Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/tQllPLqKORmMjXOWWosnoGvRp_8.roa
File: tQllPLqKORmMjXOWWosnoGvRp_8.roa (raw, json)
Hash identifier: /jUpJqw+lrMpVPgPqETCwHyaBJ97Y/H8siMwQdRoWqQ=
Subject key identifier: B5:09:65:3C:BA:8A:39:19:8C:8D:73:96:5A:8B:27:A0:6B:D1:A7:FF
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0192BD528DF4EF102C5ACA0E8CE081B82C05
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/tQllPLqKORmMjXOWWosnoGvRp_8.roa
Signing time: Thu 24 Oct 2024 06:59:17 +0000
ROA not before: Thu 24 Oct 2024 06:59:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23959
IP address blocks: 45.14.64.0/22 maxlen: 24
45.14.70.0/24 maxlen: 24
45.14.105.0/24 maxlen: 24
45.14.107.0/24 maxlen: 24
45.66.128.0/22 maxlen: 24
45.66.216.0/22 maxlen: 24
45.82.76.0/22 maxlen: 32
45.130.21.0/24 maxlen: 24
45.142.125.0/24 maxlen: 24
45.142.126.0/24 maxlen: 24
45.142.127.0/24 maxlen: 24
45.143.232.0/22 maxlen: 24
45.143.232.0/24 maxlen: 24
45.143.233.0/24 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
45.149.156.0/22 maxlen: 24
45.159.48.0/22 maxlen: 24
79.143.140.0/22 maxlen: 24
88.214.22.0/24 maxlen: 24
91.200.240.0/24 maxlen: 24
91.200.242.0/24 maxlen: 24
91.200.243.0/24 maxlen: 24
92.60.43.0/24 maxlen: 24
94.124.119.0/24 maxlen: 24
95.214.164.0/24 maxlen: 24
95.214.165.0/24 maxlen: 24
141.98.196.0/24 maxlen: 24
141.98.197.0/24 maxlen: 24
141.98.198.0/24 maxlen: 24
147.78.240.0/21 maxlen: 24
149.62.44.0/24 maxlen: 24
149.62.45.0/24 maxlen: 24
149.62.46.0/24 maxlen: 24
149.62.47.0/24 maxlen: 24
176.119.148.0/22 maxlen: 24
185.194.54.0/24 maxlen: 24
185.200.64.0/24 maxlen: 24
185.200.66.0/24 maxlen: 24
193.32.148.0/22 maxlen: 24
193.111.30.0/23 maxlen: 24
194.36.24.0/24 maxlen: 24
194.104.153.0/24 maxlen: 24
194.104.154.0/24 maxlen: 24
194.104.155.0/24 maxlen: 24
194.114.136.0/24 maxlen: 24
194.169.54.0/24 maxlen: 24
195.245.219.0/24 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
2a09:7::/36 maxlen: 48
2a0d:c7c1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bd:52:8d:f4:ef:10:2c:5a:ca:0e:8c:e0:81:b8:2c:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Oct 24 06:59:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b509653cba8a39198c8d73965a8b27a06bd1a7ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:37:e3:8f:95:49:c4:a5:c5:2c:8b:77:3f:d9:
bd:cf:d1:b4:73:f5:fb:79:0a:cb:f0:51:d9:53:b9:
84:2c:32:88:74:1e:7f:88:1f:81:9d:9e:9e:ac:0d:
e6:10:c1:86:8c:40:9a:99:6e:1b:eb:83:3a:89:d8:
5d:c3:f6:17:48:41:94:60:2f:4b:59:46:38:bc:ab:
d1:d3:05:55:0f:17:50:97:62:9d:d1:5a:bf:ea:a5:
65:ec:0f:aa:87:6e:bf:48:05:76:a4:db:d1:dc:b9:
17:fa:3c:c8:c1:ef:71:28:07:c4:51:a9:07:5e:bd:
84:9e:01:41:07:8d:72:53:d3:d3:04:5f:a7:7a:9f:
1f:f8:7a:0c:24:f9:26:ae:68:18:0d:53:e4:ee:39:
ae:f2:f4:4e:74:fc:9b:6a:68:0d:d4:a7:cf:3d:e0:
d1:f9:8c:4c:f1:3f:69:0d:23:08:c3:a7:69:d6:fa:
2a:69:3d:c8:29:c7:f3:05:2c:44:45:e0:20:e5:91:
d5:5c:79:af:80:a0:5c:f0:b7:d3:e0:ea:a2:8c:86:
1f:48:0a:0a:26:71:41:1a:0c:5e:63:74:4e:06:c2:
c6:22:42:19:53:a6:76:ae:be:3f:8b:23:4a:3e:8f:
21:48:38:28:f6:2b:49:22:49:d2:38:d4:78:e1:5f:
49:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:09:65:3C:BA:8A:39:19:8C:8D:73:96:5A:8B:27:A0:6B:D1:A7:FF
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/tQllPLqKORmMjXOWWosnoGvRp_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.64.0/22
45.14.70.0/24
45.14.105.0/24
45.14.107.0/24
45.66.128.0/22
45.66.216.0/22
45.82.76.0/22
45.130.21.0/24
45.142.125.0-45.142.127.255
45.143.232.0/22
45.149.156.0/22
45.159.48.0/22
79.143.140.0/22
88.214.22.0/24
91.200.240.0/24
91.200.242.0/23
92.60.43.0/24
94.124.119.0/24
95.214.164.0/23
141.98.196.0-141.98.198.255
147.78.240.0/21
149.62.44.0/22
176.119.148.0/22
185.194.54.0/24
185.200.64.0/24
185.200.66.0/24
193.32.148.0/22
193.111.30.0/23
194.36.24.0/24
194.104.153.0-194.104.155.255
194.114.136.0/24
194.169.54.0/24
195.245.219.0/24
195.245.241.0-195.245.242.255
IPv6:
2a09:7::/36
2a0d:c7c1::/32
Signature Algorithm: sha256WithRSAEncryption
84:5c:dd:cc:4f:d5:47:53:6b:fa:89:94:ef:d1:10:21:22:c8:
ac:84:ef:8e:1f:5a:30:3d:cf:0f:24:d7:b5:2c:d4:13:53:88:
1b:fe:c1:80:da:a0:44:f3:0a:d9:0b:54:5e:23:78:6c:c9:5b:
7c:7c:f6:92:1e:fe:02:19:e7:b7:d6:00:55:d3:e7:d5:ce:74:
9d:5e:a8:3a:09:54:b1:d6:3d:d5:41:b5:3f:bc:d7:72:5d:eb:
5e:4f:bc:c9:bc:22:8a:7a:9f:94:6d:c0:12:eb:43:6a:4a:36:
64:2c:2c:6f:b5:ed:d0:4a:63:1e:02:b9:1d:79:d4:6f:af:c8:
ac:1c:0b:0a:66:51:bf:af:23:95:a1:49:a7:b9:c5:c3:5a:3a:
82:13:c0:af:c6:b0:a8:cd:48:96:43:dd:34:93:1d:84:5d:bc:
46:9d:25:5f:5a:16:62:75:43:06:e4:2a:1e:29:59:7c:24:4d:
62:5b:ee:69:54:39:c5:90:34:fc:7f:93:c5:08:8f:e9:d6:eb:
87:aa:f9:fb:9d:08:24:a4:88:dc:1a:cd:2f:38:b1:51:5a:5b:
9d:26:7a:01:a2:f1:79:57:ff:75:4c:46:c8:ad:3e:6c:55:af:
95:7a:74:22:52:49:5d:6c:11:80:95:f9:08:65:0a:b6:88:6c:
a1:f1:fc:85
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgISAZK9Uo307xAsWsoOjOCBuCwFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQxMDI0MDY1OTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTA5NjUzY2JhOGEzOTE5OGM4ZDczOTY1YThiMjdhMDZiZDFhN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTfjj5VJxKXFLIt3P9m9z9G0c/X7
eQrL8FHZU7mELDKIdB5/iB+BnZ6erA3mEMGGjECamW4b64M6idhdw/YXSEGUYC9L
WUY4vKvR0wVVDxdQl2Kd0Vq/6qVl7A+qh26/SAV2pNvR3LkX+jzIwe9xKAfEUakH
Xr2EngFBB41yU9PTBF+nep8f+HoMJPkmrmgYDVPk7jmu8vROdPybamgN1KfPPeDR
+YxM8T9pDSMIw6dp1voqaT3IKcfzBSxEReAg5ZHVXHmvgKBc8LfT4OqijIYfSAoK
JnFBGgxeY3ROBsLGIkIZU6Z2rr4/iyNKPo8hSDgo9itJIknSONR44V9JWQIDAQAB
o4IDDjCCAwowHQYDVR0OBBYEFLUJZTy6ijkZjI1zllqLJ6Br0af/MB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvdFFsbFBMcUtPUm1NalhPV1dvc25vR3ZScF84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIgYIKwYBBQUHAQcBAf8EggERMIIBDTCB8wQCAAEwgewD
BAItDkADBAAtDkYDBAAtDmkDBAAtDmsDBAItQoADBAItQtgDBAItUkwDBAAtghUw
DAMEAC2OfQMEBy2OAAMEAi2P6AMEAi2VnAMEAi2fMAMEAk+PjAMEAFjWFgMEAFvI
8AMEAVvI8gMEAFw8KwMEAF58dwMEAV/WpDAMAwQCjWLEAwQAjWLGAwQDk07wAwQC
lT4sAwQCsHeUAwQAucI2AwQAuchAAwQAuchCAwQCwSCUAwQBwW8eAwQAwiQYMAwD
BADCaJkDBALCaJgDBADCcogDBADCqTYDBADD9dswDAMEAMP18QMEAMP18jAVBAIA
AjAPAwYEKgkABwADBQAqDcfBMA0GCSqGSIb3DQEBCwUAA4IBAQCEXN3MT9VHU2v6
iZTv0RAhIsishO+OH1owPc8PJNe1LNQTU4gb/sGA2qBE8wrZC1ReI3hsyVt8fPaS
Hv4CGee31gBV0+fVznSdXqg6CVSx1j3VQbU/vNdyXeteT7zJvCKKep+UbcAS60Nq
SjZkLCxvte3QSmMeArkdedRvr8isHAsKZlG/ryOVoUmnucXDWjqCE8CvxrCozUiW
Q900kx2EXbxGnSVfWhZidUMG5CoeKVl8JE1iW+5pVDnFkDT8f5PFCI/p1uuHqvn7
nQgkpIjcGs0vOLFRWludJnoBovF5V/91TEbIrT5sVa+VenQiUkldbBGAlfkIZQq2
iGyh8fyF
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:29:03 2024 by rpki-client on console-fra.rpki-client.org