Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/7KhTAO80iFfbwe-833CZx127z6Y.roa
File: 7KhTAO80iFfbwe-833CZx127z6Y.roa (raw, json)
Hash identifier: sI6XtDikd4xAq50wE9xqtWhPmQqTrsgNrn7LxhtF6wo=
Subject key identifier: EC:A8:53:00:EF:34:88:57:DB:C1:EF:BC:DF:70:99:C7:5D:BB:CF:A6
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0192D3BEE92440E87E9BF685E70C98405B45
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/7KhTAO80iFfbwe-833CZx127z6Y.roa
Signing time: Mon 28 Oct 2024 15:29:17 +0000
ROA not before: Mon 28 Oct 2024 15:29:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 31.133.24.0/22 maxlen: 22
46.151.32.0/24 maxlen: 24
46.151.33.0/24 maxlen: 24
46.151.34.0/24 maxlen: 24
46.151.35.0/24 maxlen: 24
77.36.2.0/23 maxlen: 24
77.36.4.0/22 maxlen: 22
77.36.54.0/24 maxlen: 24
77.36.55.0/24 maxlen: 24
77.36.57.0/24 maxlen: 24
77.36.60.0/24 maxlen: 24
77.36.65.0/24 maxlen: 24
77.36.68.0/22 maxlen: 22
91.218.252.0/23 maxlen: 23
91.218.254.0/23 maxlen: 23
91.223.158.0/24 maxlen: 24
91.228.119.0/24 maxlen: 24
91.229.6.0/24 maxlen: 24
91.232.20.0/24 maxlen: 24
91.232.254.0/24 maxlen: 24
91.236.77.0/24 maxlen: 24
91.236.237.0/24 maxlen: 24
91.237.48.0/24 maxlen: 24
91.239.222.0/23 maxlen: 23
91.246.184.0/22 maxlen: 22
93.120.12.0/22 maxlen: 22
93.120.36.0/24 maxlen: 24
93.120.37.0/24 maxlen: 24
93.120.38.0/24 maxlen: 24
93.120.46.0/24 maxlen: 24
93.120.74.0/24 maxlen: 24
93.120.120.0/22 maxlen: 22
176.96.48.0/22 maxlen: 22
176.96.93.0/24 maxlen: 24
176.107.72.0/21 maxlen: 21
176.110.107.0/24 maxlen: 24
176.110.112.0/24 maxlen: 24
176.110.113.0/24 maxlen: 24
178.159.147.0/24 maxlen: 24
188.191.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d3:be:e9:24:40:e8:7e:9b:f6:85:e7:0c:98:40:5b:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Oct 28 15:29:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eca85300ef348857dbc1efbcdf7099c75dbbcfa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:50:4e:92:73:68:e8:c9:a1:8b:9f:3b:68:fd:
8e:97:f8:49:02:dd:11:00:1d:ce:ec:cb:85:0a:a1:
20:6e:47:f4:64:10:68:b4:7a:43:f6:1a:87:07:f2:
cb:8a:b5:8a:d7:3c:9f:2c:75:a2:bf:0e:c3:fb:b6:
16:a5:c2:d5:66:b7:f6:d6:ec:84:9e:3d:ef:35:69:
4e:13:6e:ea:c0:25:ff:70:08:fb:5a:79:a7:7a:b2:
cc:91:91:bb:f6:60:63:b6:2a:b6:9a:d8:53:d7:eb:
37:09:e5:51:7f:38:3e:c7:50:a1:92:52:af:b1:e2:
71:24:dc:11:7e:95:50:fd:3a:bc:ac:84:bd:0a:b2:
a5:bf:05:24:45:44:a0:42:93:87:9a:87:64:2c:69:
b0:d4:94:7d:00:d8:54:1a:44:d0:1c:d9:6f:f2:87:
16:99:cf:96:a6:1f:ea:ff:9a:3b:b9:d2:1a:d6:27:
72:aa:ad:cc:5d:5e:f8:96:62:3a:69:02:da:c3:2d:
a4:71:ba:d2:06:13:9c:b6:8e:f8:18:84:6d:36:43:
29:cb:06:a4:9b:64:54:f4:d0:c4:75:83:21:94:d8:
c2:b0:53:2b:62:2d:1b:f3:e6:88:e0:64:a0:3b:14:
d0:86:d7:3e:71:54:f9:8a:ae:e0:46:2d:e3:b3:81:
3a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:A8:53:00:EF:34:88:57:DB:C1:EF:BC:DF:70:99:C7:5D:BB:CF:A6
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/7KhTAO80iFfbwe-833CZx127z6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.24.0/22
46.151.32.0/22
77.36.2.0-77.36.7.255
77.36.54.0/23
77.36.57.0/24
77.36.60.0/24
77.36.65.0/24
77.36.68.0/22
91.218.252.0/22
91.223.158.0/24
91.228.119.0/24
91.229.6.0/24
91.232.20.0/24
91.232.254.0/24
91.236.77.0/24
91.236.237.0/24
91.237.48.0/24
91.239.222.0/23
91.246.184.0/22
93.120.12.0/22
93.120.36.0-93.120.38.255
93.120.46.0/24
93.120.74.0/24
93.120.120.0/22
176.96.48.0/22
176.96.93.0/24
176.107.72.0/21
176.110.107.0/24
176.110.112.0/23
178.159.147.0/24
188.191.252.0/22
Signature Algorithm: sha256WithRSAEncryption
32:af:c0:d6:2e:d1:4c:ac:54:4d:7b:18:1e:b3:72:4e:a6:ac:
95:6e:35:56:9d:93:1f:d9:98:f8:06:3e:1b:6a:bd:b2:37:95:
41:7b:dd:5a:ee:be:26:67:a1:78:72:e1:14:20:3d:cb:d6:aa:
2d:cf:74:b0:ca:b7:32:12:ca:72:d5:31:72:d4:15:18:f7:8c:
8a:81:6e:83:b0:2c:61:59:34:56:31:10:c8:db:7c:22:f3:28:
a3:aa:5b:2f:d8:19:f9:e0:89:fe:1d:03:4b:d2:11:36:09:a6:
46:77:0b:63:4f:ee:c7:48:96:b5:20:13:2b:9c:57:52:ce:81:
31:28:a1:cd:11:be:ef:5a:88:ca:19:48:aa:ab:db:21:b5:91:
a9:27:15:82:5d:d9:48:5e:ca:df:30:22:ad:80:46:4c:1d:5c:
06:73:8e:55:03:a3:50:13:e1:e6:68:12:a5:bb:75:3c:ef:8b:
d7:87:82:bb:31:06:f8:f1:0d:a0:af:5e:2f:2b:64:0e:7d:ea:
81:56:14:02:d3:f1:f7:6b:3c:7d:98:c3:72:a7:03:07:5f:bd:
72:82:0e:2b:27:df:1c:7a:3a:07:12:a3:05:01:49:27:1b:81:
e9:97:61:c7:b2:ce:71:27:30:f1:74:ae:19:64:ba:eb:a7:85:
33:1b:02:42
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAZLTvukkQOh+m/aF5wyYQFtFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQxMDI4MTUyOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2E4NTMwMGVmMzQ4ODU3ZGJjMWVmYmNkZjcwOTljNzVkYmJjZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVBOknNo6Mmhi587aP2Ol/hJAt0R
AB3O7MuFCqEgbkf0ZBBotHpD9hqHB/LLirWK1zyfLHWivw7D+7YWpcLVZrf21uyE
nj3vNWlOE27qwCX/cAj7WnmnerLMkZG79mBjtiq2mthT1+s3CeVRfzg+x1ChklKv
seJxJNwRfpVQ/Tq8rIS9CrKlvwUkRUSgQpOHmodkLGmw1JR9ANhUGkTQHNlv8ocW
mc+Wph/q/5o7udIa1idyqq3MXV74lmI6aQLawy2kcbrSBhOcto74GIRtNkMpywak
m2RU9NDEdYMhlNjCsFMrYi0b8+aI4GSgOxTQhtc+cVT5iq7gRi3js4E69wIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFOyoUwDvNIhX28HvvN9wmcddu8+mMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvN0toVEFPODBpRmZid2UtODMzQ1p4MTI3ejZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBAIf
hRgDBAIulyAwDAMEAU0kAgMEA00kAAMEAU0kNgMEAE0kOQMEAE0kPAMEAE0kQQME
Ak0kRAMEAlva/AMEAFvfngMEAFvkdwMEAFvlBgMEAFvoFAMEAFvo/gMEAFvsTQME
AFvs7QMEAFvtMAMEAVvv3gMEAlv2uAMEAl14DDAMAwQCXXgkAwQAXXgmAwQAXXgu
AwQAXXhKAwQCXXh4AwQCsGAwAwQAsGBdAwQDsGtIAwQAsG5rAwQBsG5wAwQAsp+T
AwQCvL/8MA0GCSqGSIb3DQEBCwUAA4IBAQAyr8DWLtFMrFRNexges3JOpqyVbjVW
nZMf2Zj4Bj4bar2yN5VBe91a7r4mZ6F4cuEUID3L1qotz3SwyrcyEspy1TFy1BUY
94yKgW6DsCxhWTRWMRDI23wi8yijqlsv2Bn54In+HQNL0hE2CaZGdwtjT+7HSJa1
IBMrnFdSzoExKKHNEb7vWojKGUiqq9shtZGpJxWCXdlIXsrfMCKtgEZMHVwGc45V
A6NQE+HmaBKlu3U874vXh4K7MQb48Q2gr14vK2QOfeqBVhQC0/H3azx9mMNypwMH
X71ygg4rJ98cejoHEqMFAUknG4Hpl2HHss5xJzDxdK4ZZLrrp4UzGwJC
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:04 2024 by rpki-client on console-ams.rpki-client.org