Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/kvgwT2CIxiAz0KGy17PsocByagw.roa
File: kvgwT2CIxiAz0KGy17PsocByagw.roa (raw, json)
Hash identifier: uswWYZe8p+8Gmx/n8zkQaGQ6Q2+Rru2JGoDveoK/xUw=
Subject key identifier: 92:F8:30:4F:60:88:C6:20:33:D0:A1:B2:D7:B3:EC:A1:C0:72:6A:0C
Certificate issuer: /CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Certificate serial: 01942826019E6184ED5106BCE7F41B54C8AE
Authority key identifier: C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/kvgwT2CIxiAz0KGy17PsocByagw.roa
Signing time: Thu 02 Jan 2025 17:52:46 +0000
ROA not before: Thu 02 Jan 2025 17:52:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15967
IP address blocks: 31.172.168.0/22 maxlen: 22
31.172.168.0/24 maxlen: 24
31.172.169.0/24 maxlen: 24
31.172.170.0/23 maxlen: 23
77.55.0.0/16 maxlen: 16
77.55.0.0/18 maxlen: 18
77.55.64.0/22 maxlen: 22
77.55.68.0/22 maxlen: 22
77.55.72.0/22 maxlen: 22
77.55.76.0/23 maxlen: 23
77.55.78.0/23 maxlen: 23
77.55.84.0/22 maxlen: 22
77.55.88.0/23 maxlen: 23
77.55.90.0/24 maxlen: 24
77.55.91.0/24 maxlen: 24
77.55.92.0/24 maxlen: 24
77.55.93.0/24 maxlen: 24
77.55.94.0/24 maxlen: 24
77.55.95.0/24 maxlen: 24
77.55.96.0/22 maxlen: 22
77.55.100.0/22 maxlen: 22
77.55.104.0/23 maxlen: 23
77.55.106.0/23 maxlen: 23
77.55.108.0/22 maxlen: 22
77.55.112.0/23 maxlen: 23
77.55.114.0/23 maxlen: 23
77.55.116.0/23 maxlen: 23
77.55.118.0/23 maxlen: 23
77.55.120.0/24 maxlen: 24
77.55.121.0/24 maxlen: 24
77.55.122.0/23 maxlen: 23
77.55.124.0/24 maxlen: 24
77.55.125.0/24 maxlen: 24
77.55.126.0/24 maxlen: 24
77.55.127.0/24 maxlen: 24
77.55.128.0/20 maxlen: 20
77.55.144.0/21 maxlen: 21
77.55.152.0/24 maxlen: 24
77.55.153.0/24 maxlen: 24
77.55.154.0/24 maxlen: 24
77.55.155.0/24 maxlen: 24
77.55.156.0/23 maxlen: 23
77.55.158.0/23 maxlen: 23
77.55.160.0/20 maxlen: 20
77.55.160.0/23 maxlen: 23
77.55.162.0/23 maxlen: 23
77.55.164.0/23 maxlen: 23
77.55.166.0/24 maxlen: 24
77.55.167.0/24 maxlen: 24
77.55.168.0/23 maxlen: 23
77.55.170.0/23 maxlen: 23
77.55.172.0/23 maxlen: 23
77.55.174.0/23 maxlen: 23
77.55.176.0/21 maxlen: 21
77.55.176.0/23 maxlen: 23
77.55.176.0/24 maxlen: 24
77.55.177.0/24 maxlen: 24
77.55.178.0/24 maxlen: 24
77.55.179.0/24 maxlen: 24
77.55.180.0/23 maxlen: 23
77.55.182.0/23 maxlen: 23
77.55.184.0/23 maxlen: 23
77.55.186.0/23 maxlen: 23
77.55.188.0/23 maxlen: 23
77.55.190.0/23 maxlen: 23
77.55.192.0/20 maxlen: 20
77.55.208.0/20 maxlen: 20
77.55.224.0/20 maxlen: 20
77.55.240.0/23 maxlen: 23
77.55.242.0/23 maxlen: 23
77.55.246.0/24 maxlen: 24
77.55.247.0/24 maxlen: 24
77.55.248.0/22 maxlen: 22
77.55.252.0/23 maxlen: 23
77.55.254.0/24 maxlen: 24
77.55.255.0/24 maxlen: 24
85.128.128.0/17 maxlen: 17
85.128.128.0/24 maxlen: 24
85.128.129.0/24 maxlen: 24
85.128.130.0/24 maxlen: 24
85.128.131.0/24 maxlen: 24
85.128.132.0/23 maxlen: 23
85.128.134.0/24 maxlen: 24
85.128.135.0/24 maxlen: 24
85.128.136.0/22 maxlen: 22
85.128.140.0/23 maxlen: 23
85.128.142.0/24 maxlen: 24
85.128.143.0/24 maxlen: 24
85.128.144.0/20 maxlen: 20
85.128.160.0/19 maxlen: 19
85.128.192.0/18 maxlen: 18
2a01:6100::/32 maxlen: 32
2a01:6100::/48 maxlen: 48
2a01:6100:111::/48 maxlen: 48
2a01:6100:fe00::/48 maxlen: 48
2a01:6100:fe01::/48 maxlen: 48
2a01:6100:fe02::/48 maxlen: 48
2a01:6100:fe10::/48 maxlen: 48
2a01:6100:fe11::/48 maxlen: 48
2a01:6100:fe12::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:01:9e:61:84:ed:51:06:bc:e7:f4:1b:54:c8:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Validity
Not Before: Jan 2 17:52:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92f8304f6088c62033d0a1b2d7b3eca1c0726a0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f3:43:b5:3f:f2:d2:a2:03:96:34:c8:5e:25:
54:71:26:f5:57:f5:20:47:ee:1e:54:d9:e5:e1:5c:
c3:22:77:29:1d:dc:b3:dd:97:e2:6d:fd:82:75:05:
63:93:52:c3:44:8a:3a:a4:fc:ca:7d:0e:e4:91:36:
fe:b9:93:7d:0e:a1:84:0b:56:e5:cf:1d:b2:f6:15:
04:93:d2:41:14:06:44:c4:6b:2a:00:8f:d7:3c:f8:
2b:68:62:e2:3b:89:c8:4f:c0:c8:df:0c:c2:0d:6e:
f0:27:3c:f9:c9:da:7c:c7:11:0b:82:9a:8b:cd:c4:
d1:51:bf:04:7c:db:6a:11:7f:2d:bc:be:ac:44:d9:
c2:a7:65:1f:ea:e8:cf:b8:51:58:06:d2:ed:2a:fa:
1c:20:86:a7:c7:f5:36:0c:89:aa:1d:01:01:49:73:
73:3b:87:4b:c6:dc:bf:57:0d:59:50:90:da:b3:7a:
38:91:3e:11:58:95:c3:a2:99:1c:e4:88:63:46:e5:
de:54:9b:28:c2:71:05:c3:8a:f0:92:13:1d:40:30:
02:3c:62:2c:08:6a:82:8a:35:eb:b6:7b:02:57:54:
80:0f:e8:e4:3d:f8:5b:47:12:7b:a4:a8:e5:34:4f:
dd:0c:09:59:5f:6f:00:70:3c:de:9f:51:6b:23:db:
b2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F8:30:4F:60:88:C6:20:33:D0:A1:B2:D7:B3:EC:A1:C0:72:6A:0C
X509v3 Authority Key Identifier:
keyid:C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/kvgwT2CIxiAz0KGy17PsocByagw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.168.0/22
77.55.0.0/16
85.128.128.0/17
IPv6:
2a01:6100::/32
Signature Algorithm: sha256WithRSAEncryption
23:fd:04:1d:5f:ec:20:9c:21:c1:32:2a:f8:e3:9c:e4:f3:46:
b1:60:09:4a:0d:a3:be:e2:e0:e7:f1:d7:31:71:c9:ea:11:21:
85:67:1e:db:84:31:9b:21:8d:38:96:43:cc:ef:a6:63:00:b2:
1f:21:96:11:15:1d:ef:03:e3:96:7d:0d:fa:50:8b:7f:f8:be:
44:f7:f3:b1:89:20:a1:84:7d:91:d3:ab:00:05:68:de:f9:a6:
f5:8d:43:d7:66:57:03:5e:e7:cb:09:e8:ee:b1:ec:48:c2:f6:
ca:3c:31:ca:80:32:84:aa:d9:6a:92:2d:30:18:1b:12:9c:4a:
8f:b8:fe:a7:30:ee:c8:9c:5e:b7:f9:42:08:9b:4f:67:bc:d6:
41:21:96:17:65:dc:4d:8a:fb:44:0d:00:4b:45:3a:3c:d0:8c:
30:fe:57:b4:f0:3d:f5:62:25:69:a1:bf:8e:8a:69:ac:c3:04:
80:17:a4:25:dd:b7:f7:2d:23:1d:95:aa:35:bd:13:d1:6d:02:
37:93:5b:2a:7d:1d:6f:3a:65:87:89:6d:f2:f9:a8:09:b5:6b:
03:9f:b6:09:ca:fc:e1:34:12:61:fe:a2:46:0d:a8:6a:db:2e:
43:a7:e8:e6:19:63:28:b5:97:60:da:81:c2:e9:e5:04:68:18:
83:d2:16:12
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQoJgGeYYTtUQa85/QbVMiuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTJmNDI0MDdmMjFjOWQ3NjkwZmIzMGZkOGNkYjJiZmRm
NmQwMzAwHhcNMjUwMTAyMTc1MjQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmY4MzA0ZjYwODhjNjIwMzNkMGExYjJkN2IzZWNhMWMwNzI2YTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/NDtT/y0qIDljTIXiVUcSb1V/Ug
R+4eVNnl4VzDIncpHdyz3Zfibf2CdQVjk1LDRIo6pPzKfQ7kkTb+uZN9DqGEC1bl
zx2y9hUEk9JBFAZExGsqAI/XPPgraGLiO4nIT8DI3wzCDW7wJzz5ydp8xxELgpqL
zcTRUb8EfNtqEX8tvL6sRNnCp2Uf6ujPuFFYBtLtKvocIIanx/U2DImqHQEBSXNz
O4dLxty/Vw1ZUJDas3o4kT4RWJXDopkc5IhjRuXeVJsownEFw4rwkhMdQDACPGIs
CGqCijXrtnsCV1SAD+jkPfhbRxJ7pKjlNE/dDAlZX28AcDzen1FrI9uydQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJL4ME9giMYgM9Chstez7KHAcmoMMB8GA1UdIwQY
MBaAFMWi9CQH8hyddpD7MP2M2yv99tAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEt
ZmI1YzYyZTQyZjZiLzEva3Znd1QyQ0l4aUF6MEtHeTE3UHNvY0J5YWd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEtZmI1YzYyZTQyZjZi
LzEveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQCH6yoAwMA
TTcDBAdVgIAwDQQCAAIwBwMFACoBYQAwDQYJKoZIhvcNAQELBQADggEBACP9BB1f
7CCcIcEyKvjjnOTzRrFgCUoNo77i4Ofx1zFxyeoRIYVnHtuEMZshjTiWQ8zvpmMA
sh8hlhEVHe8D45Z9DfpQi3/4vkT387GJIKGEfZHTqwAFaN75pvWNQ9dmVwNe58sJ
6O6x7EjC9so8McqAMoSq2WqSLTAYGxKcSo+4/qcw7sicXrf5QgibT2e81kEhlhdl
3E2K+0QNAEtFOjzQjDD+V7TwPfViJWmhv46KaazDBIAXpCXdt/ctIx2VqjW9E9Ft
AjeTWyp9HW86ZYeJbfL5qAm1awOftgnK/OE0EmH+okYNqGrbLkOn6OYZYyi1l2Da
gcLp5QRoGIPSFhI=
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:08:08 2025 by rpki-client