Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/xGw0xukixZtXsjCwi3h5DpZr61U.roa
File: xGw0xukixZtXsjCwi3h5DpZr61U.roa (raw, json)
Hash identifier: ObEQ9e11pZRfQJu/IjnsWpIavpM+tJYqRF8yg6C3qNA=
Subject key identifier: C4:6C:34:C6:E9:22:C5:9B:57:B2:30:B0:8B:78:79:0E:96:6B:EB:55
Certificate issuer: /CN=2f814adc1d5209e098f078adbc856bad83b749c2
Certificate serial: 018F5F6AA98501365B9964DA272C785B9AEE
Authority key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/xGw0xukixZtXsjCwi3h5DpZr61U.roa
Signing time: Thu 09 May 2024 22:12:56 +0000
ROA not before: Thu 09 May 2024 22:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60976
IP address blocks: 31.214.168.0/21 maxlen: 21
31.214.168.0/24 maxlen: 24
31.214.169.0/24 maxlen: 24
31.214.170.0/24 maxlen: 24
31.214.171.0/24 maxlen: 24
31.214.172.0/24 maxlen: 24
31.214.173.0/24 maxlen: 24
31.214.174.0/24 maxlen: 24
31.214.175.0/24 maxlen: 24
31.214.248.0/21 maxlen: 21
31.214.248.0/24 maxlen: 24
31.214.249.0/24 maxlen: 24
31.214.250.0/24 maxlen: 24
31.214.251.0/24 maxlen: 24
31.214.252.0/24 maxlen: 24
31.214.253.0/24 maxlen: 24
31.214.254.0/24 maxlen: 24
31.214.255.0/24 maxlen: 24
37.10.109.0/24 maxlen: 24
37.228.136.0/22 maxlen: 22
37.228.136.0/24 maxlen: 24
37.228.137.0/24 maxlen: 24
37.228.138.0/24 maxlen: 24
37.228.139.0/24 maxlen: 24
82.99.215.0/24 maxlen: 24
82.99.216.0/22 maxlen: 22
82.99.216.0/24 maxlen: 24
82.99.217.0/24 maxlen: 24
82.99.218.0/24 maxlen: 24
82.99.219.0/24 maxlen: 24
82.99.238.0/24 maxlen: 24
82.99.242.0/24 maxlen: 24
82.99.243.0/24 maxlen: 24
82.99.244.0/24 maxlen: 24
95.156.236.0/24 maxlen: 24
95.156.237.0/24 maxlen: 24
95.156.252.0/22 maxlen: 22
95.156.252.0/24 maxlen: 24
95.156.253.0/24 maxlen: 24
95.156.254.0/24 maxlen: 24
95.156.255.0/24 maxlen: 24
109.230.200.0/24 maxlen: 24
109.230.204.0/22 maxlen: 22
109.230.204.0/24 maxlen: 24
109.230.205.0/24 maxlen: 24
109.230.206.0/24 maxlen: 24
109.230.207.0/24 maxlen: 24
109.230.221.0/24 maxlen: 24
109.230.223.0/24 maxlen: 24
109.230.242.0/24 maxlen: 24
134.255.200.0/21 maxlen: 21
134.255.200.0/24 maxlen: 24
134.255.201.0/24 maxlen: 24
134.255.202.0/24 maxlen: 24
134.255.203.0/24 maxlen: 24
134.255.204.0/24 maxlen: 24
134.255.205.0/24 maxlen: 24
134.255.206.0/24 maxlen: 24
134.255.207.0/24 maxlen: 24
185.13.228.0/22 maxlen: 22
185.13.228.0/24 maxlen: 24
185.13.229.0/24 maxlen: 24
185.13.230.0/24 maxlen: 24
185.13.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5f:6a:a9:85:01:36:5b:99:64:da:27:2c:78:5b:9a:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f814adc1d5209e098f078adbc856bad83b749c2
Validity
Not Before: May 9 22:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c46c34c6e922c59b57b230b08b78790e966beb55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f5:e9:db:b2:44:31:ee:95:93:60:ca:f1:da:
dd:10:ef:a2:cf:e0:bb:be:d5:54:2e:ea:de:a7:c4:
dc:d2:c6:4e:21:07:a8:d5:4f:77:22:d7:9e:c5:ae:
f3:2f:39:fa:aa:eb:0f:d9:e9:2e:e1:fb:c8:78:18:
de:40:a6:1e:ab:6f:a2:d5:d9:9e:5f:06:19:95:c5:
a8:15:88:f1:96:6d:e7:81:f9:5e:9d:9b:91:2e:85:
d0:13:4a:9c:67:a3:95:12:26:ec:aa:89:e9:2f:d4:
7a:56:1b:f7:80:28:58:16:39:3d:c3:69:eb:67:b4:
0b:86:d1:38:e2:f8:c8:3c:8c:c1:ed:6d:ab:b4:eb:
ad:23:b5:43:3e:e8:6e:d0:df:da:17:89:95:a5:5c:
1c:ea:05:1e:bc:34:f1:e2:f8:f1:08:d1:9c:af:84:
46:f8:fb:c1:17:2c:15:33:65:85:45:c6:6e:1f:a0:
7d:fa:0a:c6:a7:9b:56:46:53:c3:5b:90:7d:48:28:
ab:32:74:51:3e:04:b2:57:5a:92:2a:b5:21:25:a0:
31:e3:4e:eb:b6:8a:de:ae:ce:de:d6:13:95:e9:be:
61:bf:28:b0:78:ab:bc:db:03:7a:6f:f2:e7:dc:8e:
a3:d9:4f:a3:d0:fd:d6:f4:8a:d5:da:d5:3b:f7:91:
bd:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:6C:34:C6:E9:22:C5:9B:57:B2:30:B0:8B:78:79:0E:96:6B:EB:55
X509v3 Authority Key Identifier:
keyid:2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/xGw0xukixZtXsjCwi3h5DpZr61U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.168.0/21
31.214.248.0/21
37.10.109.0/24
37.228.136.0/22
82.99.215.0-82.99.219.255
82.99.238.0/24
82.99.242.0-82.99.244.255
95.156.236.0/23
95.156.252.0/22
109.230.200.0/24
109.230.204.0/22
109.230.221.0/24
109.230.223.0/24
109.230.242.0/24
134.255.200.0/21
185.13.228.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:6f:87:49:81:5d:c6:db:54:51:b9:e2:0e:b3:31:44:64:10:
45:06:d7:24:99:1d:62:24:ec:9c:23:c4:96:98:a4:7c:da:1d:
36:90:c2:b9:2b:af:aa:66:55:b6:43:6d:ec:ae:1b:8f:c6:31:
4e:b4:1a:08:5a:33:68:27:d3:d9:7f:71:9d:68:02:95:a3:01:
0b:70:1c:67:8b:9d:60:72:4a:14:3b:af:ee:90:02:f8:f3:02:
54:8f:b7:01:a4:b7:0b:5a:f4:e3:0f:3a:99:0c:67:bf:8b:59:
9f:64:2a:d3:4f:76:18:b0:4d:90:f9:93:dd:17:0d:a4:ff:c7:
68:b8:80:58:70:f3:f5:d3:ea:44:b6:2f:19:a9:b8:c0:ab:41:
7f:89:91:f4:13:c6:ec:15:9a:c1:5c:ac:b1:2b:ae:b0:9e:ba:
96:14:9f:03:bb:80:0a:52:71:23:05:1f:f9:d0:e4:4a:01:4a:
82:0e:75:ae:af:27:99:34:fc:f6:78:f2:4d:0c:b9:fe:4d:1c:
c8:ba:c1:5a:cf:62:2a:8f:63:92:08:06:11:67:65:8a:01:09:
3c:1d:95:a5:68:7f:51:c8:0c:45:89:8e:2e:0b:b2:0e:f9:22:
20:42:18:9e:da:ed:d2:4c:a2:69:5e:d1:3c:30:45:e6:dd:a4:
f5:e7:e2:e1
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAY9faqmFATZbmWTaJyx4W5ruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODE0YWRjMWQ1MjA5ZTA5OGYwNzhhZGJjODU2YmFkODNi
NzQ5YzIwHhcNMjQwNTA5MjIxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDZjMzRjNmU5MjJjNTliNTdiMjMwYjA4Yjc4NzkwZTk2NmJlYjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofXp27JEMe6Vk2DK8drdEO+iz+C7
vtVULurep8Tc0sZOIQeo1U93Iteexa7zLzn6qusP2eku4fvIeBjeQKYeq2+i1dme
XwYZlcWoFYjxlm3ngflenZuRLoXQE0qcZ6OVEibsqonpL9R6Vhv3gChYFjk9w2nr
Z7QLhtE44vjIPIzB7W2rtOutI7VDPuhu0N/aF4mVpVwc6gUevDTx4vjxCNGcr4RG
+PvBFywVM2WFRcZuH6B9+grGp5tWRlPDW5B9SCirMnRRPgSyV1qSKrUhJaAx407r
torers7e1hOV6b5hvyiweKu82wN6b/Ln3I6j2U+j0P3W9IrV2tU795G9qwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFMRsNMbpIsWbV7IwsIt4eQ6Wa+tVMB8GA1UdIwQY
MBaAFC+BStwdUgngmPB4rbyFa62Dt0nCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2Qt
ZGY4NmI2ZGQ5OTdjLzEveEd3MHh1a2l4WnRYc2pDd2kzaDVEcFpyNjFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2QtZGY4NmI2ZGQ5OTdj
LzEvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAx/WqAME
Ax/W+AMEACUKbQMEAiXkiDAMAwQAUmPXAwQCUmPYAwQAUmPuMAwDBAFSY/IDBABS
Y/QDBAFfnOwDBAJfnPwDBABt5sgDBAJt5swDBABt5t0DBABt5t8DBABt5vIDBAOG
/8gDBAK5DeQwDQYJKoZIhvcNAQELBQADggEBAD5vh0mBXcbbVFG54g6zMURkEEUG
1ySZHWIk7JwjxJaYpHzaHTaQwrkrr6pmVbZDbeyuG4/GMU60GghaM2gn09l/cZ1o
ApWjAQtwHGeLnWByShQ7r+6QAvjzAlSPtwGktwta9OMPOpkMZ7+LWZ9kKtNPdhiw
TZD5k90XDaT/x2i4gFhw8/XT6kS2LxmpuMCrQX+JkfQTxuwVmsFcrLErrrCeupYU
nwO7gApScSMFH/nQ5EoBSoIOda6vJ5k0/PZ48k0Muf5NHMi6wVrPYiqPY5IIBhFn
ZYoBCTwdlaVof1HIDEWJji4Lsg75IiBCGJ7a7dJMomle0TwwRebdpPXn4uE=
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:21:02 2024 by rpki-client on console-ams.rpki-client.org