Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/jsw9-nAyHUfEhTofUi2t6rnjikA.roa
File: jsw9-nAyHUfEhTofUi2t6rnjikA.roa (raw, json)
Hash identifier: vHNLC21+H2nWxeBXx5gohR7xi7bMXGd71Y7hb023v7c=
Subject key identifier: 8E:CC:3D:FA:70:32:1D:47:C4:85:3A:1F:52:2D:AD:EA:B9:E3:8A:40
Certificate issuer: /CN=81812385b82dda0fd4826abb7aefeb0df3eb8ffd
Certificate serial: 018F9F6B0F8443DF51F31483CE97BD41AF55
Authority key identifier: 81:81:23:85:B8:2D:DA:0F:D4:82:6A:BB:7A:EF:EB:0D:F3:EB:8F:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/jsw9-nAyHUfEhTofUi2t6rnjikA.roa
Signing time: Wed 22 May 2024 08:29:04 +0000
ROA not before: Wed 22 May 2024 08:29:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21430
IP address blocks: 31.7.240.0/21 maxlen: 21
77.78.64.0/22 maxlen: 22
77.78.68.0/23 maxlen: 23
77.78.74.0/23 maxlen: 23
77.78.80.0/21 maxlen: 21
77.78.88.0/22 maxlen: 24
77.78.88.0/23 maxlen: 23
77.78.91.0/24 maxlen: 24
77.78.92.0/23 maxlen: 24
77.78.122.0/24 maxlen: 24
80.250.0.0/19 maxlen: 19
81.0.196.0/23 maxlen: 23
81.0.198.0/24 maxlen: 24
81.0.200.0/22 maxlen: 22
81.0.204.0/23 maxlen: 23
81.0.210.0/23 maxlen: 23
81.0.215.0/24 maxlen: 24
81.0.216.0/24 maxlen: 24
81.0.222.0/23 maxlen: 23
81.0.224.0/24 maxlen: 24
81.0.227.0/24 maxlen: 24
81.0.229.0/24 maxlen: 24
81.0.244.0/23 maxlen: 23
81.0.251.0/24 maxlen: 24
81.0.252.0/23 maxlen: 23
82.208.0.0/22 maxlen: 22
82.208.13.0/24 maxlen: 24
82.208.15.0/24 maxlen: 24
82.208.19.0/24 maxlen: 24
82.208.24.0/23 maxlen: 23
82.208.30.0/23 maxlen: 24
82.208.36.0/23 maxlen: 23
82.208.38.0/24 maxlen: 24
82.208.42.0/23 maxlen: 23
82.208.45.0/24 maxlen: 24
82.208.51.0/24 maxlen: 24
82.208.52.0/22 maxlen: 22
82.208.57.0/24 maxlen: 24
82.208.59.0/24 maxlen: 24
83.136.200.0/21 maxlen: 21
85.239.224.0/23 maxlen: 23
85.239.226.0/24 maxlen: 24
85.239.228.0/23 maxlen: 23
85.239.251.0/24 maxlen: 24
85.239.254.0/23 maxlen: 23
109.123.200.0/23 maxlen: 23
109.123.201.0/24 maxlen: 24
109.123.204.0/24 maxlen: 24
109.123.212.0/23 maxlen: 23
109.123.226.0/24 maxlen: 24
185.33.136.0/22 maxlen: 22
185.161.240.0/22 maxlen: 22
217.11.226.0/24 maxlen: 24
217.11.231.0/24 maxlen: 24
217.11.234.0/24 maxlen: 24
217.11.237.0/24 maxlen: 24
217.11.238.0/23 maxlen: 23
217.11.240.0/23 maxlen: 23
217.11.244.0/24 maxlen: 24
217.11.250.0/24 maxlen: 24
217.11.252.0/23 maxlen: 23
217.11.255.0/24 maxlen: 24
2a01:6400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.mft
rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9f:6b:0f:84:43:df:51:f3:14:83:ce:97:bd:41:af:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81812385b82dda0fd4826abb7aefeb0df3eb8ffd
Validity
Not Before: May 22 08:29:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ecc3dfa70321d47c4853a1f522dadeab9e38a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e4:46:73:a1:29:77:b6:92:a9:9f:7b:74:4b:
49:67:de:ef:8c:59:c2:40:60:ee:5e:f7:05:6f:08:
02:98:db:2e:08:e9:2a:52:b8:8a:ee:9f:ad:87:3a:
9f:d6:31:a8:63:28:11:f6:8a:23:fe:bf:6f:3b:ed:
06:71:b0:3e:2b:c2:f9:bb:bc:38:e6:08:d9:e8:86:
37:c4:62:9c:d3:38:e2:90:3a:9e:a5:c2:61:7e:17:
0b:50:17:f1:ff:2e:19:2b:0b:df:6b:8c:83:06:f2:
c6:f1:10:86:e4:d8:a1:ad:28:31:28:3f:9c:70:6c:
b8:f1:6e:a5:16:13:e7:af:9a:8f:cc:bf:18:23:5e:
c3:0e:f8:66:4d:0c:76:2c:49:8a:a8:d5:48:8d:a3:
a6:50:95:3d:71:50:a5:73:5d:cd:70:dc:a4:2f:72:
68:0f:5c:d4:c7:9a:08:28:8b:2a:22:57:db:38:f9:
37:a8:a5:17:5c:2a:01:2f:ce:d0:46:48:23:c1:3c:
7a:bc:d3:60:bb:52:cf:be:86:78:36:97:36:84:c1:
69:df:5d:82:8a:f8:ce:f9:c9:4c:c8:eb:f4:fe:29:
f5:a0:c5:1e:83:70:56:80:3b:90:74:0f:1e:28:1a:
d4:c7:c0:ce:83:eb:c7:07:26:3e:aa:e4:42:71:f8:
d8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:CC:3D:FA:70:32:1D:47:C4:85:3A:1F:52:2D:AD:EA:B9:E3:8A:40
X509v3 Authority Key Identifier:
keyid:81:81:23:85:B8:2D:DA:0F:D4:82:6A:BB:7A:EF:EB:0D:F3:EB:8F:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/jsw9-nAyHUfEhTofUi2t6rnjikA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.240.0/21
77.78.64.0-77.78.69.255
77.78.74.0/23
77.78.80.0-77.78.93.255
77.78.122.0/24
80.250.0.0/19
81.0.196.0-81.0.198.255
81.0.200.0-81.0.205.255
81.0.210.0/23
81.0.215.0-81.0.216.255
81.0.222.0-81.0.224.255
81.0.227.0/24
81.0.229.0/24
81.0.244.0/23
81.0.251.0-81.0.253.255
82.208.0.0/22
82.208.13.0/24
82.208.15.0/24
82.208.19.0/24
82.208.24.0/23
82.208.30.0/23
82.208.36.0-82.208.38.255
82.208.42.0/23
82.208.45.0/24
82.208.51.0-82.208.55.255
82.208.57.0/24
82.208.59.0/24
83.136.200.0/21
85.239.224.0-85.239.226.255
85.239.228.0/23
85.239.251.0/24
85.239.254.0/23
109.123.200.0/23
109.123.204.0/24
109.123.212.0/23
109.123.226.0/24
185.33.136.0/22
185.161.240.0/22
217.11.226.0/24
217.11.231.0/24
217.11.234.0/24
217.11.237.0-217.11.241.255
217.11.244.0/24
217.11.250.0/24
217.11.252.0/23
217.11.255.0/24
IPv6:
2a01:6400::/32
Signature Algorithm: sha256WithRSAEncryption
65:c0:b0:38:fd:b4:48:eb:c8:f8:3b:a3:3d:5d:80:3a:49:42:
5d:fb:c8:35:e5:ac:b3:88:70:e9:88:27:26:86:94:1f:9c:c1:
37:11:f4:67:d4:4d:e8:47:bb:5e:a7:78:cf:b0:4d:95:59:32:
5a:e5:0d:cd:9a:77:49:03:00:6a:b1:73:c2:18:ad:c5:f4:d8:
62:ee:f9:d8:f4:6c:6b:df:b7:a6:55:3d:73:c2:e2:81:ba:91:
d1:de:65:f9:eb:51:ea:a9:59:7b:1a:73:15:7e:74:8e:b3:3d:
e6:9e:f2:fb:8a:0e:51:9d:9f:86:c6:9e:7b:9f:e1:e4:b8:78:
ba:9f:c7:71:c8:0f:a8:70:75:7d:a1:6a:b7:ba:2c:ff:e0:d9:
63:1f:2d:50:45:ab:a4:01:38:2f:58:94:ef:eb:29:06:67:ac:
bd:61:c0:80:a7:c4:fc:d1:16:35:df:5e:25:95:b2:a8:2a:d6:
e1:ab:16:15:4e:be:46:c2:69:e1:76:46:91:b2:30:69:c1:35:
76:95:1c:e2:6a:e2:a7:44:e5:78:3a:26:db:82:86:22:fd:6a:
b5:e4:c8:b5:36:90:cd:30:f4:fa:f9:25:9f:c4:ef:b0:de:6a:
c8:39:36:c0:f3:be:79:cc:0f:28:2b:d9:e6:24:9d:77:5a:cc:
ba:a7:f3:85
-----BEGIN CERTIFICATE-----
MIIGfDCCBWSgAwIBAgISAY+faw+EQ99R8xSDzpe9Qa9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxODEyMzg1YjgyZGRhMGZkNDgyNmFiYjdhZWZlYjBkZjNl
YjhmZmQwHhcNMjQwNTIyMDgyOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWNjM2RmYTcwMzIxZDQ3YzQ4NTNhMWY1MjJkYWRlYWI5ZTM4YTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuRGc6Epd7aSqZ97dEtJZ97vjFnC
QGDuXvcFbwgCmNsuCOkqUriK7p+thzqf1jGoYygR9ooj/r9vO+0GcbA+K8L5u7w4
5gjZ6IY3xGKc0zjikDqepcJhfhcLUBfx/y4ZKwvfa4yDBvLG8RCG5NihrSgxKD+c
cGy48W6lFhPnr5qPzL8YI17DDvhmTQx2LEmKqNVIjaOmUJU9cVClc13NcNykL3Jo
D1zUx5oIKIsqIlfbOPk3qKUXXCoBL87QRkgjwTx6vNNgu1LPvoZ4Npc2hMFp312C
ivjO+clMyOv0/in1oMUeg3BWgDuQdA8eKBrUx8DOg+vHByY+quRCcfjYIQIDAQAB
o4IDiDCCA4QwHQYDVR0OBBYEFI7MPfpwMh1HxIU6H1Itreq544pAMB8GA1UdIwQY
MBaAFIGBI4W4LdoP1IJqu3rv6w3z64/9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1lFamhiZ3QyZ19VZ21xN2V1X3JEZlByal8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8wMDkwNzQtNjZmNi00ZDRkLTk3NGEt
ZGEyZWM4Y2ZiODg4LzEvanN3OS1uQXlIVWZFaFRvZlVpMnQ2cm5qaWtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8wMDkwNzQtNjZmNi00ZDRkLTk3NGEtZGEyZWM4Y2ZiODg4
LzEvZ1lFamhiZ3QyZ19VZ21xN2V1X3JEZlByal8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBnAYIKwYBBQUHAQcBAf8EggGLMIIBhzCCAXQEAgABMIIB
bAMEAx8H8DAMAwQGTU5AAwQBTU5EAwQBTU5KMAwDBARNTlADBAFNTlwDBABNTnoD
BAVQ+gAwDAMEAlEAxAMEAFEAxjAMAwQDUQDIAwQBUQDMAwQBUQDSMAwDBABRANcD
BABRANgwDAMEAVEA3gMEAFEA4AMEAFEA4wMEAFEA5QMEAVEA9DAMAwQAUQD7AwQB
UQD8AwQCUtAAAwQAUtANAwQAUtAPAwQAUtATAwQBUtAYAwQBUtAeMAwDBAJS0CQD
BABS0CYDBAFS0CoDBABS0C0wDAMEAFLQMwMEA1LQMAMEAFLQOQMEAFLQOwMEA1OI
yDAMAwQFVe/gAwQAVe/iAwQBVe/kAwQAVe/7AwQBVe/+AwQBbXvIAwQAbXvMAwQB
bXvUAwQAbXviAwQCuSGIAwQCuaHwAwQA2QviAwQA2QvnAwQA2QvqMAwDBADZC+0D
BAHZC/ADBADZC/QDBADZC/oDBAHZC/wDBADZC/8wDQQCAAIwBwMFACoBZAAwDQYJ
KoZIhvcNAQELBQADggEBAGXAsDj9tEjryPg7oz1dgDpJQl37yDXlrLOIcOmIJyaG
lB+cwTcR9GfUTehHu16neM+wTZVZMlrlDc2ad0kDAGqxc8IYrcX02GLu+dj0bGvf
t6ZVPXPC4oG6kdHeZfnrUeqpWXsacxV+dI6zPeae8vuKDlGdn4bGnnuf4eS4eLqf
x3HID6hwdX2hare6LP/g2WMfLVBFq6QBOC9YlO/rKQZnrL1hwICnxPzRFjXfXiWV
sqgq1uGrFhVOvkbCaeF2RpGyMGnBNXaVHOJq4qdE5Xg6JtuChiL9arXkyLU2kM0w
9Pr5JZ/E77Deasg5NsDzvnnMDygr2eYknXdazLqn84U=
-----END CERTIFICATE-----
Generated at Sat Nov 23 17:13:34 2024 by rpki-client on console-ams.rpki-client.org