Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/zCN1Bjqy4ZpfGDaek4p07kjYuzc.roa
File: zCN1Bjqy4ZpfGDaek4p07kjYuzc.roa (raw, json)
Hash identifier: Pg10Pm+tTSzZGyo1I7hwEn835o59mFVPW4wZmd8MZho=
Subject key identifier: CC:23:75:06:3A:B2:E1:9A:5F:18:36:9E:93:8A:74:EE:48:D8:BB:37
Certificate issuer: /CN=38f9c54f19193e06548163f895c3a46b9f8bfbb5
Certificate serial: 018D1D1ACB024053DA9DA447BF6955BAD0A5
Authority key identifier: 38:F9:C5:4F:19:19:3E:06:54:81:63:F8:95:C3:A4:6B:9F:8B:FB:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OPnFTxkZPgZUgWP4lcOka5-L-7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/zCN1Bjqy4ZpfGDaek4p07kjYuzc.roa
Signing time: Thu 18 Jan 2024 15:05:11 +0000
ROA not before: Thu 18 Jan 2024 15:05:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6799
IP address blocks: 2.84.0.0/14 maxlen: 14
2.84.0.0/16 maxlen: 16
2.84.64.0/19 maxlen: 19
2.85.0.0/16 maxlen: 16
2.86.0.0/16 maxlen: 16
2.86.64.0/19 maxlen: 19
2.87.0.0/16 maxlen: 16
31.217.160.0/19 maxlen: 19
45.139.212.0/22 maxlen: 22
45.139.212.0/23 maxlen: 23
45.139.214.0/23 maxlen: 23
62.103.0.0/16 maxlen: 16
62.103.0.0/24 maxlen: 24
62.103.146.0/24 maxlen: 24
62.103.147.0/24 maxlen: 24
62.103.163.0/24 maxlen: 24
62.103.228.0/24 maxlen: 24
79.128.0.0/14 maxlen: 14
79.128.0.0/16 maxlen: 16
79.128.176.0/24 maxlen: 24
79.128.177.0/24 maxlen: 24
79.128.178.0/24 maxlen: 24
79.128.179.0/24 maxlen: 24
79.128.180.0/24 maxlen: 24
79.128.181.0/24 maxlen: 24
79.128.182.0/24 maxlen: 24
79.128.183.0/24 maxlen: 24
79.128.184.0/24 maxlen: 24
79.128.185.0/24 maxlen: 24
79.128.186.0/24 maxlen: 24
79.128.187.0/24 maxlen: 24
79.128.188.0/24 maxlen: 24
79.128.190.0/24 maxlen: 24
79.128.191.0/24 maxlen: 24
79.128.192.0/24 maxlen: 24
79.128.193.0/24 maxlen: 24
79.128.194.0/24 maxlen: 24
79.128.195.0/24 maxlen: 24
79.128.196.0/24 maxlen: 24
79.128.197.0/24 maxlen: 24
79.128.198.0/24 maxlen: 24
79.128.199.0/24 maxlen: 24
79.128.200.0/24 maxlen: 24
79.128.201.0/24 maxlen: 24
79.128.202.0/24 maxlen: 24
79.128.203.0/24 maxlen: 24
79.129.0.0/16 maxlen: 16
79.130.0.0/16 maxlen: 16
79.130.0.0/19 maxlen: 19
79.130.64.0/19 maxlen: 19
79.131.0.0/16 maxlen: 16
79.131.32.0/19 maxlen: 19
80.106.0.0/15 maxlen: 15
80.106.0.0/16 maxlen: 16
80.106.4.0/23 maxlen: 23
80.106.6.0/24 maxlen: 24
80.106.217.0/24 maxlen: 24
80.106.237.0/24 maxlen: 24
80.107.0.0/16 maxlen: 24
80.107.91.0/24 maxlen: 24
80.107.116.0/22 maxlen: 22
80.107.204.0/24 maxlen: 24
83.235.0.0/16 maxlen: 16
83.235.64.0/24 maxlen: 24
83.235.67.0/24 maxlen: 24
83.235.70.0/24 maxlen: 24
83.235.71.0/24 maxlen: 24
83.235.72.0/24 maxlen: 24
83.235.73.0/24 maxlen: 24
83.235.74.0/24 maxlen: 24
83.235.75.0/24 maxlen: 24
83.235.76.0/24 maxlen: 24
83.235.77.0/24 maxlen: 24
85.72.0.0/14 maxlen: 14
85.72.0.0/16 maxlen: 16
85.73.0.0/16 maxlen: 16
85.73.128.0/18 maxlen: 18
85.73.192.0/18 maxlen: 18
85.74.0.0/16 maxlen: 16
85.74.160.0/20 maxlen: 20
85.74.192.0/19 maxlen: 19
85.75.0.0/16 maxlen: 16
85.75.0.0/18 maxlen: 18
85.75.80.0/21 maxlen: 21
85.75.112.0/21 maxlen: 21
85.75.224.0/20 maxlen: 20
87.202.0.0/15 maxlen: 15
87.202.0.0/16 maxlen: 16
87.202.96.0/19 maxlen: 19
87.202.128.0/18 maxlen: 18
87.203.0.0/16 maxlen: 16
87.203.64.0/18 maxlen: 18
94.64.0.0/13 maxlen: 13
94.64.0.0/16 maxlen: 16
94.65.0.0/16 maxlen: 16
94.66.0.0/16 maxlen: 16
94.66.56.0/22 maxlen: 22
94.66.96.0/20 maxlen: 20
94.66.96.0/22 maxlen: 22
94.66.128.0/18 maxlen: 18
94.66.220.0/22 maxlen: 22
94.67.0.0/16 maxlen: 16
94.67.128.0/17 maxlen: 17
94.68.0.0/16 maxlen: 16
94.69.0.0/16 maxlen: 16
94.69.64.0/19 maxlen: 19
94.70.0.0/16 maxlen: 16
94.70.0.0/19 maxlen: 20
94.71.0.0/16 maxlen: 16
178.146.0.0/15 maxlen: 15
178.146.0.0/16 maxlen: 16
178.147.0.0/16 maxlen: 16
185.44.144.0/22 maxlen: 22
185.44.144.0/23 maxlen: 23
185.44.146.0/23 maxlen: 23
195.167.0.0/17 maxlen: 17
195.167.92.0/24 maxlen: 24
195.170.0.0/19 maxlen: 19
195.170.0.0/24 maxlen: 24
195.170.2.0/24 maxlen: 24
212.205.0.0/16 maxlen: 16
212.205.221.0/24 maxlen: 24
217.195.128.0/20 maxlen: 20
217.195.128.0/21 maxlen: 21
217.195.128.0/22 maxlen: 22
2a02:580::/29 maxlen: 29
2a02:582:1800::/38 maxlen: 38
2a02:582:4800::/38 maxlen: 38
2a02:582:5800::/38 maxlen: 38
2a02:582:7000::/38 maxlen: 38
2a02:586::/35 maxlen: 35
2a02:586:2000::/36 maxlen: 36
2a02:586:3000::/36 maxlen: 36
2a02:586:4000::/34 maxlen: 34
2a02:586:8000::/34 maxlen: 34
2a02:586:c000::/34 maxlen: 34
2a02:587::/35 maxlen: 35
2a02:587:1800::/38 maxlen: 38
2a02:587:2000::/36 maxlen: 36
2a02:587:3000::/36 maxlen: 36
2a02:587:4000::/34 maxlen: 34
2a02:587:4800::/38 maxlen: 38
2a02:587:4c00::/38 maxlen: 38
2a02:587:501a::/48 maxlen: 48
2a02:587:501d::/48 maxlen: 48
2a02:587:501e::/48 maxlen: 48
2a02:587:50da::/48 maxlen: 48
2a02:587:50f7::/48 maxlen: 48
2a02:587:50fa::/48 maxlen: 48
2a02:587:5400::/38 maxlen: 38
2a02:587:5800::/38 maxlen: 38
2a02:587:5c00::/38 maxlen: 38
2a02:587:6000::/38 maxlen: 38
2a02:587:6400::/38 maxlen: 38
2a02:587:8000::/34 maxlen: 34
2a02:587:8400::/40 maxlen: 40
2a02:587:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/OPnFTxkZPgZUgWP4lcOka5-L-7U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/OPnFTxkZPgZUgWP4lcOka5-L-7U.mft
rsync://rpki.ripe.net/repository/DEFAULT/OPnFTxkZPgZUgWP4lcOka5-L-7U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1d:1a:cb:02:40:53:da:9d:a4:47:bf:69:55:ba:d0:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38f9c54f19193e06548163f895c3a46b9f8bfbb5
Validity
Not Before: Jan 18 15:05:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc2375063ab2e19a5f18369e938a74ee48d8bb37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:54:c0:33:d6:01:a8:73:ad:ed:3c:18:3e:aa:
94:38:a2:aa:35:ec:b8:bb:d5:b4:f8:61:11:a3:a8:
30:ec:21:8b:a3:61:d3:e6:16:0d:80:bd:bf:1a:b9:
dd:2f:4a:f5:fe:fe:50:81:1f:f4:83:b0:19:17:61:
6e:0c:fc:9f:d3:66:81:73:f9:8a:29:6a:23:41:a5:
47:2a:92:a7:9f:2f:b1:b8:dc:29:52:ba:31:d9:1b:
8c:7d:4a:83:33:79:43:c3:4f:ec:60:1e:8a:07:9c:
0f:09:a0:62:d0:ad:c7:4a:30:7f:1a:72:b0:84:40:
46:c1:de:2d:be:38:98:b8:8a:7a:4b:52:fa:d3:13:
e3:b7:ef:ca:e5:2c:28:53:3c:89:5d:47:73:f4:43:
b8:a2:8b:20:9d:81:ba:71:66:18:b3:61:76:c4:03:
47:9f:9c:c7:80:e4:b8:45:1e:e1:04:a5:4c:06:b7:
63:0f:7f:15:c3:c4:e0:e4:69:f1:cf:81:8e:83:9a:
2e:ba:e4:e3:cd:08:71:4b:7f:9e:41:71:34:05:a7:
fb:c6:b0:d1:52:2a:5e:d4:f2:b3:0b:d0:2b:dd:40:
42:12:18:7c:a4:e9:36:9c:e0:ed:26:ef:4d:03:88:
19:f1:ea:95:9f:b6:27:12:5d:10:c7:56:ed:d0:66:
9d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:23:75:06:3A:B2:E1:9A:5F:18:36:9E:93:8A:74:EE:48:D8:BB:37
X509v3 Authority Key Identifier:
keyid:38:F9:C5:4F:19:19:3E:06:54:81:63:F8:95:C3:A4:6B:9F:8B:FB:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPnFTxkZPgZUgWP4lcOka5-L-7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/zCN1Bjqy4ZpfGDaek4p07kjYuzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/OPnFTxkZPgZUgWP4lcOka5-L-7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.84.0.0/14
31.217.160.0/19
45.139.212.0/22
62.103.0.0/16
79.128.0.0/14
80.106.0.0/15
83.235.0.0/16
85.72.0.0/14
87.202.0.0/15
94.64.0.0/13
178.146.0.0/15
185.44.144.0/22
195.167.0.0/17
195.170.0.0/19
212.205.0.0/16
217.195.128.0/20
IPv6:
2a02:580::/29
Signature Algorithm: sha256WithRSAEncryption
09:b5:e1:64:40:cd:79:eb:20:0a:6a:e5:03:30:b7:94:ab:8c:
bd:3d:b5:29:95:1e:3d:63:1f:9a:ee:f4:07:db:bd:78:92:ab:
28:03:4c:6d:78:cd:58:f3:86:28:e3:fa:33:ac:8b:86:2e:78:
fb:93:a7:b6:6f:a6:82:9b:b8:b4:cd:dc:0e:37:95:10:ba:52:
d9:41:30:c1:39:cf:11:7b:25:5b:a3:4b:ac:16:f0:87:f3:dd:
a0:4e:3c:ec:47:8e:3e:7a:28:9d:e0:52:0a:b7:94:66:46:38:
bb:81:26:d7:de:e2:76:3d:45:e0:dd:e0:22:49:2b:f2:b8:a6:
d1:66:ab:3e:c9:40:b5:b0:15:b9:b2:3d:99:60:9a:8a:f9:9c:
51:df:20:d3:e1:8e:b1:2b:54:86:48:35:2b:c2:ce:8c:f9:9b:
1f:8c:35:a2:d0:43:84:e8:85:c8:69:ee:2f:c3:cd:d0:bf:05:
70:16:8d:0c:b8:cf:f2:e1:7f:e8:93:29:cf:46:ff:8e:cb:da:
5b:e5:60:3c:41:43:61:fc:50:f9:b8:5e:91:2d:24:20:77:a0:
cd:64:49:37:4d:da:46:18:1f:4e:e3:06:d1:80:2a:43:31:83:
a8:a5:bb:90:0c:7d:b5:75:52:27:80:5d:92:cc:44:8c:3b:11:
f0:4b:b9:04
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAY0dGssCQFPanaRHv2lVutClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZjljNTRmMTkxOTNlMDY1NDgxNjNmODk1YzNhNDZiOWY4
YmZiYjUwHhcNMjQwMTE4MTUwNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzIzNzUwNjNhYjJlMTlhNWYxODM2OWU5MzhhNzRlZTQ4ZDhiYjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1TAM9YBqHOt7TwYPqqUOKKqNey4
u9W0+GERo6gw7CGLo2HT5hYNgL2/GrndL0r1/v5QgR/0g7AZF2FuDPyf02aBc/mK
KWojQaVHKpKnny+xuNwpUrox2RuMfUqDM3lDw0/sYB6KB5wPCaBi0K3HSjB/GnKw
hEBGwd4tvjiYuIp6S1L60xPjt+/K5SwoUzyJXUdz9EO4oosgnYG6cWYYs2F2xANH
n5zHgOS4RR7hBKVMBrdjD38Vw8Tg5Gnxz4GOg5ouuuTjzQhxS3+eQXE0Baf7xrDR
Uipe1PKzC9Ar3UBCEhh8pOk2nODtJu9NA4gZ8eqVn7YnEl0Qx1bt0GadowIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFMwjdQY6suGaXxg2npOKdO5I2Ls3MB8GA1UdIwQY
MBaAFDj5xU8ZGT4GVIFj+JXDpGufi/u1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1BuRlR4a1pQZ1pVZ1dQNGxjT2thNS1MLTdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9mMGI2YmEtODY3NS00OTFjLTg1OTMt
NzI0OTQ5YjQ2MGU5LzEvekNOMUJqcXk0WnBmR0RhZWs0cDA3a2pZdXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9mMGI2YmEtODY3NS00OTFjLTg1OTMtNzI0OTQ5YjQ2MGU5
LzEvT1BuRlR4a1pQZ1pVZ1dQNGxjT2thNS1MLTdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWAwMCAlQDBAUf
2aADBAIti9QDAwA+ZwMDAk+AAwMBUGoDAwBT6wMDAlVIAwMBV8oDAwNeQAMDAbKS
AwQCuSyQAwQHw6cAAwQFw6oAAwMA1M0DBATZw4AwDQQCAAIwBwMFAyoCBYAwDQYJ
KoZIhvcNAQELBQADggEBAAm14WRAzXnrIApq5QMwt5SrjL09tSmVHj1jH5ru9Afb
vXiSqygDTG14zVjzhijj+jOsi4YuePuTp7ZvpoKbuLTN3A43lRC6UtlBMME5zxF7
JVujS6wW8Ifz3aBOPOxHjj56KJ3gUgq3lGZGOLuBJtfe4nY9ReDd4CJJK/K4ptFm
qz7JQLWwFbmyPZlgmor5nFHfINPhjrErVIZINSvCzoz5mx+MNaLQQ4Tohchp7i/D
zdC/BXAWjQy4z/Lhf+iTKc9G/47L2lvlYDxBQ2H8UPm4XpEtJCB3oM1kSTdN2kYY
H07jBtGAKkMxg6ilu5AMfbV1UieAXZLMRIw7EfBLuQQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:43:05 2024 by rpki-client on console-fra.rpki-client.org