Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/UQmajmuFG86t1vmZHYXzZoh3DqA.roa
File: UQmajmuFG86t1vmZHYXzZoh3DqA.roa (raw, json)
Hash identifier: w/8IZQK3gVZK4mPCsVpDq/gzKFMrMygoRMGNiJJ0ee4=
Subject key identifier: 51:09:9A:8E:6B:85:1B:CE:AD:D6:F9:99:1D:85:F3:66:88:77:0E:A0
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 0193258BA9091A40869DAFA54EBFFD0E0117
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/UQmajmuFG86t1vmZHYXzZoh3DqA.roa
Signing time: Wed 13 Nov 2024 12:42:10 +0000
ROA not before: Wed 13 Nov 2024 12:42:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59504
IP address blocks: 45.142.208.0/24 maxlen: 24
45.142.209.0/24 maxlen: 24
45.142.211.0/24 maxlen: 24
45.151.136.0/22 maxlen: 22
45.151.136.0/24 maxlen: 24
45.151.137.0/24 maxlen: 24
80.76.40.0/24 maxlen: 24
83.171.240.0/24 maxlen: 24
84.54.37.0/24 maxlen: 24
84.54.39.0/24 maxlen: 24
95.215.108.0/23 maxlen: 23
95.215.109.0/24 maxlen: 24
95.215.110.0/23 maxlen: 23
185.42.26.0/24 maxlen: 24
185.118.64.0/22 maxlen: 22
185.118.64.0/24 maxlen: 24
185.118.65.0/24 maxlen: 24
185.118.66.0/23 maxlen: 23
185.118.66.0/24 maxlen: 24
185.118.67.0/24 maxlen: 24
185.156.176.0/22 maxlen: 22
185.156.176.0/24 maxlen: 24
185.156.177.0/24 maxlen: 24
185.156.178.0/23 maxlen: 23
185.156.178.0/24 maxlen: 24
185.156.179.0/24 maxlen: 24
185.177.113.0/24 maxlen: 24
185.177.115.0/24 maxlen: 24
185.197.72.0/24 maxlen: 24
185.197.73.0/24 maxlen: 24
185.220.32.0/24 maxlen: 24
185.220.33.0/24 maxlen: 24
185.220.34.0/24 maxlen: 24
185.220.35.0/24 maxlen: 24
185.230.140.0/23 maxlen: 23
185.230.142.0/24 maxlen: 24
185.246.116.0/24 maxlen: 24
185.246.117.0/24 maxlen: 24
185.246.119.0/24 maxlen: 24
185.254.188.0/24 maxlen: 24
185.254.189.0/24 maxlen: 24
185.254.190.0/24 maxlen: 24
193.38.232.0/23 maxlen: 23
193.38.234.0/24 maxlen: 24
194.113.104.0/24 maxlen: 24
194.113.104.114/32 maxlen: 32
194.113.107.0/24 maxlen: 24
2a05:fb41::/32 maxlen: 32
2a05:fb42::/32 maxlen: 32
2a05:fb44::/32 maxlen: 32
2a05:fb45::/32 maxlen: 32
2a07:14c0::/48 maxlen: 48
2a07:14c0:1::/48 maxlen: 48
2a07:14c0:1000::/36 maxlen: 36
2a07:14c0:3000::/36 maxlen: 36
2a07:14c0:4000::/36 maxlen: 36
2a07:14c0:5000::/36 maxlen: 36
2a07:14c0:6000::/36 maxlen: 36
2a07:14c0:d000::/36 maxlen: 36
2a07:14c1::/32 maxlen: 32
2a07:14c2::/32 maxlen: 32
2a07:14c6::/32 maxlen: 32
2a07:14c7::/32 maxlen: 32
2a0a:4780::/32 maxlen: 32
2a0a:4781::/32 maxlen: 32
2a0a:4782::/32 maxlen: 32
2a0a:4783::/32 maxlen: 32
2a0a:4784::/32 maxlen: 32
2a0a:4785::/32 maxlen: 32
2a0c:2103::/32 maxlen: 32
2a0c:5241::/32 maxlen: 32
2a0c:5245::/32 maxlen: 32
2a0c:5247:7000::/36 maxlen: 36
2a0c:5247:c000::/36 maxlen: 36
2a0c:5247:d000::/36 maxlen: 36
2a0c:5247:e000::/36 maxlen: 36
2a0c:5247:f000::/36 maxlen: 36
2a0d:60c0::/32 maxlen: 32
2a0d:60c1::/32 maxlen: 32
2a0d:60c3::/32 maxlen: 32
2a0d:7740::/32 maxlen: 32
2a0d:7747::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:25:8b:a9:09:1a:40:86:9d:af:a5:4e:bf:fd:0e:01:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Nov 13 12:42:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51099a8e6b851bceadd6f9991d85f36688770ea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:94:47:6d:8c:0f:9f:4f:98:df:27:6f:e8:30:
2c:a6:c5:a1:d3:92:d2:b4:d8:10:3b:43:10:9b:05:
d4:cd:a1:47:e5:1b:c1:6a:00:8e:bc:b5:dc:17:6b:
74:a3:e6:e3:22:2b:66:24:bd:b6:ce:ec:f2:35:11:
c3:d1:00:42:5d:5c:4c:03:6d:d5:0d:54:a9:f7:fe:
43:ce:da:2c:95:4c:8a:96:80:41:7f:f7:ac:32:8f:
a8:dc:f5:5d:8c:a3:3b:63:97:b0:fa:9f:c8:54:97:
ca:23:37:fd:8a:d0:e3:be:fc:3a:a8:2c:1d:76:36:
41:e7:f3:33:16:56:0d:46:e7:a4:33:83:df:6b:ee:
80:e1:a5:45:af:3b:fa:be:84:07:2b:8b:34:42:3c:
ce:76:99:c8:64:3d:fa:e0:f3:24:f7:4e:26:50:77:
9f:4f:be:f5:8c:16:3c:08:3f:dd:09:48:88:49:4f:
00:39:7b:d5:71:2c:1a:44:0a:c8:3e:7c:b4:2a:5a:
93:00:c2:33:26:5e:3e:f8:46:44:2e:a0:61:0c:c6:
57:e0:fc:7f:90:3c:df:f7:7b:71:07:d7:85:d8:c6:
4f:f6:97:ee:a3:9f:91:15:e3:fc:e1:fa:e2:da:5d:
88:f1:8f:be:75:33:e3:9c:f0:21:2e:fa:fc:3c:fd:
3c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:09:9A:8E:6B:85:1B:CE:AD:D6:F9:99:1D:85:F3:66:88:77:0E:A0
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/UQmajmuFG86t1vmZHYXzZoh3DqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.208.0/23
45.142.211.0/24
45.151.136.0/22
80.76.40.0/24
83.171.240.0/24
84.54.37.0/24
84.54.39.0/24
95.215.108.0/22
185.42.26.0/24
185.118.64.0/22
185.156.176.0/22
185.177.113.0/24
185.177.115.0/24
185.197.72.0/23
185.220.32.0/22
185.230.140.0-185.230.142.255
185.246.116.0/23
185.246.119.0/24
185.254.188.0-185.254.190.255
193.38.232.0-193.38.234.255
194.113.104.0/24
194.113.107.0/24
IPv6:
2a05:fb41::-2a05:fb42:ffff:ffff:ffff:ffff:ffff:ffff
2a05:fb44::/31
2a07:14c0::/47
2a07:14c0:1000::/36
2a07:14c0:3000::-2a07:14c0:6fff:ffff:ffff:ffff:ffff:ffff
2a07:14c0:d000::/36
2a07:14c1::-2a07:14c2:ffff:ffff:ffff:ffff:ffff:ffff
2a07:14c6::/31
2a0a:4780::-2a0a:4785:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:2103::/32
2a0c:5241::/32
2a0c:5245::/32
2a0c:5247:7000::/36
2a0c:5247:c000::/34
2a0d:60c0::/31
2a0d:60c3::/32
2a0d:7740::/32
2a0d:7747::/32
Signature Algorithm: sha256WithRSAEncryption
11:85:5a:05:94:84:8b:ab:ef:c7:e0:51:14:65:01:f6:0a:9d:
89:20:21:88:8a:e7:26:78:6b:49:a6:b1:c8:1a:07:80:37:10:
be:be:38:42:dc:9c:5c:a8:e9:9e:a5:e1:aa:bc:42:06:82:e0:
c5:bf:c4:00:32:e7:cf:0a:4f:45:6b:fb:55:36:a5:3f:9c:fc:
6a:8a:3d:9b:11:11:0c:5e:4b:6d:cc:74:0d:da:9a:01:2d:5b:
3f:8a:20:48:47:c9:5d:53:7e:cc:9e:40:cf:d7:0a:95:8c:37:
75:3f:19:b4:43:2c:06:36:49:b1:85:a2:32:a9:fb:f1:d3:db:
91:20:ca:68:a5:c9:a4:91:5b:d3:51:55:c2:81:57:9a:e2:6e:
8f:84:77:fe:a9:a7:f3:e0:c1:a2:4a:ce:13:1e:f2:04:a0:84:
2a:fe:79:7b:d0:d9:0b:32:d7:b4:cf:d4:36:57:d3:96:3a:0e:
0d:ea:bd:0e:0a:17:47:44:5e:4b:e5:a2:00:ef:38:d0:b8:e8:
c0:43:f0:08:9a:36:7c:3d:cd:e2:bd:81:12:f0:dc:59:bb:76:
08:e8:e9:98:75:b1:db:84:0c:af:55:a0:fa:12:d1:6b:da:86:
7f:68:e3:ec:1e:9e:d4:fb:08:97:d9:4b:68:ee:ce:61:36:05:
09:9f:b0:bb
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgISAZMli6kJGkCGna+lTr/9DgEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQxMTEzMTI0MjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTA5OWE4ZTZiODUxYmNlYWRkNmY5OTkxZDg1ZjM2Njg4NzcwZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJRHbYwPn0+Y3ydv6DAspsWh05LS
tNgQO0MQmwXUzaFH5RvBagCOvLXcF2t0o+bjIitmJL22zuzyNRHD0QBCXVxMA23V
DVSp9/5DztoslUyKloBBf/esMo+o3PVdjKM7Y5ew+p/IVJfKIzf9itDjvvw6qCwd
djZB5/MzFlYNRuekM4Pfa+6A4aVFrzv6voQHK4s0QjzOdpnIZD364PMk904mUHef
T771jBY8CD/dCUiISU8AOXvVcSwaRArIPny0KlqTAMIzJl4++EZELqBhDMZX4Px/
kDzf93txB9eF2MZP9pfuo5+RFeP84fri2l2I8Y++dTPjnPAhLvr8PP08OwIDAQAB
o4IDWzCCA1cwHQYDVR0OBBYEFFEJmo5rhRvOrdb5mR2F82aIdw6gMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvVVFtYWptdUZHODZ0MXZtWkhZWHpab2gzRHFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbwYIKwYBBQUHAQcBAf8EggFeMIIBWjCBowQCAAEwgZwD
BAEtjtADBAAtjtMDBAItl4gDBABQTCgDBABTq/ADBABUNiUDBABUNicDBAJf12wD
BAC5KhoDBAK5dkADBAK5nLADBAC5sXEDBAC5sXMDBAG5xUgDBAK53CAwDAMEArnm
jAMEALnmjgMEAbn2dAMEALn2dzAMAwQCuf68AwQAuf6+MAwDBAPBJugDBADBJuoD
BADCcWgDBADCcWswgbEEAgACMIGqMA4DBQAqBftBAwUAKgX7QgMFASoF+0QDBwEq
BxTAAAADBgQqBxTAEDAQAwYEKgcUwDADBgQqBxTAYAMGBCoHFMDQMA4DBQAqBxTB
AwUAKgcUwgMFASoHFMYwDgMFByoKR4ADBQEqCkeEAwUAKgwhAwMFACoMUkEDBQAq
DFJFAwYEKgxSR3ADBgYqDFJHwAMFASoNYMADBQAqDWDDAwUAKg13QAMFACoNd0cw
DQYJKoZIhvcNAQELBQADggEBABGFWgWUhIur78fgURRlAfYKnYkgIYiK5yZ4a0mm
scgaB4A3EL6+OELcnFyo6Z6l4aq8QgaC4MW/xAAy588KT0Vr+1U2pT+c/GqKPZsR
EQxeS23MdA3amgEtWz+KIEhHyV1TfsyeQM/XCpWMN3U/GbRDLAY2SbGFojKp+/HT
25EgymilyaSRW9NRVcKBV5ribo+Ed/6pp/PgwaJKzhMe8gSghCr+eXvQ2Qsy17TP
1DZX05Y6Dg3qvQ4KF0dEXkvlogDvONC46MBD8AiaNnw9zeK9gRLw3Fm7dgjo6Zh1
sduEDK9VoPoS0Wvahn9o4+wentT7CJfZS2juzmE2BQmfsLs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:14:49 2024 by rpki-client on console-fra.rpki-client.org