Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/Jc66soDi4DbJsGRtQhAwIKRS4Jg.roa
File: Jc66soDi4DbJsGRtQhAwIKRS4Jg.roa (raw, json)
Hash identifier: WdZoOP/aqx1AgwwAl+iDuGTzEY+T9P9Vs0ZZpHFevro=
Subject key identifier: 25:CE:BA:B2:80:E2:E0:36:C9:B0:64:6D:42:10:30:20:A4:52:E0:98
Certificate issuer: /CN=07a6a589ee848a8052238191b98035e775122725
Certificate serial: 019223FA4B30FA3D5DC74C8EC1C844DF7FA0
Authority key identifier: 07:A6:A5:89:EE:84:8A:80:52:23:81:91:B9:80:35:E7:75:12:27:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B6alie6EioBSI4GRuYA153USJyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/Jc66soDi4DbJsGRtQhAwIKRS4Jg.roa
Signing time: Tue 24 Sep 2024 12:20:58 +0000
ROA not before: Tue 24 Sep 2024 12:20:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210218
IP address blocks: 2.58.93.0/24 maxlen: 24
2.58.94.0/24 maxlen: 24
2.58.136.0/23 maxlen: 23
2.58.138.0/23 maxlen: 23
2.59.248.0/22 maxlen: 22
31.13.194.0/24 maxlen: 24
31.13.249.0/24 maxlen: 24
31.13.250.0/23 maxlen: 23
31.13.252.0/22 maxlen: 22
45.8.74.0/23 maxlen: 23
45.12.248.0/22 maxlen: 22
45.139.100.0/22 maxlen: 22
45.143.100.0/22 maxlen: 22
45.149.232.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
77.75.56.0/23 maxlen: 23
77.75.58.0/23 maxlen: 23
78.40.160.0/22 maxlen: 22
78.40.164.0/22 maxlen: 22
80.249.124.0/22 maxlen: 22
87.120.46.0/23 maxlen: 23
87.120.63.0/24 maxlen: 24
87.120.64.0/24 maxlen: 24
87.120.65.0/24 maxlen: 24
87.120.66.0/24 maxlen: 24
87.120.85.0/24 maxlen: 24
87.120.86.0/24 maxlen: 24
87.120.96.0/23 maxlen: 23
87.120.111.0/24 maxlen: 24
87.120.177.0/24 maxlen: 24
87.120.218.0/24 maxlen: 24
87.120.224.0/24 maxlen: 24
87.120.226.0/24 maxlen: 24
87.120.232.0/22 maxlen: 22
87.121.19.0/24 maxlen: 24
87.121.36.0/23 maxlen: 23
87.121.59.0/24 maxlen: 24
87.121.66.0/23 maxlen: 23
87.121.68.0/24 maxlen: 24
87.121.116.0/24 maxlen: 24
87.121.148.0/23 maxlen: 23
91.92.3.0/24 maxlen: 24
91.92.24.0/24 maxlen: 24
91.92.25.0/24 maxlen: 24
91.197.196.0/22 maxlen: 22
91.243.184.0/22 maxlen: 22
92.249.51.0/24 maxlen: 24
93.123.68.0/22 maxlen: 22
93.123.86.0/23 maxlen: 23
93.123.108.0/24 maxlen: 24
94.154.174.0/23 maxlen: 23
94.156.16.0/22 maxlen: 22
94.156.32.0/24 maxlen: 24
94.156.48.0/21 maxlen: 21
94.156.95.0/24 maxlen: 24
94.156.108.0/22 maxlen: 22
94.156.168.0/23 maxlen: 23
94.156.182.0/23 maxlen: 23
94.156.184.0/24 maxlen: 24
94.156.187.0/24 maxlen: 24
94.156.192.0/23 maxlen: 23
94.156.234.0/23 maxlen: 23
94.156.240.0/22 maxlen: 22
94.156.246.0/23 maxlen: 23
94.240.56.0/22 maxlen: 22
95.214.124.0/23 maxlen: 23
95.214.126.0/23 maxlen: 23
109.206.238.0/24 maxlen: 24
141.98.0.0/24 maxlen: 24
164.40.184.0/24 maxlen: 24
164.40.186.0/23 maxlen: 23
171.22.29.0/24 maxlen: 24
176.125.252.0/24 maxlen: 24
176.125.253.0/24 maxlen: 24
178.175.184.0/21 maxlen: 21
178.175.184.0/22 maxlen: 22
185.171.148.0/22 maxlen: 22
185.221.66.0/24 maxlen: 24
185.225.72.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
185.252.178.0/24 maxlen: 24
193.19.200.0/22 maxlen: 22
193.36.232.0/22 maxlen: 22
193.37.43.0/24 maxlen: 24
193.37.46.0/24 maxlen: 24
193.46.172.0/22 maxlen: 22
193.56.16.0/22 maxlen: 22
193.56.248.0/22 maxlen: 22
193.58.184.0/22 maxlen: 22
193.207.0.0/24 maxlen: 24
193.207.1.0/24 maxlen: 24
193.207.2.0/24 maxlen: 24
193.207.9.0/24 maxlen: 24
193.207.10.0/24 maxlen: 24
193.207.11.0/24 maxlen: 24
193.207.12.0/24 maxlen: 24
193.207.13.0/24 maxlen: 24
193.207.16.0/21 maxlen: 21
194.48.249.0/24 maxlen: 24
194.76.204.0/22 maxlen: 22
194.147.8.0/22 maxlen: 22
194.180.50.0/24 maxlen: 24
195.178.120.0/24 maxlen: 24
195.225.120.0/22 maxlen: 22
212.22.128.0/19 maxlen: 19
212.24.0.0/19 maxlen: 19
212.73.135.0/24 maxlen: 24
2a09:e6c0::/29 maxlen: 29
2a09:e6c0::/48 maxlen: 48
2a09:e6c7:f800::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/B6alie6EioBSI4GRuYA153USJyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/B6alie6EioBSI4GRuYA153USJyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/B6alie6EioBSI4GRuYA153USJyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:23:fa:4b:30:fa:3d:5d:c7:4c:8e:c1:c8:44:df:7f:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07a6a589ee848a8052238191b98035e775122725
Validity
Not Before: Sep 24 12:20:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25cebab280e2e036c9b0646d42103020a452e098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:be:44:90:04:e4:02:e0:e7:04:f4:60:b9:7a:
70:d3:d1:65:90:f1:ae:16:b9:98:02:e1:ef:62:a8:
b3:f8:11:61:90:4c:4d:7f:7f:66:1e:2e:ef:9e:02:
5e:a7:84:bb:fb:2e:3e:e4:12:cf:92:30:73:02:b8:
0f:4d:ed:95:35:cf:3a:32:2b:74:42:d0:0c:62:ac:
b3:c8:94:c6:22:7c:3b:fd:ce:d7:ee:76:cd:05:8b:
fc:bd:9a:81:4a:4e:b1:4b:ae:b5:c1:74:f5:1e:da:
4a:84:02:ee:23:77:80:fc:8b:bf:e4:06:6a:26:46:
62:93:ae:1d:53:ad:23:ef:a1:ea:84:4f:a6:8a:fe:
be:58:99:c7:b9:af:df:49:c8:5d:4c:d6:f6:77:77:
78:9f:84:95:9a:5b:27:d9:92:1a:e1:01:b4:b1:5b:
48:43:bc:0b:26:a1:bd:8c:61:bf:c0:0d:dd:77:e7:
02:c1:a6:4d:1b:2c:b4:48:c3:d8:5d:89:d9:29:7c:
3a:86:f0:36:fc:4a:e9:a9:73:c2:6c:0e:f5:30:e1:
2b:0d:c3:78:fd:a9:75:1a:91:86:0f:01:4c:22:4b:
04:b9:e3:b9:bb:69:cd:19:bc:5c:a3:87:16:81:af:
5e:06:1a:f7:aa:dc:49:59:1f:d4:ca:c4:86:73:d8:
d8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:CE:BA:B2:80:E2:E0:36:C9:B0:64:6D:42:10:30:20:A4:52:E0:98
X509v3 Authority Key Identifier:
keyid:07:A6:A5:89:EE:84:8A:80:52:23:81:91:B9:80:35:E7:75:12:27:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6alie6EioBSI4GRuYA153USJyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/Jc66soDi4DbJsGRtQhAwIKRS4Jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/B6alie6EioBSI4GRuYA153USJyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.93.0-2.58.94.255
2.58.136.0/22
2.59.248.0/22
31.13.194.0/24
31.13.249.0-31.13.255.255
45.8.74.0/23
45.12.248.0/22
45.139.100.0/22
45.143.100.0/22
45.149.232.0/23
77.75.56.0/22
78.40.160.0/21
80.249.124.0/22
87.120.46.0/23
87.120.63.0-87.120.66.255
87.120.85.0-87.120.86.255
87.120.96.0/23
87.120.111.0/24
87.120.177.0/24
87.120.218.0/24
87.120.224.0/24
87.120.226.0/24
87.120.232.0/22
87.121.19.0/24
87.121.36.0/23
87.121.59.0/24
87.121.66.0-87.121.68.255
87.121.116.0/24
87.121.148.0/23
91.92.3.0/24
91.92.24.0/23
91.197.196.0/22
91.243.184.0/22
92.249.51.0/24
93.123.68.0/22
93.123.86.0/23
93.123.108.0/24
94.154.174.0/23
94.156.16.0/22
94.156.32.0/24
94.156.48.0/21
94.156.95.0/24
94.156.108.0/22
94.156.168.0/23
94.156.182.0-94.156.184.255
94.156.187.0/24
94.156.192.0/23
94.156.234.0/23
94.156.240.0/22
94.156.246.0/23
94.240.56.0/22
95.214.124.0/22
109.206.238.0/24
141.98.0.0/24
164.40.184.0/24
164.40.186.0/23
171.22.29.0/24
176.125.252.0/23
178.175.184.0/21
185.171.148.0/22
185.221.66.0/24
185.225.72.0/23
185.252.178.0/24
193.19.200.0/22
193.36.232.0/22
193.37.43.0/24
193.37.46.0/24
193.46.172.0/22
193.56.16.0/22
193.56.248.0/22
193.58.184.0/22
193.207.0.0-193.207.2.255
193.207.9.0-193.207.13.255
193.207.16.0/21
194.48.249.0/24
194.76.204.0/22
194.147.8.0/22
194.180.50.0/24
195.178.120.0/24
195.225.120.0/22
212.22.128.0/19
212.24.0.0/19
212.73.135.0/24
IPv6:
2a09:e6c0::/29
Signature Algorithm: sha256WithRSAEncryption
30:1c:65:c3:d5:25:23:b4:12:27:be:76:31:42:2f:9a:b4:27:
92:fe:bd:ad:d5:b2:18:98:21:a9:ae:e8:16:a1:fd:fd:69:88:
ff:4b:91:b3:33:c2:5a:25:e5:c3:c1:ad:f2:00:a3:0b:52:0d:
72:77:2c:f4:d2:0a:db:03:ec:ec:6b:a7:01:e0:d3:a6:8e:df:
18:89:14:0a:03:cf:be:a1:bb:f5:44:43:e8:c6:40:cd:e0:01:
bc:99:a2:73:1b:3e:49:9c:39:dc:7c:92:da:1b:fc:7c:b4:4d:
42:6b:ca:ad:5c:a0:99:e7:41:32:02:1c:18:08:d3:1a:7f:d2:
9b:94:de:5a:0e:c2:40:b9:07:54:54:aa:80:d7:fd:4c:b4:c0:
03:01:37:11:bd:a2:7f:b1:b7:3b:45:27:5b:49:01:7d:c4:e6:
3a:20:69:1e:e3:4f:c6:62:83:c6:66:1a:8e:7a:ec:56:da:44:
84:e0:05:54:bf:57:ef:37:29:96:67:af:aa:9f:95:1a:22:34:
15:fd:88:9d:76:f9:93:21:1e:4a:3f:af:0b:f8:9a:03:dc:99:
6d:9f:d7:07:e7:eb:98:8f:b8:03:62:cc:58:39:0d:3a:04:66:
4e:b6:a8:48:cb:23:e7:5f:9a:60:09:32:e7:8e:28:1c:15:9c:
1e:c3:07:4b
-----BEGIN CERTIFICATE-----
MIIHQDCCBiigAwIBAgISAZIj+ksw+j1dx0yOwchE33+gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YTZhNTg5ZWU4NDhhODA1MjIzODE5MWI5ODAzNWU3NzUx
MjI3MjUwHhcNMjQwOTI0MTIyMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWNlYmFiMjgwZTJlMDM2YzliMDY0NmQ0MjEwMzAyMGE0NTJlMDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyb5EkATkAuDnBPRguXpw09FlkPGu
FrmYAuHvYqiz+BFhkExNf39mHi7vngJep4S7+y4+5BLPkjBzArgPTe2VNc86Mit0
QtAMYqyzyJTGInw7/c7X7nbNBYv8vZqBSk6xS661wXT1HtpKhALuI3eA/Iu/5AZq
JkZik64dU60j76HqhE+miv6+WJnHua/fSchdTNb2d3d4n4SVmlsn2ZIa4QG0sVtI
Q7wLJqG9jGG/wA3dd+cCwaZNGyy0SMPYXYnZKXw6hvA2/ErpqXPCbA71MOErDcN4
/al1GpGGDwFMIksEueO5u2nNGbxco4cWga9eBhr3qtxJWR/UysSGc9jYnQIDAQAB
o4IETDCCBEgwHQYDVR0OBBYEFCXOurKA4uA2ybBkbUIQMCCkUuCYMB8GA1UdIwQY
MBaAFAempYnuhIqAUiOBkbmANed1EiclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjZhbGllNkVpb0JTSTRHUnVZQTE1M1VTSnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83ZmFmNWUtNzQzNS00OWZlLWFjZDct
MjBmYmM5MDY0OTRiLzEvSmM2NnNvRGk0RGJKc0dSdFFoQXdJS1JTNEpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83ZmFmNWUtNzQzNS00OWZlLWFjZDctMjBmYmM5MDY0OTRi
LzEvQjZhbGllNkVpb0JTSTRHUnVZQTE1M1VTSnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICYAYIKwYBBQUHAQcBAf8EggJPMIICSzCCAjgEAgABMIIC
MDAMAwQAAjpdAwQAAjpeAwQCAjqIAwQCAjv4AwQAHw3CMAsDBAAfDfkDAwEfDAME
AS0ISgMEAi0M+AMEAi2LZAMEAi2PZAMEAS2V6AMEAk1LOAMEA04ooAMEAlD5fAME
AVd4LjAMAwQAV3g/AwQAV3hCMAwDBABXeFUDBABXeFYDBAFXeGADBABXeG8DBABX
eLEDBABXeNoDBABXeOADBABXeOIDBAJXeOgDBABXeRMDBAFXeSQDBABXeTswDAME
AVd5QgMEAFd5RAMEAFd5dAMEAVd5lAMEAFtcAwMEAVtcGAMEAlvFxAMEAlvzuAME
AFz5MwMEAl17RAMEAV17VgMEAF17bAMEAV6argMEAl6cEAMEAF6cIAMEA16cMAME
AF6cXwMEAl6cbAMEAV6cqDAMAwQBXpy2AwQAXpy4AwQAXpy7AwQBXpzAAwQBXpzq
AwQCXpzwAwQBXpz2AwQCXvA4AwQCX9Z8AwQAbc7uAwQAjWIAAwQApCi4AwQBpCi6
AwQAqxYdAwQBsH38AwQDsq+4AwQCuauUAwQAud1CAwQBueFIAwQAufyyAwQCwRPI
AwQCwSToAwQAwSUrAwQAwSUuAwQCwS6sAwQCwTgQAwQCwTj4AwQCwTq4MAsDAwDB
zwMEAMHPAjAMAwQAwc8JAwQBwc8MAwQDwc8QAwQAwjD5AwQCwkzMAwQCwpMIAwQA
wrQyAwQAw7J4AwQCw+F4AwQF1BaAAwQF1BgAAwQA1EmHMA0EAgACMAcDBQMqCebA
MA0GCSqGSIb3DQEBCwUAA4IBAQAwHGXD1SUjtBInvnYxQi+atCeS/r2t1bIYmCGp
rugWof39aYj/S5GzM8JaJeXDwa3yAKMLUg1ydyz00grbA+zsa6cB4NOmjt8YiRQK
A8++obv1REPoxkDN4AG8maJzGz5JnDncfJLaG/x8tE1Ca8qtXKCZ50EyAhwYCNMa
f9KblN5aDsJAuQdUVKqA1/1MtMADATcRvaJ/sbc7RSdbSQF9xOY6IGke40/GYoPG
ZhqOeuxW2kSE4AVUv1fvNymWZ6+qn5UaIjQV/YiddvmTIR5KP68L+JoD3Jltn9cH
5+uYj7gDYsxYOQ06BGZOtqhIyyPnX5pgCTLnjigcFZwewwdL
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:21 2024 by rpki-client on console-ams.rpki-client.org