Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/m21UJ5TcR8SSRsgV3UXlQHQZ4eo.roa
File: m21UJ5TcR8SSRsgV3UXlQHQZ4eo.roa (raw, json)
Hash identifier: iwrjWiIHYOOpfPj1i/12XHLaKPt7c0IBsxWRXkAewa4=
Subject key identifier: 9B:6D:54:27:94:DC:47:C4:92:46:C8:15:DD:45:E5:40:74:19:E1:EA
Certificate issuer: /CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Certificate serial: 018CCA96D18CF3358D7395A1EC9E85928ED0
Authority key identifier: 2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/m21UJ5TcR8SSRsgV3UXlQHQZ4eo.roa
Signing time: Tue 02 Jan 2024 14:32:10 +0000
ROA not before: Tue 02 Jan 2024 14:32:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199242
IP address blocks: 146.19.199.0/24 maxlen: 24
193.162.135.0/24 maxlen: 24
193.162.133.0/24 maxlen: 24
212.52.14.0/24 maxlen: 24
212.52.28.0/24 maxlen: 24
194.26.231.0/24 maxlen: 24
194.26.230.0/24 maxlen: 24
185.234.12.0/24 maxlen: 24
146.19.203.0/24 maxlen: 24
194.9.180.0/24 maxlen: 24
146.19.208.0/24 maxlen: 24
62.3.11.0/24 maxlen: 24
194.99.158.0/24 maxlen: 24
62.106.90.0/24 maxlen: 24
188.244.119.0/24 maxlen: 24
91.246.50.0/24 maxlen: 24
91.241.55.0/24 maxlen: 24
176.126.101.0/24 maxlen: 24
37.72.142.0/24 maxlen: 24
176.97.219.0/24 maxlen: 24
176.97.217.0/24 maxlen: 24
193.9.51.0/24 maxlen: 24
146.19.74.0/24 maxlen: 24
193.162.132.0/24 maxlen: 24
80.71.144.0/24 maxlen: 24
80.71.145.0/24 maxlen: 24
62.233.61.0/24 maxlen: 24
146.19.4.0/24 maxlen: 24
195.96.131.0/24 maxlen: 24
195.96.130.0/24 maxlen: 24
195.96.145.0/24 maxlen: 24
31.222.228.0/24 maxlen: 24
31.222.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:96:d1:8c:f3:35:8d:73:95:a1:ec:9e:85:92:8e:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Validity
Not Before: Jan 2 14:32:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b6d542794dc47c49246c815dd45e5407419e1ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b7:9f:8c:45:04:5d:98:40:52:3c:c7:1a:a9:
9a:87:5a:39:d4:1c:be:db:d8:f4:2c:55:16:9d:fc:
1b:b2:24:8b:4b:ab:10:07:61:2d:f8:9b:1e:45:d3:
12:7a:b6:2c:56:a5:24:34:fd:da:7d:4e:02:4d:70:
90:f9:75:e7:12:39:de:ed:64:bf:aa:da:ba:7a:75:
72:c1:05:9e:63:02:e5:51:d1:1c:06:6c:d1:ba:96:
f7:32:55:94:0a:ec:49:5a:1c:b5:96:c2:5b:3f:ff:
b4:56:a8:7f:cb:5d:86:09:6e:05:b0:15:7d:10:82:
8e:a0:54:d7:32:1f:21:a4:c8:a7:bb:be:e5:21:1f:
fb:dc:e5:22:89:95:11:38:3f:72:b3:58:42:0b:e7:
16:68:93:dc:ee:d4:6f:6b:1a:cd:ab:83:56:71:f9:
a0:f2:db:a6:f6:7d:5b:32:07:7a:8c:ff:82:18:78:
d0:d4:43:47:85:29:43:60:12:23:bf:68:54:ab:aa:
ce:2f:bf:3d:98:88:38:6e:b5:4e:5c:a6:4f:74:3e:
d6:e8:05:e4:21:29:94:84:6b:8b:52:71:78:fb:86:
c4:07:7f:1f:3f:68:c4:52:f0:99:ca:91:ac:99:5f:
4a:d1:bc:77:fe:92:17:27:38:d1:f2:f7:89:30:99:
38:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:6D:54:27:94:DC:47:C4:92:46:C8:15:DD:45:E5:40:74:19:E1:EA
X509v3 Authority Key Identifier:
keyid:2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/m21UJ5TcR8SSRsgV3UXlQHQZ4eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.228.0/24
31.222.234.0/24
37.72.142.0/24
62.3.11.0/24
62.106.90.0/24
62.233.61.0/24
80.71.144.0/23
91.241.55.0/24
91.246.50.0/24
146.19.4.0/24
146.19.74.0/24
146.19.199.0/24
146.19.203.0/24
146.19.208.0/24
176.97.217.0/24
176.97.219.0/24
176.126.101.0/24
185.234.12.0/24
188.244.119.0/24
193.9.51.0/24
193.162.132.0/23
193.162.135.0/24
194.9.180.0/24
194.26.230.0/23
194.99.158.0/24
195.96.130.0/23
195.96.145.0/24
212.52.14.0/24
212.52.28.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:77:3f:6f:20:0c:ef:22:58:26:2e:32:ca:ca:ee:ef:5d:5c:
a6:03:cf:bb:73:fd:05:29:5a:34:f6:03:36:29:24:32:b8:08:
53:9f:ce:3a:65:91:fc:e9:5b:2a:d9:17:82:85:9b:48:fd:a1:
20:55:93:0a:45:2c:6e:98:d3:bf:c9:a1:c9:d5:22:a9:2c:2c:
77:b8:f9:08:c2:7b:fd:fa:40:f8:9a:81:65:20:a2:7f:ae:83:
cc:bb:96:63:46:1d:aa:17:b8:5f:4d:81:af:30:ba:1a:13:d6:
74:1e:29:98:4a:f2:37:9a:03:07:4e:7e:92:b2:ff:ef:aa:23:
ad:96:5b:e4:42:11:77:30:3e:3f:f6:fd:e5:6f:ec:7c:f0:b2:
d1:1d:f1:b7:5b:b1:7b:e3:e8:e2:94:be:61:36:23:1f:b7:e1:
0e:f0:12:14:ff:c2:7d:e5:86:7c:14:e3:72:4b:d6:08:7e:28:
5e:81:de:7a:7d:40:e8:4b:64:48:4a:50:b0:7a:39:e0:4a:97:
46:76:1e:0c:59:9c:c8:ce:c3:3e:5b:af:b1:5c:3c:e4:d6:4a:
cb:7c:e1:59:47:97:7a:0f:b1:2e:e6:4c:af:7f:15:22:6f:e1:
ad:19:0a:43:9e:f7:3e:13:77:2b:f6:5f:88:6a:a6:fb:38:ba:
ea:33:fa:b3
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAYzKltGM8zWNc5Wh7J6Fko7QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzY4YjBhZWM2YzdmZDQ4ZDBkOTZiNDA3N2EyM2Y5MDZh
ODZhNDgwHhcNMjQwMTAyMTQzMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjZkNTQyNzk0ZGM0N2M0OTI0NmM4MTVkZDQ1ZTU0MDc0MTllMWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrefjEUEXZhAUjzHGqmah1o51By+
29j0LFUWnfwbsiSLS6sQB2Et+JseRdMSerYsVqUkNP3afU4CTXCQ+XXnEjne7WS/
qtq6enVywQWeYwLlUdEcBmzRupb3MlWUCuxJWhy1lsJbP/+0Vqh/y12GCW4FsBV9
EIKOoFTXMh8hpMinu77lIR/73OUiiZUROD9ys1hCC+cWaJPc7tRvaxrNq4NWcfmg
8tum9n1bMgd6jP+CGHjQ1ENHhSlDYBIjv2hUq6rOL789mIg4brVOXKZPdD7W6AXk
ISmUhGuLUnF4+4bEB38fP2jEUvCZypGsmV9K0bx3/pIXJzjR8veJMJk4QQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFJttVCeU3EfEkkbIFd1F5UB0GeHqMB8GA1UdIwQY
MBaAFC42iwrsbH/UjQ2WtAd6I/kGqGpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQt
MTQyN2RkMTZlZmE0LzEvbTIxVUo1VGNSOFNTUnNnVjNVWGxRSFFaNGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQtMTQyN2RkMTZlZmE0
LzEvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBAAf
3uQDBAAf3uoDBAAlSI4DBAA+AwsDBAA+aloDBAA+6T0DBAFQR5ADBABb8TcDBABb
9jIDBACSEwQDBACSE0oDBACSE8cDBACSE8sDBACSE9ADBACwYdkDBACwYdsDBACw
fmUDBAC56gwDBAC89HcDBADBCTMDBAHBooQDBADBoocDBADCCbQDBAHCGuYDBADC
Y54DBAHDYIIDBADDYJEDBADUNA4DBADUNBwwDQYJKoZIhvcNAQELBQADggEBAC13
P28gDO8iWCYuMsrK7u9dXKYDz7tz/QUpWjT2AzYpJDK4CFOfzjplkfzpWyrZF4KF
m0j9oSBVkwpFLG6Y07/JocnVIqksLHe4+QjCe/36QPiagWUgon+ug8y7lmNGHaoX
uF9Nga8wuhoT1nQeKZhK8jeaAwdOfpKy/++qI62WW+RCEXcwPj/2/eVv7HzwstEd
8bdbsXvj6OKUvmE2Ix+34Q7wEhT/wn3lhnwU43JL1gh+KF6B3np9QOhLZEhKULB6
OeBKl0Z2HgxZnMjOwz5br7FcPOTWSst84VlHl3oPsS7mTK9/FSJv4a0ZCkOe9z4T
dyv2X4hqpvs4uuoz+rM=
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:13:05 2024 by rpki-client on console-fra.rpki-client.org