Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/SkNz77Dw8X9XqCXTjuYFw1HV4RU.roa
File: SkNz77Dw8X9XqCXTjuYFw1HV4RU.roa (raw, json)
Hash identifier: 0nGMt5BD4EQAYSFidBnGzLqtNmDU/k7Hlbajw/uJOuw=
Subject key identifier: 4A:43:73:EF:B0:F0:F1:7F:57:A8:25:D3:8E:E6:05:C3:51:D5:E1:15
Certificate issuer: /CN=ca96218c20efd8fe53fca9990b725dd7963c885c
Certificate serial: 018D63D89504988971CADEAA8119F86FE4BF
Authority key identifier: CA:96:21:8C:20:EF:D8:FE:53:FC:A9:99:0B:72:5D:D7:96:3C:88:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/SkNz77Dw8X9XqCXTjuYFw1HV4RU.roa
Signing time: Thu 01 Feb 2024 08:45:54 +0000
ROA not before: Thu 01 Feb 2024 08:45:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25145
IP address blocks: 31.40.240.0/24 maxlen: 24
31.40.242.0/24 maxlen: 24
77.92.96.0/24 maxlen: 24
77.92.97.0/24 maxlen: 24
77.92.98.0/24 maxlen: 24
77.92.99.0/24 maxlen: 24
77.92.100.0/24 maxlen: 24
77.92.101.0/24 maxlen: 24
77.92.102.0/24 maxlen: 24
77.92.103.0/24 maxlen: 24
77.92.104.0/24 maxlen: 24
77.92.105.0/24 maxlen: 24
77.92.106.0/24 maxlen: 24
77.92.107.0/24 maxlen: 24
77.92.108.0/24 maxlen: 24
77.92.109.0/24 maxlen: 24
77.92.110.0/24 maxlen: 24
77.92.111.0/24 maxlen: 24
77.92.112.0/24 maxlen: 24
77.92.113.0/24 maxlen: 24
77.92.114.0/24 maxlen: 24
77.92.115.0/24 maxlen: 24
77.92.116.0/24 maxlen: 24
77.92.117.0/24 maxlen: 24
77.92.118.0/24 maxlen: 24
77.92.119.0/24 maxlen: 24
77.92.120.0/24 maxlen: 24
77.92.122.0/24 maxlen: 24
77.92.123.0/24 maxlen: 24
77.92.124.0/24 maxlen: 24
77.92.125.0/24 maxlen: 24
77.92.126.0/24 maxlen: 24
77.92.127.0/24 maxlen: 24
185.115.208.0/24 maxlen: 24
185.115.210.0/24 maxlen: 24
185.115.211.0/24 maxlen: 24
213.144.96.0/24 maxlen: 24
213.144.97.0/24 maxlen: 24
213.144.98.0/24 maxlen: 24
213.144.99.0/24 maxlen: 24
213.144.101.0/24 maxlen: 24
213.144.103.0/24 maxlen: 24
213.144.104.0/24 maxlen: 24
213.144.105.0/24 maxlen: 24
213.144.106.0/24 maxlen: 24
213.144.107.0/24 maxlen: 24
213.144.108.0/24 maxlen: 24
213.144.109.0/24 maxlen: 24
213.144.110.0/24 maxlen: 24
213.144.111.0/24 maxlen: 24
213.144.112.0/24 maxlen: 24
213.144.113.0/24 maxlen: 24
213.144.114.0/24 maxlen: 24
213.144.115.0/24 maxlen: 24
213.144.116.0/24 maxlen: 24
213.144.117.0/24 maxlen: 24
213.144.118.0/24 maxlen: 24
213.144.119.0/24 maxlen: 24
213.144.120.0/24 maxlen: 24
213.144.121.0/24 maxlen: 24
213.144.122.0/24 maxlen: 24
213.144.123.0/24 maxlen: 24
213.144.124.0/24 maxlen: 24
213.144.125.0/24 maxlen: 24
213.144.126.0/24 maxlen: 24
213.144.127.0/24 maxlen: 24
2a02:ac80::/29 maxlen: 29
2a02:ac80::/32 maxlen: 32
2a02:ac80:10::/48 maxlen: 48
2a02:ac80:20::/48 maxlen: 48
2a02:ac80:30::/48 maxlen: 48
2a02:ac80:40::/48 maxlen: 48
2a02:ac80:50::/48 maxlen: 48
2a02:ac80:60::/48 maxlen: 48
2a02:ac80:70::/48 maxlen: 48
2a02:ac80:a0::/48 maxlen: 48
2a02:ac80:b0::/48 maxlen: 48
2a02:ac80:c0::/48 maxlen: 48
2a02:ac80:d0::/48 maxlen: 48
2a02:ac80:e0::/48 maxlen: 48
2a02:ac80:f0::/48 maxlen: 48
2a02:ac80:100::/48 maxlen: 48
2a02:ac80:200::/48 maxlen: 48
2a02:ac80:300::/48 maxlen: 48
2a02:ac80:400::/48 maxlen: 48
2a02:ac80:500::/48 maxlen: 48
2a02:ac80:600::/48 maxlen: 48
2a02:ac80:700::/48 maxlen: 48
2a02:ac80:a00::/48 maxlen: 48
2a02:ac80:b00::/48 maxlen: 48
2a02:ac80:c00::/48 maxlen: 48
2a02:ac80:d00::/48 maxlen: 48
2a02:ac80:e00::/48 maxlen: 48
2a02:ac80:f00::/48 maxlen: 48
2a02:ac80:1000::/48 maxlen: 48
2a02:ac80:2000::/48 maxlen: 48
2a02:ac80:3000::/48 maxlen: 48
2a02:ac80:4000::/48 maxlen: 48
2a02:ac80:5000::/48 maxlen: 48
2a02:ac80:6000::/48 maxlen: 48
2a02:ac80:7000::/48 maxlen: 48
2a02:ac80:7370::/48 maxlen: 48
2a02:ac80:a000::/48 maxlen: 48
2a02:ac80:b000::/48 maxlen: 48
2a02:ac80:c000::/48 maxlen: 48
2a02:ac80:d000::/48 maxlen: 48
2a02:ac80:e000::/48 maxlen: 48
2a02:ac80:f000::/48 maxlen: 48
2a02:ac81::/32 maxlen: 32
2a02:ac82::/32 maxlen: 32
2a02:ac83::/32 maxlen: 32
2a02:ac84::/32 maxlen: 32
2a02:ac85::/32 maxlen: 32
2a02:ac86::/32 maxlen: 32
2a02:ac87::/32 maxlen: 32
2a02:ac87:5900::/48 maxlen: 48
2a02:ac87:59cb::/48 maxlen: 48
2a02:ac87:ac87::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 05:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:63:d8:95:04:98:89:71:ca:de:aa:81:19:f8:6f:e4:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca96218c20efd8fe53fca9990b725dd7963c885c
Validity
Not Before: Feb 1 08:45:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a4373efb0f0f17f57a825d38ee605c351d5e115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d5:d5:41:4d:13:ce:3c:c5:ac:7d:89:c4:bb:
41:5b:7f:d6:1c:8a:d5:ad:25:49:24:d5:c4:3a:d9:
54:23:41:81:8e:46:d0:51:e7:e6:e9:82:19:9a:33:
a9:74:63:37:c8:1b:38:76:f8:61:eb:f7:8b:8f:d2:
d6:d0:75:6f:e7:d1:be:43:15:40:58:44:bc:a0:c1:
0b:df:ad:2d:ad:76:30:7c:a7:bb:d8:c6:ff:06:fd:
8a:77:be:f4:53:00:b6:dd:c1:44:cd:5a:e6:0c:ea:
da:df:80:9c:8b:54:b6:09:9f:90:48:92:f8:b0:1f:
74:61:06:dc:b9:07:11:65:77:8a:7f:fa:15:ab:d4:
63:b3:cc:d4:e9:68:5a:e0:80:7e:a7:e8:8a:ea:ac:
62:12:f0:64:ca:04:dd:89:0c:f4:33:ab:13:a6:83:
02:66:4b:f2:8d:30:20:d5:1f:20:bf:37:cc:5b:91:
e4:48:70:7d:82:ce:c4:f3:61:13:fa:92:31:85:4b:
e2:a2:73:b0:f1:98:6d:83:3c:ea:a7:cd:1d:37:60:
3b:46:c3:21:48:3f:83:54:5e:66:ae:be:15:18:13:
31:c7:2b:59:2a:38:2d:c2:fa:d8:6a:a7:5d:c2:38:
33:42:7b:df:bb:50:a4:3f:b2:2b:cc:f8:d7:09:45:
de:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:43:73:EF:B0:F0:F1:7F:57:A8:25:D3:8E:E6:05:C3:51:D5:E1:15
X509v3 Authority Key Identifier:
keyid:CA:96:21:8C:20:EF:D8:FE:53:FC:A9:99:0B:72:5D:D7:96:3C:88:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/SkNz77Dw8X9XqCXTjuYFw1HV4RU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.240.0/24
31.40.242.0/24
77.92.96.0-77.92.120.255
77.92.122.0-77.92.127.255
185.115.208.0/24
185.115.210.0/23
213.144.96.0/22
213.144.101.0/24
213.144.103.0-213.144.127.255
IPv6:
2a02:ac80::/29
Signature Algorithm: sha256WithRSAEncryption
6a:af:68:b3:04:37:64:04:82:55:81:e3:bb:5a:3c:5e:0c:8c:
fd:db:5c:45:0d:67:32:5c:2b:6d:bd:04:2c:fc:b9:0a:5b:a8:
5f:35:5a:cb:40:80:bf:4e:60:58:1d:05:d3:36:5a:1a:1e:6d:
1b:0a:dc:59:5a:58:16:1f:a3:fb:7c:1d:65:5c:85:ea:55:f3:
68:20:74:89:02:9c:d7:fe:46:4c:c6:4c:51:06:78:e8:3f:4b:
6b:a7:7c:09:4f:68:98:41:02:b8:63:96:3a:eb:ce:24:2d:c3:
ef:91:d3:48:25:67:fb:bb:5d:61:b5:d1:55:48:a7:84:24:c5:
86:49:ec:74:9b:65:a5:35:d2:67:7c:da:ed:da:84:53:6d:f0:
46:72:3d:9d:85:f1:c3:14:ce:5f:11:9a:b6:80:4b:52:2a:ca:
f9:37:92:2f:db:32:28:45:ee:b1:ec:ac:75:2e:01:39:7b:4f:
4d:47:db:47:93:bc:e0:c4:86:0f:0d:c5:56:64:0b:3e:5b:c1:
f5:df:02:0c:e1:28:7d:cd:b5:83:16:c5:53:29:b7:19:ea:f9:
2e:1d:2a:06:3b:58:db:50:fc:bf:32:3b:e7:c8:9a:02:81:2a:
ba:20:e6:17:26:df:8a:c3:25:7e:87:65:9d:18:98:81:44:be:
27:49:1d:d9
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAY1j2JUEmIlxyt6qgRn4b+S/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTYyMThjMjBlZmQ4ZmU1M2ZjYTk5OTBiNzI1ZGQ3OTYz
Yzg4NWMwHhcNMjQwMjAxMDg0NTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTQzNzNlZmIwZjBmMTdmNTdhODI1ZDM4ZWU2MDVjMzUxZDVlMTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtXVQU0TzjzFrH2JxLtBW3/WHIrV
rSVJJNXEOtlUI0GBjkbQUefm6YIZmjOpdGM3yBs4dvhh6/eLj9LW0HVv59G+QxVA
WES8oMEL360trXYwfKe72Mb/Bv2Kd770UwC23cFEzVrmDOra34Cci1S2CZ+QSJL4
sB90YQbcuQcRZXeKf/oVq9Rjs8zU6Wha4IB+p+iK6qxiEvBkygTdiQz0M6sTpoMC
ZkvyjTAg1R8gvzfMW5HkSHB9gs7E82ET+pIxhUvionOw8Zhtgzzqp80dN2A7RsMh
SD+DVF5mrr4VGBMxxytZKjgtwvrYaqddwjgzQnvfu1CkP7IrzPjXCUXe0QIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFEpDc++w8PF/V6gl047mBcNR1eEVMB8GA1UdIwQY
MBaAFMqWIYwg79j+U/ypmQtyXdeWPIhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBZaGpDRHYyUDVUX0ttWkMzSmQxNVk4aUZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC85NzU1ZDUtN2YwYi00MjdmLWFmZTAt
ZDcxMmQ0NzM4MDQ2LzEvU2tOejc3RHc4WDlYcUNYVGp1WUZ3MUhWNFJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC85NzU1ZDUtN2YwYi00MjdmLWFmZTAtZDcxMmQ0NzM4MDQ2
LzEveXBZaGpDRHYyUDVUX0ttWkMzSmQxNVk4aUZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQAHyjwAwQA
HyjyMAwDBAVNXGADBABNXHgwDAMEAU1cegMEB01cAAMEALlz0AMEAblz0gMEAtWQ
YAMEANWQZTAMAwQA1ZBnAwQH1ZAAMA0EAgACMAcDBQMqAqyAMA0GCSqGSIb3DQEB
CwUAA4IBAQBqr2izBDdkBIJVgeO7WjxeDIz921xFDWcyXCttvQQs/LkKW6hfNVrL
QIC/TmBYHQXTNloaHm0bCtxZWlgWH6P7fB1lXIXqVfNoIHSJApzX/kZMxkxRBnjo
P0trp3wJT2iYQQK4Y5Y6684kLcPvkdNIJWf7u11htdFVSKeEJMWGSex0m2WlNdJn
fNrt2oRTbfBGcj2dhfHDFM5fEZq2gEtSKsr5N5Iv2zIoRe6x7Kx1LgE5e09NR9tH
k7zgxIYPDcVWZAs+W8H13wIM4Sh9zbWDFsVTKbcZ6vkuHSoGO1jbUPy/MjvnyJoC
gSq6IOYXJt+KwyV+h2WdGJiBRL4nSR3Z
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:45:03 2024 by rpki-client on console-fra.rpki-client.org