Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/j5UhJzsP_ya2a0WO2rj2n4AvqJc.roa
File: j5UhJzsP_ya2a0WO2rj2n4AvqJc.roa (raw, json)
Hash identifier: gG+xa7dijUN+p29g7uWwE4tr0xXeU+oOuJHvjB0P3SQ=
Subject key identifier: 8F:95:21:27:3B:0F:FF:26:B6:6B:45:8E:DA:B8:F6:9F:80:2F:A8:97
Certificate issuer: /CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Certificate serial: 019306194C5188E2E0F2BB5F0FA0C738961D
Authority key identifier: 80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/j5UhJzsP_ya2a0WO2rj2n4AvqJc.roa
Signing time: Thu 07 Nov 2024 10:09:01 +0000
ROA not before: Thu 07 Nov 2024 10:09:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 5.39.0.0/17 maxlen: 17
5.135.0.0/16 maxlen: 16
5.196.0.0/16 maxlen: 16
37.59.0.0/16 maxlen: 16
37.187.0.0/16 maxlen: 16
46.105.0.0/16 maxlen: 16
46.105.198.0/24 maxlen: 24
46.105.199.0/24 maxlen: 24
46.105.200.0/24 maxlen: 24
46.105.201.0/24 maxlen: 24
46.105.202.0/24 maxlen: 24
46.105.203.0/24 maxlen: 24
46.105.204.0/24 maxlen: 24
46.105.206.0/24 maxlen: 24
46.105.207.0/24 maxlen: 24
51.38.0.0/16 maxlen: 16
51.68.0.0/16 maxlen: 16
51.75.0.0/16 maxlen: 16
51.77.0.0/16 maxlen: 16
51.83.0.0/16 maxlen: 16
51.89.0.0/16 maxlen: 16
51.91.0.0/16 maxlen: 16
51.178.0.0/16 maxlen: 16
51.195.0.0/16 maxlen: 16
51.210.0.0/16 maxlen: 16
51.254.0.0/15 maxlen: 15
54.36.0.0/16 maxlen: 16
54.37.0.0/16 maxlen: 16
54.38.0.0/16 maxlen: 16
57.128.0.0/17 maxlen: 17
57.128.128.0/18 maxlen: 18
57.131.0.0/17 maxlen: 17
79.137.0.0/17 maxlen: 17
87.98.128.0/17 maxlen: 17
91.121.0.0/16 maxlen: 16
91.134.0.0/16 maxlen: 16
92.222.0.0/16 maxlen: 16
94.23.0.0/16 maxlen: 16
135.125.0.0/17 maxlen: 17
135.125.128.0/17 maxlen: 17
137.74.0.0/16 maxlen: 16
141.94.0.0/16 maxlen: 16
141.95.0.0/17 maxlen: 17
141.95.128.0/17 maxlen: 17
141.227.128.0/20 maxlen: 24
141.227.160.0/19 maxlen: 24
145.239.0.0/16 maxlen: 16
146.59.0.0/16 maxlen: 16
146.59.0.0/17 maxlen: 17
147.135.128.0/17 maxlen: 17
149.202.0.0/16 maxlen: 16
151.80.0.0/16 maxlen: 16
152.228.128.0/17 maxlen: 17
162.19.0.0/17 maxlen: 17
162.19.128.0/17 maxlen: 17
164.132.0.0/16 maxlen: 16
176.31.0.0/16 maxlen: 16
178.32.0.0/15 maxlen: 15
188.165.0.0/16 maxlen: 16
193.70.0.0/17 maxlen: 17
198.244.128.0/17 maxlen: 17
213.32.0.0/17 maxlen: 17
213.186.32.0/19 maxlen: 19
213.251.128.0/18 maxlen: 18
217.182.0.0/16 maxlen: 16
2001:41d0::/32 maxlen: 32
2001:41d0:ab00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.mft
rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:06:19:4c:51:88:e2:e0:f2:bb:5f:0f:a0:c7:38:96:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Validity
Not Before: Nov 7 10:09:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f9521273b0fff26b66b458edab8f69f802fa897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:73:8d:2e:cc:c6:d8:ba:83:81:41:f3:8d:91:
bc:ff:06:f8:11:7a:7a:9a:9a:47:e3:06:12:2f:08:
93:89:dd:59:a0:63:c3:71:6d:bc:20:bf:a6:89:97:
76:20:ba:6a:c8:fe:6e:05:0e:e9:e7:c1:33:ed:6e:
18:1d:ec:21:89:67:55:1d:7f:64:02:dc:79:b4:e5:
26:ac:f0:cf:22:f5:1d:2f:62:60:2b:19:4f:d4:5b:
9f:6a:e7:e6:f1:85:f1:6d:59:6f:14:6b:11:ee:7c:
66:7d:fe:c2:e1:74:8e:e2:3e:3e:c1:66:2d:8d:49:
ad:8d:2b:1e:c0:99:8b:f0:59:22:78:cc:7b:a6:bf:
f4:d0:26:50:e0:74:e8:5b:9c:1d:a8:41:37:bc:68:
7d:d7:7b:40:9c:4a:c8:19:71:7a:93:74:79:89:33:
3d:4c:e0:c2:02:4c:05:82:55:54:6d:24:be:82:de:
3b:15:ba:cf:1c:3c:70:e9:e7:53:33:82:81:b5:32:
6b:7b:89:59:ab:e8:8e:47:c1:32:bf:8f:3e:d2:f5:
01:72:6e:f2:21:1d:6c:d9:d2:cb:de:d2:ef:02:f3:
b1:12:a3:3f:26:e3:20:ce:d5:b2:1e:63:17:90:b9:
3c:07:fd:af:d8:47:ee:ac:45:63:ed:d4:86:23:49:
b4:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:95:21:27:3B:0F:FF:26:B6:6B:45:8E:DA:B8:F6:9F:80:2F:A8:97
X509v3 Authority Key Identifier:
keyid:80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/j5UhJzsP_ya2a0WO2rj2n4AvqJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.0.0/17
5.135.0.0/16
5.196.0.0/16
37.59.0.0/16
37.187.0.0/16
46.105.0.0/16
51.38.0.0/16
51.68.0.0/16
51.75.0.0/16
51.77.0.0/16
51.83.0.0/16
51.89.0.0/16
51.91.0.0/16
51.178.0.0/16
51.195.0.0/16
51.210.0.0/16
51.254.0.0/15
54.36.0.0-54.38.255.255
57.128.0.0-57.128.191.255
57.131.0.0/17
79.137.0.0/17
87.98.128.0/17
91.121.0.0/16
91.134.0.0/16
92.222.0.0/16
94.23.0.0/16
135.125.0.0/16
137.74.0.0/16
141.94.0.0/15
141.227.128.0/20
141.227.160.0/19
145.239.0.0/16
146.59.0.0/16
147.135.128.0/17
149.202.0.0/16
151.80.0.0/16
152.228.128.0/17
162.19.0.0/16
164.132.0.0/16
176.31.0.0/16
178.32.0.0/15
188.165.0.0/16
193.70.0.0/17
198.244.128.0/17
213.32.0.0/17
213.186.32.0/19
213.251.128.0/18
217.182.0.0/16
IPv6:
2001:41d0::/32
Signature Algorithm: sha256WithRSAEncryption
89:2d:b6:4c:dd:86:65:35:f5:5a:c3:bb:e1:02:48:48:ca:ad:
46:35:01:49:f5:79:a3:5c:c1:47:e7:80:2a:0e:13:55:e3:45:
64:4a:71:bf:97:8f:11:47:47:52:13:3d:80:6f:b7:f2:59:8d:
2b:e6:02:3d:1c:36:cc:7c:46:c6:c8:d0:6a:53:d8:4a:f3:c7:
1e:9c:a9:15:46:7f:24:60:77:d5:43:79:fb:dd:06:41:fa:8a:
39:fc:b8:12:11:cc:09:0e:fd:0f:77:dc:52:73:0f:e3:47:8f:
2f:ac:fd:02:a7:80:70:12:a8:52:6e:f9:2d:ae:e8:c8:da:f3:
a9:16:e6:76:ba:97:5c:a3:8b:17:24:b8:11:a8:19:00:65:59:
8f:c7:f2:2f:49:70:5d:cd:25:63:ce:a7:3b:5c:05:eb:b3:80:
61:12:6d:a9:af:3e:1a:c9:24:6e:0d:ee:c9:53:12:d1:65:ed:
1c:c9:a1:c9:4a:62:08:95:2c:af:ef:d6:41:af:00:59:3d:0c:
bb:ab:b3:48:b8:55:1b:ff:e9:17:c2:ac:86:1a:89:fc:c0:18:
d7:73:48:0c:db:7d:e8:cc:62:cd:38:be:db:75:61:c3:3f:46:
63:22:6d:ea:4f:17:9a:29:cb:fa:a1:d8:ac:8a:3c:f7:a2:1b:
69:85:e6:12
-----BEGIN CERTIFICATE-----
MIIGHDCCBQSgAwIBAgISAZMGGUxRiOLg8rtfD6DHOJYdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYTlmZmY2M2EzNDc3OTU3ZmY3NWNjZGMwMDNkYWI2OGNm
OWQxNTUwHhcNMjQxMTA3MTAwOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjk1MjEyNzNiMGZmZjI2YjY2YjQ1OGVkYWI4ZjY5ZjgwMmZhODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3ONLszG2LqDgUHzjZG8/wb4EXp6
mppH4wYSLwiTid1ZoGPDcW28IL+miZd2ILpqyP5uBQ7p58Ez7W4YHewhiWdVHX9k
Atx5tOUmrPDPIvUdL2JgKxlP1Fufaufm8YXxbVlvFGsR7nxmff7C4XSO4j4+wWYt
jUmtjSsewJmL8FkieMx7pr/00CZQ4HToW5wdqEE3vGh913tAnErIGXF6k3R5iTM9
TODCAkwFglVUbSS+gt47FbrPHDxw6edTM4KBtTJre4lZq+iOR8Eyv48+0vUBcm7y
IR1s2dLL3tLvAvOxEqM/JuMgztWyHmMXkLk8B/2v2EfurEVj7dSGI0m0kQIDAQAB
o4IDKDCCAyQwHQYDVR0OBBYEFI+VISc7D/8mtmtFjtq49p+AL6iXMB8GA1UdIwQY
MBaAFICp//Y6NHeVf/dczcAD2raM+dFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0tuXzlqbzBkNVZfOTF6TndBUGF0b3o1MFZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9iMDg0YmYtYTQ1NC00M2NmLWFjOTIt
NDdkOThlNTg1NDVhLzEvajVVaEp6c1BfeWEyYTBXTzJyajJuNEF2cUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9iMDg0YmYtYTQ1NC00M2NmLWFjOTItNDdkOThlNTg1NDVh
LzEvZ0tuXzlqbzBkNVZfOTF6TndBUGF0b3o1MFZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPAYIKwYBBQUHAQcBAf8EggErMIIBJzCCARQEAgABMIIB
DAMEBwUnAAMDAAWHAwMABcQDAwAlOwMDACW7AwMALmkDAwAzJgMDADNEAwMAM0sD
AwAzTQMDADNTAwMAM1kDAwAzWwMDADOyAwMAM8MDAwAz0gMDATP+MAoDAwI2JAMD
ADYmMAsDAwc5gAMEBjmAgAMEBzmDAAMEB0+JAAMEB1digAMDAFt5AwMAW4YDAwBc
3gMDAF4XAwMAh30DAwCJSgMDAY1eAwQEjeOAAwQFjeOgAwMAke8DAwCSOwMEB5OH
gAMDAJXKAwMAl1ADBAeY5IADAwCiEwMDAKSEAwMAsB8DAwGyIAMDALylAwQHwUYA
AwQHxvSAAwQH1SAAAwQF1bogAwQG1fuAAwMA2bYwDQQCAAIwBwMFACABQdAwDQYJ
KoZIhvcNAQELBQADggEBAIkttkzdhmU19VrDu+ECSEjKrUY1AUn1eaNcwUfngCoO
E1XjRWRKcb+XjxFHR1ITPYBvt/JZjSvmAj0cNsx8RsbI0GpT2Erzxx6cqRVGfyRg
d9VDefvdBkH6ijn8uBIRzAkO/Q933FJzD+NHjy+s/QKngHASqFJu+S2u6Mja86kW
5na6l1yjixckuBGoGQBlWY/H8i9JcF3NJWPOpztcBeuzgGESbamvPhrJJG4N7slT
EtFl7RzJoclKYgiVLK/v1kGvAFk9DLurs0i4VRv/6RfCrIYaifzAGNdzSAzbfejM
Ys04vtt1YcM/RmMibepPF5opy/qh2KyKPPeiG2mF5hI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:15 2024 by rpki-client on console-fra.rpki-client.org