Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/jezo2psXQdTiqdOjRbmJDuy7uNU.roa
File: jezo2psXQdTiqdOjRbmJDuy7uNU.roa (raw, json)
Hash identifier: 2rkYdcVXgKX7TadxThVJqTMyJ7tjuQS8/yRlRUnKPyE=
Subject key identifier: 8D:EC:E8:DA:9B:17:41:D4:E2:A9:D3:A3:45:B9:89:0E:EC:BB:B8:D5
Certificate issuer: /CN=e5503498ff185d0c607353f43f55e911f62a6802
Certificate serial: 018CC493135454FFE8EB67B920779FF2354D
Authority key identifier: E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/jezo2psXQdTiqdOjRbmJDuy7uNU.roa
Signing time: Mon 01 Jan 2024 10:30:22 +0000
ROA not before: Mon 01 Jan 2024 10:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15943
IP address blocks: 80.245.104.0/22 maxlen: 24
84.242.16.0/20 maxlen: 24
149.249.16.0/20 maxlen: 24
185.29.240.0/22 maxlen: 24
216.83.208.0/20 maxlen: 24
45.131.16.0/22 maxlen: 24
193.178.56.0/22 maxlen: 24
185.232.32.0/22 maxlen: 24
213.195.24.0/21 maxlen: 24
45.82.192.0/22 maxlen: 24
185.220.216.0/22 maxlen: 24
94.72.168.0/21 maxlen: 24
176.109.192.0/19 maxlen: 24
95.163.160.0/20 maxlen: 24
94.72.184.0/21 maxlen: 24
81.25.160.0/20 maxlen: 24
212.146.136.0/21 maxlen: 24
149.224.0.0/16 maxlen: 24
212.146.144.0/20 maxlen: 24
94.72.128.0/21 maxlen: 24
46.22.0.0/20 maxlen: 24
45.157.100.0/22 maxlen: 24
193.218.16.0/20 maxlen: 24
212.127.32.0/19 maxlen: 24
195.123.96.0/20 maxlen: 24
188.136.224.0/19 maxlen: 24
31.29.32.0/19 maxlen: 24
84.46.0.0/17 maxlen: 24
46.59.128.0/17 maxlen: 24
149.233.128.0/17 maxlen: 24
185.82.16.0/22 maxlen: 24
213.21.32.0/20 maxlen: 24
95.129.0.0/21 maxlen: 24
185.207.4.0/22 maxlen: 24
37.122.136.0/21 maxlen: 24
192.119.48.0/20 maxlen: 24
109.230.96.0/20 maxlen: 24
192.196.192.0/20 maxlen: 24
45.159.176.0/22 maxlen: 24
185.23.224.0/22 maxlen: 24
185.215.236.0/22 maxlen: 24
95.81.0.0/19 maxlen: 24
2.57.116.0/22 maxlen: 24
149.249.248.0/22 maxlen: 24
77.223.8.0/21 maxlen: 24
195.250.0.0/20 maxlen: 24
77.223.16.0/20 maxlen: 24
213.209.64.0/18 maxlen: 24
134.101.128.0/17 maxlen: 24
31.172.104.0/21 maxlen: 24
2a04:4540::/29 maxlen: 29
2a02:2028::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/5VA0mP8YXQxgc1P0P1XpEfYqaAI.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/5VA0mP8YXQxgc1P0P1XpEfYqaAI.mft
rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 04:01:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:13:54:54:ff:e8:eb:67:b9:20:77:9f:f2:35:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5503498ff185d0c607353f43f55e911f62a6802
Validity
Not Before: Jan 1 10:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8dece8da9b1741d4e2a9d3a345b9890eecbbb8d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:20:ce:a9:e4:ff:8e:66:7c:13:2a:26:60:1f:
9a:2a:6b:2c:be:4c:6e:d2:d0:85:21:51:38:0d:f2:
f5:a9:60:40:54:10:7b:ab:dd:fb:bf:46:0d:84:b5:
ec:b6:f3:f8:6b:ed:74:2b:db:b1:19:48:17:5d:0d:
b6:c2:57:49:50:dc:18:c3:df:7d:dc:f5:e2:55:5a:
c9:8f:dd:1a:93:f9:e5:7c:dc:ba:67:e7:3d:1a:61:
ae:38:e6:03:ce:8c:28:07:83:86:72:06:70:60:78:
c3:a2:ce:1d:e9:4c:b6:ba:b2:43:e6:a1:3b:cb:ca:
a6:00:5e:7e:57:9c:18:74:06:5e:69:4a:99:79:27:
d8:5b:7a:a0:66:c2:8e:68:26:a9:09:17:e3:e4:57:
5f:86:ca:fa:d0:12:db:8a:08:d9:11:7e:26:78:b2:
58:dd:a0:15:6b:08:a0:d8:38:c5:50:ae:ed:4f:4c:
92:9a:99:7a:78:0a:ba:89:d4:74:4e:c9:3b:0b:e1:
4d:7d:68:c4:16:06:d9:02:d5:70:bb:fb:10:86:38:
12:7a:f9:d7:ea:5a:e6:02:6c:74:14:dc:13:65:9e:
9c:bf:cc:9d:b9:92:d7:97:ce:ef:87:a4:be:6d:48:
71:47:c0:57:a4:83:e9:0b:66:ad:9e:56:0d:f8:93:
ae:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:EC:E8:DA:9B:17:41:D4:E2:A9:D3:A3:45:B9:89:0E:EC:BB:B8:D5
X509v3 Authority Key Identifier:
keyid:E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/jezo2psXQdTiqdOjRbmJDuy7uNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/5VA0mP8YXQxgc1P0P1XpEfYqaAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.116.0/22
31.29.32.0/19
31.172.104.0/21
37.122.136.0/21
45.82.192.0/22
45.131.16.0/22
45.157.100.0/22
45.159.176.0/22
46.22.0.0/20
46.59.128.0/17
77.223.8.0-77.223.31.255
80.245.104.0/22
81.25.160.0/20
84.46.0.0/17
84.242.16.0/20
94.72.128.0/21
94.72.168.0/21
94.72.184.0/21
95.81.0.0/19
95.129.0.0/21
95.163.160.0/20
109.230.96.0/20
134.101.128.0/17
149.224.0.0/16
149.233.128.0/17
149.249.16.0/20
149.249.248.0/22
176.109.192.0/19
185.23.224.0/22
185.29.240.0/22
185.82.16.0/22
185.207.4.0/22
185.215.236.0/22
185.220.216.0/22
185.232.32.0/22
188.136.224.0/19
192.119.48.0/20
192.196.192.0/20
193.178.56.0/22
193.218.16.0/20
195.123.96.0/20
195.250.0.0/20
212.127.32.0/19
212.146.136.0-212.146.159.255
213.21.32.0/20
213.195.24.0/21
213.209.64.0/18
216.83.208.0/20
IPv6:
2a02:2028::/32
2a04:4540::/29
Signature Algorithm: sha256WithRSAEncryption
3e:93:e7:83:44:8f:c6:99:c7:25:0e:7a:77:24:a6:8b:0e:cb:
f2:5c:d6:9d:c8:ef:53:46:ad:a5:1e:35:1e:3c:3d:98:83:10:
80:32:13:f8:28:ac:0a:e2:01:9e:c9:81:3d:b7:86:a3:be:38:
41:52:61:7d:65:e9:76:db:51:56:7a:89:6c:92:09:45:5f:3d:
71:13:26:7c:f5:5a:d8:e8:eb:38:b8:89:79:9d:bc:71:42:08:
a7:0d:20:18:3d:a5:b7:56:f5:20:7a:79:f0:38:ab:c5:66:35:
90:b3:f4:7c:4a:c8:be:eb:a0:ed:f6:9e:31:d8:f2:ca:13:fb:
fe:a0:01:cd:47:0b:b7:d1:54:25:4a:0a:89:b9:7f:31:a6:2f:
82:be:08:47:89:b6:f9:42:76:39:c6:fa:53:25:7c:e0:00:28:
da:7e:25:c5:a5:97:25:13:26:c8:6d:19:3e:b8:fc:ae:30:80:
ba:c4:eb:d4:e7:8d:71:9d:4e:93:f8:43:ce:70:96:eb:43:a2:
05:9b:e2:df:5d:4e:a4:18:4b:72:fe:c7:bd:7a:4b:29:9e:16:
ad:5f:ba:58:f7:8e:66:9b:04:18:e3:27:f6:7a:a2:fc:90:d5:
1f:6b:d7:c8:3a:90:90:c9:62:45:6f:84:7e:a6:06:f9:fb:02:
70:8e:3a:61
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgISAYzEkxNUVP/o62e5IHef8jVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NTAzNDk4ZmYxODVkMGM2MDczNTNmNDNmNTVlOTExZjYy
YTY4MDIwHhcNMjQwMTAxMTAzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGVjZThkYTliMTc0MWQ0ZTJhOWQzYTM0NWI5ODkwZWVjYmJiOGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSDOqeT/jmZ8EyomYB+aKmssvkxu
0tCFIVE4DfL1qWBAVBB7q937v0YNhLXstvP4a+10K9uxGUgXXQ22wldJUNwYw999
3PXiVVrJj90ak/nlfNy6Z+c9GmGuOOYDzowoB4OGcgZwYHjDos4d6Uy2urJD5qE7
y8qmAF5+V5wYdAZeaUqZeSfYW3qgZsKOaCapCRfj5Fdfhsr60BLbigjZEX4meLJY
3aAVawig2DjFUK7tT0ySmpl6eAq6idR0Tsk7C+FNfWjEFgbZAtVwu/sQhjgSevnX
6lrmAmx0FNwTZZ6cv8yduZLXl87vh6S+bUhxR8BXpIPpC2atnlYN+JOuAQIDAQAB
o4IDUjCCA04wHQYDVR0OBBYEFI3s6NqbF0HU4qnTo0W5iQ7su7jVMB8GA1UdIwQY
MBaAFOVQNJj/GF0MYHNT9D9V6RH2KmgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVZBMG1QOFlYUXhnYzFQMFAxWHBFZllxYUFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85N2IwYmMtZjRmOC00ZjkwLTg1NTQt
MWUyNzlmN2I2MDIzLzEvamV6bzJwc1hRZFRpcWRPalJibUpEdXk3dU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85N2IwYmMtZjRmOC00ZjkwLTg1NTQtMWUyNzlmN2I2MDIz
LzEvNVZBMG1QOFlYUXhnYzFQMFAxWHBFZllxYUFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZgYIKwYBBQUHAQcBAf8EggFVMIIBUTCCATcEAgABMIIB
LwMEAgI5dAMEBR8dIAMEAx+saAMEAyV6iAMEAi1SwAMEAi2DEAMEAi2dZAMEAi2f
sAMEBC4WAAMEBy47gDAMAwQDTd8IAwQFTd8AAwQCUPVoAwQEURmgAwQHVC4AAwQE
VPIQAwQDXkiAAwQDXkioAwQDXki4AwQFX1EAAwQDX4EAAwQEX6OgAwQEbeZgAwQH
hmWAAwMAleADBAeV6YADBASV+RADBAKV+fgDBAWwbcADBAK5F+ADBAK5HfADBAK5
UhADBAK5zwQDBAK51+wDBAK53NgDBAK56CADBAW8iOADBATAdzADBATAxMADBALB
sjgDBATB2hADBATDe2ADBATD+gADBAXUfyAwDAMEA9SSiAMEBdSSgAMEBNUVIAME
A9XDGAMEBtXRQAMEBNhT0DAUBAIAAjAOAwUAKgIgKAMFAyoERUAwDQYJKoZIhvcN
AQELBQADggEBAD6T54NEj8aZxyUOenckposOy/Jc1p3I71NGraUeNR48PZiDEIAy
E/gorAriAZ7JgT23hqO+OEFSYX1l6XbbUVZ6iWySCUVfPXETJnz1Wtjo6zi4iXmd
vHFCCKcNIBg9pbdW9SB6efA4q8VmNZCz9HxKyL7roO32njHY8soT+/6gAc1HC7fR
VCVKCom5fzGmL4K+CEeJtvlCdjnG+lMlfOAAKNp+JcWllyUTJshtGT64/K4wgLrE
69TnjXGdTpP4Q85wlutDogWb4t9dTqQYS3L+x716SymeFq1fulj3jmabBBjjJ/Z6
ovyQ1R9r18g6kJDJYkVvhH6mBvn7AnCOOmE=
-----END CERTIFICATE-----
Generated at Wed May 22 10:53:44 2024 by rpki-client on console-ams.rpki-client.org