Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/974213-49fd-4c5c-8014-bd3a630ee5cc/1/JFVH0GrhtiCNs09BaAgacGfHpYg.roa
File: JFVH0GrhtiCNs09BaAgacGfHpYg.roa (raw, json)
Hash identifier: mZo9EflRUAyhSpoVQod1HprJ0bONer3JzbZRbYIcJww=
Subject key identifier: 24:55:47:D0:6A:E1:B6:20:8D:B3:4F:41:68:08:1A:70:67:C7:A5:88
Certificate issuer: /CN=602be661e57c14659a608e9f6be605d6250047fc
Certificate serial: 018E332B630121DCE494461D5710D37811C0
Authority key identifier: 60:2B:E6:61:E5:7C:14:65:9A:60:8E:9F:6B:E6:05:D6:25:00:47:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YCvmYeV8FGWaYI6fa-YF1iUAR_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/974213-49fd-4c5c-8014-bd3a630ee5cc/1/JFVH0GrhtiCNs09BaAgacGfHpYg.roa
Signing time: Tue 12 Mar 2024 14:57:45 +0000
ROA not before: Tue 12 Mar 2024 14:57:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6876
IP address blocks: 31.31.96.0/19 maxlen: 19
37.203.0.0/19 maxlen: 19
45.130.0.0/22 maxlen: 22
45.140.120.0/22 maxlen: 22
45.156.36.0/22 maxlen: 22
62.16.0.0/19 maxlen: 19
79.140.0.0/20 maxlen: 20
85.238.96.0/19 maxlen: 19
88.214.8.0/22 maxlen: 22
95.214.40.0/22 maxlen: 22
130.0.32.0/19 maxlen: 19
176.119.64.0/18 maxlen: 18
185.21.51.0/24 maxlen: 24
185.23.104.0/22 maxlen: 22
185.145.104.0/22 maxlen: 22
185.166.220.0/22 maxlen: 22
185.177.240.0/22 maxlen: 22
185.184.168.0/22 maxlen: 22
185.206.36.0/22 maxlen: 22
185.226.112.0/22 maxlen: 22
185.228.104.0/22 maxlen: 22
185.247.20.0/22 maxlen: 22
188.115.128.0/18 maxlen: 18
193.163.196.0/24 maxlen: 24
193.178.48.0/22 maxlen: 22
195.138.64.0/19 maxlen: 19
212.24.112.0/24 maxlen: 24
212.90.124.0/22 maxlen: 22
212.178.0.0/19 maxlen: 19
2a04:2c00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/974213-49fd-4c5c-8014-bd3a630ee5cc/1/YCvmYeV8FGWaYI6fa-YF1iUAR_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/974213-49fd-4c5c-8014-bd3a630ee5cc/1/YCvmYeV8FGWaYI6fa-YF1iUAR_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YCvmYeV8FGWaYI6fa-YF1iUAR_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:33:2b:63:01:21:dc:e4:94:46:1d:57:10:d3:78:11:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=602be661e57c14659a608e9f6be605d6250047fc
Validity
Not Before: Mar 12 14:57:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=245547d06ae1b6208db34f4168081a7067c7a588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:01:dc:92:2f:25:30:c8:45:29:49:c0:24:87:
08:f6:ec:e9:c3:05:48:60:76:a2:1e:c0:cb:d6:f7:
d9:b9:92:20:80:1e:bb:28:dd:ef:c2:68:7c:07:af:
38:e2:67:3b:16:0e:3d:3b:79:64:d1:3b:b7:a7:89:
50:d6:2e:13:cd:91:1a:10:6a:0c:12:f7:f6:5c:0e:
c7:24:99:a7:70:d1:80:08:73:f5:47:47:37:8f:11:
1f:5e:e0:90:a3:da:13:48:a6:59:12:a9:14:d8:82:
d3:f8:d9:56:dd:18:3f:82:48:e0:5b:68:03:c2:e5:
c2:02:f4:1d:ab:e1:2a:ae:a7:25:ae:b9:6d:f6:53:
eb:37:31:21:8c:cf:65:0c:45:09:a4:1e:f3:77:12:
7f:33:98:bb:bb:70:b9:c3:14:d6:ff:60:05:13:1f:
89:49:77:74:ef:d2:dd:a1:2e:5c:25:72:13:14:48:
29:03:b3:da:be:e0:e8:7d:52:5f:4f:2d:ac:c8:cd:
82:82:e1:cd:43:d2:d0:01:01:06:5f:4a:48:aa:d0:
a4:3e:a6:89:e4:13:a3:5a:dd:c5:d2:42:19:ac:21:
dd:e5:d6:66:7e:97:db:bf:13:40:6f:79:af:56:69:
dc:11:81:66:68:7d:5e:87:ac:d0:03:fb:07:cc:0d:
08:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:55:47:D0:6A:E1:B6:20:8D:B3:4F:41:68:08:1A:70:67:C7:A5:88
X509v3 Authority Key Identifier:
keyid:60:2B:E6:61:E5:7C:14:65:9A:60:8E:9F:6B:E6:05:D6:25:00:47:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YCvmYeV8FGWaYI6fa-YF1iUAR_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/974213-49fd-4c5c-8014-bd3a630ee5cc/1/JFVH0GrhtiCNs09BaAgacGfHpYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/974213-49fd-4c5c-8014-bd3a630ee5cc/1/YCvmYeV8FGWaYI6fa-YF1iUAR_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.96.0/19
37.203.0.0/19
45.130.0.0/22
45.140.120.0/22
45.156.36.0/22
62.16.0.0/19
79.140.0.0/20
85.238.96.0/19
88.214.8.0/22
95.214.40.0/22
130.0.32.0/19
176.119.64.0/18
185.21.51.0/24
185.23.104.0/22
185.145.104.0/22
185.166.220.0/22
185.177.240.0/22
185.184.168.0/22
185.206.36.0/22
185.226.112.0/22
185.228.104.0/22
185.247.20.0/22
188.115.128.0/18
193.163.196.0/24
193.178.48.0/22
195.138.64.0/19
212.24.112.0/24
212.90.124.0/22
212.178.0.0/19
IPv6:
2a04:2c00::/29
Signature Algorithm: sha256WithRSAEncryption
87:22:8c:f3:ef:50:7d:ba:4b:4b:a1:66:93:50:c2:47:af:ce:
e7:4f:32:4c:e0:21:83:2a:f5:9e:8c:06:b6:95:d8:c5:d6:a2:
dd:13:19:0b:4b:35:c7:d2:fd:a6:4c:eb:5e:5e:9f:5c:72:7e:
df:02:35:67:32:f0:c7:80:e4:e8:86:8f:b2:94:d7:ca:1c:10:
ab:44:36:c8:65:da:2f:07:86:1b:00:75:be:b9:cf:2d:d1:05:
bd:99:3e:5b:9d:5e:31:d9:58:58:de:4a:e7:38:76:0f:84:51:
a2:f8:2f:39:27:f0:34:ad:28:aa:3d:c4:b9:66:9a:e4:e9:30:
d4:8c:83:3b:88:9c:cb:f6:62:10:4e:4c:bd:91:a9:98:f4:3d:
61:26:65:ce:e1:6d:41:84:58:ad:5d:ce:e1:14:ad:ef:8d:21:
1c:91:bd:50:e6:58:cb:31:91:27:16:59:b6:b5:64:27:c2:4a:
bb:ab:5d:8a:2b:68:79:bf:f7:6b:33:91:27:fd:b4:ad:3d:2e:
c1:e8:06:a2:7a:ad:99:ea:80:b4:11:fe:26:2b:de:89:ca:2c:
93:c6:3d:19:c4:7d:ba:16:35:34:ab:5f:25:5e:b5:e3:ca:56:
d7:73:6a:39:51:54:07:96:52:b4:10:88:ef:ab:02:8a:61:f9:
98:86:94:06
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgISAY4zK2MBIdzklEYdVxDTeBHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMmJlNjYxZTU3YzE0NjU5YTYwOGU5ZjZiZTYwNWQ2MjUw
MDQ3ZmMwHhcNMjQwMzEyMTQ1NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDU1NDdkMDZhZTFiNjIwOGRiMzRmNDE2ODA4MWE3MDY3YzdhNTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgHcki8lMMhFKUnAJIcI9uzpwwVI
YHaiHsDL1vfZuZIggB67KN3vwmh8B6844mc7Fg49O3lk0Tu3p4lQ1i4TzZEaEGoM
Evf2XA7HJJmncNGACHP1R0c3jxEfXuCQo9oTSKZZEqkU2ILT+NlW3Rg/gkjgW2gD
wuXCAvQdq+Eqrqclrrlt9lPrNzEhjM9lDEUJpB7zdxJ/M5i7u3C5wxTW/2AFEx+J
SXd079LdoS5cJXITFEgpA7PavuDofVJfTy2syM2CguHNQ9LQAQEGX0pIqtCkPqaJ
5BOjWt3F0kIZrCHd5dZmfpfbvxNAb3mvVmncEYFmaH1eh6zQA/sHzA0IqwIDAQAB
o4ICxTCCAsEwHQYDVR0OBBYEFCRVR9Bq4bYgjbNPQWgIGnBnx6WIMB8GA1UdIwQY
MBaAFGAr5mHlfBRlmmCOn2vmBdYlAEf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUN2bVllVjhGR1dhWUk2ZmEtWUYxaVVBUl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC85NzQyMTMtNDlmZC00YzVjLTgwMTQt
YmQzYTYzMGVlNWNjLzEvSkZWSDBHcmh0aUNOczA5QmFBZ2FjR2ZIcFlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC85NzQyMTMtNDlmZC00YzVjLTgwMTQtYmQzYTYzMGVlNWNj
LzEvWUN2bVllVjhGR1dhWUk2ZmEtWUYxaVVBUl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHaBggrBgEFBQcBBwEB/wSByjCBxzCBtQQCAAEwga4DBAUf
H2ADBAUlywADBAItggADBAItjHgDBAItnCQDBAU+EAADBARPjAADBAVV7mADBAJY
1ggDBAJf1igDBAWCACADBAawd0ADBAC5FTMDBAK5F2gDBAK5kWgDBAK5ptwDBAK5
sfADBAK5uKgDBAK5ziQDBAK54nADBAK55GgDBAK59xQDBAa8c4ADBADBo8QDBALB
sjADBAXDikADBADUGHADBALUWnwDBAXUsgAwDQQCAAIwBwMFAyoELAAwDQYJKoZI
hvcNAQELBQADggEBAIcijPPvUH26S0uhZpNQwkevzudPMkzgIYMq9Z6MBraV2MXW
ot0TGQtLNcfS/aZM615en1xyft8CNWcy8MeA5OiGj7KU18ocEKtENshl2i8HhhsA
db65zy3RBb2ZPludXjHZWFjeSuc4dg+EUaL4Lzkn8DStKKo9xLlmmuTpMNSMgzuI
nMv2YhBOTL2RqZj0PWEmZc7hbUGEWK1dzuEUre+NIRyRvVDmWMsxkScWWba1ZCfC
SrurXYoraHm/92szkSf9tK09LsHoBqJ6rZnqgLQR/iYr3onKLJPGPRnEfboWNTSr
XyVetePKVtdzajlRVAeWUrQQiO+rAoph+ZiGlAY=
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:00:39 2024 by rpki-client on console-ams.rpki-client.org