Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/gZz_I8e48u-u_E6xxR_0mpjLcOk.roa
File: gZz_I8e48u-u_E6xxR_0mpjLcOk.roa (raw, json)
Hash identifier: eI19LyjXOnYYUP2Dz6SzKV1VDGWiXRHzHzigKL/Sjvg=
Subject key identifier: 81:9C:FF:23:C7:B8:F2:EF:AE:FC:4E:B1:C5:1F:F4:9A:98:CB:70:E9
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 0192DDBBBD6A2B4BFD64841482E9B61FFABC
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/gZz_I8e48u-u_E6xxR_0mpjLcOk.roa
Signing time: Wed 30 Oct 2024 14:02:01 +0000
ROA not before: Wed 30 Oct 2024 14:02:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31083
IP address blocks: 5.104.175.0/24 maxlen: 24
77.76.14.0/24 maxlen: 24
78.128.1.0/24 maxlen: 24
78.128.6.0/24 maxlen: 24
78.128.7.0/24 maxlen: 24
78.128.8.0/24 maxlen: 24
78.128.9.0/24 maxlen: 24
78.128.42.0/24 maxlen: 24
78.128.43.0/24 maxlen: 24
78.128.60.0/24 maxlen: 24
78.128.62.0/24 maxlen: 24
78.128.63.0/24 maxlen: 24
78.128.76.0/24 maxlen: 24
78.128.77.0/24 maxlen: 24
78.128.78.0/24 maxlen: 24
78.128.80.0/24 maxlen: 24
78.128.81.0/24 maxlen: 24
78.128.118.0/24 maxlen: 24
78.128.126.0/24 maxlen: 24
78.142.6.0/24 maxlen: 24
78.142.32.0/24 maxlen: 24
78.142.47.0/24 maxlen: 24
78.142.51.0/24 maxlen: 24
78.142.56.0/24 maxlen: 24
78.142.57.0/24 maxlen: 24
78.142.58.0/24 maxlen: 24
78.142.59.0/24 maxlen: 24
78.142.62.0/24 maxlen: 24
78.142.63.0/24 maxlen: 24
79.124.4.0/24 maxlen: 24
79.124.5.0/24 maxlen: 24
79.124.6.0/24 maxlen: 24
79.124.13.0/24 maxlen: 24
79.124.14.0/24 maxlen: 24
79.124.16.0/24 maxlen: 24
79.124.17.0/24 maxlen: 24
79.124.22.0/24 maxlen: 24
79.124.31.0/24 maxlen: 24
79.124.44.0/24 maxlen: 24
79.124.52.0/24 maxlen: 24
79.124.63.0/24 maxlen: 24
79.124.64.0/24 maxlen: 24
79.124.65.0/24 maxlen: 24
79.124.66.0/24 maxlen: 24
79.124.67.0/24 maxlen: 24
79.124.75.0/24 maxlen: 24
79.124.76.0/24 maxlen: 24
79.124.84.0/24 maxlen: 24
79.124.90.0/24 maxlen: 24
82.118.229.0/24 maxlen: 24
82.118.243.0/24 maxlen: 24
91.148.148.0/24 maxlen: 24
91.148.168.0/24 maxlen: 24
94.72.136.0/22 maxlen: 24
130.185.225.0/24 maxlen: 24
130.185.232.0/24 maxlen: 24
178.132.86.0/24 maxlen: 24
178.132.87.0/24 maxlen: 24
185.197.152.0/22 maxlen: 24
185.232.156.0/23 maxlen: 24
217.174.146.0/23 maxlen: 24
217.174.148.0/23 maxlen: 24
217.174.151.0/24 maxlen: 24
217.174.152.0/23 maxlen: 24
217.174.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dd:bb:bd:6a:2b:4b:fd:64:84:14:82:e9:b6:1f:fa:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Oct 30 14:02:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=819cff23c7b8f2efaefc4eb1c51ff49a98cb70e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:98:77:81:93:ca:8f:04:1d:2b:77:d9:b2:be:
f2:78:64:75:b6:82:fc:c3:19:73:56:ea:c7:99:fb:
78:13:d6:5a:90:cb:de:b3:51:b6:14:5c:6f:22:f8:
19:3b:17:4d:b5:fb:e3:ec:d6:52:ed:55:49:74:6e:
0f:53:4a:40:0f:77:85:3b:38:16:b1:9b:05:81:ec:
30:dd:a9:5b:81:32:21:8d:a2:fb:0b:37:21:c6:bf:
a0:72:51:09:98:53:db:eb:b5:41:93:00:e6:5e:c6:
45:43:82:e0:eb:d2:20:87:1f:da:cc:c3:77:d6:d5:
fe:33:75:38:a2:95:54:ec:c6:e7:e7:a4:c0:e5:20:
eb:db:9b:02:23:8e:95:63:69:ee:b1:24:66:e5:3e:
5e:4d:51:8d:b7:cb:96:43:ed:fc:15:d0:98:5b:68:
d3:c3:6f:1e:b6:a5:a3:8c:24:a7:41:af:19:3e:07:
1d:74:24:6e:36:03:70:0a:94:e2:5c:9c:24:de:dc:
fe:cd:7c:f1:66:66:c7:4e:c1:d5:57:87:89:8f:f4:
0c:6e:c7:62:77:c0:35:b6:50:a8:2d:bc:10:67:ec:
7b:cf:ca:6d:a9:0f:c0:67:08:53:3e:ed:fe:62:dc:
76:fd:10:ea:75:4a:50:41:77:ca:61:7a:d2:f8:9a:
f1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:9C:FF:23:C7:B8:F2:EF:AE:FC:4E:B1:C5:1F:F4:9A:98:CB:70:E9
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/gZz_I8e48u-u_E6xxR_0mpjLcOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.175.0/24
77.76.14.0/24
78.128.1.0/24
78.128.6.0-78.128.9.255
78.128.42.0/23
78.128.60.0/24
78.128.62.0/23
78.128.76.0-78.128.78.255
78.128.80.0/23
78.128.118.0/24
78.128.126.0/24
78.142.6.0/24
78.142.32.0/24
78.142.47.0/24
78.142.51.0/24
78.142.56.0/22
78.142.62.0/23
79.124.4.0-79.124.6.255
79.124.13.0-79.124.14.255
79.124.16.0/23
79.124.22.0/24
79.124.31.0/24
79.124.44.0/24
79.124.52.0/24
79.124.63.0-79.124.67.255
79.124.75.0-79.124.76.255
79.124.84.0/24
79.124.90.0/24
82.118.229.0/24
82.118.243.0/24
91.148.148.0/24
91.148.168.0/24
94.72.136.0/22
130.185.225.0/24
130.185.232.0/24
178.132.86.0/23
185.197.152.0/22
185.232.156.0/23
217.174.146.0-217.174.149.255
217.174.151.0-217.174.153.255
217.174.155.0/24
Signature Algorithm: sha256WithRSAEncryption
15:5a:4e:e1:eb:b1:8a:56:01:2e:6c:38:85:60:85:af:7e:2c:
4f:0a:84:80:32:08:6f:6b:f0:3e:b6:fc:22:80:46:b3:4d:a5:
84:0a:45:17:01:87:f3:e5:c2:0b:bb:d8:65:88:99:93:fa:d2:
3a:84:f8:0d:2c:db:ac:a3:3b:1a:d2:55:97:54:19:c0:8f:85:
ee:05:f4:dd:da:89:aa:5b:ff:e8:c0:99:24:e1:7c:6c:93:c6:
6e:59:dc:81:64:97:ed:4c:f1:f6:1d:27:de:5e:ac:f0:3f:87:
ff:57:61:8c:4e:e7:f7:9a:d0:06:d6:9e:7a:ec:b0:02:c3:2d:
00:0e:b2:df:0b:18:56:19:8f:76:63:3a:a7:e0:cd:93:ad:29:
10:57:90:39:6d:2d:ad:56:e2:fe:bb:5e:9a:46:22:81:46:ac:
96:e5:87:f6:3d:1d:ce:52:5e:f2:23:9e:66:c9:f2:bd:fe:0a:
fa:ba:bb:30:95:60:11:c1:f6:5d:65:70:bc:df:69:f5:3f:0b:
ce:58:60:0c:eb:25:fa:b1:03:b1:f1:b1:8b:7a:df:20:2d:24:
44:7f:08:3a:c1:55:01:85:df:40:71:95:dd:ee:c2:65:8d:a6:
b5:82:d4:1b:27:72:19:92:4c:7e:a6:43:5d:c3:87:59:b6:35:
72:2d:db:17
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgISAZLdu71qK0v9ZIQUgum2H/q8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjQxMDMwMTQwMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTljZmYyM2M3YjhmMmVmYWVmYzRlYjFjNTFmZjQ5YTk4Y2I3MGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Zh3gZPKjwQdK3fZsr7yeGR1toL8
wxlzVurHmft4E9ZakMves1G2FFxvIvgZOxdNtfvj7NZS7VVJdG4PU0pAD3eFOzgW
sZsFgeww3albgTIhjaL7Czchxr+gclEJmFPb67VBkwDmXsZFQ4Lg69Ighx/azMN3
1tX+M3U4opVU7Mbn56TA5SDr25sCI46VY2nusSRm5T5eTVGNt8uWQ+38FdCYW2jT
w28etqWjjCSnQa8ZPgcddCRuNgNwCpTiXJwk3tz+zXzxZmbHTsHVV4eJj/QMbsdi
d8A1tlCoLbwQZ+x7z8ptqQ/AZwhTPu3+Ytx2/RDqdUpQQXfKYXrS+JrxyQIDAQAB
o4IDQzCCAz8wHQYDVR0OBBYEFIGc/yPHuPLvrvxOscUf9JqYy3DpMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvZ1p6X0k4ZTQ4dS11X0U2eHhSXzBtcGpMY09rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVwYIKwYBBQUHAQcBAf8EggFGMIIBQjCCAT4EAgABMIIB
NgMEAAVorwMEAE1MDgMEAE6AATAMAwQBToAGAwQBToAIAwQBToAqAwQAToA8AwQB
ToA+MAwDBAJOgEwDBABOgE4DBAFOgFADBABOgHYDBABOgH4DBABOjgYDBABOjiAD
BABOji8DBABOjjMDBAJOjjgDBAFOjj4wDAMEAk98BAMEAE98BjAMAwQAT3wNAwQA
T3wOAwQBT3wQAwQAT3wWAwQAT3wfAwQAT3wsAwQAT3w0MAwDBABPfD8DBAJPfEAw
DAMEAE98SwMEAE98TAMEAE98VAMEAE98WgMEAFJ25QMEAFJ28wMEAFuUlAMEAFuU
qAMEAl5IiAMEAIK54QMEAIK56AMEAbKEVgMEArnFmAMEAbnonDAMAwQB2a6SAwQB
2a6UMAwDBADZrpcDBAHZrpgDBADZrpswDQYJKoZIhvcNAQELBQADggEBABVaTuHr
sYpWAS5sOIVgha9+LE8KhIAyCG9r8D62/CKARrNNpYQKRRcBh/Plwgu72GWImZP6
0jqE+A0s26yjOxrSVZdUGcCPhe4F9N3aiapb/+jAmSThfGyTxm5Z3IFkl+1M8fYd
J95erPA/h/9XYYxO5/ea0AbWnnrssALDLQAOst8LGFYZj3ZjOqfgzZOtKRBXkDlt
La1W4v67XppGIoFGrJblh/Y9Hc5SXvIjnmbJ8r3+Cvq6uzCVYBHB9l1lcLzfafU/
C85YYAzrJfqxA7HxsYt63yAtJER/CDrBVQGF30Bxld3uwmWNprWC1BsnchmSTH6m
Q13Dh1m2NXIt2xc=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:45:06 2024 by rpki-client on console-fra.rpki-client.org