Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/MYFTRrLKOKuR4a8j7AOuAEk9KlM.roa
File: MYFTRrLKOKuR4a8j7AOuAEk9KlM.roa (raw, json)
Hash identifier: 4UqNL3oW9GFCDOjwnERvRA3TqH5bG+3uLIAKT7dzOUk=
Subject key identifier: 31:81:53:46:B2:CA:38:AB:91:E1:AF:23:EC:03:AE:00:49:3D:2A:53
Certificate issuer: /CN=ca96218c20efd8fe53fca9990b725dd7963c885c
Certificate serial: 0192A2082A8CC1FB6CB134C62642B608F6F8
Authority key identifier: CA:96:21:8C:20:EF:D8:FE:53:FC:A9:99:0B:72:5D:D7:96:3C:88:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/MYFTRrLKOKuR4a8j7AOuAEk9KlM.roa
Signing time: Fri 18 Oct 2024 23:48:16 +0000
ROA not before: Fri 18 Oct 2024 23:48:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25145
IP address blocks: 31.40.240.0/24 maxlen: 24
31.40.242.0/24 maxlen: 24
77.92.96.0/24 maxlen: 24
77.92.97.0/24 maxlen: 24
77.92.98.0/24 maxlen: 24
77.92.99.0/24 maxlen: 24
77.92.100.0/24 maxlen: 24
77.92.101.0/24 maxlen: 24
77.92.102.0/24 maxlen: 24
77.92.103.0/24 maxlen: 24
77.92.104.0/24 maxlen: 24
77.92.105.0/24 maxlen: 24
77.92.106.0/24 maxlen: 24
77.92.107.0/24 maxlen: 24
77.92.108.0/24 maxlen: 24
77.92.109.0/24 maxlen: 24
77.92.110.0/24 maxlen: 24
77.92.111.0/24 maxlen: 24
77.92.112.0/24 maxlen: 24
77.92.113.0/24 maxlen: 24
77.92.114.0/24 maxlen: 24
77.92.115.0/24 maxlen: 24
77.92.116.0/24 maxlen: 24
77.92.117.0/24 maxlen: 24
77.92.118.0/24 maxlen: 24
77.92.119.0/24 maxlen: 24
77.92.120.0/24 maxlen: 24
77.92.121.0/24 maxlen: 24
77.92.122.0/24 maxlen: 24
77.92.123.0/24 maxlen: 24
77.92.124.0/24 maxlen: 24
77.92.125.0/24 maxlen: 24
77.92.126.0/24 maxlen: 24
77.92.127.0/24 maxlen: 24
185.115.208.0/24 maxlen: 24
185.115.210.0/24 maxlen: 24
185.115.211.0/24 maxlen: 24
213.144.96.0/24 maxlen: 24
213.144.97.0/24 maxlen: 24
213.144.98.0/24 maxlen: 24
213.144.99.0/24 maxlen: 24
213.144.100.0/24 maxlen: 24
213.144.101.0/24 maxlen: 24
213.144.103.0/24 maxlen: 24
213.144.104.0/24 maxlen: 24
213.144.105.0/24 maxlen: 24
213.144.106.0/24 maxlen: 24
213.144.107.0/24 maxlen: 24
213.144.108.0/24 maxlen: 24
213.144.109.0/24 maxlen: 24
213.144.110.0/24 maxlen: 24
213.144.111.0/24 maxlen: 24
213.144.112.0/24 maxlen: 24
213.144.113.0/24 maxlen: 24
213.144.114.0/24 maxlen: 24
213.144.115.0/24 maxlen: 24
213.144.116.0/24 maxlen: 24
213.144.117.0/24 maxlen: 24
213.144.118.0/24 maxlen: 24
213.144.119.0/24 maxlen: 24
213.144.120.0/24 maxlen: 24
213.144.121.0/24 maxlen: 24
213.144.122.0/24 maxlen: 24
213.144.123.0/24 maxlen: 24
213.144.124.0/24 maxlen: 24
213.144.125.0/24 maxlen: 24
213.144.126.0/24 maxlen: 24
213.144.127.0/24 maxlen: 24
2a02:ac80::/29 maxlen: 29
2a02:ac80::/32 maxlen: 32
2a02:ac80:10::/48 maxlen: 48
2a02:ac80:20::/48 maxlen: 48
2a02:ac80:30::/48 maxlen: 48
2a02:ac80:40::/48 maxlen: 48
2a02:ac80:50::/48 maxlen: 48
2a02:ac80:60::/48 maxlen: 48
2a02:ac80:70::/48 maxlen: 48
2a02:ac80:a0::/48 maxlen: 48
2a02:ac80:b0::/48 maxlen: 48
2a02:ac80:c0::/48 maxlen: 48
2a02:ac80:d0::/48 maxlen: 48
2a02:ac80:e0::/48 maxlen: 48
2a02:ac80:f0::/48 maxlen: 48
2a02:ac80:100::/48 maxlen: 48
2a02:ac80:200::/48 maxlen: 48
2a02:ac80:300::/48 maxlen: 48
2a02:ac80:400::/48 maxlen: 48
2a02:ac80:500::/48 maxlen: 48
2a02:ac80:600::/48 maxlen: 48
2a02:ac80:700::/48 maxlen: 48
2a02:ac80:a00::/48 maxlen: 48
2a02:ac80:b00::/48 maxlen: 48
2a02:ac80:c00::/48 maxlen: 48
2a02:ac80:d00::/48 maxlen: 48
2a02:ac80:e00::/48 maxlen: 48
2a02:ac80:f00::/48 maxlen: 48
2a02:ac80:1000::/48 maxlen: 48
2a02:ac80:2000::/48 maxlen: 48
2a02:ac80:3000::/48 maxlen: 48
2a02:ac80:4000::/48 maxlen: 48
2a02:ac80:5000::/48 maxlen: 48
2a02:ac80:6000::/48 maxlen: 48
2a02:ac80:7000::/48 maxlen: 48
2a02:ac80:7370::/48 maxlen: 48
2a02:ac80:a000::/48 maxlen: 48
2a02:ac80:b000::/48 maxlen: 48
2a02:ac80:c000::/48 maxlen: 48
2a02:ac80:d000::/48 maxlen: 48
2a02:ac80:e000::/48 maxlen: 48
2a02:ac80:f000::/48 maxlen: 48
2a02:ac81::/32 maxlen: 32
2a02:ac82::/32 maxlen: 32
2a02:ac83::/32 maxlen: 32
2a02:ac84::/32 maxlen: 32
2a02:ac85::/32 maxlen: 32
2a02:ac86::/32 maxlen: 32
2a02:ac87::/32 maxlen: 32
2a02:ac87:5900::/48 maxlen: 48
2a02:ac87:59cb::/48 maxlen: 48
2a02:ac87:ac87::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a2:08:2a:8c:c1:fb:6c:b1:34:c6:26:42:b6:08:f6:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca96218c20efd8fe53fca9990b725dd7963c885c
Validity
Not Before: Oct 18 23:48:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31815346b2ca38ab91e1af23ec03ae00493d2a53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:04:2e:db:19:c9:72:1d:d2:39:0f:aa:9e:28:
0e:70:fe:1e:35:aa:75:c0:b6:c4:0e:c8:d2:82:d7:
52:cd:b3:32:67:5b:ab:40:58:d7:62:7f:9e:73:39:
db:bd:41:13:57:6b:11:17:52:88:31:fc:06:3a:7e:
49:ac:c4:a4:4e:e4:f5:a7:5b:a5:76:5d:23:61:64:
0e:d0:2b:80:ff:39:ed:f5:2c:79:b0:df:1b:e7:89:
9b:fe:ec:00:d5:55:4b:10:ff:ae:ec:86:f9:5b:c4:
ea:57:a4:6f:e0:64:12:3f:ab:7e:cf:2c:3f:39:fe:
35:dd:3d:f1:0f:ec:e9:27:7c:f3:2a:1c:6f:32:a2:
c1:1b:19:99:52:e1:8b:1e:42:ca:1b:8e:50:95:4e:
0a:aa:c7:f6:5c:bc:2e:a7:95:6b:de:e9:ae:c9:6e:
d4:cc:54:6e:d1:18:d9:eb:e7:b0:86:cc:23:c9:3b:
44:93:2a:f3:69:5a:da:0b:b7:ba:97:fb:cf:2a:15:
66:b6:19:1f:11:e5:c7:ae:44:05:11:2c:75:3f:89:
4d:95:b5:86:54:0d:d6:50:59:0f:dc:6c:01:21:51:
86:76:0d:3f:14:1e:3d:05:97:f9:ce:79:ef:cc:6f:
3c:65:83:7e:46:63:d8:95:05:1c:7a:2b:02:90:cb:
02:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:81:53:46:B2:CA:38:AB:91:E1:AF:23:EC:03:AE:00:49:3D:2A:53
X509v3 Authority Key Identifier:
keyid:CA:96:21:8C:20:EF:D8:FE:53:FC:A9:99:0B:72:5D:D7:96:3C:88:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/MYFTRrLKOKuR4a8j7AOuAEk9KlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.240.0/24
31.40.242.0/24
77.92.96.0/19
185.115.208.0/24
185.115.210.0/23
213.144.96.0-213.144.101.255
213.144.103.0-213.144.127.255
IPv6:
2a02:ac80::/29
Signature Algorithm: sha256WithRSAEncryption
2e:e4:8b:24:09:f9:3c:61:35:98:6d:4a:d0:68:46:3f:cf:b6:
5e:13:5d:dd:db:8f:75:43:78:ec:22:e4:80:26:39:ea:cd:10:
c6:ff:47:ca:f7:e3:2c:eb:99:06:22:00:76:3e:e5:8a:ab:79:
f0:a0:ea:d6:89:1f:17:30:56:f2:b5:6a:84:eb:32:3d:8b:08:
b2:52:84:c1:70:61:81:b0:1a:2e:6d:4e:cd:ff:79:2f:9f:ac:
14:c5:84:ae:36:16:9d:bc:48:38:5b:d6:ac:f1:32:41:9e:f8:
21:01:8e:c6:fd:c2:28:b8:4f:80:9f:1b:99:2b:10:a1:c7:5e:
3a:50:72:0d:cd:0b:2d:0f:e5:17:78:71:a2:15:d8:ae:33:c9:
f7:94:b5:2d:64:76:98:47:de:99:58:a3:80:bc:b2:47:5d:6c:
10:93:9d:a8:3e:e8:6b:9a:5f:e0:b3:04:46:fc:83:12:0b:dd:
dc:2f:31:7a:88:1d:0f:4d:81:55:0f:0b:96:3a:44:b9:a4:6e:
37:da:18:16:d3:cd:a6:c8:e5:eb:02:7f:45:41:b1:49:8a:c9:
c6:f5:40:20:94:19:cc:de:2e:e7:63:48:9f:3f:f2:21:32:fb:
3a:6e:99:6e:88:b1:38:eb:1a:e2:f4:ee:74:4f:eb:8d:90:31:
cd:c5:f3:e2
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZKiCCqMwftssTTGJkK2CPb4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTYyMThjMjBlZmQ4ZmU1M2ZjYTk5OTBiNzI1ZGQ3OTYz
Yzg4NWMwHhcNMjQxMDE4MjM0ODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTgxNTM0NmIyY2EzOGFiOTFlMWFmMjNlYzAzYWUwMDQ5M2QyYTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwQu2xnJch3SOQ+qnigOcP4eNap1
wLbEDsjSgtdSzbMyZ1urQFjXYn+ecznbvUETV2sRF1KIMfwGOn5JrMSkTuT1p1ul
dl0jYWQO0CuA/znt9Sx5sN8b54mb/uwA1VVLEP+u7Ib5W8TqV6Rv4GQSP6t+zyw/
Of413T3xD+zpJ3zzKhxvMqLBGxmZUuGLHkLKG45QlU4Kqsf2XLwup5Vr3umuyW7U
zFRu0RjZ6+ewhswjyTtEkyrzaVraC7e6l/vPKhVmthkfEeXHrkQFESx1P4lNlbWG
VA3WUFkP3GwBIVGGdg0/FB49BZf5znnvzG88ZYN+RmPYlQUceisCkMsCBQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFDGBU0ayyjirkeGvI+wDrgBJPSpTMB8GA1UdIwQY
MBaAFMqWIYwg79j+U/ypmQtyXdeWPIhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBZaGpDRHYyUDVUX0ttWkMzSmQxNVk4aUZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC85NzU1ZDUtN2YwYi00MjdmLWFmZTAt
ZDcxMmQ0NzM4MDQ2LzEvTVlGVFJyTEtPS3VSNGE4ajdBT3VBRWs5S2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC85NzU1ZDUtN2YwYi00MjdmLWFmZTAtZDcxMmQ0NzM4MDQ2
LzEveXBZaGpDRHYyUDVUX0ttWkMzSmQxNVk4aUZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBABAIAATA6AwQAHyjwAwQA
HyjyAwQFTVxgAwQAuXPQAwQBuXPSMAwDBAXVkGADBAHVkGQwDAMEANWQZwMEB9WQ
ADANBAIAAjAHAwUDKgKsgDANBgkqhkiG9w0BAQsFAAOCAQEALuSLJAn5PGE1mG1K
0GhGP8+2XhNd3duPdUN47CLkgCY56s0Qxv9HyvfjLOuZBiIAdj7liqt58KDq1okf
FzBW8rVqhOsyPYsIslKEwXBhgbAaLm1Ozf95L5+sFMWErjYWnbxIOFvWrPEyQZ74
IQGOxv3CKLhPgJ8bmSsQocdeOlByDc0LLQ/lF3hxohXYrjPJ95S1LWR2mEfemVij
gLyyR11sEJOdqD7oa5pf4LMERvyDEgvd3C8xeogdD02BVQ8LljpEuaRuN9oYFtPN
psjl6wJ/RUGxSYrJxvVAIJQZzN4u52NInz/yITL7Om6ZboixOOsa4vTudE/rjZAx
zcXz4g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:32:46 2024 by rpki-client on console-ams.rpki-client.org