Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/869b30-fcd6-48df-8d25-bef3ba21c715/1/knr9sPH2Q0HByTqhD6fuE3uAMoA.roa
File: knr9sPH2Q0HByTqhD6fuE3uAMoA.roa (raw, json)
Hash identifier: S14amnPXEYKpc9eaDelnFlkZLmBpjTLRCUJdOlsTOgE=
Subject key identifier: 92:7A:FD:B0:F1:F6:43:41:C1:C9:3A:A1:0F:A7:EE:13:7B:80:32:80
Certificate issuer: /CN=e0c8a390dde5e1519a4bd3da754a93e988492d67
Certificate serial: 019216E524CDB003397BBC142E20E23CCF10
Authority key identifier: E0:C8:A3:90:DD:E5:E1:51:9A:4B:D3:DA:75:4A:93:E9:88:49:2D:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4MijkN3l4VGaS9PadUqT6YhJLWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/869b30-fcd6-48df-8d25-bef3ba21c715/1/knr9sPH2Q0HByTqhD6fuE3uAMoA.roa
Signing time: Sat 21 Sep 2024 23:22:48 +0000
ROA not before: Sat 21 Sep 2024 23:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61323
IP address blocks: 31.193.0.0/20 maxlen: 20
37.220.88.0/21 maxlen: 21
45.67.172.0/22 maxlen: 22
45.84.20.0/22 maxlen: 24
45.131.136.0/22 maxlen: 22
45.145.100.0/22 maxlen: 22
45.157.40.0/22 maxlen: 22
46.37.160.0/19 maxlen: 19
78.24.88.0/24 maxlen: 24
78.24.89.0/24 maxlen: 24
78.24.90.0/23 maxlen: 23
78.109.160.0/20 maxlen: 20
78.137.112.0/20 maxlen: 20
80.66.200.0/22 maxlen: 22
80.244.176.0/20 maxlen: 20
81.201.128.0/20 maxlen: 20
94.229.160.0/20 maxlen: 20
109.108.128.0/19 maxlen: 19
159.253.208.0/21 maxlen: 21
176.124.52.0/22 maxlen: 24
178.238.128.0/20 maxlen: 20
185.55.76.0/23 maxlen: 24
185.55.76.0/24 maxlen: 24
185.55.77.0/24 maxlen: 24
185.55.78.0/23 maxlen: 23
185.156.64.0/24 maxlen: 24
185.156.65.0/24 maxlen: 24
185.156.66.0/23 maxlen: 23
185.160.180.0/22 maxlen: 22
185.160.252.0/22 maxlen: 24
185.162.224.0/22 maxlen: 22
185.166.128.0/22 maxlen: 22
185.181.196.0/22 maxlen: 22
185.182.88.0/22 maxlen: 22
185.197.60.0/22 maxlen: 22
185.207.108.0/22 maxlen: 22
185.210.196.0/22 maxlen: 22
185.213.116.0/22 maxlen: 22
185.216.76.0/22 maxlen: 22
185.217.40.0/22 maxlen: 22
185.220.60.0/22 maxlen: 22
185.221.204.0/22 maxlen: 22
185.226.220.0/22 maxlen: 22
185.234.36.0/22 maxlen: 22
185.241.248.0/22 maxlen: 24
192.166.44.0/24 maxlen: 24
192.166.45.0/24 maxlen: 24
192.166.46.0/23 maxlen: 23
193.39.252.0/22 maxlen: 22
194.39.164.0/22 maxlen: 22
195.69.102.0/24 maxlen: 24
2a02:21a8::/48 maxlen: 48
2a02:21a8:1::/48 maxlen: 48
2a02:22d0::/32 maxlen: 32
2a02:22d0:c::/48 maxlen: 48
2a09:b200:6::/48 maxlen: 48
2a09:b600:5::/48 maxlen: 48
2a09:ba00:4::/48 maxlen: 48
2a0c:3dc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/869b30-fcd6-48df-8d25-bef3ba21c715/1/4MijkN3l4VGaS9PadUqT6YhJLWc.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/869b30-fcd6-48df-8d25-bef3ba21c715/1/4MijkN3l4VGaS9PadUqT6YhJLWc.mft
rsync://rpki.ripe.net/repository/DEFAULT/4MijkN3l4VGaS9PadUqT6YhJLWc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:16:e5:24:cd:b0:03:39:7b:bc:14:2e:20:e2:3c:cf:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0c8a390dde5e1519a4bd3da754a93e988492d67
Validity
Not Before: Sep 21 23:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=927afdb0f1f64341c1c93aa10fa7ee137b803280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a6:30:10:eb:b6:1a:a9:1e:f1:13:3a:92:ee:
a2:fb:e9:85:c8:31:cf:84:67:b8:6b:ff:d5:0d:48:
9c:ac:da:3d:44:5c:7a:5a:37:72:56:ee:1d:19:c7:
2f:80:99:4c:db:64:87:b6:0f:60:65:54:0c:82:b9:
5e:10:1c:e8:dd:03:f8:f5:a5:6e:94:1b:31:ff:1d:
38:ff:3e:76:52:26:db:ab:0a:fa:45:b4:84:35:b9:
3e:a2:e7:12:3d:7d:f3:bb:1e:c7:31:b5:49:71:39:
2d:11:95:dc:12:7e:df:c9:cf:41:e1:cb:96:26:a2:
53:8b:0a:b9:53:c9:9f:95:65:ea:b0:9a:be:be:04:
ea:be:b6:18:49:26:0c:93:ab:85:a6:c8:cd:22:bb:
8a:1c:3d:68:73:ba:62:a0:f8:6d:33:c6:5d:55:32:
02:da:0f:de:e4:47:07:27:52:a2:e7:e1:db:0e:c6:
f8:45:5c:f7:71:76:3b:76:ca:7b:92:51:29:bc:1e:
fb:55:70:e2:dd:82:f4:72:89:81:ad:75:8f:d6:96:
78:a9:30:07:08:e7:78:6b:f2:ae:b4:48:db:16:eb:
e4:c1:ed:07:1a:93:1c:d7:24:4b:04:9e:ae:3d:b2:
1e:e6:e4:4c:7b:a4:bd:a0:ff:c2:38:7c:7f:86:8f:
91:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:7A:FD:B0:F1:F6:43:41:C1:C9:3A:A1:0F:A7:EE:13:7B:80:32:80
X509v3 Authority Key Identifier:
keyid:E0:C8:A3:90:DD:E5:E1:51:9A:4B:D3:DA:75:4A:93:E9:88:49:2D:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MijkN3l4VGaS9PadUqT6YhJLWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/869b30-fcd6-48df-8d25-bef3ba21c715/1/knr9sPH2Q0HByTqhD6fuE3uAMoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/869b30-fcd6-48df-8d25-bef3ba21c715/1/4MijkN3l4VGaS9PadUqT6YhJLWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.0.0/20
37.220.88.0/21
45.67.172.0/22
45.84.20.0/22
45.131.136.0/22
45.145.100.0/22
45.157.40.0/22
46.37.160.0/19
78.24.88.0/22
78.109.160.0/20
78.137.112.0/20
80.66.200.0/22
80.244.176.0/20
81.201.128.0/20
94.229.160.0/20
109.108.128.0/19
159.253.208.0/21
176.124.52.0/22
178.238.128.0/20
185.55.76.0/22
185.156.64.0/22
185.160.180.0/22
185.160.252.0/22
185.162.224.0/22
185.166.128.0/22
185.181.196.0/22
185.182.88.0/22
185.197.60.0/22
185.207.108.0/22
185.210.196.0/22
185.213.116.0/22
185.216.76.0/22
185.217.40.0/22
185.220.60.0/22
185.221.204.0/22
185.226.220.0/22
185.234.36.0/22
185.241.248.0/22
192.166.44.0/22
193.39.252.0/22
194.39.164.0/22
195.69.102.0/24
IPv6:
2a02:21a8::/47
2a02:22d0::/32
2a09:b200:6::/48
2a09:b600:5::/48
2a09:ba00:4::/48
2a0c:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
d7:09:ed:37:9b:6b:72:68:dc:0d:fa:9f:2f:1d:b7:9a:3b:09:
0d:72:9f:97:13:3b:8c:ac:98:89:6a:29:07:c2:8b:bb:37:27:
c8:c9:d1:4f:76:29:ba:c1:1c:1c:08:5b:92:75:6e:de:b9:be:
c8:ac:f6:41:85:2d:02:f6:1f:52:3a:34:d5:c6:d0:a0:2e:b0:
d5:8d:7c:9a:f9:52:56:05:db:ea:a5:54:bd:9f:22:0a:8b:3f:
ef:c8:78:45:aa:25:5d:c7:17:4b:e9:c2:a5:ec:2c:22:44:7b:
7a:b7:c5:9b:1f:c1:48:cf:2c:c2:56:8c:f8:ee:1d:a3:45:35:
7f:52:08:3f:ea:21:5d:f7:61:fe:f5:05:a1:4d:c3:d2:79:af:
cd:8a:9e:56:7b:ee:c7:89:ec:4e:5d:c3:4e:2e:2e:6f:c6:d4:
ba:86:06:71:4a:af:3e:46:85:0c:d2:99:70:c2:b1:b7:35:cd:
36:79:44:1c:3b:e2:dd:6c:d1:49:1a:c4:f1:dc:9d:ad:5d:28:
b1:0c:46:8d:c6:64:5f:af:09:a2:4d:77:d9:3b:a0:ae:52:b0:
b6:b0:06:6a:c9:15:6e:7d:05:46:28:02:6b:06:cd:cf:4d:81:
bf:6d:99:85:38:da:ad:32:18:77:63:c9:3b:56:99:17:ae:1c:
8c:a2:ac:a0
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgISAZIW5STNsAM5e7wULiDiPM8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYzhhMzkwZGRlNWUxNTE5YTRiZDNkYTc1NGE5M2U5ODg0
OTJkNjcwHhcNMjQwOTIxMjMyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjdhZmRiMGYxZjY0MzQxYzFjOTNhYTEwZmE3ZWUxMzdiODAzMjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaYwEOu2Gqke8RM6ku6i++mFyDHP
hGe4a//VDUicrNo9RFx6WjdyVu4dGccvgJlM22SHtg9gZVQMgrleEBzo3QP49aVu
lBsx/x04/z52Uibbqwr6RbSENbk+oucSPX3zux7HMbVJcTktEZXcEn7fyc9B4cuW
JqJTiwq5U8mflWXqsJq+vgTqvrYYSSYMk6uFpsjNIruKHD1oc7pioPhtM8ZdVTIC
2g/e5EcHJ1Ki5+HbDsb4RVz3cXY7dsp7klEpvB77VXDi3YL0comBrXWP1pZ4qTAH
COd4a/KutEjbFuvkwe0HGpMc1yRLBJ6uPbIe5uRMe6S9oP/COHx/ho+RLwIDAQAB
o4IDQjCCAz4wHQYDVR0OBBYEFJJ6/bDx9kNBwck6oQ+n7hN7gDKAMB8GA1UdIwQY
MBaAFODIo5Dd5eFRmkvT2nVKk+mISS1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE1pamtOM2w0VkdhUzlQYWRVcVQ2WWhKTFdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS84NjliMzAtZmNkNi00OGRmLThkMjUt
YmVmM2JhMjFjNzE1LzEva25yOXNQSDJRMEhCeVRxaEQ2ZnVFM3VBTW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS84NjliMzAtZmNkNi00OGRmLThkMjUtYmVmM2JhMjFjNzE1
LzEvNE1pamtOM2w0VkdhUzlQYWRVcVQ2WWhKTFdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVgYIKwYBBQUHAQcBAf8EggFFMIIBQTCCAQMEAgABMIH8
AwQEH8EAAwQDJdxYAwQCLUOsAwQCLVQUAwQCLYOIAwQCLZFkAwQCLZ0oAwQFLiWg
AwQCThhYAwQETm2gAwQETolwAwQCUELIAwQEUPSwAwQEUcmAAwQEXuWgAwQFbWyA
AwQDn/3QAwQCsHw0AwQEsu6AAwQCuTdMAwQCuZxAAwQCuaC0AwQCuaD8AwQCuaLg
AwQCuaaAAwQCubXEAwQCubZYAwQCucU8AwQCuc9sAwQCudLEAwQCudV0AwQCudhM
AwQCudkoAwQCudw8AwQCud3MAwQCueLcAwQCueokAwQCufH4AwQCwKYsAwQCwSf8
AwQCwiekAwQAw0VmMDgEAgACMDIDBwEqAiGoAAADBQAqAiLQAwcAKgmyAAAGAwcA
Kgm2AAAFAwcAKgm6AAAEAwUDKgw9wDANBgkqhkiG9w0BAQsFAAOCAQEA1wntN5tr
cmjcDfqfLx23mjsJDXKflxM7jKyYiWopB8KLuzcnyMnRT3YpusEcHAhbknVu3rm+
yKz2QYUtAvYfUjo01cbQoC6w1Y18mvlSVgXb6qVUvZ8iCos/78h4RaolXccXS+nC
pewsIkR7erfFmx/BSM8swlaM+O4do0U1f1IIP+ohXfdh/vUFoU3D0nmvzYqeVnvu
x4nsTl3DTi4ub8bUuoYGcUqvPkaFDNKZcMKxtzXNNnlEHDvi3WzRSRrE8dydrV0o
sQxGjcZkX68Jok132TugrlKwtrAGaskVbn0FRigCawbNz02Bv22ZhTjarTIYd2PJ
O1aZF64cjKKsoA==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:44:50 2024 by rpki-client on console-fra.rpki-client.org