Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/L2JMTIGhojF88MU96MQzYP8XBr4.roa
File: L2JMTIGhojF88MU96MQzYP8XBr4.roa (raw, json)
Hash identifier: 6SGukz6dXxTnAdep6QVKY5GlUfP5n0zX31sdNddKuBA=
Subject key identifier: 2F:62:4C:4C:81:A1:A2:31:7C:F0:C5:3D:E8:C4:33:60:FF:17:06:BE
Certificate issuer: /CN=50f2d6b21660fad1f60e2df9d0bd7c6ccf95c311
Certificate serial: 018DC196CCE38E8C2884440E548684FDC846
Authority key identifier: 50:F2:D6:B2:16:60:FA:D1:F6:0E:2D:F9:D0:BD:7C:6C:CF:95:C3:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UPLWshZg-tH2Di350L18bM-VwxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/L2JMTIGhojF88MU96MQzYP8XBr4.roa
Signing time: Mon 19 Feb 2024 13:38:22 +0000
ROA not before: Mon 19 Feb 2024 13:38:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41722
IP address blocks: 91.142.80.0/24 maxlen: 24
91.142.81.0/24 maxlen: 24
91.142.82.0/24 maxlen: 24
91.142.83.0/24 maxlen: 24
91.142.84.0/24 maxlen: 24
91.142.85.0/24 maxlen: 24
91.142.86.0/24 maxlen: 24
91.142.87.0/24 maxlen: 24
91.142.88.0/24 maxlen: 24
91.142.89.0/24 maxlen: 24
91.142.90.0/24 maxlen: 24
91.142.91.0/24 maxlen: 24
91.142.92.0/24 maxlen: 24
91.142.93.0/24 maxlen: 24
91.142.94.0/24 maxlen: 24
91.142.95.0/24 maxlen: 24
178.249.68.0/24 maxlen: 24
178.249.69.0/24 maxlen: 24
178.249.70.0/24 maxlen: 24
178.249.71.0/24 maxlen: 24
178.250.152.0/24 maxlen: 24
178.250.153.0/24 maxlen: 24
178.250.154.0/24 maxlen: 24
178.250.155.0/24 maxlen: 24
185.53.20.0/24 maxlen: 24
185.53.21.0/24 maxlen: 24
185.53.22.0/24 maxlen: 24
185.53.23.0/24 maxlen: 24
185.73.212.0/24 maxlen: 24
185.73.213.0/24 maxlen: 24
185.73.214.0/24 maxlen: 24
185.147.80.0/24 maxlen: 24
185.147.81.0/24 maxlen: 24
185.147.82.0/24 maxlen: 24
185.147.83.0/24 maxlen: 24
185.162.92.0/24 maxlen: 24
185.162.93.0/24 maxlen: 24
185.162.94.0/23 maxlen: 23
185.162.94.0/24 maxlen: 24
185.162.95.0/24 maxlen: 24
185.174.165.0/24 maxlen: 24
185.174.166.0/24 maxlen: 24
185.174.167.0/24 maxlen: 24
2a03:21c0::/32 maxlen: 32
2a07:a500::/32 maxlen: 32
2a07:a501::/32 maxlen: 32
2a07:a502::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/UPLWshZg-tH2Di350L18bM-VwxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/UPLWshZg-tH2Di350L18bM-VwxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/UPLWshZg-tH2Di350L18bM-VwxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c1:96:cc:e3:8e:8c:28:84:44:0e:54:86:84:fd:c8:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50f2d6b21660fad1f60e2df9d0bd7c6ccf95c311
Validity
Not Before: Feb 19 13:38:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f624c4c81a1a2317cf0c53de8c43360ff1706be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ba:0e:e1:8a:60:90:d7:45:21:9e:f3:52:73:
c1:8d:96:71:ae:69:74:c5:3b:6e:55:4e:7b:09:68:
f1:b9:7c:b3:1f:38:cf:a4:46:01:4d:7c:f2:f3:4f:
0b:48:fc:6c:8c:e3:cd:38:79:05:46:e6:5b:d7:e1:
9e:6d:78:80:a8:04:22:1f:ff:8e:3a:5c:88:d9:52:
c0:d1:0d:52:a2:11:8d:eb:f1:d8:a1:1e:9c:75:87:
b9:22:58:6e:4c:a5:fd:84:ed:ee:17:3d:04:c7:0f:
03:0b:3d:f3:9c:00:e3:c6:85:c5:c5:ac:8e:95:66:
31:51:d5:e6:cd:39:48:b0:a2:86:28:f0:5b:5e:ec:
37:0a:f4:dd:e6:bb:4c:8a:9b:f3:6c:7b:a8:f8:42:
cd:de:e2:37:90:4b:fc:0d:3f:ff:db:9a:f7:7f:de:
54:a2:ef:69:09:57:9d:01:3e:61:c3:31:e0:1e:ff:
80:d1:9d:63:85:8b:26:17:e1:2a:43:6b:6d:58:21:
3b:68:00:d2:ba:f0:4a:f9:9b:5f:d0:66:11:4b:06:
07:09:33:1e:9e:96:b7:20:6a:da:43:39:f1:de:b9:
af:4f:45:6d:f5:38:e8:0b:70:f8:9f:ad:a1:e2:0f:
e9:3c:c6:66:29:6c:48:e9:ae:ae:85:94:2b:09:0d:
39:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:62:4C:4C:81:A1:A2:31:7C:F0:C5:3D:E8:C4:33:60:FF:17:06:BE
X509v3 Authority Key Identifier:
keyid:50:F2:D6:B2:16:60:FA:D1:F6:0E:2D:F9:D0:BD:7C:6C:CF:95:C3:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UPLWshZg-tH2Di350L18bM-VwxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/L2JMTIGhojF88MU96MQzYP8XBr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/UPLWshZg-tH2Di350L18bM-VwxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.80.0/20
178.249.68.0/22
178.250.152.0/22
185.53.20.0/22
185.73.212.0-185.73.214.255
185.147.80.0/22
185.162.92.0/22
185.174.165.0-185.174.167.255
IPv6:
2a03:21c0::/32
2a07:a500::-2a07:a502:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
06:01:84:6a:21:77:08:3d:ed:cb:ac:29:73:01:56:b9:67:39:
9c:b5:05:bb:42:52:e7:bb:77:03:82:35:21:8c:7f:8c:72:3a:
6f:19:97:8f:80:79:97:4f:7f:44:58:ab:1a:29:2a:26:b0:c5:
f7:bf:0a:e4:9a:65:b4:57:14:98:db:c2:91:2d:9a:b9:0d:11:
92:d6:ef:3f:a6:1f:b6:18:1a:13:12:73:e6:53:05:8d:e8:3c:
7a:fa:67:3d:e4:8a:1c:b1:c4:66:53:39:0a:ef:eb:6b:9b:46:
0e:76:1d:74:a2:50:f5:5b:bf:d6:87:8b:a7:08:e9:fe:21:48:
e4:d7:6b:a2:75:99:f5:98:4f:5c:d3:5b:ea:33:8e:a4:53:96:
d1:23:b3:c9:f1:1f:f4:ca:6c:71:d1:d8:01:df:fc:e1:98:25:
ec:18:cf:88:b8:ab:21:de:64:d4:a5:64:7f:4c:3c:04:9f:75:
48:d8:44:34:5c:05:dc:21:56:34:e8:26:27:87:91:0a:8a:73:
4e:34:21:3e:96:15:97:db:60:69:c2:66:af:b6:5a:1a:22:3e:
3d:59:0c:c4:4d:f2:15:f3:0e:a2:58:cd:98:64:7c:19:16:d2:
ef:52:bf:51:3b:c0:ac:66:b7:3e:4d:0e:0f:3d:96:df:8b:c4:
0b:d8:52:00
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAY3BlszjjowohEQOVIaE/chGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZjJkNmIyMTY2MGZhZDFmNjBlMmRmOWQwYmQ3YzZjY2Y5
NWMzMTEwHhcNMjQwMjE5MTMzODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjYyNGM0YzgxYTFhMjMxN2NmMGM1M2RlOGM0MzM2MGZmMTcwNmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhroO4YpgkNdFIZ7zUnPBjZZxrml0
xTtuVU57CWjxuXyzHzjPpEYBTXzy808LSPxsjOPNOHkFRuZb1+GebXiAqAQiH/+O
OlyI2VLA0Q1SohGN6/HYoR6cdYe5IlhuTKX9hO3uFz0Exw8DCz3znADjxoXFxayO
lWYxUdXmzTlIsKKGKPBbXuw3CvTd5rtMipvzbHuo+ELN3uI3kEv8DT//25r3f95U
ou9pCVedAT5hwzHgHv+A0Z1jhYsmF+EqQ2ttWCE7aADSuvBK+Ztf0GYRSwYHCTMe
npa3IGraQznx3rmvT0Vt9TjoC3D4n62h4g/pPMZmKWxI6a6uhZQrCQ05tQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFC9iTEyBoaIxfPDFPejEM2D/Fwa+MB8GA1UdIwQY
MBaAFFDy1rIWYPrR9g4t+dC9fGzPlcMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVBMV3NoWmctdEgyRGkzNTBMMThiTS1Wd3hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kMGVkZDUtNjA4Ny00YmUxLWIzNmYt
YWIzZGQ1ZGM2NzA5LzEvTDJKTVRJR2hvakY4OE1VOTZNUXpZUDhYQnI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kMGVkZDUtNjA4Ny00YmUxLWIzNmYtYWIzZGQ1ZGM2NzA5
LzEvVVBMV3NoWmctdEgyRGkzNTBMMThiTS1Wd3hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBGBAIAATBAAwQEW45QAwQC
svlEAwQCsvqYAwQCuTUUMAwDBAK5SdQDBAC5SdYDBAK5k1ADBAK5olwwDAMEALmu
pQMEA7muoDAcBAIAAjAWAwUAKgMhwDANAwQAKgelAwUAKgelAjANBgkqhkiG9w0B
AQsFAAOCAQEABgGEaiF3CD3ty6wpcwFWuWc5nLUFu0JS57t3A4I1IYx/jHI6bxmX
j4B5l09/RFirGikqJrDF978K5JpltFcUmNvCkS2auQ0RktbvP6YfthgaExJz5lMF
jeg8evpnPeSKHLHEZlM5Cu/ra5tGDnYddKJQ9Vu/1oeLpwjp/iFI5NdronWZ9ZhP
XNNb6jOOpFOW0SOzyfEf9MpscdHYAd/84Zgl7BjPiLirId5k1KVkf0w8BJ91SNhE
NFwF3CFWNOgmJ4eRCopzTjQhPpYVl9tgacJmr7ZaGiI+PVkMxE3yFfMOoljNmGR8
GRbS71K/UTvArGa3Pk0ODz2W34vEC9hSAA==
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:28:59 2024 by rpki-client on console-fra.rpki-client.org