Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/CJjtDknBtjbNz-epTQP8N54VybI.roa
File: CJjtDknBtjbNz-epTQP8N54VybI.roa (raw, json)
Hash identifier: RoSNWKFjqcnnOUqJ39cHjrGaX1P23mrtLA2oIUG8YOA=
Subject key identifier: 08:98:ED:0E:49:C1:B6:36:CD:CF:E7:A9:4D:03:FC:37:9E:15:C9:B2
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 018F158D9D51BD8EECA4499BCC3619FFB51B
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/CJjtDknBtjbNz-epTQP8N54VybI.roa
Signing time: Thu 25 Apr 2024 13:59:13 +0000
ROA not before: Thu 25 Apr 2024 13:59:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62164
IP address blocks: 5.181.164.0/22 maxlen: 22
5.181.164.0/23 maxlen: 23
5.181.167.0/24 maxlen: 24
45.11.88.0/22 maxlen: 22
45.11.88.0/23 maxlen: 24
45.11.90.0/23 maxlen: 23
45.81.150.0/24 maxlen: 24
45.92.29.0/24 maxlen: 24
85.209.84.0/23 maxlen: 23
85.209.87.0/24 maxlen: 24
185.149.232.0/22 maxlen: 22
185.149.232.0/24 maxlen: 24
185.149.233.0/24 maxlen: 24
185.149.234.0/23 maxlen: 23
185.191.228.0/23 maxlen: 23
185.191.231.0/24 maxlen: 24
185.199.224.0/23 maxlen: 23
185.199.226.0/24 maxlen: 24
185.202.172.0/23 maxlen: 23
185.202.174.0/24 maxlen: 24
185.215.148.0/24 maxlen: 24
185.215.151.0/24 maxlen: 24
185.218.235.0/24 maxlen: 24
185.235.14.0/23 maxlen: 23
193.39.184.0/24 maxlen: 24
193.39.185.0/24 maxlen: 24
193.39.186.0/24 maxlen: 24
193.39.187.0/24 maxlen: 24
212.162.148.0/22 maxlen: 22
2a0b:aac0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:15:8d:9d:51:bd:8e:ec:a4:49:9b:cc:36:19:ff:b5:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Apr 25 13:59:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0898ed0e49c1b636cdcfe7a94d03fc379e15c9b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:59:84:31:a6:bd:f4:c1:6f:ec:ff:8b:9a:4a:
84:08:7d:cd:fb:2d:66:b6:df:53:cf:a3:95:28:73:
8a:53:44:08:53:3c:2a:8a:c9:5e:fc:08:36:6c:4f:
3d:2a:e5:d3:36:a8:12:9c:be:7a:a8:a0:d0:f8:67:
d2:1b:bb:f8:88:a9:dc:36:a1:74:48:9f:2a:70:3f:
66:9c:0a:50:3b:9c:ba:c1:97:00:11:d3:89:15:80:
79:55:08:dc:19:fe:b3:ca:30:8f:57:fa:7e:56:da:
d5:cf:9f:14:7c:15:35:76:97:c9:2b:3e:d4:21:36:
9a:bf:f3:4f:ca:c6:07:d9:ac:48:2d:c1:00:09:4e:
2d:4d:f1:08:a3:0f:ea:d3:01:b8:67:15:b1:e9:e2:
18:bf:02:e8:2e:5b:c3:20:b4:d1:23:44:17:29:28:
14:69:5f:74:61:2e:dd:48:e0:94:95:91:1c:5c:a3:
7f:ee:18:f1:3d:70:62:ec:11:6e:83:b1:d2:85:86:
d2:41:db:a2:c8:1e:40:fc:5b:13:ef:72:e1:66:e5:
6b:d4:e1:4e:c7:1b:66:82:83:33:92:0f:46:02:5d:
9f:4c:b4:e8:8e:bb:cc:be:72:b7:31:40:3b:4b:dc:
c9:6d:bc:0a:1b:d7:3d:70:ce:f6:1f:df:cc:e1:86:
7c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:98:ED:0E:49:C1:B6:36:CD:CF:E7:A9:4D:03:FC:37:9E:15:C9:B2
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/CJjtDknBtjbNz-epTQP8N54VybI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.164.0/22
45.11.88.0/22
45.81.150.0/24
45.92.29.0/24
85.209.84.0/23
85.209.87.0/24
185.149.232.0/22
185.191.228.0/23
185.191.231.0/24
185.199.224.0-185.199.226.255
185.202.172.0-185.202.174.255
185.215.148.0/24
185.215.151.0/24
185.218.235.0/24
185.235.14.0/23
193.39.184.0/22
212.162.148.0/22
IPv6:
2a0b:aac0::/29
Signature Algorithm: sha256WithRSAEncryption
53:0f:a5:11:ff:bc:47:7f:4a:01:f8:2a:75:b8:62:14:0d:08:
b8:73:41:d8:5e:19:b0:d4:0d:57:0b:38:94:77:db:32:2b:ac:
86:e6:a4:49:6e:3c:f5:00:fb:2b:43:35:a9:3c:40:86:2b:02:
c1:d2:b9:39:ee:d3:18:9f:fe:d3:ed:2e:17:06:17:89:8a:04:
17:6d:e9:9b:ec:53:63:ba:53:e3:b0:a2:5c:04:d0:2c:12:35:
80:97:52:7b:6e:ea:87:eb:4f:39:57:c6:ea:85:8b:86:1f:05:
80:8f:17:17:bd:0a:2f:d6:43:17:9b:99:77:23:f1:02:69:52:
bb:bb:63:89:14:47:a3:2d:04:a8:e7:67:6e:21:2d:c8:b8:a9:
d9:d1:59:79:7e:f2:f7:5d:05:fb:7c:04:fd:90:aa:8c:58:b4:
0b:8e:07:8c:3d:5f:5e:25:35:b3:53:93:75:68:77:dd:5b:30:
b5:3a:ae:f2:35:42:3a:61:5c:a7:a3:bf:2b:15:f3:52:74:87:
2e:2b:15:cf:6a:ed:0d:3c:9e:4b:04:ab:4e:da:0d:25:aa:2c:
02:ed:fe:93:e7:c8:2c:41:1f:e4:84:8b:6d:85:50:ab:30:41:
96:be:c3:bc:b0:2d:46:29:a3:eb:5d:29:b2:13:e8:e6:4d:d0:
59:5d:bf:6d
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAY8VjZ1RvY7spEmbzDYZ/7UbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjQwNDI1MTM1OTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODk4ZWQwZTQ5YzFiNjM2Y2RjZmU3YTk0ZDAzZmMzNzllMTVjOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1mEMaa99MFv7P+LmkqECH3N+y1m
tt9Tz6OVKHOKU0QIUzwqisle/Ag2bE89KuXTNqgSnL56qKDQ+GfSG7v4iKncNqF0
SJ8qcD9mnApQO5y6wZcAEdOJFYB5VQjcGf6zyjCPV/p+VtrVz58UfBU1dpfJKz7U
ITaav/NPysYH2axILcEACU4tTfEIow/q0wG4ZxWx6eIYvwLoLlvDILTRI0QXKSgU
aV90YS7dSOCUlZEcXKN/7hjxPXBi7BFug7HShYbSQduiyB5A/FsT73LhZuVr1OFO
xxtmgoMzkg9GAl2fTLTojrvMvnK3MUA7S9zJbbwKG9c9cM72H9/M4YZ8/QIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFAiY7Q5JwbY2zc/nqU0D/DeeFcmyMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvQ0pqdERrbkJ0amJOei1lcFRRUDhONTRWeWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2AwQCBbWk
AwQCLQtYAwQALVGWAwQALVwdAwQBVdFUAwQAVdFXAwQCuZXoAwQBub/kAwQAub/n
MAwDBAW5x+ADBAC5x+IwDAMEArnKrAMEALnKrgMEALnXlAMEALnXlwMEALna6wME
AbnrDgMEAsEnuAMEAtSilDANBAIAAjAHAwUDKguqwDANBgkqhkiG9w0BAQsFAAOC
AQEAUw+lEf+8R39KAfgqdbhiFA0IuHNB2F4ZsNQNVws4lHfbMiushuakSW489QD7
K0M1qTxAhisCwdK5Oe7TGJ/+0+0uFwYXiYoEF23pm+xTY7pT47CiXATQLBI1gJdS
e27qh+tPOVfG6oWLhh8FgI8XF70KL9ZDF5uZdyPxAmlSu7tjiRRHoy0EqOdnbiEt
yLip2dFZeX7y910F+3wE/ZCqjFi0C44HjD1fXiU1s1OTdWh33VswtTqu8jVCOmFc
p6O/KxXzUnSHLisVz2rtDTyeSwSrTtoNJaosAu3+k+fILEEf5ISLbYVQqzBBlr7D
vLAtRimj610pshPo5k3QWV2/bQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:37:30 2024 by rpki-client on console-ams.rpki-client.org