kzSIFhrCzElhSAnCkORYAXYLshUnsCsREcv396nXItzz6C7aihmbBZ9QSbB3geqP
YrL7aDiAbqrDMyBQXl0xluSOf0X8km4En51wLrMmWsjFJjng8GyER5iSkt8j9vjy
Z+vxXMHYYrEVtDo94CvlI+072gTlJ5Ia/6vvXBBXFm9pd19t0km+1QcbCpe7nvRE
u8BbmQjPDgcKBLjH9GFp04hcr/8SG6bBv4nsZJJN7N97gq1At1GF7G1+a3wzKJPM
5fqH8VhXHQZ5jTS1xLCGBtKd1SV/hY7D91uLUFyArw5OvN4Zl6tU6bMoTjNpgGA=
-----END CERTIFICATE-----
Generated at Wed Nov 27 11:48:25 2024 by rpki-client on console-ams.rpki-client.org