Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/V17jz5R-arXrNIGEQU-bV_-V6uY.roa
File: V17jz5R-arXrNIGEQU-bV_-V6uY.roa (raw, json)
Hash identifier: z8veVHEgC3FX6ZHW9MbQUN79lseLf+LnyMDP3+fPSOs=
Subject key identifier: 57:5E:E3:CF:94:7E:6A:B5:EB:34:81:84:41:4F:9B:57:FF:95:EA:E6
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 018CC3B744108877DDDF384D7BAA3160D316
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/V17jz5R-arXrNIGEQU-bV_-V6uY.roa
Signing time: Mon 01 Jan 2024 06:30:16 +0000
ROA not before: Mon 01 Jan 2024 06:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28769
IP address blocks: 31.216.160.0/22 maxlen: 24
31.216.164.0/23 maxlen: 23
31.216.166.0/24 maxlen: 24
31.216.168.0/23 maxlen: 23
31.216.172.0/22 maxlen: 22
31.216.171.0/24 maxlen: 24
31.216.167.0/24 maxlen: 24
46.166.65.0/24 maxlen: 24
46.166.66.0/24 maxlen: 24
46.166.67.0/24 maxlen: 24
46.166.78.0/24 maxlen: 24
80.240.36.0/23 maxlen: 23
80.240.35.0/24 maxlen: 24
80.240.32.0/24 maxlen: 24
80.240.33.0/24 maxlen: 24
80.240.34.0/24 maxlen: 24
80.240.44.0/24 maxlen: 24
80.240.47.0/24 maxlen: 24
46.166.79.0/24 maxlen: 24
46.166.84.0/23 maxlen: 23
46.166.91.0/24 maxlen: 24
46.166.86.0/24 maxlen: 24
46.166.87.0/24 maxlen: 24
46.166.88.0/23 maxlen: 24
46.166.92.0/24 maxlen: 24
46.166.93.0/24 maxlen: 24
46.166.94.0/24 maxlen: 24
46.166.98.0/24 maxlen: 24
46.166.99.0/24 maxlen: 24
46.166.104.0/22 maxlen: 22
46.166.112.0/23 maxlen: 23
46.166.114.0/24 maxlen: 24
46.166.116.0/22 maxlen: 22
46.166.120.0/21 maxlen: 21
93.188.215.0/24 maxlen: 24
93.188.208.0/23 maxlen: 23
93.188.210.0/24 maxlen: 24
46.182.131.0/24 maxlen: 24
46.182.132.0/22 maxlen: 22
46.182.128.0/22 maxlen: 22
2a06:e0c3::/32 maxlen: 32
2a06:e0c1::/32 maxlen: 32
2a06:e0c0::/32 maxlen: 32
2a06:e0c2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.mft
rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:44:10:88:77:dd:df:38:4d:7b:aa:31:60:d3:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: Jan 1 06:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=575ee3cf947e6ab5eb348184414f9b57ff95eae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:49:50:55:e1:7c:40:f7:cf:57:57:7a:37:b5:
da:6c:3a:ce:c9:67:70:aa:f5:db:c7:9b:db:86:92:
b4:54:67:c5:50:19:1b:3f:c7:9b:d6:18:7f:84:8e:
2f:b2:96:c7:93:4c:a1:3a:80:69:7c:86:21:d0:54:
fa:08:25:0d:de:96:67:ef:bc:98:f2:38:4d:52:29:
92:3b:6b:a4:61:3c:39:42:31:7b:6b:90:31:f2:61:
ae:ab:8b:ab:4f:a1:f0:8f:4e:9e:b5:5d:83:42:fc:
20:89:12:f9:c7:8f:8e:d1:f6:6e:e8:8d:cf:e7:9f:
de:74:14:63:66:a3:37:12:9c:d7:3f:5c:50:5e:b1:
f6:38:92:56:54:f7:33:2a:78:a2:88:e4:af:4f:9b:
2a:3c:d6:41:e1:d8:75:d9:09:8f:46:73:06:98:07:
9b:f6:02:60:ea:7f:f6:f7:16:b6:3a:e3:9e:70:5f:
d6:5b:81:d1:53:77:ff:4f:65:aa:55:3f:06:a3:8a:
2e:7d:12:c5:e4:3c:9f:e0:df:9d:86:34:7d:7c:fc:
38:76:1d:10:58:74:0b:fa:b4:4d:87:db:a5:66:71:
de:4c:df:e5:ec:14:8c:e1:9e:98:85:b0:dc:34:71:
b7:57:e7:e5:dc:23:c0:b3:68:df:a6:c3:9a:90:66:
29:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:5E:E3:CF:94:7E:6A:B5:EB:34:81:84:41:4F:9B:57:FF:95:EA:E6
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/V17jz5R-arXrNIGEQU-bV_-V6uY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.160.0-31.216.169.255
31.216.171.0-31.216.175.255
46.166.65.0-46.166.67.255
46.166.78.0/23
46.166.84.0-46.166.89.255
46.166.91.0-46.166.94.255
46.166.98.0/23
46.166.104.0/22
46.166.112.0-46.166.114.255
46.166.116.0-46.166.127.255
46.182.128.0/21
80.240.32.0-80.240.37.255
80.240.44.0/24
80.240.47.0/24
93.188.208.0-93.188.210.255
93.188.215.0/24
IPv6:
2a06:e0c0::/30
Signature Algorithm: sha256WithRSAEncryption
0d:09:9b:a3:a1:e9:db:45:6e:c1:5a:81:d9:4d:0d:4b:20:f6:
2f:b4:98:1d:02:32:1e:fb:6d:e7:dc:36:45:28:ce:32:ad:d9:
72:1f:87:01:2a:73:51:20:4b:4a:84:55:f6:f7:35:a0:3c:4f:
c3:ff:d1:57:49:e4:43:69:70:28:07:e4:e6:84:db:cb:d6:e4:
99:c1:af:de:8a:e3:0b:07:25:fb:fa:98:6e:5c:c8:4b:9f:5c:
98:d2:58:10:02:32:e7:d6:6c:7d:ae:84:02:34:27:bf:97:46:
c9:9a:fc:82:5d:bd:f7:f2:02:bc:27:65:bc:b2:95:00:3f:a4:
18:e1:74:d9:e1:0d:91:15:26:82:b5:f2:58:dc:25:c6:56:5b:
0a:5a:58:98:75:01:38:e8:81:2a:60:95:65:e3:8a:83:09:d6:
0d:58:70:51:78:af:c9:7b:1a:e3:a5:7b:60:2f:68:78:45:a3:
8b:c1:95:bc:b0:89:6a:8d:84:78:b4:2a:4b:7b:46:64:21:f3:
b6:bb:f7:a4:90:01:9b:f7:1c:58:48:44:37:94:96:d1:df:67:
bb:ee:36:86:86:34:17:da:58:34:c6:57:0c:d0:ec:dd:ad:f9:
98:6c:d9:3c:84:82:2b:9d:d7:7e:35:56:35:27:4c:37:1c:29:
9c:9b:c5:43
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYzDt0QQiHfd3zhNe6oxYNMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYWM4MzBjY2FhNzQ3ODNkZDk2MWZhYjI0MWEyMjhkN2Nj
NmY4MDgwHhcNMjQwMTAxMDYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzVlZTNjZjk0N2U2YWI1ZWIzNDgxODQ0MTRmOWI1N2ZmOTVlYWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlklQVeF8QPfPV1d6N7XabDrOyWdw
qvXbx5vbhpK0VGfFUBkbP8eb1hh/hI4vspbHk0yhOoBpfIYh0FT6CCUN3pZn77yY
8jhNUimSO2ukYTw5QjF7a5Ax8mGuq4urT6Hwj06etV2DQvwgiRL5x4+O0fZu6I3P
55/edBRjZqM3EpzXP1xQXrH2OJJWVPczKniiiOSvT5sqPNZB4dh12QmPRnMGmAeb
9gJg6n/29xa2OuOecF/WW4HRU3f/T2WqVT8Go4oufRLF5Dyf4N+dhjR9fPw4dh0Q
WHQL+rRNh9ulZnHeTN/l7BSM4Z6YhbDcNHG3V+fl3CPAs2jfpsOakGYpfQIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFFde48+Ufmq16zSBhEFPm1f/lermMB8GA1UdIwQY
MBaAFK2sgwzKp0eD3ZYfqyQaIo18xvgIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgt
OTI5ZjdkNjM1ZjRiLzEvVjE3ano1Ui1hclhyTklHRVFVLWJWXy1WNnVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgtOTI5ZjdkNjM1ZjRi
LzEvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBrwQCAAEwgagwDAME
BR/YoAMEAR/YqDAMAwQAH9irAwQEH9igMAwDBAAupkEDBAIupkADBAEupk4wDAME
Ai6mVAMEAS6mWDAMAwQALqZbAwQALqZeAwQBLqZiAwQCLqZoMAwDBAQupnADBAAu
pnIwDAMEAi6mdAMEBy6mAAMEAy62gDAMAwQFUPAgAwQBUPAkAwQAUPAsAwQAUPAv
MAwDBARdvNADBABdvNIDBABdvNcwDQQCAAIwBwMFAioG4MAwDQYJKoZIhvcNAQEL
BQADggEBAA0Jm6Oh6dtFbsFagdlNDUsg9i+0mB0CMh77befcNkUozjKt2XIfhwEq
c1EgS0qEVfb3NaA8T8P/0VdJ5ENpcCgH5OaE28vW5JnBr96K4wsHJfv6mG5cyEuf
XJjSWBACMufWbH2uhAI0J7+XRsma/IJdvffyArwnZbyylQA/pBjhdNnhDZEVJoK1
8ljcJcZWWwpaWJh1ATjogSpglWXjioMJ1g1YcFF4r8l7GuOle2AvaHhFo4vBlbyw
iWqNhHi0Kkt7RmQh87a796SQAZv3HFhIRDeUltHfZ7vuNoaGNBfaWDTGVwzQ7N2t
+Zhs2TyEgiud1341VjUnTDccKZybxUM=
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:39:11 2024 by rpki-client on console-ams.rpki-client.org