Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/J0BcmXGCs65cVSWLk97lm8TYdks.roa
File: J0BcmXGCs65cVSWLk97lm8TYdks.roa (raw, json)
Hash identifier: xQfsRK+Z+ikweprnMQmj5Z8Phxazcj98pXaLRey7oa8=
Subject key identifier: 27:40:5C:99:71:82:B3:AE:5C:55:25:8B:93:DE:E5:9B:C4:D8:76:4B
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 018CC6B911BD67F17F5BE487E0E8E415FCEC
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/J0BcmXGCs65cVSWLk97lm8TYdks.roa
Signing time: Mon 01 Jan 2024 20:31:06 +0000
ROA not before: Mon 01 Jan 2024 20:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203020
IP address blocks: 89.46.152.0/21 maxlen: 32
84.39.224.0/21 maxlen: 32
93.114.0.0/20 maxlen: 32
93.114.11.0/24 maxlen: 24
93.114.10.0/24 maxlen: 24
92.43.84.0/22 maxlen: 32
95.215.36.0/22 maxlen: 32
202.181.20.0/22 maxlen: 32
91.197.252.0/22 maxlen: 32
58.97.128.0/21 maxlen: 32
78.138.1.0/24 maxlen: 32
78.138.2.0/24 maxlen: 32
138.124.144.0/22 maxlen: 32
89.249.51.0/24 maxlen: 32
89.249.56.0/22 maxlen: 32
94.177.56.0/23 maxlen: 32
185.240.252.0/24 maxlen: 32
185.240.255.0/24 maxlen: 32
89.19.42.0/23 maxlen: 24
93.113.124.0/23 maxlen: 32
89.19.40.0/22 maxlen: 32
93.180.224.0/20 maxlen: 32
45.116.168.0/22 maxlen: 32
93.180.192.0/20 maxlen: 32
185.125.192.0/22 maxlen: 32
176.119.8.0/21 maxlen: 32
45.95.48.0/22 maxlen: 32
45.142.92.0/22 maxlen: 32
45.142.96.0/22 maxlen: 32
185.223.56.0/24 maxlen: 32
203.166.156.0/23 maxlen: 32
188.119.116.0/22 maxlen: 32
188.95.152.0/21 maxlen: 32
94.176.112.0/20 maxlen: 32
185.38.102.0/24 maxlen: 32
150.129.92.0/22 maxlen: 32
45.149.148.0/22 maxlen: 32
203.109.52.0/22 maxlen: 32
89.38.132.0/23 maxlen: 32
58.97.232.0/21 maxlen: 32
83.229.76.0/22 maxlen: 24
119.13.192.0/19 maxlen: 32
58.97.240.0/20 maxlen: 32
119.13.208.0/20 maxlen: 32
83.229.104.0/22 maxlen: 32
121.91.80.0/21 maxlen: 32
78.138.25.0/24 maxlen: 32
185.90.243.0/24 maxlen: 32
91.245.235.0/24 maxlen: 32
78.138.40.0/24 maxlen: 32
78.138.47.0/24 maxlen: 32
78.138.48.0/24 maxlen: 32
78.138.50.0/24 maxlen: 32
45.94.244.0/22 maxlen: 32
45.138.232.0/22 maxlen: 32
209.20.160.0/19 maxlen: 32
185.131.220.0/24 maxlen: 32
93.115.12.0/23 maxlen: 32
77.81.104.0/21 maxlen: 32
89.34.78.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.mft
rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:11:bd:67:f1:7f:5b:e4:87:e0:e8:e4:15:fc:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Jan 1 20:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27405c997182b3ae5c55258b93dee59bc4d8764b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:01:87:c0:54:20:8d:10:f5:a8:58:1e:56:63:
a2:b5:b5:57:4f:af:29:46:8b:d3:22:01:2d:3f:6b:
95:0a:e7:23:a7:76:c1:73:a8:93:21:0d:c8:21:e6:
46:5e:5d:61:fa:5c:c2:d9:16:3b:5f:82:e8:0e:b1:
36:f6:f8:1f:3f:3a:78:71:10:cf:24:2e:80:ac:0c:
ac:fe:76:93:29:67:45:98:31:9e:4e:3a:3c:f9:be:
b5:92:39:82:45:49:e5:e1:75:19:ae:0e:c9:ce:b4:
c8:91:5f:17:db:69:7a:c8:7f:29:4e:2f:14:64:99:
93:5b:89:6a:6d:3e:2d:a5:a4:a1:f4:5a:a8:d9:a8:
5a:ea:4c:59:79:c7:3d:bc:f8:db:5f:8c:d4:19:99:
01:ce:3b:a4:69:f3:f9:4e:8e:67:77:63:64:1d:9b:
2c:5d:f1:74:b8:ca:ac:99:ab:0f:f8:ff:f5:e9:69:
26:76:97:71:a8:90:40:cc:1f:9e:94:20:79:6e:b2:
b9:4d:22:90:28:10:51:b9:8e:ee:d4:b5:8f:91:90:
53:43:b5:64:ce:a2:30:6f:fa:01:7d:64:d6:f3:12:
9f:39:6b:81:cf:68:f5:ba:27:5f:c3:7d:ce:ff:2d:
06:01:80:94:1c:ec:a0:9f:ab:c2:e8:33:58:e0:3c:
18:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:40:5C:99:71:82:B3:AE:5C:55:25:8B:93:DE:E5:9B:C4:D8:76:4B
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/J0BcmXGCs65cVSWLk97lm8TYdks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.244.0/22
45.95.48.0/22
45.116.168.0/22
45.138.232.0/22
45.142.92.0-45.142.99.255
45.149.148.0/22
58.97.128.0/21
58.97.232.0-58.97.255.255
77.81.104.0/21
78.138.1.0-78.138.2.255
78.138.25.0/24
78.138.40.0/24
78.138.47.0-78.138.48.255
78.138.50.0/24
83.229.76.0/22
83.229.104.0/22
84.39.224.0/21
89.19.40.0/22
89.34.78.0/23
89.38.132.0/23
89.46.152.0/21
89.249.51.0/24
89.249.56.0/22
91.197.252.0/22
91.245.235.0/24
92.43.84.0/22
93.113.124.0/23
93.114.0.0/20
93.115.12.0/23
93.180.192.0/20
93.180.224.0/20
94.176.112.0/20
94.177.56.0/23
95.215.36.0/22
119.13.192.0/19
121.91.80.0/21
138.124.144.0/22
150.129.92.0/22
176.119.8.0/21
185.38.102.0/24
185.90.243.0/24
185.125.192.0/22
185.131.220.0/24
185.223.56.0/24
185.240.252.0/24
185.240.255.0/24
188.95.152.0/21
188.119.116.0/22
202.181.20.0/22
203.109.52.0/22
203.166.156.0/23
209.20.160.0/19
Signature Algorithm: sha256WithRSAEncryption
ad:eb:3b:7c:36:c4:c8:bb:6a:a4:dc:99:8b:8f:f3:a6:3d:66:
60:ae:9d:56:1a:6e:b8:2d:e5:70:34:ce:36:36:9c:a8:57:cf:
eb:82:78:e8:1e:23:10:a0:e8:52:96:a6:31:94:9a:3c:2a:69:
12:b2:2d:ca:2f:a1:3e:33:9c:54:84:4a:13:02:bd:88:2c:26:
14:97:ca:3f:12:c9:1e:d3:d5:5c:64:09:a3:09:fd:b7:31:df:
fa:4d:60:7d:bb:b5:76:a7:15:b4:45:2f:c4:83:49:06:a9:46:
e9:2f:c0:f0:b2:f5:fe:d2:ae:b5:f6:63:84:bd:21:5e:3f:52:
b2:40:71:73:50:13:b7:98:41:b7:a0:a1:d2:bb:4b:96:53:6d:
c3:35:12:e4:ba:e4:8a:59:e5:a6:8d:a7:da:5c:0f:ee:4f:20:
b9:be:e1:27:08:83:db:cf:c5:58:e7:56:86:d9:42:f0:c2:6e:
5b:dc:58:bc:04:7e:c6:3c:18:78:e9:eb:b1:ea:46:35:6d:e2:
bd:5c:07:e0:68:3b:bc:7f:e3:da:d2:4f:5d:24:7b:1b:fa:16:
a7:16:da:4e:e0:50:b3:10:83:a9:97:3b:00:6d:a0:37:41:af:
a6:75:25:76:25:b2:12:4c:ea:10:51:01:77:2a:e2:b0:22:ef:
c5:23:1d:a1
-----BEGIN CERTIFICATE-----
MIIGWDCCBUCgAwIBAgISAYzGuRG9Z/F/W+SH4OjkFfzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjQwMTAxMjAzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzQwNWM5OTcxODJiM2FlNWM1NTI1OGI5M2RlZTU5YmM0ZDg3NjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQGHwFQgjRD1qFgeVmOitbVXT68p
RovTIgEtP2uVCucjp3bBc6iTIQ3IIeZGXl1h+lzC2RY7X4LoDrE29vgfPzp4cRDP
JC6ArAys/naTKWdFmDGeTjo8+b61kjmCRUnl4XUZrg7JzrTIkV8X22l6yH8pTi8U
ZJmTW4lqbT4tpaSh9Fqo2aha6kxZecc9vPjbX4zUGZkBzjukafP5To5nd2NkHZss
XfF0uMqsmasP+P/16WkmdpdxqJBAzB+elCB5brK5TSKQKBBRuY7u1LWPkZBTQ7Vk
zqIwb/oBfWTW8xKfOWuBz2j1uidfw33O/y0GAYCUHOygn6vC6DNY4DwYyQIDAQAB
o4IDZDCCA2AwHQYDVR0OBBYEFCdAXJlxgrOuXFUli5Pe5ZvE2HZLMB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvSjBCY21YR0NzNjVjVlNXTGs5N2xtOFRZZGtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBeAYIKwYBBQUHAQcBAf8EggFnMIIBYzCCAV8EAgABMIIB
VwMEAi1e9AMEAi1fMAMEAi10qAMEAi2K6DAMAwQCLY5cAwQCLY5gAwQCLZWUAwQD
OmGAMAsDBAM6YegDAwE6YAMEA01RaDAMAwQATooBAwQATooCAwQATooZAwQATooo
MAwDBABOii8DBABOijADBABOijIDBAJT5UwDBAJT5WgDBANUJ+ADBAJZEygDBAFZ
Ik4DBAFZJoQDBANZLpgDBABZ+TMDBAJZ+TgDBAJbxfwDBABb9esDBAJcK1QDBAFd
cXwDBARdcgADBAFdcwwDBARdtMADBARdtOADBAResHADBAFesTgDBAJf1yQDBAV3
DcADBAN5W1ADBAKKfJADBAKWgVwDBAOwdwgDBAC5JmYDBAC5WvMDBAK5fcADBAC5
g9wDBAC53zgDBAC58PwDBAC58P8DBAO8X5gDBAK8d3QDBALKtRQDBALLbTQDBAHL
ppwDBAXRFKAwDQYJKoZIhvcNAQELBQADggEBAK3rO3w2xMi7aqTcmYuP86Y9ZmCu
nVYabrgt5XA0zjY2nKhXz+uCeOgeIxCg6FKWpjGUmjwqaRKyLcovoT4znFSEShMC
vYgsJhSXyj8SyR7T1VxkCaMJ/bcx3/pNYH27tXanFbRFL8SDSQapRukvwPCy9f7S
rrX2Y4S9IV4/UrJAcXNQE7eYQbegodK7S5ZTbcM1EuS65IpZ5aaNp9pcD+5PILm+
4ScIg9vPxVjnVobZQvDCblvcWLwEfsY8GHjp67HqRjVt4r1cB+BoO7x/49rST10k
exv6FqcW2k7gULMQg6mXOwBtoDdBr6Z1JXYlshJM6hBRAXcq4rAi78UjHaE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:28:11 2024 by rpki-client on console-ams.rpki-client.org