Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/JoEELLfJzjHW9YTv5MhR64Eepno.roa
File:                     JoEELLfJzjHW9YTv5MhR64Eepno.roa (raw, json)
Hash identifier:          TlVu0ppa8QxVQO4R7rHHg+c98fpHCcR1GSrCAB0SDqc=
Subject key identifier:   26:81:04:2C:B7:C9:CE:31:D6:F5:84:EF:E4:C8:51:EB:81:1E:A6:7A
Certificate issuer:       /CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
Certificate serial:       018CC4254B07AD33FC2DE33F6A23E47FC2BD
Authority key identifier: 4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/JoEELLfJzjHW9YTv5MhR64Eepno.roa
Signing time:             Mon 01 Jan 2024 08:30:27 +0000
ROA not before:           Mon 01 Jan 2024 08:30:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     12479
IP address blocks:        213.76.218.0/24 maxlen: 24
                          213.76.216.0/22 maxlen: 22
                          213.76.224.0/21 maxlen: 21
                          213.76.220.0/22 maxlen: 22
                          213.76.232.0/21 maxlen: 21
                          213.76.240.0/21 maxlen: 21
                          213.76.248.0/21 maxlen: 21
                          213.76.192.0/20 maxlen: 20
                          213.76.192.0/18 maxlen: 18
                          213.76.208.0/22 maxlen: 22
                          80.52.108.0/22 maxlen: 22
                          80.52.112.0/20 maxlen: 20
                          80.49.64.0/20 maxlen: 20
                          80.52.64.0/21 maxlen: 21
                          80.52.64.0/18 maxlen: 18
                          80.52.72.0/22 maxlen: 22
                          80.52.76.0/22 maxlen: 22
                          80.52.84.0/22 maxlen: 22
                          80.52.80.0/21 maxlen: 21
                          80.52.80.0/22 maxlen: 22
                          80.52.84.0/24 maxlen: 24
                          80.52.88.0/21 maxlen: 21
                          80.52.96.0/21 maxlen: 21
                          80.52.104.0/22 maxlen: 22
                          80.49.120.0/24 maxlen: 24
                          80.49.120.0/22 maxlen: 22
                          80.49.124.0/22 maxlen: 22
                          80.49.64.0/18 maxlen: 18
                          80.49.80.0/20 maxlen: 20
                          80.49.96.0/20 maxlen: 20
                          80.49.112.0/21 maxlen: 21
                          79.162.188.0/22 maxlen: 22
                          79.162.136.0/22 maxlen: 22
                          79.162.140.0/22 maxlen: 22
                          79.162.144.0/22 maxlen: 22
                          79.162.152.0/24 maxlen: 24
                          79.162.148.0/22 maxlen: 22
                          79.162.155.0/24 maxlen: 24
                          79.162.154.0/24 maxlen: 24
                          79.162.153.0/24 maxlen: 24
                          79.162.156.0/22 maxlen: 22
                          79.162.160.0/22 maxlen: 22
                          79.162.164.0/22 maxlen: 22
                          79.162.168.0/22 maxlen: 22
                          79.162.172.0/22 maxlen: 22
                          79.162.176.0/22 maxlen: 22
                          79.162.184.0/22 maxlen: 22
                          79.162.180.0/22 maxlen: 22
                          213.77.176.0/22 maxlen: 22
                          213.77.180.0/22 maxlen: 22
                          213.77.184.0/22 maxlen: 22
                          213.77.192.0/20 maxlen: 20
                          213.77.188.0/22 maxlen: 22
                          213.77.208.0/20 maxlen: 20
                          213.77.224.0/22 maxlen: 22
                          213.77.128.0/22 maxlen: 22
                          213.77.128.0/17 maxlen: 17
                          213.77.132.0/22 maxlen: 22
                          213.77.136.0/22 maxlen: 22
                          213.77.133.0/24 maxlen: 24
                          213.77.140.0/22 maxlen: 22
                          213.77.144.0/21 maxlen: 21
                          213.77.152.0/21 maxlen: 21
                          213.77.160.0/20 maxlen: 20
                          79.162.128.0/18 maxlen: 24
                          79.162.128.0/22 maxlen: 22
                          79.162.132.0/22 maxlen: 22
                          213.77.228.0/22 maxlen: 22
                          213.77.232.0/22 maxlen: 22
                          213.77.236.0/22 maxlen: 22
                          213.77.236.0/23 maxlen: 23
                          213.77.240.0/22 maxlen: 22
                          213.77.244.0/22 maxlen: 22
                          213.77.248.0/22 maxlen: 22
                          213.77.252.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 00:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:25:4b:07:ad:33:fc:2d:e3:3f:6a:23:e4:7f:c2:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
        Validity
            Not Before: Jan  1 08:30:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2681042cb7c9ce31d6f584efe4c851eb811ea67a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:40:1b:6f:fc:a3:86:7e:fd:74:4a:95:76:2c:
                    be:ba:fa:d6:dc:9f:45:16:7f:16:c6:65:7e:99:50:
                    78:bf:df:40:9b:92:19:2c:37:8a:87:63:75:9f:42:
                    63:f9:7d:db:20:63:f8:0c:c6:8c:05:dc:3b:ac:f5:
                    25:e0:ec:fe:d8:d6:74:c1:4b:4c:32:3d:24:c2:e8:
                    1f:55:3a:44:e6:76:5e:46:58:02:b9:7c:7b:99:e1:
                    af:c8:45:aa:c3:b0:77:a5:4c:bd:00:75:08:b6:c9:
                    ac:7b:43:86:bb:b0:52:d4:9d:3d:19:7a:9d:a4:65:
                    53:66:13:d7:11:a6:55:2f:69:2b:d1:40:0e:60:29:
                    99:a4:e7:a7:36:de:21:b4:ac:a6:d8:41:d9:98:bf:
                    36:07:d4:9b:4e:75:66:e0:84:ad:01:e4:25:50:32:
                    00:5a:14:a3:5e:bb:b4:be:f0:c9:67:20:e0:98:74:
                    9a:4c:1d:8e:c3:99:34:b5:0f:09:15:da:be:eb:eb:
                    f7:58:ee:ff:34:59:83:ce:46:ca:92:e6:58:7f:5f:
                    5c:4b:72:86:a8:69:3e:57:72:24:5d:ef:d4:ec:76:
                    de:73:f6:80:ff:91:ad:a8:88:49:f5:15:3b:af:3e:
                    88:fb:3c:4b:f1:70:80:f9:af:66:d8:75:ba:93:3a:
                    24:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:81:04:2C:B7:C9:CE:31:D6:F5:84:EF:E4:C8:51:EB:81:1E:A6:7A
            X509v3 Authority Key Identifier:
                keyid:4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/JoEELLfJzjHW9YTv5MhR64Eepno.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.162.128.0/18
                  80.49.64.0/18
                  80.52.64.0/18
                  213.76.192.0/18
                  213.77.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         90:cc:86:3c:b7:b3:3e:99:51:70:e5:9d:c8:c1:f1:b3:1a:e3:
         90:4a:f2:95:a7:a7:45:91:19:26:9a:ab:1e:ce:59:13:af:49:
         40:0f:d8:93:71:6a:98:20:b0:ab:ba:00:24:0e:8b:9b:6e:55:
         17:52:59:d5:07:10:62:32:8d:f6:b2:49:50:29:3e:b7:bb:e3:
         2d:07:94:d4:64:ae:8d:b2:df:df:ca:af:b2:f6:ed:f1:eb:54:
         e9:01:f4:c1:f0:4a:c5:c7:86:35:47:93:66:a8:0c:96:21:74:
         b5:c6:cf:4a:ec:cf:dd:ea:67:aa:b7:59:b4:bb:b0:e8:14:59:
         df:15:26:43:28:df:77:1b:a2:64:cc:1e:49:51:de:3c:3c:1e:
         15:6a:1f:22:07:70:b3:59:f6:5e:c3:b4:b0:79:4e:67:98:9c:
         cc:41:f3:75:7d:43:b9:31:ec:09:9f:ed:ba:fc:00:65:5f:14:
         fd:92:1b:2a:43:18:2a:e0:6c:6c:6c:7f:fe:4f:81:3d:f1:cf:
         ad:9b:26:3f:90:96:35:80:f7:b7:07:da:6e:e2:3f:45:f8:ae:
         03:67:17:67:b6:cb:78:92:98:65:5e:04:be:8c:7f:8e:47:43:
         4f:a2:c5:73:a6:ea:2f:18:74:45:1d:38:12:9f:e5:38:4f:f0:
         b2:67:2e:3c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEJUsHrTP8LeM/aiPkf8K9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2Y1MzAwN2M3OWNjNWUyZjJkNzM1NmJhOTEyMWE3OGMw
Yzc3MTQwHhcNMjQwMTAxMDgzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjgxMDQyY2I3YzljZTMxZDZmNTg0ZWZlNGM4NTFlYjgxMWVhNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUAbb/yjhn79dEqVdiy+uvrW3J9F
Fn8WxmV+mVB4v99Am5IZLDeKh2N1n0Jj+X3bIGP4DMaMBdw7rPUl4Oz+2NZ0wUtM
Mj0kwugfVTpE5nZeRlgCuXx7meGvyEWqw7B3pUy9AHUItsmse0OGu7BS1J09GXqd
pGVTZhPXEaZVL2kr0UAOYCmZpOenNt4htKym2EHZmL82B9SbTnVm4IStAeQlUDIA
WhSjXru0vvDJZyDgmHSaTB2Ow5k0tQ8JFdq+6+v3WO7/NFmDzkbKkuZYf19cS3KG
qGk+V3IkXe/U7Hbec/aA/5GtqIhJ9RU7rz6I+zxL8XCA+a9m2HW6kzokGwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCaBBCy3yc4x1vWE7+TIUeuBHqZ6MB8GA1UdIwQY
MBaAFE7PUwB8ecxeLy1zVrqRIaeMDHcUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEt
Y2I4YjNhMDk0MjA5LzEvSm9FRUxMZkp6akhXOVlUdjVNaFI2NEVlcG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEtY2I4YjNhMDk0MjA5
LzEvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQGT6KAAwQG
UDFAAwQGUDRAAwQG1UzAAwQH1U2AMA0GCSqGSIb3DQEBCwUAA4IBAQCQzIY8t7M+
mVFw5Z3IwfGzGuOQSvKVp6dFkRkmmqsezlkTr0lAD9iTcWqYILCrugAkDoubblUX
UlnVBxBiMo32sklQKT63u+MtB5TUZK6Nst/fyq+y9u3x61TpAfTB8ErFx4Y1R5Nm
qAyWIXS1xs9K7M/d6meqt1m0u7DoFFnfFSZDKN93G6JkzB5JUd48PB4Vah8iB3Cz
WfZew7SweU5nmJzMQfN1fUO5MewJn+26/ABlXxT9khsqQxgq4GxsbH/+T4E98c+t
myY/kJY1gPe3B9pu4j9F+K4DZxdntst4kphlXgS+jH+OR0NPosVzpuovGHRFHTgS
n+U4T/CyZy48
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:10:58 2024 by rpki-client on console-ams.rpki-client.org