Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/pKfsCeDI13o3fi4mGJ4uyccQQ40.roa
File: pKfsCeDI13o3fi4mGJ4uyccQQ40.roa (raw, json)
Hash identifier: PiniPlesvPjWsm88JhA2nvGrOXDolaaQj31mFaGC28U=
Subject key identifier: A4:A7:EC:09:E0:C8:D7:7A:37:7E:2E:26:18:9E:2E:C9:C7:10:43:8D
Certificate issuer: /CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
Certificate serial: 018CC501493BA56207494C23E7403F19778C
Authority key identifier: D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/pKfsCeDI13o3fi4mGJ4uyccQQ40.roa
Signing time: Mon 01 Jan 2024 12:30:44 +0000
ROA not before: Mon 01 Jan 2024 12:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6866
IP address blocks: 87.228.128.0/17 maxlen: 24
62.228.128.0/19 maxlen: 19
87.228.128.0/18 maxlen: 18
87.228.144.0/20 maxlen: 20
62.228.64.0/19 maxlen: 19
62.228.96.0/19 maxlen: 19
62.228.226.0/23 maxlen: 23
87.228.224.0/20 maxlen: 20
62.228.224.0/19 maxlen: 19
87.228.224.0/19 maxlen: 19
62.228.228.0/24 maxlen: 24
62.228.229.0/24 maxlen: 24
62.228.240.0/23 maxlen: 23
87.228.240.0/20 maxlen: 20
62.228.160.0/19 maxlen: 19
87.228.160.0/20 maxlen: 20
83.168.0.0/19 maxlen: 19
83.168.0.0/18 maxlen: 24
87.228.176.0/20 maxlen: 20
87.228.192.0/20 maxlen: 20
62.228.192.0/19 maxlen: 19
83.168.32.0/19 maxlen: 19
87.228.208.0/20 maxlen: 20
31.153.128.0/19 maxlen: 19
176.92.224.0/19 maxlen: 24
31.153.160.0/19 maxlen: 19
31.153.96.0/19 maxlen: 19
62.228.0.0/19 maxlen: 19
62.228.0.0/21 maxlen: 21
62.228.0.0/16 maxlen: 24
62.228.8.0/21 maxlen: 21
62.228.16.0/22 maxlen: 22
62.228.24.0/21 maxlen: 21
62.228.20.0/22 maxlen: 22
62.228.32.0/19 maxlen: 19
31.153.192.0/19 maxlen: 19
31.153.224.0/19 maxlen: 19
212.31.96.0/20 maxlen: 20
212.31.96.0/19 maxlen: 24
212.31.96.0/24 maxlen: 24
212.31.112.0/20 maxlen: 20
81.4.128.0/18 maxlen: 24
81.4.128.0/19 maxlen: 19
212.31.121.0/24 maxlen: 24
212.31.122.0/24 maxlen: 24
212.31.123.0/24 maxlen: 24
212.31.124.0/24 maxlen: 24
212.31.125.0/24 maxlen: 24
81.4.133.0/24 maxlen: 24
212.31.127.0/24 maxlen: 24
31.153.16.0/20 maxlen: 20
31.153.32.0/19 maxlen: 19
31.153.64.0/19 maxlen: 19
81.4.160.0/19 maxlen: 19
81.4.160.0/21 maxlen: 21
81.4.160.0/20 maxlen: 20
81.4.168.0/21 maxlen: 21
81.4.174.0/24 maxlen: 24
81.4.176.0/21 maxlen: 21
31.153.0.0/17 maxlen: 17
31.153.0.0/20 maxlen: 20
31.153.0.0/19 maxlen: 19
31.153.0.0/16 maxlen: 24
46.199.0.0/18 maxlen: 18
46.199.0.0/19 maxlen: 19
46.199.0.0/16 maxlen: 24
46.199.16.0/20 maxlen: 20
46.199.32.0/19 maxlen: 19
46.199.32.0/20 maxlen: 20
46.199.48.0/20 maxlen: 20
46.199.64.0/20 maxlen: 20
46.199.88.0/24 maxlen: 24
46.198.32.0/19 maxlen: 19
46.198.64.0/19 maxlen: 19
46.198.64.0/18 maxlen: 18
46.198.0.0/18 maxlen: 18
46.198.0.0/19 maxlen: 19
46.198.0.0/17 maxlen: 24
46.198.96.0/19 maxlen: 19
93.109.192.0/19 maxlen: 19
93.109.209.0/24 maxlen: 24
93.109.219.0/24 maxlen: 24
93.109.224.0/19 maxlen: 19
93.109.128.0/19 maxlen: 19
93.109.160.0/19 maxlen: 19
185.2.97.0/24 maxlen: 24
185.2.98.0/24 maxlen: 24
185.2.96.0/24 maxlen: 24
185.2.96.0/22 maxlen: 24
185.2.99.0/24 maxlen: 24
93.109.227.0/24 maxlen: 24
93.109.239.0/24 maxlen: 24
195.14.142.0/24 maxlen: 24
213.7.208.0/20 maxlen: 20
213.7.208.0/24 maxlen: 24
195.14.144.0/20 maxlen: 20
195.14.151.0/24 maxlen: 24
195.14.146.0/24 maxlen: 24
213.7.220.0/22 maxlen: 22
213.7.224.0/20 maxlen: 20
195.14.153.0/24 maxlen: 24
213.7.240.0/20 maxlen: 20
93.109.0.0/19 maxlen: 19
93.109.0.0/16 maxlen: 24
128.0.224.0/20 maxlen: 24
213.7.160.0/20 maxlen: 20
128.0.240.0/20 maxlen: 24
213.7.176.0/20 maxlen: 20
213.7.192.0/20 maxlen: 20
195.14.128.0/19 maxlen: 24
195.14.128.0/20 maxlen: 20
213.149.176.0/20 maxlen: 20
93.109.96.0/19 maxlen: 19
93.109.32.0/19 maxlen: 19
213.149.160.0/19 maxlen: 24
213.149.160.0/20 maxlen: 20
93.109.64.0/19 maxlen: 19
213.7.0.0/17 maxlen: 17
213.7.0.0/20 maxlen: 20
213.7.0.0/16 maxlen: 24
213.7.16.0/20 maxlen: 20
213.7.32.0/20 maxlen: 20
213.7.96.0/20 maxlen: 20
213.7.112.0/20 maxlen: 20
213.7.128.0/18 maxlen: 18
213.7.128.0/20 maxlen: 20
128.0.200.0/21 maxlen: 24
128.0.208.0/20 maxlen: 24
37.149.0.0/16 maxlen: 24
213.7.144.0/20 maxlen: 20
128.0.107.0/24 maxlen: 24
213.7.48.0/20 maxlen: 20
213.7.64.0/20 maxlen: 20
213.7.80.0/20 maxlen: 20
2a00:135d::/32 maxlen: 48
2a00:135c::/32 maxlen: 48
2a00:135c::/30 maxlen: 48
2a00:135e::/32 maxlen: 48
2a00:1358:df00::/48 maxlen: 48
2a00:1358:1000::/48 maxlen: 48
2a00:135b::/32 maxlen: 48
2a00:1359::/32 maxlen: 48
2a00:1358::/30 maxlen: 48
2a00:135f::/32 maxlen: 48
2a00:1358:f080::/41 maxlen: 41
2a00:1358:f000::/41 maxlen: 41
2a00:135a::/32 maxlen: 48
2a00:1358::/31 maxlen: 48
2a00:135e::/31 maxlen: 48
2a00:1358::/29 maxlen: 48
2a00:135a::/31 maxlen: 48
2a00:1358:b000::/44 maxlen: 44
2a00:135c::/31 maxlen: 48
2a00:1358:d000::/40 maxlen: 40
2a00:1358:f000::/40 maxlen: 40
2a00:1358::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:49:3b:a5:62:07:49:4c:23:e7:40:3f:19:77:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
Validity
Not Before: Jan 1 12:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4a7ec09e0c8d77a377e2e26189e2ec9c710438d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:bd:fe:cc:b4:15:21:cf:f6:8a:91:a6:f7:90:
e2:d3:b9:43:3d:33:24:46:2a:a8:cb:f2:a5:80:f6:
bb:f9:c8:30:6b:b2:df:1e:78:86:c5:01:dc:da:59:
e6:6d:43:33:80:4a:bf:ac:fe:36:52:f3:00:4c:b0:
d8:ee:45:6e:90:a1:72:a3:5c:24:e8:b4:d1:7e:d3:
b3:be:80:65:01:e0:7d:fd:76:cb:43:e4:e2:4c:2f:
2e:2b:4d:8b:58:ff:68:bc:be:93:f5:ef:20:3f:e5:
55:fa:53:8e:6a:1b:18:2b:fa:8b:ba:45:24:e7:3d:
a1:21:dc:cf:39:9e:cc:4c:8d:90:4b:6e:79:df:95:
ec:13:ad:f7:2a:b5:8f:54:61:4d:58:47:e8:f7:1b:
f3:9e:11:02:90:05:07:c9:1b:f6:e7:39:73:ad:15:
7f:7b:96:45:3c:bb:14:2f:bb:c3:5e:83:a9:bc:8e:
c4:06:3f:f8:3e:af:61:44:29:29:8c:a1:06:ca:64:
8d:98:c5:6d:cb:ce:de:c4:0a:3c:f1:30:ae:28:71:
68:1d:9f:65:43:4a:21:bc:a1:12:7f:5f:59:b4:dc:
da:ca:99:9c:fb:8f:d5:1a:9e:09:ba:ef:41:06:1e:
4e:58:23:d9:7a:9a:06:b7:33:28:7f:91:91:d4:b1:
a4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:A7:EC:09:E0:C8:D7:7A:37:7E:2E:26:18:9E:2E:C9:C7:10:43:8D
X509v3 Authority Key Identifier:
keyid:D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/pKfsCeDI13o3fi4mGJ4uyccQQ40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.153.0.0/16
37.149.0.0/16
46.198.0.0/17
46.199.0.0/16
62.228.0.0/16
81.4.128.0/18
83.168.0.0/18
87.228.128.0/17
93.109.0.0/16
128.0.107.0/24
128.0.200.0-128.0.255.255
176.92.224.0/19
185.2.96.0/22
195.14.128.0/19
212.31.96.0/19
213.7.0.0/16
213.149.160.0/19
IPv6:
2a00:1358::/29
Signature Algorithm: sha256WithRSAEncryption
77:3c:48:58:a3:12:58:44:22:e5:c1:35:c7:cb:2b:65:1c:f3:
b1:d8:52:9d:ed:52:81:d6:55:da:e1:ad:e5:85:23:e7:07:d3:
e0:41:53:35:07:f4:92:fd:6b:17:67:46:f0:c7:39:7f:70:c2:
02:65:cd:cf:af:7f:a3:5e:8d:fa:50:6b:3e:53:82:f8:b7:83:
49:86:fd:b4:d0:41:56:3f:ae:24:3c:27:8d:a1:e1:42:41:4e:
92:46:c3:b0:ae:9b:eb:2b:ef:18:f7:a1:a9:4d:41:25:4d:15:
d1:41:73:0a:ae:d4:51:1a:c8:61:70:7b:5c:4a:0a:e4:1c:87:
f3:ef:45:8b:c0:a4:22:f4:fa:ba:d3:be:25:29:2a:f4:c9:bd:
11:80:aa:60:31:d1:4e:b7:c3:be:28:1a:42:48:d3:5b:e0:ff:
38:40:c1:28:4d:33:42:17:20:0f:7e:f3:5d:b4:66:b9:f1:87:
30:24:ea:e9:cf:e4:d5:eb:be:68:dd:3a:51:13:1f:38:1d:17:
3c:79:b4:b3:5b:44:2c:88:14:a3:c8:1d:b2:ed:cd:5a:bd:c5:
37:56:3d:9d:4d:65:5a:57:7f:87:49:08:a0:ec:cf:f3:69:3c:
89:32:7b:df:d9:97:03:19:e9:ec:b8:e9:56:c6:69:46:04:d4:
a3:dc:5b:34
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYzFAUk7pWIHSUwj50A/GXeMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTFhYmM0YzA0NjhhYjI4OTFlYWFjYWRiYTBkYzAzNzc5
MzZmZDUwHhcNMjQwMTAxMTIzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGE3ZWMwOWUwYzhkNzdhMzc3ZTJlMjYxODllMmVjOWM3MTA0MzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmr3+zLQVIc/2ipGm95Di07lDPTMk
Riqoy/KlgPa7+cgwa7LfHniGxQHc2lnmbUMzgEq/rP42UvMATLDY7kVukKFyo1wk
6LTRftOzvoBlAeB9/XbLQ+TiTC8uK02LWP9ovL6T9e8gP+VV+lOOahsYK/qLukUk
5z2hIdzPOZ7MTI2QS25535XsE633KrWPVGFNWEfo9xvznhECkAUHyRv25zlzrRV/
e5ZFPLsUL7vDXoOpvI7EBj/4Pq9hRCkpjKEGymSNmMVty87exAo88TCuKHFoHZ9l
Q0ohvKESf19ZtNzaypmc+4/VGp4Juu9BBh5OWCPZepoGtzMof5GR1LGkpwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFKSn7AngyNd6N34uJhieLsnHEEONMB8GA1UdIwQY
MBaAFNQRq8TARoqyiR6qytug3AN3k2/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJHcnhNQkdpcktKSHFySzI2RGNBM2VUYjlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My82MThlNTMtYWZjNC00MGRmLTg2MTIt
YjBmNGI5YzM3ZTQ5LzEvcEtmc0NlREkxM28zZmk0bUdKNHV5Y2NRUTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My82MThlNTMtYWZjNC00MGRmLTg2MTItYjBmNGI5YzM3ZTQ5
LzEvMUJHcnhNQkdpcktKSHFySzI2RGNBM2VUYjlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MG0EAgABMGcDAwAfmQMD
ACWVAwQHLsYAAwMALscDAwA+5AMEBlEEgAMEBlOoAAMEB1fkgAMDAF1tAwQAgABr
MAsDBAOAAMgDAwCAAAMEBbBc4AMEArkCYAMEBcMOgAMEBdQfYAMDANUHAwQF1ZWg
MA0EAgACMAcDBQMqABNYMA0GCSqGSIb3DQEBCwUAA4IBAQB3PEhYoxJYRCLlwTXH
yytlHPOx2FKd7VKB1lXa4a3lhSPnB9PgQVM1B/SS/WsXZ0bwxzl/cMICZc3Pr3+j
Xo36UGs+U4L4t4NJhv200EFWP64kPCeNoeFCQU6SRsOwrpvrK+8Y96GpTUElTRXR
QXMKrtRRGshhcHtcSgrkHIfz70WLwKQi9Pq6074lKSr0yb0RgKpgMdFOt8O+KBpC
SNNb4P84QMEoTTNCFyAPfvNdtGa58YcwJOrpz+TV675o3TpREx84HRc8ebSzW0Qs
iBSjyB2y7c1avcU3Vj2dTWVaV3+HSQig7M/zaTyJMnvf2ZcDGensuOlWxmlGBNSj
3Fs0
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:14:07 2024 by rpki-client on console-ams.rpki-client.org