Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/OgP6XD0nd9Nj2Bq26Og3CLfSDHo.roa
File: OgP6XD0nd9Nj2Bq26Og3CLfSDHo.roa (raw, json)
Hash identifier: o3DPMdxZfhg1Zimtn0SkedyfQ4igFrvGO+7LOwyU6I4=
Subject key identifier: 3A:03:FA:5C:3D:27:77:D3:63:D8:1A:B6:E8:E8:37:08:B7:D2:0C:7A
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 0191B71EEBBCE3973CE717546D79105F2CF3
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/OgP6XD0nd9Nj2Bq26Og3CLfSDHo.roa
Signing time: Tue 03 Sep 2024 09:02:22 +0000
ROA not before: Tue 03 Sep 2024 09:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49685
IP address blocks: 31.3.8.0/21 maxlen: 24
31.3.96.0/21 maxlen: 24
31.223.160.0/20 maxlen: 24
37.17.208.0/20 maxlen: 24
37.34.48.0/21 maxlen: 24
37.230.96.0/21 maxlen: 24
46.226.56.0/21 maxlen: 24
78.108.128.0/20 maxlen: 24
79.170.88.0/21 maxlen: 24
80.84.224.0/19 maxlen: 24
80.84.224.0/20 maxlen: 24
80.84.240.0/20 maxlen: 24
80.246.192.0/20 maxlen: 24
80.246.207.0/24 maxlen: 24
80.255.240.0/20 maxlen: 24
81.4.64.0/19 maxlen: 24
81.4.84.0/22 maxlen: 24
81.4.96.0/22 maxlen: 24
81.4.112.0/21 maxlen: 24
81.4.112.0/22 maxlen: 24
81.21.136.0/21 maxlen: 24
81.30.32.0/20 maxlen: 24
83.96.128.0/17 maxlen: 24
83.96.157.0/24 maxlen: 24
83.96.200.0/22 maxlen: 24
83.96.204.0/22 maxlen: 24
83.96.212.0/22 maxlen: 24
83.96.216.0/22 maxlen: 24
83.96.224.0/19 maxlen: 24
83.96.236.0/22 maxlen: 24
83.96.240.0/22 maxlen: 24
83.96.244.0/22 maxlen: 24
83.96.252.0/22 maxlen: 24
85.10.160.0/19 maxlen: 24
85.10.172.0/22 maxlen: 24
85.10.176.0/22 maxlen: 24
85.222.224.0/21 maxlen: 24
89.31.96.0/21 maxlen: 24
91.142.240.0/20 maxlen: 24
91.189.208.0/22 maxlen: 24
91.205.32.0/22 maxlen: 24
91.216.162.0/24 maxlen: 24
93.191.128.0/21 maxlen: 24
94.142.208.0/21 maxlen: 24
141.138.192.0/20 maxlen: 24
141.255.176.0/22 maxlen: 24
171.33.128.0/21 maxlen: 24
171.33.128.0/24 maxlen: 24
176.74.224.0/19 maxlen: 24
178.18.80.0/20 maxlen: 24
185.3.208.0/22 maxlen: 24
185.15.248.0/22 maxlen: 24
185.21.188.0/22 maxlen: 24
185.65.52.0/22 maxlen: 24
185.89.152.0/22 maxlen: 24
185.95.68.0/22 maxlen: 24
185.110.172.0/22 maxlen: 24
185.110.173.0/24 maxlen: 24
185.110.200.0/22 maxlen: 24
193.93.172.0/22 maxlen: 24
193.138.204.0/22 maxlen: 24
193.242.119.0/24 maxlen: 24
194.60.207.0/24 maxlen: 24
213.187.240.0/21 maxlen: 24
217.21.240.0/20 maxlen: 24
217.149.128.0/20 maxlen: 24
2001:828::/32 maxlen: 48
2001:4cb8::/29 maxlen: 48
2001:4cb8:e::/48 maxlen: 48
2001:4cb8:40b::/48 maxlen: 48
2a00:c080::/32 maxlen: 48
2a02:348::/32 maxlen: 48
2a02:348:28::/48 maxlen: 48
2a02:348:29::/48 maxlen: 48
2a02:348:7d::/48 maxlen: 48
2a03:4f00::/32 maxlen: 48
2a03:5700::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:1e:eb:bc:e3:97:3c:e7:17:54:6d:79:10:5f:2c:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Sep 3 09:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a03fa5c3d2777d363d81ab6e8e83708b7d20c7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6d:1f:40:78:0f:6a:8c:3c:f1:43:8a:53:bf:
ff:65:31:cb:e7:5b:67:1e:c2:21:2f:19:ee:3d:dd:
55:d8:7e:7e:52:f9:82:f6:52:13:14:ea:b5:e5:b4:
13:b5:32:0b:59:6d:aa:61:8a:dd:4e:81:dc:2b:8b:
31:4b:22:22:fb:af:2b:3c:07:15:4e:2b:1a:54:10:
04:3a:8d:33:fe:42:34:bb:1c:3c:78:fd:53:10:2f:
c2:87:da:cc:8f:56:54:e2:76:d0:94:db:81:a6:f5:
c6:18:1f:54:0e:46:b0:b8:21:95:10:1f:1b:74:9d:
53:0f:ee:51:c1:b4:0c:02:53:e1:40:99:ce:b7:2a:
b7:30:25:13:25:d3:da:2f:bb:4a:82:95:5a:ff:30:
83:80:f3:99:27:7a:ca:c7:f9:ba:7a:f9:31:e8:06:
5e:ac:fc:23:90:ce:b7:4b:00:51:44:fa:b7:30:78:
90:f5:d5:3d:81:98:ed:c1:b3:d7:46:77:ef:37:70:
e8:a9:59:96:af:e5:f2:3a:1f:a2:df:97:c2:a0:36:
69:12:41:05:4d:55:6e:e8:2d:d9:a4:5c:20:51:24:
5a:9e:e1:65:71:6d:ee:3b:e4:aa:26:ba:34:86:d7:
13:8d:92:cc:0d:55:b1:0d:ad:a3:ad:3c:13:c1:a3:
79:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:03:FA:5C:3D:27:77:D3:63:D8:1A:B6:E8:E8:37:08:B7:D2:0C:7A
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/OgP6XD0nd9Nj2Bq26Og3CLfSDHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.8.0/21
31.3.96.0/21
31.223.160.0/20
37.17.208.0/20
37.34.48.0/21
37.230.96.0/21
46.226.56.0/21
78.108.128.0/20
79.170.88.0/21
80.84.224.0/19
80.246.192.0/20
80.255.240.0/20
81.4.64.0-81.4.99.255
81.4.112.0/21
81.21.136.0/21
81.30.32.0/20
83.96.128.0/17
85.10.160.0/19
85.222.224.0/21
89.31.96.0/21
91.142.240.0/20
91.189.208.0/22
91.205.32.0/22
91.216.162.0/24
93.191.128.0/21
94.142.208.0/21
141.138.192.0/20
141.255.176.0/22
171.33.128.0/21
176.74.224.0/19
178.18.80.0/20
185.3.208.0/22
185.15.248.0/22
185.21.188.0/22
185.65.52.0/22
185.89.152.0/22
185.95.68.0/22
185.110.172.0/22
185.110.200.0/22
193.93.172.0/22
193.138.204.0/22
193.242.119.0/24
194.60.207.0/24
213.187.240.0/21
217.21.240.0/20
217.149.128.0/20
IPv6:
2001:828::/32
2001:4cb8::/29
2a00:c080::/32
2a02:348::/32
2a03:4f00::/32
2a03:5700::/32
Signature Algorithm: sha256WithRSAEncryption
b6:56:6e:4d:6a:8f:25:42:4a:d3:42:41:05:6d:5a:c8:d5:6f:
70:8d:1d:aa:15:d0:77:f2:4a:e0:0f:64:b9:44:37:3a:a2:8c:
58:04:fe:19:c6:eb:e3:5d:e6:35:da:a6:34:02:d5:f0:6a:37:
4b:88:54:07:ed:80:02:0c:f0:6f:0e:b0:52:47:f2:e8:cc:16:
ba:00:de:aa:e8:8a:5c:6b:58:78:57:fd:a8:39:d3:29:c6:d1:
3d:6c:3d:8c:71:c8:a2:f1:69:e7:5f:3a:e7:d2:89:84:89:6e:
94:4a:86:db:8f:02:e0:2f:41:a3:7c:b4:ab:0f:55:28:08:d0:
01:0a:ae:c3:d8:a8:78:fa:c7:30:71:92:d9:82:a2:10:ad:24:
10:46:5a:0f:d2:82:0f:d3:05:6a:65:ed:1a:3e:85:e2:6c:55:
4e:d7:2e:36:f4:e8:fe:b5:29:28:b7:3c:9c:a3:f0:c9:13:c4:
fb:a1:60:ea:d5:4f:f4:e9:d7:67:12:e5:07:48:50:97:4e:58:
45:e7:b6:8f:b3:b2:02:22:6a:a8:1a:29:60:d3:2e:63:00:74:
89:3c:7a:a1:7e:fa:7f:b3:a8:7f:0f:86:74:d3:39:ab:bc:03:
67:13:38:3b:a9:2f:4f:0c:2f:f9:7b:64:5d:4a:e6:6f:a8:3f:
99:ed:d7:6f
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgISAZG3Huu845c85xdUbXkQXyzzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjQwOTAzMDkwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTAzZmE1YzNkMjc3N2QzNjNkODFhYjZlOGU4MzcwOGI3ZDIwYzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtG0fQHgPaow88UOKU7//ZTHL51tn
HsIhLxnuPd1V2H5+UvmC9lITFOq15bQTtTILWW2qYYrdToHcK4sxSyIi+68rPAcV
TisaVBAEOo0z/kI0uxw8eP1TEC/Ch9rMj1ZU4nbQlNuBpvXGGB9UDkawuCGVEB8b
dJ1TD+5RwbQMAlPhQJnOtyq3MCUTJdPaL7tKgpVa/zCDgPOZJ3rKx/m6evkx6AZe
rPwjkM63SwBRRPq3MHiQ9dU9gZjtwbPXRnfvN3DoqVmWr+XyOh+i35fCoDZpEkEF
TVVu6C3ZpFwgUSRanuFlcW3uO+SqJro0htcTjZLMDVWxDa2jrTwTwaN5QwIDAQAB
o4IDWzCCA1cwHQYDVR0OBBYEFDoD+lw9J3fTY9gatujoNwi30gx6MB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvT2dQNlhEMG5kOU5qMkJxMjZPZzNDTGZTREhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbwYIKwYBBQUHAQcBAf8EggFeMIIBWjCCASQEAgABMIIB
HAMEAx8DCAMEAx8DYAMEBB/foAMEBCUR0AMEAyUiMAMEAyXmYAMEAy7iOAMEBE5s
gAMEA0+qWAMEBVBU4AMEBFD2wAMEBFD/8DAMAwQGUQRAAwQCUQRgAwQDUQRwAwQD
URWIAwQEUR4gAwQHU2CAAwQFVQqgAwQDVd7gAwQDWR9gAwQEW47wAwQCW73QAwQC
W80gAwQAW9iiAwQDXb+AAwQDXo7QAwQEjYrAAwQCjf+wAwQDqyGAAwQFsErgAwQE
shJQAwQCuQPQAwQCuQ/4AwQCuRW8AwQCuUE0AwQCuVmYAwQCuV9EAwQCuW6sAwQC
uW7IAwQCwV2sAwQCwYrMAwQAwfJ3AwQAwjzPAwQD1bvwAwQE2RXwAwQE2ZWAMDAE
AgACMCoDBQAgAQgoAwUDIAFMuAMFACoAwIADBQAqAgNIAwUAKgNPAAMFACoDVwAw
DQYJKoZIhvcNAQELBQADggEBALZWbk1qjyVCStNCQQVtWsjVb3CNHaoV0HfySuAP
ZLlENzqijFgE/hnG6+Nd5jXapjQC1fBqN0uIVAftgAIM8G8OsFJH8ujMFroA3qro
ilxrWHhX/ag50ynG0T1sPYxxyKLxaedfOufSiYSJbpRKhtuPAuAvQaN8tKsPVSgI
0AEKrsPYqHj6xzBxktmCohCtJBBGWg/Sgg/TBWpl7Ro+heJsVU7XLjb06P61KSi3
PJyj8MkTxPuhYOrVT/Tp12cS5QdIUJdOWEXnto+zsgIiaqgaKWDTLmMAdIk8eqF+
+n+zqH8PhnTTOau8A2cTODupL08ML/l7ZF1K5m+oP5nt128=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:22:34 2024 by rpki-client on console-ams.rpki-client.org