Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/PsJCC-2q1jNOpmEHhiZii3JPV6w.roa
File: PsJCC-2q1jNOpmEHhiZii3JPV6w.roa (raw, json)
Hash identifier: 00ckeFN5qqKzOeVrhxjqdT6WSXVy2xotlwcrjM4YSgU=
Subject key identifier: 3E:C2:42:0B:ED:AA:D6:33:4E:A6:61:07:86:26:62:8B:72:4F:57:AC
Certificate issuer: /CN=75790c7ecf24d28be2e13fe069118cee27d58002
Certificate serial: 0190DACB5C22F53FDD7896D42727B1DC62B1
Authority key identifier: 75:79:0C:7E:CF:24:D2:8B:E2:E1:3F:E0:69:11:8C:EE:27:D5:80:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXkMfs8k0ovi4T_gaRGM7ifVgAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/PsJCC-2q1jNOpmEHhiZii3JPV6w.roa
Signing time: Mon 22 Jul 2024 14:14:38 +0000
ROA not before: Mon 22 Jul 2024 14:14:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12302
IP address blocks: 31.5.0.0/16 maxlen: 16
31.5.0.0/17 maxlen: 17
31.5.128.0/17 maxlen: 17
31.14.35.0/24 maxlen: 24
62.121.64.0/18 maxlen: 19
77.81.16.0/20 maxlen: 21
78.96.0.0/15 maxlen: 16
78.96.80.0/22 maxlen: 22
81.89.0.0/20 maxlen: 21
82.208.128.0/18 maxlen: 19
82.210.128.0/18 maxlen: 19
83.103.128.0/17 maxlen: 18
84.117.0.0/16 maxlen: 16
84.117.0.0/17 maxlen: 17
84.117.128.0/17 maxlen: 17
85.186.0.0/16 maxlen: 17
85.204.0.0/20 maxlen: 21
85.204.0.0/21 maxlen: 21
85.204.184.0/21 maxlen: 22
85.204.188.0/22 maxlen: 22
86.104.136.0/21 maxlen: 22
86.105.64.0/20 maxlen: 21
86.106.32.0/19 maxlen: 20
86.106.48.0/20 maxlen: 20
89.33.72.0/21 maxlen: 22
89.38.72.0/22 maxlen: 23
89.42.248.0/21 maxlen: 22
89.42.252.0/22 maxlen: 22
89.44.78.0/23 maxlen: 23
89.44.78.0/24 maxlen: 24
89.136.0.0/15 maxlen: 16
93.113.32.0/23 maxlen: 23
93.113.241.0/24 maxlen: 24
93.113.242.0/23 maxlen: 23
93.117.66.0/23 maxlen: 23
93.117.138.0/23 maxlen: 23
93.117.154.0/23 maxlen: 23
93.118.46.0/23 maxlen: 23
93.119.126.0/23 maxlen: 23
93.119.137.0/24 maxlen: 24
93.119.138.0/23 maxlen: 23
93.119.224.0/23 maxlen: 23
93.119.226.0/24 maxlen: 24
95.76.0.0/15 maxlen: 16
95.76.16.0/22 maxlen: 22
185.63.136.0/22 maxlen: 23
188.208.117.0/24 maxlen: 24
188.208.118.0/23 maxlen: 23
188.214.153.0/24 maxlen: 24
188.214.195.0/24 maxlen: 24
188.214.196.0/23 maxlen: 23
188.240.64.0/22 maxlen: 22
188.240.64.0/23 maxlen: 23
188.240.66.0/23 maxlen: 23
193.178.165.0/24 maxlen: 24
194.102.99.0/24 maxlen: 24
194.102.146.0/24 maxlen: 24
194.102.248.0/21 maxlen: 22
194.105.17.0/24 maxlen: 24
194.105.24.0/22 maxlen: 22
194.105.28.0/22 maxlen: 23
195.234.172.0/24 maxlen: 24
213.164.224.0/19 maxlen: 20
2a04:2400::/27 maxlen: 27
2a04:2400::/28 maxlen: 28
2a04:2410::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/dXkMfs8k0ovi4T_gaRGM7ifVgAI.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/dXkMfs8k0ovi4T_gaRGM7ifVgAI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dXkMfs8k0ovi4T_gaRGM7ifVgAI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:da:cb:5c:22:f5:3f:dd:78:96:d4:27:27:b1:dc:62:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75790c7ecf24d28be2e13fe069118cee27d58002
Validity
Not Before: Jul 22 14:14:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ec2420bedaad6334ea661078626628b724f57ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2e:bf:02:f4:99:14:b2:c0:83:52:cb:ae:d0:
28:9b:57:a6:2b:72:c0:d0:56:e0:af:e9:04:eb:20:
9a:9a:33:1f:45:1a:cc:e3:8c:54:c0:97:f3:ee:29:
22:26:12:1e:2d:8b:db:9e:f4:a4:d1:81:9a:dc:c5:
cc:a3:9f:0c:37:bf:1b:0e:5a:2d:59:d0:14:8c:b0:
8b:90:a8:b1:49:46:a2:28:57:69:ec:20:20:be:fc:
20:f1:56:87:43:79:4f:e4:12:e9:7c:a5:3d:6b:ee:
81:8b:b2:3b:b2:69:34:0c:d3:8f:62:64:d9:79:74:
1d:5d:ee:90:11:e1:39:11:e3:e3:f1:fc:74:84:7d:
91:c5:07:2c:51:67:f2:17:7d:f8:93:82:49:0b:29:
0d:c8:ec:a0:ab:57:21:8b:63:81:26:9d:3c:20:7b:
b3:cc:9f:45:9b:cb:80:79:8b:ef:01:d0:72:b4:9b:
a1:d4:ec:7c:52:4c:6f:9d:06:7e:27:72:9b:03:fb:
1a:74:78:a5:c3:a3:21:bc:84:0f:f0:e3:ac:fa:3c:
28:c5:b2:e1:bd:b4:c7:f2:da:6d:9e:0f:99:bb:b1:
3c:d8:b1:0a:6d:cb:22:91:02:ee:5e:d6:bc:92:24:
4f:4c:a9:87:5f:1d:46:06:dc:f0:43:d8:6c:78:a2:
f4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:C2:42:0B:ED:AA:D6:33:4E:A6:61:07:86:26:62:8B:72:4F:57:AC
X509v3 Authority Key Identifier:
keyid:75:79:0C:7E:CF:24:D2:8B:E2:E1:3F:E0:69:11:8C:EE:27:D5:80:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXkMfs8k0ovi4T_gaRGM7ifVgAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/PsJCC-2q1jNOpmEHhiZii3JPV6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/dXkMfs8k0ovi4T_gaRGM7ifVgAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.5.0.0/16
31.14.35.0/24
62.121.64.0/18
77.81.16.0/20
78.96.0.0/15
81.89.0.0/20
82.208.128.0/18
82.210.128.0/18
83.103.128.0/17
84.117.0.0/16
85.186.0.0/16
85.204.0.0/20
85.204.184.0/21
86.104.136.0/21
86.105.64.0/20
86.106.32.0/19
89.33.72.0/21
89.38.72.0/22
89.42.248.0/21
89.44.78.0/23
89.136.0.0/15
93.113.32.0/23
93.113.241.0-93.113.243.255
93.117.66.0/23
93.117.138.0/23
93.117.154.0/23
93.118.46.0/23
93.119.126.0/23
93.119.137.0-93.119.139.255
93.119.224.0-93.119.226.255
95.76.0.0/15
185.63.136.0/22
188.208.117.0-188.208.119.255
188.214.153.0/24
188.214.195.0-188.214.197.255
188.240.64.0/22
193.178.165.0/24
194.102.99.0/24
194.102.146.0/24
194.102.248.0/21
194.105.17.0/24
194.105.24.0/21
195.234.172.0/24
213.164.224.0/19
IPv6:
2a04:2400::/27
Signature Algorithm: sha256WithRSAEncryption
84:94:46:44:d8:dc:6b:d9:60:0e:9c:fb:15:84:20:f4:70:73:
15:5d:9b:e4:64:05:44:c5:ac:88:a3:f7:7c:4a:b4:19:44:94:
ea:87:de:6b:fe:63:18:3b:2b:55:e2:51:73:03:58:5f:5a:09:
06:ec:b0:e2:da:dc:8c:25:39:c3:d9:cb:3a:4e:1a:2f:57:bc:
9f:82:ce:99:d2:a8:16:7e:47:56:b1:6f:af:bf:bd:a3:7e:9e:
d6:5b:1b:cf:2b:96:51:4a:9d:8c:20:fa:03:10:10:4d:5f:fa:
c9:22:17:08:2e:b4:e1:a1:87:71:08:be:fe:11:7c:e0:08:18:
79:43:b0:61:72:65:fe:04:e8:26:de:2a:fe:fe:fa:43:a5:3e:
c5:76:b9:e8:5b:0e:77:5d:d0:65:68:46:2f:ac:0d:01:b0:bb:
5f:b8:bc:13:70:b2:74:49:c2:28:d4:0a:5e:1f:99:25:c3:8e:
79:77:a8:13:e4:dc:d0:58:42:65:72:0e:8f:c5:85:b7:f1:82:
94:69:20:8d:16:7a:05:7e:b7:54:c8:99:30:86:5e:db:22:4c:
fd:76:99:c1:2f:54:7d:92:84:f1:8f:76:05:92:a6:5f:94:48:
76:65:89:20:04:89:ac:7f:9b:56:f4:d4:4c:31:0e:bc:dc:17:
75:c1:ca:c1
-----BEGIN CERTIFICATE-----
MIIGOjCCBSKgAwIBAgISAZDay1wi9T/deJbUJyex3GKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzkwYzdlY2YyNGQyOGJlMmUxM2ZlMDY5MTE4Y2VlMjdk
NTgwMDIwHhcNMjQwNzIyMTQxNDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWMyNDIwYmVkYWFkNjMzNGVhNjYxMDc4NjI2NjI4YjcyNGY1N2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApC6/AvSZFLLAg1LLrtAom1emK3LA
0Fbgr+kE6yCamjMfRRrM44xUwJfz7ikiJhIeLYvbnvSk0YGa3MXMo58MN78bDlot
WdAUjLCLkKixSUaiKFdp7CAgvvwg8VaHQ3lP5BLpfKU9a+6Bi7I7smk0DNOPYmTZ
eXQdXe6QEeE5EePj8fx0hH2RxQcsUWfyF334k4JJCykNyOygq1chi2OBJp08IHuz
zJ9Fm8uAeYvvAdBytJuh1Ox8UkxvnQZ+J3KbA/sadHilw6MhvIQP8OOs+jwoxbLh
vbTH8tptng+Zu7E82LEKbcsikQLuXta8kiRPTKmHXx1GBtzwQ9hseKL0LwIDAQAB
o4IDRjCCA0IwHQYDVR0OBBYEFD7CQgvtqtYzTqZhB4YmYotyT1esMB8GA1UdIwQY
MBaAFHV5DH7PJNKL4uE/4GkRjO4n1YACMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhrTWZzOGswb3ZpNFRfZ2FSR003aWZWZ0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi80OTZkNTYtODZmZi00OGJlLWJkZTMt
MjcxZmRlMmRjNjU1LzEvUHNKQ0MtMnExak5PcG1FSGhpWmlpM0pQVjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi80OTZkNTYtODZmZi00OGJlLWJkZTMtMjcxZmRlMmRjNjU1
LzEvZFhrTWZzOGswb3ZpNFRfZ2FSR003aWZWZ0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWgYIKwYBBQUHAQcBAf8EggFJMIIBRTCCATIEAgABMIIB
KgMDAB8FAwQAHw4jAwQGPnlAAwQETVEQAwMBTmADBARRWQADBAZS0IADBAZS0oAD
BAdTZ4ADAwBUdQMDAFW6AwQEVcwAAwQDVcy4AwQDVmiIAwQEVmlAAwQFVmogAwQD
WSFIAwQCWSZIAwQDWSr4AwQBWSxOAwMBWYgDBAFdcSAwDAMEAF1x8QMEAl1x8AME
AV11QgMEAV11igMEAV11mgMEAV12LgMEAV13fjAMAwQAXXeJAwQCXXeIMAwDBAVd
d+ADBABdd+IDAwFfTAMEArk/iDAMAwQAvNB1AwQDvNBwAwQAvNaZMAwDBAC81sMD
BAG81sQDBAK88EADBADBsqUDBADCZmMDBADCZpIDBAPCZvgDBADCaREDBAPCaRgD
BADD6qwDBAXVpOAwDQQCAAIwBwMFBSoEJAAwDQYJKoZIhvcNAQELBQADggEBAISU
RkTY3GvZYA6c+xWEIPRwcxVdm+RkBUTFrIij93xKtBlElOqH3mv+Yxg7K1XiUXMD
WF9aCQbssOLa3IwlOcPZyzpOGi9XvJ+CzpnSqBZ+R1axb6+/vaN+ntZbG88rllFK
nYwg+gMQEE1f+skiFwgutOGhh3EIvv4RfOAIGHlDsGFyZf4E6CbeKv7++kOlPsV2
uehbDndd0GVoRi+sDQGwu1+4vBNwsnRJwijUCl4fmSXDjnl3qBPk3NBYQmVyDo/F
hbfxgpRpII0WegV+t1TImTCGXtsiTP12mcEvVH2ShPGPdgWSpl+USHZliSAEiax/
m1b01EwxDrzcF3XBysE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:09:22 2024 by rpki-client on console-ams.rpki-client.org