Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/nVj-feeVgSW_QqzzF-htNWYy2dE.roa
File: nVj-feeVgSW_QqzzF-htNWYy2dE.roa (raw, json)
Hash identifier: jZac3FpA5tDNvs+bDkH4ervmBo1ufoxjyE4rknKnEFY=
Subject key identifier: 9D:58:FE:7D:E7:95:81:25:BF:42:AC:F3:17:E8:6D:35:66:32:D9:D1
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018FAA237A36A148F47A6E665DC18BABD532
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/nVj-feeVgSW_QqzzF-htNWYy2dE.roa
Signing time: Fri 24 May 2024 10:26:42 +0000
ROA not before: Fri 24 May 2024 10:26:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 31.216.57.0/24 maxlen: 24
31.216.63.0/24 maxlen: 24
77.87.120.0/24 maxlen: 24
84.246.84.0/24 maxlen: 24
84.246.86.0/24 maxlen: 24
84.246.87.0/24 maxlen: 24
84.246.106.0/24 maxlen: 24
84.246.109.0/24 maxlen: 24
87.236.151.0/24 maxlen: 24
88.151.15.0/24 maxlen: 24
89.107.14.0/24 maxlen: 24
89.107.15.0/24 maxlen: 24
89.248.70.0/24 maxlen: 24
91.190.153.0/24 maxlen: 24
91.246.34.0/24 maxlen: 24
91.246.48.0/24 maxlen: 24
91.246.53.0/24 maxlen: 24
91.246.54.0/24 maxlen: 24
91.247.161.0/24 maxlen: 24
91.247.162.0/24 maxlen: 24
91.247.165.0/24 maxlen: 24
91.247.166.0/24 maxlen: 24
91.247.167.0/24 maxlen: 24
91.247.173.0/24 maxlen: 24
91.247.183.0/24 maxlen: 24
93.157.104.0/24 maxlen: 24
93.157.109.0/24 maxlen: 24
109.94.161.0/24 maxlen: 24
109.94.163.0/24 maxlen: 24
109.107.136.0/24 maxlen: 24
109.107.141.0/24 maxlen: 24
109.107.142.0/24 maxlen: 24
109.107.144.0/24 maxlen: 24
109.107.147.0/24 maxlen: 24
109.107.148.0/24 maxlen: 24
109.205.184.0/24 maxlen: 24
109.205.188.0/24 maxlen: 24
176.97.199.0/24 maxlen: 24
176.97.203.0/24 maxlen: 24
176.97.208.0/24 maxlen: 24
176.97.222.0/24 maxlen: 24
176.97.223.0/24 maxlen: 24
176.116.3.0/24 maxlen: 24
193.160.219.0/24 maxlen: 24
193.163.22.0/24 maxlen: 24
194.26.224.0/24 maxlen: 24
194.105.60.0/24 maxlen: 24
194.107.92.0/24 maxlen: 24
212.52.25.0/24 maxlen: 24
212.52.26.0/24 maxlen: 24
217.198.176.0/24 maxlen: 24
217.198.178.0/24 maxlen: 24
217.198.179.0/24 maxlen: 24
217.198.180.0/24 maxlen: 24
217.198.181.0/24 maxlen: 24
217.198.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:aa:23:7a:36:a1:48:f4:7a:6e:66:5d:c1:8b:ab:d5:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: May 24 10:26:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d58fe7de7958125bf42acf317e86d356632d9d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b3:ca:2b:5d:7c:9a:33:5f:3f:6e:65:98:87:
e9:6a:40:b1:d1:fa:96:95:7b:ab:73:43:c3:c4:31:
56:9e:70:79:85:21:f8:cd:c4:3b:f8:b8:36:5e:d6:
a4:81:c2:47:35:93:11:ab:58:87:f2:7b:02:5b:ce:
75:fd:04:19:4e:ad:6b:59:b6:6a:8a:60:88:f6:67:
fe:c0:d6:b0:9f:9d:a6:33:88:a5:af:0d:e4:52:2f:
64:51:bf:80:56:40:2a:88:3a:81:9a:ac:e9:ac:a3:
39:57:91:5a:be:69:25:11:66:1c:09:4d:e6:61:d9:
3c:97:c8:d0:9c:54:60:de:db:7e:cb:99:91:3b:18:
da:4c:dd:d9:39:3e:08:e8:fa:ca:7f:1c:c4:75:d5:
a8:ad:aa:85:70:53:54:32:52:44:fb:78:4d:ee:15:
fe:14:26:f0:e6:9a:b2:c0:b7:12:4c:6e:54:54:38:
55:6f:ad:a4:33:74:ab:de:96:cb:49:2a:07:b9:41:
a7:4e:05:b1:9e:33:1e:b7:79:ef:4d:5e:ef:4c:57:
39:67:d0:16:a2:43:f9:a2:94:de:76:67:a3:b3:f7:
18:4b:ea:82:61:f8:62:bb:34:f8:de:ca:40:a3:f6:
f6:50:af:22:81:b2:2d:9d:61:aa:5f:97:4c:f1:1b:
e1:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:58:FE:7D:E7:95:81:25:BF:42:AC:F3:17:E8:6D:35:66:32:D9:D1
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/nVj-feeVgSW_QqzzF-htNWYy2dE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.57.0/24
31.216.63.0/24
77.87.120.0/24
84.246.84.0/24
84.246.86.0/23
84.246.106.0/24
84.246.109.0/24
87.236.151.0/24
88.151.15.0/24
89.107.14.0/23
89.248.70.0/24
91.190.153.0/24
91.246.34.0/24
91.246.48.0/24
91.246.53.0-91.246.54.255
91.247.161.0-91.247.162.255
91.247.165.0-91.247.167.255
91.247.173.0/24
91.247.183.0/24
93.157.104.0/24
93.157.109.0/24
109.94.161.0/24
109.94.163.0/24
109.107.136.0/24
109.107.141.0-109.107.142.255
109.107.144.0/24
109.107.147.0-109.107.148.255
109.205.184.0/24
109.205.188.0/24
176.97.199.0/24
176.97.203.0/24
176.97.208.0/24
176.97.222.0/23
176.116.3.0/24
193.160.219.0/24
193.163.22.0/24
194.26.224.0/24
194.105.60.0/24
194.107.92.0/24
212.52.25.0-212.52.26.255
217.198.176.0/24
217.198.178.0-217.198.182.255
Signature Algorithm: sha256WithRSAEncryption
77:b5:cc:0a:24:f6:9c:e3:7a:a8:6b:a8:f9:41:c2:52:57:54:
33:c2:d6:13:91:25:b3:52:75:b5:0d:1e:f1:94:f0:94:62:3e:
91:b2:be:6e:57:4f:42:39:3b:b8:dc:ad:67:4c:87:5b:8c:0b:
8d:89:a6:f6:96:79:97:ee:98:28:a0:4e:59:80:80:3a:f0:de:
3a:50:72:59:10:01:a6:cd:b2:77:71:77:b3:59:c7:d1:3e:3f:
a7:c5:3d:02:25:10:77:8f:3c:05:13:b8:73:7f:32:17:d3:9c:
97:bf:1f:bc:18:c2:af:4c:7d:b6:5d:f3:84:a9:67:77:ea:34:
c1:83:9f:32:e0:56:2d:de:8c:20:44:25:c9:a4:24:f6:1a:41:
e7:08:ae:cb:12:ef:1b:9e:ef:b9:93:35:31:9a:cb:0b:f8:04:
8d:42:50:b4:07:e1:a7:0a:6c:77:17:ba:d9:ec:01:48:2d:27:
40:b5:1b:1f:80:43:ec:6a:0b:5e:f5:1d:59:ef:69:02:0e:84:
ae:81:14:6f:49:2d:8c:e5:2d:8d:f7:a3:79:a6:23:7f:d1:fe:
04:d1:80:ef:e4:d0:70:53:61:4c:90:30:a8:ca:e6:53:f4:99:
bd:2b:d9:dc:29:c8:30:1f:3d:3c:46:18:5c:86:2a:ea:19:53:
25:64:24:78
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgISAY+qI3o2oUj0em5mXcGLq9UyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwNTI0MTAyNjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDU4ZmU3ZGU3OTU4MTI1YmY0MmFjZjMxN2U4NmQzNTY2MzJkOWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7PKK118mjNfP25lmIfpakCx0fqW
lXurc0PDxDFWnnB5hSH4zcQ7+Lg2XtakgcJHNZMRq1iH8nsCW851/QQZTq1rWbZq
imCI9mf+wNawn52mM4ilrw3kUi9kUb+AVkAqiDqBmqzprKM5V5FavmklEWYcCU3m
Ydk8l8jQnFRg3tt+y5mROxjaTN3ZOT4I6PrKfxzEddWoraqFcFNUMlJE+3hN7hX+
FCbw5pqywLcSTG5UVDhVb62kM3Sr3pbLSSoHuUGnTgWxnjMet3nvTV7vTFc5Z9AW
okP5opTedmejs/cYS+qCYfhiuzT43spAo/b2UK8igbItnWGqX5dM8RvhVQIDAQAB
o4IDQTCCAz0wHQYDVR0OBBYEFJ1Y/n3nlYElv0Ks8xfobTVmMtnRMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvblZqLWZlZVZnU1dfUXF6ekYtaHROV1l5MmRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVQYIKwYBBQUHAQcBAf8EggFEMIIBQDCCATwEAgABMIIB
NAMEAB/YOQMEAB/YPwMEAE1XeAMEAFT2VAMEAVT2VgMEAFT2agMEAFT2bQMEAFfs
lwMEAFiXDwMEAVlrDgMEAFn4RgMEAFu+mQMEAFv2IgMEAFv2MDAMAwQAW/Y1AwQA
W/Y2MAwDBABb96EDBABb96IwDAMEAFv3pQMEA1v3oAMEAFv3rQMEAFv3twMEAF2d
aAMEAF2dbQMEAG1eoQMEAG1eowMEAG1riDAMAwQAbWuNAwQAbWuOAwQAbWuQMAwD
BABta5MDBABta5QDBABtzbgDBABtzbwDBACwYccDBACwYcsDBACwYdADBAGwYd4D
BACwdAMDBADBoNsDBADBoxYDBADCGuADBADCaTwDBADCa1wwDAMEANQ0GQMEANQ0
GgMEANnGsDAMAwQB2cayAwQA2ca2MA0GCSqGSIb3DQEBCwUAA4IBAQB3tcwKJPac
43qoa6j5QcJSV1QzwtYTkSWzUnW1DR7xlPCUYj6Rsr5uV09COTu43K1nTIdbjAuN
iab2lnmX7pgooE5ZgIA68N46UHJZEAGmzbJ3cXezWcfRPj+nxT0CJRB3jzwFE7hz
fzIX05yXvx+8GMKvTH22XfOEqWd36jTBg58y4FYt3owgRCXJpCT2GkHnCK7LEu8b
nu+5kzUxmssL+ASNQlC0B+GnCmx3F7rZ7AFILSdAtRsfgEPsagte9R1Z72kCDoSu
gRRvSS2M5S2N96N5piN/0f4E0YDv5NBwU2FMkDCoyuZT9Jm9K9ncKcgwHz08Rhhc
hirqGVMlZCR4
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:08:47 2024 by rpki-client on console-ams.rpki-client.org