Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/Mk20FaHzKpOieZ8SK7qffdT4mAQ.roa
File: Mk20FaHzKpOieZ8SK7qffdT4mAQ.roa (raw, json)
Hash identifier: iVzbUbC2kMDPdUzGPtRhsjWMZTKdn6/+ljj3DAgYmHo=
Subject key identifier: 32:4D:B4:15:A1:F3:2A:93:A2:79:9F:12:2B:BA:9F:7D:D4:F8:98:04
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 0190B46BAF0AB1836CC3CAEA0231C34DC067
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/Mk20FaHzKpOieZ8SK7qffdT4mAQ.roa
Signing time: Mon 15 Jul 2024 03:24:34 +0000
ROA not before: Mon 15 Jul 2024 03:24:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396356
IP address blocks: 147.136.77.0/24 maxlen: 24
147.136.85.0/24 maxlen: 24
168.199.145.0/24 maxlen: 24
168.199.166.0/24 maxlen: 24
168.199.209.0/24 maxlen: 24
168.199.218.0/24 maxlen: 24
168.199.219.0/24 maxlen: 24
168.199.220.0/24 maxlen: 24
168.199.221.0/24 maxlen: 24
168.199.222.0/24 maxlen: 24
168.199.223.0/24 maxlen: 24
168.199.224.0/24 maxlen: 24
168.199.225.0/24 maxlen: 24
168.199.226.0/24 maxlen: 24
168.199.228.0/24 maxlen: 24
168.199.229.0/24 maxlen: 24
168.199.230.0/24 maxlen: 24
168.199.232.0/24 maxlen: 24
168.199.234.0/24 maxlen: 24
168.199.235.0/24 maxlen: 24
168.199.236.0/24 maxlen: 24
168.199.237.0/24 maxlen: 24
168.199.238.0/24 maxlen: 24
168.199.239.0/24 maxlen: 24
192.95.86.0/24 maxlen: 24
192.95.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b4:6b:af:0a:b1:83:6c:c3:ca:ea:02:31:c3:4d:c0:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jul 15 03:24:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=324db415a1f32a93a2799f122bba9f7dd4f89804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:ec:39:7b:b5:1c:b1:67:9b:45:18:20:3a:d2:
d6:02:46:51:82:0b:4b:b9:95:fa:47:d0:e3:b2:f8:
85:8d:d7:14:d7:5c:e8:a7:f8:e6:b1:a8:39:43:c0:
fd:23:bb:c3:82:a4:04:c4:92:d5:a7:6b:68:d0:00:
44:94:2e:72:7a:68:78:01:e4:5d:32:ed:62:12:6c:
66:97:55:21:61:c9:47:18:11:1e:ae:76:58:51:de:
87:15:af:d2:08:1c:7a:d1:d6:79:d6:79:fa:bc:eb:
e5:23:5c:6f:32:2f:65:a0:30:e1:b0:21:aa:ff:d9:
02:5f:d0:e3:be:06:40:38:fe:a0:78:b3:ef:95:2d:
ed:be:72:ed:26:a8:d7:c8:d6:c7:aa:0d:2d:46:f8:
21:84:90:5c:7d:06:e4:d9:92:4a:d7:78:a2:c0:be:
b8:b7:22:3c:44:e2:9a:44:bf:46:00:0a:6a:d1:64:
c3:f1:6f:19:37:a7:1a:cd:85:0e:b3:af:12:fe:0c:
40:82:35:1c:fa:8f:3b:94:92:5d:a5:09:d9:1b:bb:
fe:25:e4:a6:24:06:46:d5:eb:ce:26:96:18:a5:d2:
ab:9e:b9:68:dc:46:90:5e:34:ce:b1:79:8c:40:5f:
62:2d:82:88:fd:ae:17:e8:e7:ab:d9:75:c8:b8:73:
d9:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:4D:B4:15:A1:F3:2A:93:A2:79:9F:12:2B:BA:9F:7D:D4:F8:98:04
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/Mk20FaHzKpOieZ8SK7qffdT4mAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.136.77.0/24
147.136.85.0/24
168.199.145.0/24
168.199.166.0/24
168.199.209.0/24
168.199.218.0-168.199.226.255
168.199.228.0-168.199.230.255
168.199.232.0/24
168.199.234.0-168.199.239.255
192.95.86.0/24
192.95.91.0/24
Signature Algorithm: sha256WithRSAEncryption
50:f1:7a:b5:4a:d3:ed:40:ed:e9:24:cb:b5:04:dc:8a:7c:f8:
e5:a7:08:99:8a:8a:c6:6c:ca:ac:ab:02:85:06:33:07:98:c0:
a1:ad:36:42:34:54:58:cf:7b:63:56:ac:31:81:83:3f:d9:93:
f4:06:3e:d1:39:24:f1:e9:d0:f7:b9:d8:65:30:bc:a9:c6:e6:
8b:ff:98:a7:fe:29:55:62:ed:fa:1e:4d:63:04:cb:0b:2d:d2:
e9:c1:df:a8:a0:56:95:b2:68:c8:5e:0c:9a:ac:20:e0:2b:7f:
0b:c1:fa:78:a8:61:74:cc:28:68:d3:6a:94:93:7b:ca:31:ce:
95:f8:7d:4d:3b:93:63:21:84:61:0c:47:01:6e:3f:95:db:ef:
d8:78:99:a9:33:85:1a:6f:94:a2:1e:bb:3d:de:88:8d:31:b7:
27:89:87:f0:15:df:4b:56:a6:44:6c:3a:15:f0:a9:6d:ad:08:
ae:64:69:06:d5:ea:4b:d6:4e:82:bc:c7:5e:6e:39:93:81:e7:
02:3e:a0:55:b3:46:1a:e4:7d:23:78:c5:90:19:81:09:90:16:
a2:15:d0:bf:aa:1f:81:40:49:b8:1f:0e:e7:c6:bb:26:84:c3:
7c:26:36:e0:e6:3e:18:3d:84:c6:85:3f:85:47:d7:e7:74:b7:
1a:5c:d3:23
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZC0a68KsYNsw8rqAjHDTcBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQwNzE1MDMyNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjRkYjQxNWExZjMyYTkzYTI3OTlmMTIyYmJhOWY3ZGQ0Zjg5ODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7uw5e7UcsWebRRggOtLWAkZRggtL
uZX6R9DjsviFjdcU11zop/jmsag5Q8D9I7vDgqQExJLVp2to0ABElC5yemh4AeRd
Mu1iEmxml1UhYclHGBEernZYUd6HFa/SCBx60dZ51nn6vOvlI1xvMi9loDDhsCGq
/9kCX9DjvgZAOP6geLPvlS3tvnLtJqjXyNbHqg0tRvghhJBcfQbk2ZJK13iiwL64
tyI8ROKaRL9GAApq0WTD8W8ZN6cazYUOs68S/gxAgjUc+o87lJJdpQnZG7v+JeSm
JAZG1evOJpYYpdKrnrlo3EaQXjTOsXmMQF9iLYKI/a4X6Oer2XXIuHPZpQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFDJNtBWh8yqTonmfEiu6n33U+JgEMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvTWsyMEZhSHpLcE9pZVo4U0s3cWZmZFQ0bUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAk4hNAwQA
k4hVAwQAqMeRAwQAqMemAwQAqMfRMAwDBAGox9oDBACox+IwDAMEAqjH5AMEAKjH
5gMEAKjH6DAMAwQBqMfqAwQEqMfgAwQAwF9WAwQAwF9bMA0GCSqGSIb3DQEBCwUA
A4IBAQBQ8Xq1StPtQO3pJMu1BNyKfPjlpwiZiorGbMqsqwKFBjMHmMChrTZCNFRY
z3tjVqwxgYM/2ZP0Bj7ROSTx6dD3udhlMLypxuaL/5in/ilVYu36Hk1jBMsLLdLp
wd+ooFaVsmjIXgyarCDgK38Lwfp4qGF0zCho02qUk3vKMc6V+H1NO5NjIYRhDEcB
bj+V2+/YeJmpM4Uab5SiHrs93oiNMbcniYfwFd9LVqZEbDoV8KltrQiuZGkG1epL
1k6CvMdebjmTgecCPqBVs0Ya5H0jeMWQGYEJkBaiFdC/qh+BQEm4Hw7nxrsmhMN8
Jjbg5j4YPYTGhT+FR9fndLcaXNMj
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:17:12 2024 by rpki-client on console-ams.rpki-client.org