Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/JVYfYfrS0kwv7nYhZwoJ6NGdFJ0.roa
File: JVYfYfrS0kwv7nYhZwoJ6NGdFJ0.roa (raw, json)
Hash identifier: xhrq+lMvPSFla1m8OHSB8rM9Qq4xAwzYDtaElAObcIs=
Subject key identifier: 25:56:1F:61:FA:D2:D2:4C:2F:EE:76:21:67:0A:09:E8:D1:9D:14:9D
Certificate issuer: /CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Certificate serial: 018CC801B71AAF7081442573AD86DDF4F67E
Authority key identifier: 80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/JVYfYfrS0kwv7nYhZwoJ6NGdFJ0.roa
Signing time: Tue 02 Jan 2024 02:30:04 +0000
ROA not before: Tue 02 Jan 2024 02:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 152.228.128.0/17 maxlen: 17
94.23.0.0/16 maxlen: 16
51.178.0.0/16 maxlen: 16
51.77.0.0/16 maxlen: 16
151.80.0.0/16 maxlen: 16
193.70.0.0/17 maxlen: 17
91.134.0.0/16 maxlen: 16
162.19.128.0/17 maxlen: 17
145.239.0.0/16 maxlen: 16
137.74.0.0/16 maxlen: 16
149.202.0.0/16 maxlen: 16
188.165.0.0/16 maxlen: 16
54.37.0.0/16 maxlen: 16
51.195.0.0/16 maxlen: 16
141.94.0.0/16 maxlen: 16
92.222.0.0/16 maxlen: 16
91.121.0.0/16 maxlen: 16
5.39.0.0/17 maxlen: 17
198.244.128.0/17 maxlen: 17
213.32.0.0/17 maxlen: 17
146.59.0.0/17 maxlen: 17
178.32.0.0/15 maxlen: 15
146.59.0.0/16 maxlen: 16
37.59.0.0/16 maxlen: 16
37.187.0.0/16 maxlen: 16
141.227.128.0/20 maxlen: 24
54.36.0.0/16 maxlen: 16
162.19.0.0/17 maxlen: 17
51.83.0.0/16 maxlen: 16
213.251.128.0/18 maxlen: 18
79.137.0.0/17 maxlen: 17
141.95.128.0/17 maxlen: 17
51.210.0.0/16 maxlen: 16
135.125.128.0/17 maxlen: 17
213.186.32.0/19 maxlen: 19
51.75.0.0/16 maxlen: 16
54.38.0.0/16 maxlen: 16
51.38.0.0/16 maxlen: 16
46.105.198.0/24 maxlen: 24
46.105.199.0/24 maxlen: 24
46.105.200.0/24 maxlen: 24
46.105.201.0/24 maxlen: 24
46.105.202.0/24 maxlen: 24
46.105.203.0/24 maxlen: 24
46.105.204.0/24 maxlen: 24
46.105.206.0/24 maxlen: 24
46.105.207.0/24 maxlen: 24
51.254.0.0/15 maxlen: 15
51.89.0.0/16 maxlen: 16
5.135.0.0/16 maxlen: 16
135.125.0.0/17 maxlen: 17
57.128.0.0/17 maxlen: 17
51.91.0.0/16 maxlen: 16
217.182.0.0/16 maxlen: 16
51.68.0.0/16 maxlen: 16
5.196.0.0/16 maxlen: 16
164.132.0.0/16 maxlen: 16
141.95.0.0/17 maxlen: 17
176.31.0.0/16 maxlen: 16
147.135.128.0/17 maxlen: 17
87.98.128.0/17 maxlen: 17
57.128.128.0/18 maxlen: 18
46.105.0.0/16 maxlen: 16
2001:41d0:ab00::/40 maxlen: 48
2001:41d0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.mft
rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 07:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:b7:1a:af:70:81:44:25:73:ad:86:dd:f4:f6:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Validity
Not Before: Jan 2 02:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25561f61fad2d24c2fee7621670a09e8d19d149d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:35:e6:c9:78:32:c4:b6:6d:1c:90:e0:cc:25:
8e:de:c8:74:79:a7:44:28:dc:20:a7:7e:30:30:11:
c9:a0:c7:90:58:7e:c2:d0:42:09:f0:65:6b:3a:4c:
41:3d:05:6c:2c:d7:45:97:24:56:c0:c8:6a:59:d6:
8d:b1:53:10:33:0e:56:b1:1c:17:54:0b:86:04:1b:
f6:5b:dc:85:52:b4:9c:cf:ab:f5:8f:81:2f:22:0e:
2b:d2:b1:14:ed:a7:e4:f8:19:86:83:5f:80:e0:29:
8a:ad:20:f8:e9:c8:c8:7d:b2:ed:8f:f1:09:22:b0:
ea:80:15:dc:b1:1d:74:43:a1:02:b6:45:8c:15:6a:
40:ca:b2:ae:8a:00:65:13:35:4d:e9:d2:2f:f4:6f:
be:28:99:9e:b4:ac:b3:fd:2b:1c:d0:92:d8:55:75:
56:f2:a6:08:c8:c7:81:ee:50:d1:a6:f1:34:4f:27:
35:0c:39:e8:a9:f9:92:a4:a7:a1:6d:fb:4c:38:15:
df:dc:0a:dc:33:6a:fa:b0:cb:91:e7:b2:7f:48:d1:
c4:20:a8:08:17:84:6f:68:bf:2a:7f:2d:f2:bc:13:
5e:57:ca:33:80:3d:97:d4:a3:26:a5:81:15:07:b6:
56:c2:bb:9d:34:7c:5a:7c:25:5a:26:3c:d8:b8:13:
c3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:56:1F:61:FA:D2:D2:4C:2F:EE:76:21:67:0A:09:E8:D1:9D:14:9D
X509v3 Authority Key Identifier:
keyid:80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/JVYfYfrS0kwv7nYhZwoJ6NGdFJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.0.0/17
5.135.0.0/16
5.196.0.0/16
37.59.0.0/16
37.187.0.0/16
46.105.0.0/16
51.38.0.0/16
51.68.0.0/16
51.75.0.0/16
51.77.0.0/16
51.83.0.0/16
51.89.0.0/16
51.91.0.0/16
51.178.0.0/16
51.195.0.0/16
51.210.0.0/16
51.254.0.0/15
54.36.0.0-54.38.255.255
57.128.0.0-57.128.191.255
79.137.0.0/17
87.98.128.0/17
91.121.0.0/16
91.134.0.0/16
92.222.0.0/16
94.23.0.0/16
135.125.0.0/16
137.74.0.0/16
141.94.0.0/15
141.227.128.0/20
145.239.0.0/16
146.59.0.0/16
147.135.128.0/17
149.202.0.0/16
151.80.0.0/16
152.228.128.0/17
162.19.0.0/16
164.132.0.0/16
176.31.0.0/16
178.32.0.0/15
188.165.0.0/16
193.70.0.0/17
198.244.128.0/17
213.32.0.0/17
213.186.32.0/19
213.251.128.0/18
217.182.0.0/16
IPv6:
2001:41d0::/32
Signature Algorithm: sha256WithRSAEncryption
05:a1:f1:74:1e:6c:7d:df:75:88:8b:fc:06:12:36:95:7d:78:
0c:21:26:ce:e5:51:45:7b:fb:d6:a7:9f:67:c5:eb:8b:7c:f3:
88:af:09:ee:aa:4d:07:e4:33:46:f4:2f:90:13:af:a9:91:e7:
ca:85:4a:51:b0:72:a6:ad:f8:14:15:ce:4b:f0:09:90:8c:12:
90:7d:c2:25:5c:05:7e:3f:c4:1a:d1:5d:88:c0:50:59:62:de:
4f:45:3f:69:d6:e9:ab:96:35:ab:49:78:92:3c:ad:d2:fb:d0:
1d:bd:96:ea:f6:af:df:58:47:7e:d4:a5:24:6e:b2:c6:24:3b:
e7:fd:35:7a:5f:64:31:fa:12:00:37:cc:41:e5:2b:31:08:17:
26:76:16:48:67:d6:ae:ce:d7:48:57:c8:e2:94:17:d0:a2:05:
2a:ff:d9:40:e6:ec:58:5b:41:f7:6f:f3:13:c5:b1:00:de:9b:
bd:0a:8e:b1:a2:f8:d4:f8:67:68:0f:03:45:6c:ca:f2:22:8c:
23:37:e8:e3:0d:a9:d8:29:91:2b:53:78:06:00:47:43:06:4d:
1c:4b:c5:72:26:17:a3:f8:d0:95:55:66:24:ec:47:cc:ef:66:
2f:21:05:5a:01:02:ec:c2:80:af:ac:41:00:95:26:f0:a5:30:
dc:b7:e5:89
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgISAYzIAbcar3CBRCVzrYbd9PZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYTlmZmY2M2EzNDc3OTU3ZmY3NWNjZGMwMDNkYWI2OGNm
OWQxNTUwHhcNMjQwMTAyMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTU2MWY2MWZhZDJkMjRjMmZlZTc2MjE2NzBhMDllOGQxOWQxNDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTXmyXgyxLZtHJDgzCWO3sh0eadE
KNwgp34wMBHJoMeQWH7C0EIJ8GVrOkxBPQVsLNdFlyRWwMhqWdaNsVMQMw5WsRwX
VAuGBBv2W9yFUrScz6v1j4EvIg4r0rEU7afk+BmGg1+A4CmKrSD46cjIfbLtj/EJ
IrDqgBXcsR10Q6ECtkWMFWpAyrKuigBlEzVN6dIv9G++KJmetKyz/Ssc0JLYVXVW
8qYIyMeB7lDRpvE0Tyc1DDnoqfmSpKehbftMOBXf3ArcM2r6sMuR57J/SNHEIKgI
F4RvaL8qfy3yvBNeV8ozgD2X1KMmpYEVB7ZWwrudNHxafCVaJjzYuBPDgwIDAQAB
o4IDHDCCAxgwHQYDVR0OBBYEFCVWH2H60tJML+52IWcKCejRnRSdMB8GA1UdIwQY
MBaAFICp//Y6NHeVf/dczcAD2raM+dFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0tuXzlqbzBkNVZfOTF6TndBUGF0b3o1MFZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9iMDg0YmYtYTQ1NC00M2NmLWFjOTIt
NDdkOThlNTg1NDVhLzEvSlZZZllmclMwa3d2N25ZaFp3b0o2TkdkRkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9iMDg0YmYtYTQ1NC00M2NmLWFjOTItNDdkOThlNTg1NDVh
LzEvZ0tuXzlqbzBkNVZfOTF6TndBUGF0b3o1MFZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMAYIKwYBBQUHAQcBAf8EggEfMIIBGzCCAQgEAgABMIIB
AAMEBwUnAAMDAAWHAwMABcQDAwAlOwMDACW7AwMALmkDAwAzJgMDADNEAwMAM0sD
AwAzTQMDADNTAwMAM1kDAwAzWwMDADOyAwMAM8MDAwAz0gMDATP+MAoDAwI2JAMD
ADYmMAsDAwc5gAMEBjmAgAMEB0+JAAMEB1digAMDAFt5AwMAW4YDAwBc3gMDAF4X
AwMAh30DAwCJSgMDAY1eAwQEjeOAAwMAke8DAwCSOwMEB5OHgAMDAJXKAwMAl1AD
BAeY5IADAwCiEwMDAKSEAwMAsB8DAwGyIAMDALylAwQHwUYAAwQHxvSAAwQH1SAA
AwQF1bogAwQG1fuAAwMA2bYwDQQCAAIwBwMFACABQdAwDQYJKoZIhvcNAQELBQAD
ggEBAAWh8XQebH3fdYiL/AYSNpV9eAwhJs7lUUV7+9ann2fF64t884ivCe6qTQfk
M0b0L5ATr6mR58qFSlGwcqat+BQVzkvwCZCMEpB9wiVcBX4/xBrRXYjAUFli3k9F
P2nW6auWNatJeJI8rdL70B29lur2r99YR37UpSRussYkO+f9NXpfZDH6EgA3zEHl
KzEIFyZ2Fkhn1q7O10hXyOKUF9CiBSr/2UDm7FhbQfdv8xPFsQDem70KjrGi+NT4
Z2gPA0VsyvIijCM36OMNqdgpkStTeAYAR0MGTRxLxXImF6P40JVVZiTsR8zvZi8h
BVoBAuzCgK+sQQCVJvClMNy35Yk=
-----END CERTIFICATE-----
Generated at Mon May 20 12:51:10 2024 by rpki-client on console-ams.rpki-client.org