Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IzRjYUq4GOIybD_mNwWWqJVt6X8.roa
File: IzRjYUq4GOIybD_mNwWWqJVt6X8.roa (raw, json)
Hash identifier: jjrdpIbLDdrQ5aAW0j1/T0c0mc0N7MxPi5mcM+6JK44=
Subject key identifier: 23:34:63:61:4A:B8:18:E2:32:6C:3F:E6:37:05:96:A8:95:6D:E9:7F
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0192BD25B266E04152AAF5109E1CEF177F00
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IzRjYUq4GOIybD_mNwWWqJVt6X8.roa
Signing time: Thu 24 Oct 2024 06:10:17 +0000
ROA not before: Thu 24 Oct 2024 06:10:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 2.58.148.0/22 maxlen: 24
45.91.149.0/24 maxlen: 24
45.135.187.0/24 maxlen: 24
45.143.53.0/24 maxlen: 24
45.145.44.0/23 maxlen: 24
45.145.47.0/24 maxlen: 24
62.197.144.0/24 maxlen: 24
62.197.147.0/24 maxlen: 24
62.197.148.0/24 maxlen: 24
62.197.150.0/24 maxlen: 24
62.197.151.0/24 maxlen: 24
62.197.152.0/24 maxlen: 24
62.197.159.0/24 maxlen: 24
84.247.25.0/24 maxlen: 24
84.247.26.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
89.36.22.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
89.43.199.0/24 maxlen: 24
92.62.121.0/24 maxlen: 24
93.115.254.0/24 maxlen: 24
93.115.255.0/24 maxlen: 24
94.103.249.0/24 maxlen: 24
94.103.250.0/24 maxlen: 24
185.121.121.0/24 maxlen: 24
185.121.122.0/24 maxlen: 24
185.121.123.0/24 maxlen: 24
185.184.134.0/24 maxlen: 24
185.205.190.0/24 maxlen: 24
185.239.241.0/24 maxlen: 24
185.239.243.0/24 maxlen: 24
185.244.137.0/24 maxlen: 24
185.245.5.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.240.68.0/24 maxlen: 24
188.240.74.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
193.218.32.0/24 maxlen: 24
193.239.164.0/23 maxlen: 24
194.169.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bd:25:b2:66:e0:41:52:aa:f5:10:9e:1c:ef:17:7f:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 24 06:10:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=233463614ab818e2326c3fe6370596a8956de97f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4a:92:9a:39:8d:06:de:88:95:71:73:b1:a4:
19:ea:cf:08:53:e5:f7:2e:50:7e:14:65:c8:8c:76:
b3:57:d6:df:52:c6:2a:3d:f4:81:4f:22:51:95:15:
be:8c:aa:1d:c1:59:de:c0:74:4d:82:6d:ca:be:62:
86:d8:b1:16:bf:02:91:60:9c:37:b7:57:58:92:34:
5e:46:61:4c:25:c6:33:e5:be:cd:79:66:76:1d:a1:
f9:4f:f3:e5:a7:90:9b:ba:e7:fc:ca:8f:26:8a:16:
0a:0d:a0:c4:46:9a:89:65:d1:30:97:b2:52:d5:1e:
95:c4:f3:72:c3:66:67:ed:16:35:c8:49:f8:5a:10:
bf:4b:f6:1e:f1:09:36:a8:cc:d0:eb:6b:05:64:82:
18:76:e4:55:1f:95:15:be:a9:b9:a3:83:27:af:99:
79:f6:35:92:28:95:96:e2:00:4c:07:82:6a:25:8a:
ec:26:6e:c2:5b:60:b1:e1:ea:3f:85:ef:03:7c:f1:
33:05:93:98:d5:e4:dc:22:89:2e:f6:15:ab:6c:d9:
15:b0:3c:b3:0f:c4:c9:7a:17:21:6c:10:88:80:07:
eb:0b:50:92:46:4c:7a:c5:b4:05:18:f2:22:73:b8:
30:fe:d7:4d:4b:e0:37:57:cb:05:52:31:ee:f4:80:
c3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:34:63:61:4A:B8:18:E2:32:6C:3F:E6:37:05:96:A8:95:6D:E9:7F
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IzRjYUq4GOIybD_mNwWWqJVt6X8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.148.0/22
45.91.149.0/24
45.135.187.0/24
45.143.53.0/24
45.145.44.0/23
45.145.47.0/24
62.197.144.0/24
62.197.147.0-62.197.148.255
62.197.150.0-62.197.152.255
62.197.159.0/24
84.247.25.0-84.247.26.255
89.33.84.0/24
89.36.22.0/24
89.37.62.0/24
89.43.199.0/24
92.62.121.0/24
93.115.254.0/23
94.103.249.0-94.103.250.255
185.121.121.0-185.121.123.255
185.184.134.0/24
185.205.190.0/24
185.239.241.0/24
185.239.243.0/24
185.244.137.0/24
185.245.5.0/24
188.212.132.0/24
188.240.68.0/24
188.240.74.0/24
193.19.108.0/24
193.218.32.0/24
193.239.164.0/23
194.169.169.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:d1:81:3a:1e:d6:85:ff:d5:a7:26:55:35:54:e1:a4:4f:16:
7b:1a:8a:21:9b:0e:c2:e4:09:5d:8a:7b:2f:78:82:db:98:34:
71:7e:fc:28:08:90:ea:78:a3:76:60:58:bd:42:28:53:a3:08:
c4:8d:9f:02:4a:ee:9e:8f:23:c4:0c:82:2b:34:e1:a0:9c:c0:
33:a2:46:da:9e:e5:42:4d:a9:80:a2:1b:4a:20:7f:00:aa:29:
8d:a1:b8:fc:2a:89:d4:00:0c:55:2c:a2:cd:19:2b:42:e1:d0:
be:a3:b8:7e:88:4d:d6:cd:fb:ab:d3:e1:6e:63:f2:c4:f1:f9:
1d:f5:33:7a:3c:b3:aa:cc:da:c7:d8:df:3e:0a:08:4b:24:cf:
75:fb:c9:82:1b:07:e0:9b:6f:24:fc:21:a1:85:31:ff:ac:34:
e1:e7:09:45:ba:18:6e:ee:5a:fe:d6:b7:63:dd:31:be:ed:3e:
6f:4b:05:2d:f7:6b:9f:74:18:29:d0:a3:46:e8:9e:59:27:ae:
27:df:8f:c0:27:70:6b:d1:c7:82:36:8a:78:45:ad:21:10:6b:
1c:e4:8e:a1:fc:da:db:12:24:f8:bc:91:5b:12:95:71:b2:0c:
09:6a:9b:0b:30:85:04:57:0b:6c:64:4e:08:63:6d:89:26:2c:
a7:83:91:0a
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAZK9JbJm4EFSqvUQnhzvF38AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQxMDI0MDYxMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzM0NjM2MTRhYjgxOGUyMzI2YzNmZTYzNzA1OTZhODk1NmRlOTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkqSmjmNBt6IlXFzsaQZ6s8IU+X3
LlB+FGXIjHazV9bfUsYqPfSBTyJRlRW+jKodwVnewHRNgm3KvmKG2LEWvwKRYJw3
t1dYkjReRmFMJcYz5b7NeWZ2HaH5T/Plp5Cbuuf8yo8mihYKDaDERpqJZdEwl7JS
1R6VxPNyw2Zn7RY1yEn4WhC/S/Ye8Qk2qMzQ62sFZIIYduRVH5UVvqm5o4Mnr5l5
9jWSKJWW4gBMB4JqJYrsJm7CW2Cx4eo/he8DfPEzBZOY1eTcIoku9hWrbNkVsDyz
D8TJehchbBCIgAfrC1CSRkx6xbQFGPIic7gw/tdNS+A3V8sFUjHu9IDDUwIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFCM0Y2FKuBjiMmw/5jcFlqiVbel/MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSXpSallVcTRHT0l5YkRfbU53V1dxSlZ0Nlg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIwge8EAgABMIHoAwQC
AjqUAwQALVuVAwQALYe7AwQALY81AwQBLZEsAwQALZEvAwQAPsWQMAwDBAA+xZMD
BAA+xZQwDAMEAT7FlgMEAD7FmAMEAD7FnzAMAwQAVPcZAwQAVPcaAwQAWSFUAwQA
WSQWAwQAWSU+AwQAWSvHAwQAXD55AwQBXXP+MAwDBABeZ/kDBABeZ/owDAMEALl5
eQMEArl5eAMEALm4hgMEALnNvgMEALnv8QMEALnv8wMEALn0iQMEALn1BQMEALzU
hAMEALzwRAMEALzwSgMEAMETbAMEAMHaIAMEAcHvpAMEAMKpqTANBgkqhkiG9w0B
AQsFAAOCAQEACtGBOh7Whf/VpyZVNVThpE8WexqKIZsOwuQJXYp7L3iC25g0cX78
KAiQ6nijdmBYvUIoU6MIxI2fAkruno8jxAyCKzThoJzAM6JG2p7lQk2pgKIbSiB/
AKopjaG4/CqJ1AAMVSyizRkrQuHQvqO4fohN1s37q9PhbmPyxPH5HfUzejyzqsza
x9jfPgoISyTPdfvJghsH4JtvJPwhoYUx/6w04ecJRboYbu5a/ta3Y90xvu0+b0sF
Lfdrn3QYKdCjRuieWSeuJ9+PwCdwa9HHgjaKeEWtIRBrHOSOofza2xIk+LyRWxKV
cbIMCWqbCzCFBFcLbGROCGNtiSYsp4ORCg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:57:05 2024 by rpki-client on console-ams.rpki-client.org