Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/d6577d-f2d2-4530-b9d2-39eca472668b/1/zGQdueIsqrdMd0_BXN43YHgiQ2g.roa
File: zGQdueIsqrdMd0_BXN43YHgiQ2g.roa (raw, json)
Hash identifier: l/j8HXd+jBsvCoQA6JL4+joHmLCVD+8WrVR88IZa4tk=
Subject key identifier: CC:64:1D:B9:E2:2C:AA:B7:4C:77:4F:C1:5C:DE:37:60:78:22:43:68
Certificate issuer: /CN=971533cb7a6796ac5c382b38dcf459f9176931f4
Certificate serial: 018E66BF1F2001E8F498DF09F539EA249296
Authority key identifier: 97:15:33:CB:7A:67:96:AC:5C:38:2B:38:DC:F4:59:F9:17:69:31:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxUzy3pnlqxcOCs43PRZ-RdpMfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/d6577d-f2d2-4530-b9d2-39eca472668b/1/zGQdueIsqrdMd0_BXN43YHgiQ2g.roa
Signing time: Fri 22 Mar 2024 15:19:45 +0000
ROA not before: Fri 22 Mar 2024 15:19:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47242
IP address blocks: 81.31.144.0/24 maxlen: 24
81.31.145.0/24 maxlen: 24
81.31.146.0/24 maxlen: 24
81.31.147.0/24 maxlen: 24
81.31.148.0/24 maxlen: 24
81.31.149.0/24 maxlen: 24
81.31.150.0/24 maxlen: 24
81.31.151.0/24 maxlen: 24
81.31.152.0/24 maxlen: 24
81.31.153.0/24 maxlen: 24
81.31.154.0/24 maxlen: 24
81.31.155.0/24 maxlen: 24
81.31.156.0/24 maxlen: 24
81.31.157.0/24 maxlen: 24
81.31.158.0/24 maxlen: 24
81.31.159.0/24 maxlen: 24
149.62.184.0/24 maxlen: 24
149.62.185.0/24 maxlen: 24
149.62.186.0/24 maxlen: 24
149.62.187.0/24 maxlen: 24
149.62.188.0/24 maxlen: 24
149.62.189.0/24 maxlen: 24
149.62.190.0/24 maxlen: 24
149.62.191.0/24 maxlen: 24
185.84.96.0/24 maxlen: 24
185.84.97.0/24 maxlen: 24
185.84.98.0/24 maxlen: 24
185.84.99.0/24 maxlen: 24
185.201.64.0/24 maxlen: 24
185.201.65.0/24 maxlen: 24
185.201.66.0/24 maxlen: 24
185.201.67.0/24 maxlen: 24
192.81.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/d6577d-f2d2-4530-b9d2-39eca472668b/1/lxUzy3pnlqxcOCs43PRZ-RdpMfQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/d6577d-f2d2-4530-b9d2-39eca472668b/1/lxUzy3pnlqxcOCs43PRZ-RdpMfQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/lxUzy3pnlqxcOCs43PRZ-RdpMfQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:66:bf:1f:20:01:e8:f4:98:df:09:f5:39:ea:24:92:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=971533cb7a6796ac5c382b38dcf459f9176931f4
Validity
Not Before: Mar 22 15:19:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc641db9e22caab74c774fc15cde376078224368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8e:22:e8:7c:9a:68:9a:c5:0f:32:0e:17:ee:
4a:b2:11:7c:01:02:12:b8:e1:91:c1:57:a5:20:48:
9b:9a:b0:2e:1c:e9:6f:a2:9c:e0:85:f2:f6:02:d3:
1d:fb:03:3c:94:0c:66:c6:8a:73:bf:56:87:11:d6:
19:28:93:96:a6:0f:d3:02:15:fb:6d:09:16:f8:fd:
69:0d:0d:26:76:88:c1:b7:c6:39:ff:53:d5:5c:ee:
ec:54:37:46:e0:d0:ff:e4:0e:dc:5e:18:71:d4:f0:
d5:ff:e2:e6:09:36:46:3e:df:13:df:47:b3:16:92:
20:ab:3a:be:a9:f0:bc:75:f8:f0:0c:31:26:fb:07:
e9:c1:d0:a7:ea:ec:65:fc:8c:8e:d9:41:be:a9:48:
ad:99:b6:e7:5b:ee:d5:b2:05:04:be:ed:24:2d:e3:
ff:61:56:5b:1d:da:ce:fb:bb:d4:f3:ae:52:35:23:
e1:15:7d:1c:c2:92:68:13:5e:68:64:e8:4d:fd:7f:
b4:76:67:01:cc:82:92:39:1d:40:fa:7e:68:86:ac:
2f:6e:01:03:0c:03:91:c6:92:85:7c:5b:84:58:94:
f6:1c:5d:cf:21:14:06:01:5e:20:c4:4f:76:82:e4:
af:6e:0e:8d:d1:a7:c6:23:42:d6:38:a4:d4:41:06:
53:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:64:1D:B9:E2:2C:AA:B7:4C:77:4F:C1:5C:DE:37:60:78:22:43:68
X509v3 Authority Key Identifier:
keyid:97:15:33:CB:7A:67:96:AC:5C:38:2B:38:DC:F4:59:F9:17:69:31:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxUzy3pnlqxcOCs43PRZ-RdpMfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d6577d-f2d2-4530-b9d2-39eca472668b/1/zGQdueIsqrdMd0_BXN43YHgiQ2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d6577d-f2d2-4530-b9d2-39eca472668b/1/lxUzy3pnlqxcOCs43PRZ-RdpMfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.144.0/20
149.62.184.0/21
185.84.96.0/22
185.201.64.0/22
192.81.193.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:5a:03:b0:e0:db:e4:7f:e8:03:b8:55:6a:c5:6e:8f:a5:3e:
0f:ba:6e:27:51:c9:1d:50:93:81:f8:e8:03:8d:8a:80:b6:d5:
0b:33:04:3e:88:70:42:b7:88:a7:dd:5d:2d:75:0c:a7:70:71:
26:db:0f:6c:3f:78:4a:39:da:95:13:32:70:71:93:7d:fc:cd:
f8:f2:26:c6:3c:19:0b:b0:5b:75:ba:b7:3a:87:bf:f4:17:3a:
6c:23:3c:f3:40:1d:f6:3a:7f:80:ed:d9:ac:a9:1e:65:39:95:
18:2b:71:a4:f4:1c:5c:36:9c:d5:04:68:7e:6b:73:c9:eb:20:
ca:46:54:54:b6:5b:2a:f3:3f:d1:5e:e3:45:76:a0:54:37:71:
91:83:1b:00:50:20:87:98:cc:da:6a:0c:29:c2:3d:08:77:a5:
47:fe:14:f8:27:e2:9e:90:f1:ac:23:96:50:31:96:09:76:04:
2b:c2:f2:b7:f5:31:07:a8:6c:5e:36:6c:3c:d6:ab:4c:f8:f4:
78:4c:25:4c:ef:81:d4:0f:7e:e9:62:49:a9:5e:27:bf:66:80:
0f:3d:62:f4:0a:b6:9b:0c:f9:fb:5a:30:ba:53:42:c8:87:92:
04:29:3e:dd:5f:1e:fe:f2:45:bf:c2:c0:b8:ad:96:47:19:8a:
7e:e5:97:8b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY5mvx8gAej0mN8J9TnqJJKWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MTUzM2NiN2E2Nzk2YWM1YzM4MmIzOGRjZjQ1OWY5MTc2
OTMxZjQwHhcNMjQwMzIyMTUxOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzY0MWRiOWUyMmNhYWI3NGM3NzRmYzE1Y2RlMzc2MDc4MjI0MzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsY4i6HyaaJrFDzIOF+5KshF8AQIS
uOGRwVelIEibmrAuHOlvopzghfL2AtMd+wM8lAxmxopzv1aHEdYZKJOWpg/TAhX7
bQkW+P1pDQ0mdojBt8Y5/1PVXO7sVDdG4ND/5A7cXhhx1PDV/+LmCTZGPt8T30ez
FpIgqzq+qfC8dfjwDDEm+wfpwdCn6uxl/IyO2UG+qUitmbbnW+7VsgUEvu0kLeP/
YVZbHdrO+7vU865SNSPhFX0cwpJoE15oZOhN/X+0dmcBzIKSOR1A+n5ohqwvbgED
DAORxpKFfFuEWJT2HF3PIRQGAV4gxE92guSvbg6N0afGI0LWOKTUQQZTIQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMxkHbniLKq3THdPwVzeN2B4IkNoMB8GA1UdIwQY
MBaAFJcVM8t6Z5asXDgrONz0WfkXaTH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHhVenkzcG5scXhjT0NzNDNQUlotUmRwTWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kNjU3N2QtZjJkMi00NTMwLWI5ZDIt
MzllY2E0NzI2NjhiLzEvekdRZHVlSXNxcmRNZDBfQlhONDNZSGdpUTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kNjU3N2QtZjJkMi00NTMwLWI5ZDItMzllY2E0NzI2Njhi
LzEvbHhVenkzcG5scXhjT0NzNDNQUlotUmRwTWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEUR+QAwQD
lT64AwQCuVRgAwQCuclAAwQAwFHBMA0GCSqGSIb3DQEBCwUAA4IBAQB7WgOw4Nvk
f+gDuFVqxW6PpT4Pum4nUckdUJOB+OgDjYqAttULMwQ+iHBCt4in3V0tdQyncHEm
2w9sP3hKOdqVEzJwcZN9/M348ibGPBkLsFt1urc6h7/0FzpsIzzzQB32On+A7dms
qR5lOZUYK3Gk9BxcNpzVBGh+a3PJ6yDKRlRUtlsq8z/RXuNFdqBUN3GRgxsAUCCH
mMzaagwpwj0Id6VH/hT4J+KekPGsI5ZQMZYJdgQrwvK39TEHqGxeNmw81qtM+PR4
TCVM74HUD37pYkmpXie/ZoAPPWL0CrabDPn7WjC6U0LIh5IEKT7dXx7+8kW/wsC4
rZZHGYp+5ZeL
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:51:18 2024 by rpki-client on console-fra.rpki-client.org