Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Jj868NtS0c9kji8EHkSVavq5k0Y.roa
File: Jj868NtS0c9kji8EHkSVavq5k0Y.roa (raw, json)
Hash identifier: 8a+NVgspf5Xj23jYjX/7JKMrOBx9YJUUjK+qIH8lARI=
Subject key identifier: 26:3F:3A:F0:DB:52:D1:CF:64:8E:2F:04:1E:44:95:6A:FA:B9:93:46
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018CC801D57C99201D1ECCA2EA209B500C90
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Jj868NtS0c9kji8EHkSVavq5k0Y.roa
Signing time: Tue 02 Jan 2024 02:30:12 +0000
ROA not before: Tue 02 Jan 2024 02:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23959
IP address blocks: 45.66.216.0/22 maxlen: 24
92.60.43.0/24 maxlen: 24
94.124.119.0/24 maxlen: 24
195.245.219.0/24 maxlen: 24
193.111.30.0/23 maxlen: 24
185.184.223.0/24 maxlen: 24
79.143.140.0/22 maxlen: 24
45.130.21.0/24 maxlen: 24
176.119.148.0/22 maxlen: 24
88.214.22.0/24 maxlen: 24
194.36.24.0/24 maxlen: 24
95.214.165.0/24 maxlen: 24
45.143.232.0/24 maxlen: 24
95.214.164.0/24 maxlen: 24
45.143.233.0/24 maxlen: 24
45.143.232.0/22 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
45.66.128.0/22 maxlen: 24
91.200.240.0/24 maxlen: 24
185.194.54.0/24 maxlen: 24
91.200.242.0/24 maxlen: 24
91.200.243.0/24 maxlen: 24
193.32.148.0/22 maxlen: 24
141.98.196.0/24 maxlen: 24
141.98.198.0/24 maxlen: 24
141.98.197.0/24 maxlen: 24
45.159.48.0/22 maxlen: 24
45.14.105.0/24 maxlen: 24
45.14.107.0/24 maxlen: 24
45.142.125.0/24 maxlen: 24
45.142.127.0/24 maxlen: 24
45.142.126.0/24 maxlen: 24
147.78.240.0/21 maxlen: 24
185.200.64.0/24 maxlen: 24
149.62.44.0/24 maxlen: 24
185.200.66.0/24 maxlen: 24
149.62.46.0/24 maxlen: 24
149.62.47.0/24 maxlen: 24
45.149.156.0/22 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
194.104.155.0/24 maxlen: 24
194.104.153.0/24 maxlen: 24
194.104.154.0/24 maxlen: 24
45.14.64.0/22 maxlen: 24
45.14.70.0/24 maxlen: 24
194.169.54.0/24 maxlen: 24
2a09:7::/36 maxlen: 48
2a0d:c7c1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 11:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:d5:7c:99:20:1d:1e:cc:a2:ea:20:9b:50:0c:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 2 02:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=263f3af0db52d1cf648e2f041e44956afab99346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:81:2f:06:c2:19:a5:5f:af:e3:62:42:41:82:
89:66:50:e5:ca:b4:f9:f4:cd:56:08:15:6a:93:d3:
28:9d:68:8f:2e:c3:ee:b6:e5:a0:08:d0:75:ff:6a:
ed:e6:5e:40:ae:56:91:c1:43:cb:c3:46:50:a4:33:
5f:14:13:be:34:58:4a:54:a7:24:b0:f0:ed:fe:0f:
df:74:31:e4:d3:04:f1:83:b5:76:4d:2e:51:38:96:
d2:9b:94:9e:df:d6:de:37:48:ef:d6:27:a0:87:97:
2b:77:48:14:6d:bd:b6:6f:25:a3:5d:20:d6:82:6e:
38:f3:fc:34:ae:dd:88:51:99:b0:ec:be:61:f4:b6:
01:67:36:df:7a:ea:25:66:01:a9:31:22:89:01:9c:
1c:64:68:2b:c0:4b:64:7f:cb:63:e7:ce:22:a0:e7:
b5:00:7d:ec:54:61:48:32:32:64:42:00:26:bc:4a:
64:19:51:90:4f:70:9d:06:6f:28:c7:a8:d7:b2:d2:
1a:59:25:ab:7f:c6:ab:77:31:34:28:53:08:9a:ad:
07:0e:56:67:6e:77:5c:32:4f:fc:58:0f:93:1f:9c:
36:57:66:78:0c:55:9a:8a:b8:01:84:0c:8d:92:3d:
34:41:2d:98:99:3a:59:75:de:bc:0e:f4:5d:77:18:
1a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:3F:3A:F0:DB:52:D1:CF:64:8E:2F:04:1E:44:95:6A:FA:B9:93:46
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Jj868NtS0c9kji8EHkSVavq5k0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.64.0/22
45.14.70.0/24
45.14.105.0/24
45.14.107.0/24
45.66.128.0/22
45.66.216.0/22
45.130.21.0/24
45.142.125.0-45.142.127.255
45.143.232.0/22
45.149.156.0/22
45.159.48.0/22
79.143.140.0/22
88.214.22.0/24
91.200.240.0/24
91.200.242.0/23
92.60.43.0/24
94.124.119.0/24
95.214.164.0/23
141.98.196.0-141.98.198.255
147.78.240.0/21
149.62.44.0/24
149.62.46.0/23
176.119.148.0/22
185.184.223.0/24
185.194.54.0/24
185.200.64.0/24
185.200.66.0/24
193.32.148.0/22
193.111.30.0/23
194.36.24.0/24
194.104.153.0-194.104.155.255
194.169.54.0/24
195.245.219.0/24
195.245.241.0-195.245.242.255
IPv6:
2a09:7::/36
2a0d:c7c1::/32
Signature Algorithm: sha256WithRSAEncryption
04:81:52:62:f9:94:32:0a:ad:a2:10:9e:bc:33:ee:76:c1:92:
fa:2b:e0:b1:9f:0d:94:d3:ac:33:ad:d1:ea:3c:af:49:fc:01:
a1:ac:38:6a:4c:52:32:22:64:c8:2c:ef:fc:1d:cc:98:f5:83:
be:07:2a:36:d9:7b:6f:30:e2:13:e8:64:14:9c:d6:06:59:54:
67:7b:72:55:b0:46:e8:a6:74:13:95:ae:bd:a9:e5:99:24:45:
80:7f:35:7f:5d:35:e7:57:9d:bc:ab:dc:18:15:ef:4c:55:62:
14:49:2a:26:f7:81:15:88:17:ee:5c:31:d8:35:31:34:64:b5:
cd:44:1b:f3:8c:09:33:5b:a8:93:15:da:eb:b5:d8:52:67:a3:
e9:23:75:51:77:2d:23:00:86:ba:ad:a3:7a:1d:21:66:33:14:
2c:51:02:e9:b2:e1:dc:46:d3:33:20:e5:94:88:42:59:98:a1:
2b:01:82:4e:27:ea:14:8a:2b:d3:8c:2d:e4:74:f1:71:cb:50:
42:db:a6:43:55:ed:2b:1f:ec:81:43:0d:5b:f6:83:14:07:65:
86:76:68:a6:94:89:7f:47:2d:10:9a:9f:cc:24:ea:7e:a7:bd:
2a:e7:a3:42:1e:55:45:e7:fc:80:54:e4:ab:b6:a9:a1:a5:f4:
d9:90:f9:06
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgISAYzIAdV8mSAdHsyi6iCbUAyQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTAyMDIzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjNmM2FmMGRiNTJkMWNmNjQ4ZTJmMDQxZTQ0OTU2YWZhYjk5MzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYEvBsIZpV+v42JCQYKJZlDlyrT5
9M1WCBVqk9MonWiPLsPutuWgCNB1/2rt5l5ArlaRwUPLw0ZQpDNfFBO+NFhKVKck
sPDt/g/fdDHk0wTxg7V2TS5ROJbSm5Se39beN0jv1iegh5crd0gUbb22byWjXSDW
gm448/w0rt2IUZmw7L5h9LYBZzbfeuolZgGpMSKJAZwcZGgrwEtkf8tj584ioOe1
AH3sVGFIMjJkQgAmvEpkGVGQT3CdBm8ox6jXstIaWSWrf8ardzE0KFMImq0HDlZn
bndcMk/8WA+TH5w2V2Z4DFWairgBhAyNkj00QS2YmTpZdd68DvRddxgaewIDAQAB
o4IDDjCCAwowHQYDVR0OBBYEFCY/OvDbUtHPZI4vBB5ElWr6uZNGMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvSmo4NjhOdFMwYzlramk4RUhrU1ZhdnE1azBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIgYIKwYBBQUHAQcBAf8EggERMIIBDTCB8wQCAAEwgewD
BAItDkADBAAtDkYDBAAtDmkDBAAtDmsDBAItQoADBAItQtgDBAAtghUwDAMEAC2O
fQMEBy2OAAMEAi2P6AMEAi2VnAMEAi2fMAMEAk+PjAMEAFjWFgMEAFvI8AMEAVvI
8gMEAFw8KwMEAF58dwMEAV/WpDAMAwQCjWLEAwQAjWLGAwQDk07wAwQAlT4sAwQB
lT4uAwQCsHeUAwQAubjfAwQAucI2AwQAuchAAwQAuchCAwQCwSCUAwQBwW8eAwQA
wiQYMAwDBADCaJkDBALCaJgDBADCqTYDBADD9dswDAMEAMP18QMEAMP18jAVBAIA
AjAPAwYEKgkABwADBQAqDcfBMA0GCSqGSIb3DQEBCwUAA4IBAQAEgVJi+ZQyCq2i
EJ68M+52wZL6K+Cxnw2U06wzrdHqPK9J/AGhrDhqTFIyImTILO/8HcyY9YO+Byo2
2XtvMOIT6GQUnNYGWVRne3JVsEbopnQTla69qeWZJEWAfzV/XTXnV528q9wYFe9M
VWIUSSom94EViBfuXDHYNTE0ZLXNRBvzjAkzW6iTFdrrtdhSZ6PpI3VRdy0jAIa6
raN6HSFmMxQsUQLpsuHcRtMzIOWUiEJZmKErAYJOJ+oUiivTjC3kdPFxy1BC26ZD
Ve0rH+yBQw1b9oMUB2WGdmimlIl/Ry0Qmp/MJOp+p70q56NCHlVF5/yAVOSrtqmh
pfTZkPkG
-----END CERTIFICATE-----
Generated at Mon May 27 16:23:07 2024 by rpki-client on console-ams.rpki-client.org