Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/GZyzIXKPUl2T3cQ3q4gwpsSIjw0.roa
File: GZyzIXKPUl2T3cQ3q4gwpsSIjw0.roa (raw, json)
Hash identifier: 7YrXVRFGndOekWLhBwAkPKch4P9IH8ngdijPnddNEXU=
Subject key identifier: 19:9C:B3:21:72:8F:52:5D:93:DD:C4:37:AB:88:30:A6:C4:88:8F:0D
Certificate issuer: /CN=e833461e9d2bdafcc29ad9189fb0acf1f33960a9
Certificate serial: 018CC348E711EE5E31E6FCC34FF69CE6CE42
Authority key identifier: E8:33:46:1E:9D:2B:DA:FC:C2:9A:D9:18:9F:B0:AC:F1:F3:39:60:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6DNGHp0r2vzCmtkYn7Cs8fM5YKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/GZyzIXKPUl2T3cQ3q4gwpsSIjw0.roa
Signing time: Mon 01 Jan 2024 04:29:43 +0000
ROA not before: Mon 01 Jan 2024 04:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205275
IP address blocks: 89.33.24.0/24 maxlen: 24
188.215.2.0/24 maxlen: 24
89.33.27.0/24 maxlen: 24
89.33.25.0/24 maxlen: 24
89.33.26.0/24 maxlen: 24
89.33.44.0/24 maxlen: 24
89.39.246.0/24 maxlen: 24
188.214.210.0/24 maxlen: 24
188.214.211.0/24 maxlen: 24
188.214.215.0/24 maxlen: 24
86.107.23.0/24 maxlen: 24
89.40.72.0/24 maxlen: 24
86.107.169.0/24 maxlen: 24
86.104.13.0/24 maxlen: 24
85.204.19.0/24 maxlen: 24
86.106.30.0/24 maxlen: 24
188.241.142.0/24 maxlen: 24
188.241.152.0/24 maxlen: 24
89.42.219.0/24 maxlen: 24
89.42.217.0/24 maxlen: 24
89.42.218.0/24 maxlen: 24
89.42.216.0/24 maxlen: 24
89.42.221.0/24 maxlen: 24
89.42.222.0/24 maxlen: 24
89.42.220.0/24 maxlen: 24
89.42.223.0/24 maxlen: 24
89.39.83.0/24 maxlen: 24
188.240.20.0/24 maxlen: 24
188.240.21.0/24 maxlen: 24
188.240.22.0/24 maxlen: 24
188.240.23.0/24 maxlen: 24
188.209.214.0/24 maxlen: 24
89.45.83.0/24 maxlen: 24
188.213.205.0/24 maxlen: 24
89.45.15.0/24 maxlen: 24
86.105.214.0/24 maxlen: 24
89.47.53.0/24 maxlen: 24
89.34.92.0/24 maxlen: 24
93.115.53.0/24 maxlen: 24
89.41.37.0/24 maxlen: 24
89.41.38.0/24 maxlen: 24
89.41.36.0/24 maxlen: 24
89.41.39.0/24 maxlen: 24
89.44.137.0/24 maxlen: 24
89.37.213.0/24 maxlen: 24
89.47.240.0/24 maxlen: 24
89.37.212.0/24 maxlen: 24
89.47.241.0/24 maxlen: 24
89.37.214.0/24 maxlen: 24
89.47.242.0/24 maxlen: 24
89.37.215.0/24 maxlen: 24
89.47.243.0/24 maxlen: 24
185.162.64.0/24 maxlen: 24
185.162.65.0/24 maxlen: 24
185.162.66.0/24 maxlen: 24
185.162.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/6DNGHp0r2vzCmtkYn7Cs8fM5YKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/6DNGHp0r2vzCmtkYn7Cs8fM5YKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/6DNGHp0r2vzCmtkYn7Cs8fM5YKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:e7:11:ee:5e:31:e6:fc:c3:4f:f6:9c:e6:ce:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e833461e9d2bdafcc29ad9189fb0acf1f33960a9
Validity
Not Before: Jan 1 04:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=199cb321728f525d93ddc437ab8830a6c4888f0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:83:07:11:ee:d2:95:43:9e:ce:3b:f8:ee:bf:
bf:89:5e:eb:31:32:66:01:d3:d8:58:76:a8:47:06:
8f:02:fb:3b:1a:8d:ea:93:ed:90:23:e0:2e:2c:68:
e8:6a:e6:41:b9:9a:b2:39:93:7b:c6:f4:b7:69:22:
a3:aa:a3:ee:65:fc:d0:a2:9a:6c:d3:98:33:d6:07:
7e:fe:b6:03:95:d4:c8:b1:19:26:dc:1a:81:c0:ce:
b9:b8:da:27:2c:45:16:00:fa:dc:1b:30:1b:c6:66:
4c:69:f9:f7:88:db:b8:d3:a0:86:88:8a:f4:70:b0:
a5:5c:60:32:e0:ee:3f:56:b9:b4:6e:0a:a7:81:eb:
6d:87:ae:bf:dd:58:0a:87:00:17:12:1b:c0:6e:af:
ee:65:e1:72:7e:d4:55:10:74:1a:f8:e3:1b:e4:47:
af:aa:79:d1:3b:18:08:bf:3a:95:f9:82:fa:95:45:
43:40:03:9c:96:ed:03:4a:cb:f3:bf:15:e1:02:9b:
5b:2a:26:97:82:e8:17:8e:e3:4b:e9:f6:4a:95:c6:
cf:92:5f:64:93:14:60:cb:cc:2f:53:73:a0:f9:c7:
39:79:d6:06:85:12:a8:15:bc:a6:2c:d9:ec:a0:0f:
58:b6:34:42:9f:57:ef:87:11:d4:48:6c:ef:be:fc:
99:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:9C:B3:21:72:8F:52:5D:93:DD:C4:37:AB:88:30:A6:C4:88:8F:0D
X509v3 Authority Key Identifier:
keyid:E8:33:46:1E:9D:2B:DA:FC:C2:9A:D9:18:9F:B0:AC:F1:F3:39:60:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6DNGHp0r2vzCmtkYn7Cs8fM5YKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/GZyzIXKPUl2T3cQ3q4gwpsSIjw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/6DNGHp0r2vzCmtkYn7Cs8fM5YKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.19.0/24
86.104.13.0/24
86.105.214.0/24
86.106.30.0/24
86.107.23.0/24
86.107.169.0/24
89.33.24.0/22
89.33.44.0/24
89.34.92.0/24
89.37.212.0/22
89.39.83.0/24
89.39.246.0/24
89.40.72.0/24
89.41.36.0/22
89.42.216.0/21
89.44.137.0/24
89.45.15.0/24
89.45.83.0/24
89.47.53.0/24
89.47.240.0/22
93.115.53.0/24
185.162.64.0/22
188.209.214.0/24
188.213.205.0/24
188.214.210.0/23
188.214.215.0/24
188.215.2.0/24
188.240.20.0/22
188.241.142.0/24
188.241.152.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:e9:78:7c:f8:86:be:88:d9:53:77:5b:46:e1:c2:af:bb:06:
32:3a:f1:c1:26:17:34:86:f7:8b:c4:28:4e:df:b4:33:53:f0:
9a:05:40:4e:00:b3:0a:4d:a5:5e:6f:66:74:21:0f:61:b0:e0:
2d:02:1a:fb:a6:14:cd:f7:8d:e7:24:bd:6f:35:39:38:2d:38:
8e:ab:56:ae:cc:e5:9e:43:82:21:10:ea:33:18:b4:21:42:ff:
19:70:5e:13:ba:15:18:f4:16:47:00:54:db:e1:a7:81:89:18:
6d:ee:e9:ce:40:9f:d6:ff:7c:a4:d3:08:99:dc:5b:a6:c7:26:
58:bb:98:a9:24:99:96:d9:d5:ec:e1:03:06:47:92:9e:1c:2e:
6e:2a:d8:60:7b:ee:93:f0:70:e2:e1:56:10:5b:72:46:0e:ff:
c6:3a:bf:25:1a:7d:eb:50:3a:c7:74:e7:64:af:64:f1:1c:06:
ac:81:a0:82:15:25:60:84:38:52:21:bd:7e:2f:de:98:9f:73:
1c:9b:af:8c:8d:5b:0f:0e:a9:28:ab:04:f7:c1:b9:c1:d9:48:
1e:e3:44:4a:98:c4:36:9b:94:3a:89:7d:dd:8f:a3:db:da:71:
91:f6:21:c6:c9:a9:e1:f7:09:b7:02:7f:8c:75:13:7a:48:44:
ab:49:04:69
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYzDSOcR7l4x5vzDT/ac5s5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MzM0NjFlOWQyYmRhZmNjMjlhZDkxODlmYjBhY2YxZjMz
OTYwYTkwHhcNMjQwMTAxMDQyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTljYjMyMTcyOGY1MjVkOTNkZGM0MzdhYjg4MzBhNmM0ODg4ZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYMHEe7SlUOezjv47r+/iV7rMTJm
AdPYWHaoRwaPAvs7Go3qk+2QI+AuLGjoauZBuZqyOZN7xvS3aSKjqqPuZfzQopps
05gz1gd+/rYDldTIsRkm3BqBwM65uNonLEUWAPrcGzAbxmZMafn3iNu406CGiIr0
cLClXGAy4O4/Vrm0bgqngetth66/3VgKhwAXEhvAbq/uZeFyftRVEHQa+OMb5Eev
qnnROxgIvzqV+YL6lUVDQAOclu0DSsvzvxXhAptbKiaXgugXjuNL6fZKlcbPkl9k
kxRgy8wvU3Og+cc5edYGhRKoFbymLNnsoA9YtjRCn1fvhxHUSGzvvvyZRwIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFBmcsyFyj1Jdk93EN6uIMKbEiI8NMB8GA1UdIwQY
MBaAFOgzRh6dK9r8wprZGJ+wrPHzOWCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkROR0hwMHIydnpDbXRrWW43Q3M4Zk01WUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS82NzExOTQtNTFjOC00YmNmLWJkODMt
YWVmZThkMTc4ZTZhLzEvR1p5eklYS1BVbDJUM2NRM3E0Z3dwc1NJancwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS82NzExOTQtNTFjOC00YmNmLWJkODMtYWVmZThkMTc4ZTZh
LzEvNkROR0hwMHIydnpDbXRrWW43Q3M4Zk01WUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBABV
zBMDBABWaA0DBABWadYDBABWah4DBABWaxcDBABWa6kDBAJZIRgDBABZISwDBABZ
IlwDBAJZJdQDBABZJ1MDBABZJ/YDBABZKEgDBAJZKSQDBANZKtgDBABZLIkDBABZ
LQ8DBABZLVMDBABZLzUDBAJZL/ADBABdczUDBAK5okADBAC80dYDBAC81c0DBAG8
1tIDBAC81tcDBAC81wIDBAK88BQDBAC88Y4DBAC88ZgwDQYJKoZIhvcNAQELBQAD
ggEBAE3peHz4hr6I2VN3W0bhwq+7BjI68cEmFzSG94vEKE7ftDNT8JoFQE4AswpN
pV5vZnQhD2Gw4C0CGvumFM33jeckvW81OTgtOI6rVq7M5Z5DgiEQ6jMYtCFC/xlw
XhO6FRj0FkcAVNvhp4GJGG3u6c5An9b/fKTTCJncW6bHJli7mKkkmZbZ1ezhAwZH
kp4cLm4q2GB77pPwcOLhVhBbckYO/8Y6vyUafetQOsd052SvZPEcBqyBoIIVJWCE
OFIhvX4v3pifcxybr4yNWw8OqSirBPfBucHZSB7jREqYxDablDqJfd2Po9vacZH2
IcbJqeH3CbcCf4x1E3pIRKtJBGk=
-----END CERTIFICATE-----
Generated at Tue Nov 26 05:37:40 2024 by rpki-client on console-ams.rpki-client.org