Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/9M1t6qmRsqrKOQeeT38dstFSOso.roa
File: 9M1t6qmRsqrKOQeeT38dstFSOso.roa (raw, json)
Hash identifier: v63cSFLCFRKa/VMaA9iUje1l64xZCWEb7GYljNS2ulE=
Subject key identifier: F4:CD:6D:EA:A9:91:B2:AA:CA:39:07:9E:4F:7F:1D:B2:D1:52:3A:CA
Certificate issuer: /CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Certificate serial: 018F353FAE7055D90858E21EC5D591C58E4A
Authority key identifier: 84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/9M1t6qmRsqrKOQeeT38dstFSOso.roa
Signing time: Wed 01 May 2024 17:41:56 +0000
ROA not before: Wed 01 May 2024 17:41:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207375
IP address blocks: 31.14.180.0/23 maxlen: 23
31.14.182.0/24 maxlen: 24
37.156.69.0/24 maxlen: 24
37.156.70.0/24 maxlen: 24
84.247.44.0/23 maxlen: 25
85.204.109.0/24 maxlen: 24
86.105.24.0/24 maxlen: 24
86.105.232.0/24 maxlen: 24
86.107.186.0/23 maxlen: 23
89.32.171.0/24 maxlen: 24
89.32.240.0/21 maxlen: 21
89.33.17.0/24 maxlen: 24
89.33.30.0/24 maxlen: 24
89.33.65.0/24 maxlen: 24
89.35.34.0/24 maxlen: 24
89.35.76.0/24 maxlen: 24
89.35.88.0/24 maxlen: 24
89.35.91.0/24 maxlen: 24
89.35.163.0/24 maxlen: 24
89.35.248.0/24 maxlen: 24
89.37.40.0/24 maxlen: 24
89.46.40.0/23 maxlen: 23
89.47.176.0/23 maxlen: 23
89.47.178.0/24 maxlen: 24
89.47.180.0/23 maxlen: 23
89.47.182.0/24 maxlen: 24
93.113.72.0/21 maxlen: 21
176.223.144.0/20 maxlen: 20
188.211.172.0/22 maxlen: 22
188.212.157.0/24 maxlen: 24
188.213.86.0/23 maxlen: 23
188.240.70.0/24 maxlen: 24
194.145.194.0/23 maxlen: 23
217.148.134.0/23 maxlen: 23
2a00:bba0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 20:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:35:3f:ae:70:55:d9:08:58:e2:1e:c5:d5:91:c5:8e:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Validity
Not Before: May 1 17:41:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4cd6deaa991b2aaca39079e4f7f1db2d1523aca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f8:2d:95:98:01:87:74:74:e2:85:87:5f:7e:
ad:b9:ca:4a:60:8e:ab:cf:1b:fa:78:6a:97:72:51:
1e:b6:18:73:82:3e:0d:dc:6f:37:b9:6f:60:a7:2b:
ac:a7:1c:31:c7:be:91:f4:20:ce:e7:4b:3e:c2:44:
50:d2:46:a1:d7:49:3c:de:97:4b:f2:cd:0f:af:89:
c7:b2:ea:c7:ad:f3:87:d8:14:82:7c:f5:dc:da:bb:
be:eb:f5:48:f1:05:83:15:4a:7d:24:20:e7:c6:ab:
73:5d:a3:53:f0:1b:2d:23:4a:57:6c:77:86:7d:c4:
60:3d:1d:b5:60:15:43:98:f5:8c:e2:81:87:6d:7b:
34:bb:01:d8:18:7e:51:5c:80:25:11:64:89:e1:23:
c4:d4:ac:e9:73:56:59:99:83:3a:cb:e7:12:e9:cc:
33:e9:3a:28:48:02:b5:37:bf:aa:04:0a:14:a1:50:
58:77:8c:44:1d:61:81:59:ba:96:91:62:63:7a:09:
4c:ea:cf:d6:f5:c8:a5:6f:58:66:56:c5:e9:3e:51:
89:f0:dd:a6:85:5d:8c:c0:98:fe:91:69:63:f6:00:
fc:80:ca:96:f6:73:fd:1f:1b:75:76:ef:3c:b6:03:
37:73:62:ef:fd:91:69:3c:03:e2:31:e9:29:7e:27:
c9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:CD:6D:EA:A9:91:B2:AA:CA:39:07:9E:4F:7F:1D:B2:D1:52:3A:CA
X509v3 Authority Key Identifier:
keyid:84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/9M1t6qmRsqrKOQeeT38dstFSOso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.180.0-31.14.182.255
37.156.69.0-37.156.70.255
84.247.44.0/23
85.204.109.0/24
86.105.24.0/24
86.105.232.0/24
86.107.186.0/23
89.32.171.0/24
89.32.240.0/21
89.33.17.0/24
89.33.30.0/24
89.33.65.0/24
89.35.34.0/24
89.35.76.0/24
89.35.88.0/24
89.35.91.0/24
89.35.163.0/24
89.35.248.0/24
89.37.40.0/24
89.46.40.0/23
89.47.176.0-89.47.178.255
89.47.180.0-89.47.182.255
93.113.72.0/21
176.223.144.0/20
188.211.172.0/22
188.212.157.0/24
188.213.86.0/23
188.240.70.0/24
194.145.194.0/23
217.148.134.0/23
IPv6:
2a00:bba0::/32
Signature Algorithm: sha256WithRSAEncryption
65:68:a9:de:4a:7a:5f:c3:28:97:49:95:42:eb:63:80:58:2c:
86:8a:8b:2e:94:4f:79:46:fe:63:d9:13:91:d4:2d:2f:fc:cf:
5e:c8:4f:91:2f:96:05:23:d0:3b:ba:02:e2:e5:09:ca:1a:16:
f0:cc:e0:c7:91:e1:e8:26:32:fa:f2:be:a1:b9:15:98:00:bf:
b5:1e:fa:c2:cb:5f:9f:0f:14:68:cd:a9:a9:0e:bc:0e:68:09:
26:d7:b4:08:5c:a8:ca:dc:6e:2a:b0:03:11:01:a9:2c:58:2a:
48:38:7f:09:c6:78:77:d2:68:4b:9e:f7:b5:48:fe:37:f1:04:
b2:57:5c:b0:de:3f:e2:94:78:ea:e4:10:20:b4:27:cd:40:16:
d9:6b:b9:7e:84:2f:b6:15:f0:2d:a4:81:56:60:f0:27:df:f0:
ac:d0:2e:da:30:2d:95:95:86:7c:bf:1e:e3:62:f6:ac:54:a6:
3b:16:18:3c:17:24:93:09:39:9d:2e:74:46:e9:0e:ee:83:9f:
50:58:fd:bb:a9:61:7b:4b:e8:b8:07:7d:6e:82:92:cf:5d:c5:
b8:9a:a6:ca:14:17:a0:11:fe:58:ce:ac:ad:2b:7e:df:b1:c2:
4b:a1:14:3f:f6:83:b1:38:d2:87:e9:d0:a4:4e:dc:af:89:d2:
12:b6:3d:2d
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgISAY81P65wVdkIWOIexdWRxY5KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YmZjNDUxZmM0ZjI0MTFhZGRkMDBhOWZiYjE3MzQ2YWQ2
ZTg5OTYwHhcNMjQwNTAxMTc0MTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGNkNmRlYWE5OTFiMmFhY2EzOTA3OWU0ZjdmMWRiMmQxNTIzYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPgtlZgBh3R04oWHX36tucpKYI6r
zxv6eGqXclEethhzgj4N3G83uW9gpyuspxwxx76R9CDO50s+wkRQ0kah10k83pdL
8s0Pr4nHsurHrfOH2BSCfPXc2ru+6/VI8QWDFUp9JCDnxqtzXaNT8BstI0pXbHeG
fcRgPR21YBVDmPWM4oGHbXs0uwHYGH5RXIAlEWSJ4SPE1Kzpc1ZZmYM6y+cS6cwz
6TooSAK1N7+qBAoUoVBYd4xEHWGBWbqWkWJjeglM6s/W9cilb1hmVsXpPlGJ8N2m
hV2MwJj+kWlj9gD8gMqW9nP9Hxt1du88tgM3c2Lv/ZFpPAPiMekpfifJOwIDAQAB
o4IC7DCCAugwHQYDVR0OBBYEFPTNbeqpkbKqyjkHnk9/HbLRUjrKMB8GA1UdIwQY
MBaAFIS/xFH8TyQRrd0Aqfuxc0atbomWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYt
ZjY2MzE3OTc3OTY4LzEvOU0xdDZxbVJzcXJLT1FlZVQzOGRzdEZTT3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYtZjY2MzE3OTc3OTY4
LzEvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAAYIKwYBBQUHAQcBAf8EgfAwge0wgdsEAgABMIHUMAwD
BAIfDrQDBAAfDrYwDAMEACWcRQMEACWcRgMEAVT3LAMEAFXMbQMEAFZpGAMEAFZp
6AMEAVZrugMEAFkgqwMEA1kg8AMEAFkhEQMEAFkhHgMEAFkhQQMEAFkjIgMEAFkj
TAMEAFkjWAMEAFkjWwMEAFkjowMEAFkj+AMEAFklKAMEAVkuKDAMAwQEWS+wAwQA
WS+yMAwDBAJZL7QDBABZL7YDBANdcUgDBASw35ADBAK806wDBAC81J0DBAG81VYD
BAC88EYDBAHCkcIDBAHZlIYwDQQCAAIwBwMFACoAu6AwDQYJKoZIhvcNAQELBQAD
ggEBAGVoqd5Kel/DKJdJlULrY4BYLIaKiy6UT3lG/mPZE5HULS/8z17IT5EvlgUj
0Du6AuLlCcoaFvDM4MeR4egmMvryvqG5FZgAv7Ue+sLLX58PFGjNqakOvA5oCSbX
tAhcqMrcbiqwAxEBqSxYKkg4fwnGeHfSaEue97VI/jfxBLJXXLDeP+KUeOrkECC0
J81AFtlruX6EL7YV8C2kgVZg8Cff8KzQLtowLZWVhny/HuNi9qxUpjsWGDwXJJMJ
OZ0udEbpDu6Dn1BY/bupYXtL6LgHfW6Cks9dxbiapsoUF6AR/ljOrK0rft+xwkuh
FD/2g7E40ofp0KRO3K+J0hK2PS0=
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:35:27 2024 by rpki-client on console-ams.rpki-client.org