Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/CPIm3N_sBk_1CZ60peFGfxmckNc.roa
File: CPIm3N_sBk_1CZ60peFGfxmckNc.roa (raw, json)
Hash identifier: UUt9FQ4pZKosZiNBVdv8Wa2FJznUso4Jk+Qs/U2J6Sk=
Subject key identifier: 08:F2:26:DC:DF:EC:06:4F:F5:09:9E:B4:A5:E1:46:7F:19:9C:90:D7
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018CC56DEAD7E1298BB4ED26C51FF719D288
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/CPIm3N_sBk_1CZ60peFGfxmckNc.roa
Signing time: Mon 01 Jan 2024 14:29:24 +0000
ROA not before: Mon 01 Jan 2024 14:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50928
IP address blocks: 46.29.192.0/21 maxlen: 21
46.29.199.0/24 maxlen: 24
46.29.194.0/24 maxlen: 24
46.29.195.0/24 maxlen: 24
46.29.196.0/24 maxlen: 24
188.170.244.0/24 maxlen: 24
188.170.244.0/23 maxlen: 23
188.170.245.0/24 maxlen: 24
188.170.251.0/24 maxlen: 24
188.170.252.0/24 maxlen: 24
188.170.249.0/24 maxlen: 24
188.170.250.0/24 maxlen: 24
188.170.248.0/24 maxlen: 24
178.23.144.0/21 maxlen: 21
178.23.149.0/24 maxlen: 24
178.23.151.0/24 maxlen: 24
178.23.148.0/24 maxlen: 24
178.23.150.0/24 maxlen: 24
178.176.250.0/24 maxlen: 24
178.176.248.0/24 maxlen: 24
178.176.253.0/24 maxlen: 24
178.176.251.0/24 maxlen: 24
178.176.252.0/24 maxlen: 24
178.176.249.0/24 maxlen: 24
178.176.254.0/24 maxlen: 24
37.29.81.0/24 maxlen: 24
37.29.83.0/24 maxlen: 24
37.29.80.0/22 maxlen: 22
37.29.80.0/24 maxlen: 24
37.29.82.0/24 maxlen: 24
31.173.248.0/21 maxlen: 21
31.173.252.0/24 maxlen: 24
31.173.249.0/24 maxlen: 24
31.173.251.0/24 maxlen: 24
31.173.248.0/24 maxlen: 24
31.173.253.0/24 maxlen: 24
31.173.250.0/24 maxlen: 24
31.173.254.0/24 maxlen: 24
2a00:9780:300::/40 maxlen: 40
2a00:9780:500::/40 maxlen: 40
2a00:9780:800::/40 maxlen: 40
2a00:9780::/40 maxlen: 40
2a00:9780:600::/40 maxlen: 40
2a00:9780:100::/40 maxlen: 40
2a00:9780:900::/40 maxlen: 40
2a00:9780:400::/40 maxlen: 40
2a00:9780:700::/40 maxlen: 40
2a00:9780:200::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:ea:d7:e1:29:8b:b4:ed:26:c5:1f:f7:19:d2:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 14:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08f226dcdfec064ff5099eb4a5e1467f199c90d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:d7:43:34:1e:3a:8b:6a:7f:b9:69:92:ed:69:
6d:e9:b9:50:6d:5d:3b:b4:57:19:df:f3:7a:7b:9d:
ad:e5:3f:d7:83:d1:0b:02:16:ed:c5:78:2b:e6:47:
0e:bf:e1:ea:f7:8c:87:0b:9b:1e:21:d5:c9:8b:53:
2c:de:35:b9:71:de:30:89:74:7c:22:40:aa:bd:7c:
d2:5d:20:01:f2:d4:4d:48:7f:e3:c9:72:64:b0:da:
69:d9:2a:1c:fe:cb:0a:75:d7:f1:17:5d:fb:04:2f:
a1:ea:2d:4a:fd:a1:37:10:2b:78:12:4c:26:14:a1:
cc:29:85:ff:b9:e9:50:28:e5:5b:14:7d:d2:47:b7:
f8:b5:96:0e:48:9c:24:fe:eb:d5:92:26:6d:09:d5:
44:4b:4c:7e:4a:c8:0b:ec:30:2c:95:e4:e8:b2:58:
c0:4f:f5:a4:22:86:bb:ca:69:9a:74:7d:a2:5f:37:
a5:1e:d6:21:ab:4e:56:9f:b0:40:d8:8a:86:f6:00:
ab:28:7f:31:cf:30:2a:44:98:5a:6f:6b:6c:c6:60:
66:1b:b6:44:36:e4:2b:3c:c0:1f:95:8e:6a:cf:13:
3e:71:e1:55:e2:fa:ff:61:bf:d4:ec:cf:19:1a:de:
1a:0d:1f:65:38:a5:37:9f:c6:ab:43:a6:bc:fa:d6:
07:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:F2:26:DC:DF:EC:06:4F:F5:09:9E:B4:A5:E1:46:7F:19:9C:90:D7
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/CPIm3N_sBk_1CZ60peFGfxmckNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.248.0/21
37.29.80.0/22
46.29.192.0/21
178.23.144.0/21
178.176.248.0-178.176.254.255
188.170.244.0/23
188.170.248.0-188.170.252.255
IPv6:
2a00:9780::-2a00:9780:9ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1f:55:34:d8:db:41:73:25:df:89:d2:cb:c1:d7:a8:77:08:89:
55:d9:72:2f:42:da:37:4a:52:08:0a:31:fa:d9:3a:12:3b:83:
50:3c:15:1f:f0:4a:57:94:0e:3c:58:3b:25:6a:d5:66:32:e5:
84:1e:a0:9a:52:bf:d9:56:97:70:98:48:4f:35:21:54:46:bb:
d4:60:7e:57:39:ca:b1:40:00:37:18:0d:86:a4:4c:ad:d2:b9:
11:87:b0:f4:04:0d:b0:2f:fd:88:c3:ab:7f:f8:e8:16:6a:60:
2f:bf:d4:b7:53:e5:69:90:34:c4:dc:d1:9e:6b:45:63:38:44:
7e:c6:4f:34:cf:72:30:6d:c0:1b:66:88:d6:df:f3:3a:b7:45:
44:04:a4:59:7e:ae:4c:54:53:8f:a3:4c:ca:e3:81:40:23:66:
d1:c3:98:2d:74:46:46:3f:e0:e9:4c:01:5b:c2:6d:2d:39:f9:
ee:bf:33:66:13:fd:11:57:e9:13:6c:36:6e:6e:fe:16:bb:5d:
7f:30:df:4d:4b:58:6b:b0:23:16:f8:ee:eb:fe:f9:bb:e1:30:
1c:4f:30:3a:74:90:30:ac:a5:7c:d0:bf:d1:8f:23:48:44:db:
f5:68:9c:9f:5e:8b:69:0e:49:0f:94:62:be:fa:64:e2:96:9f:
e6:2c:23:12
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYzFberX4SmLtO0mxR/3GdKIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwMTAxMTQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGYyMjZkY2RmZWMwNjRmZjUwOTllYjRhNWUxNDY3ZjE5OWM5MGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8tdDNB46i2p/uWmS7Wlt6blQbV07
tFcZ3/N6e52t5T/Xg9ELAhbtxXgr5kcOv+Hq94yHC5seIdXJi1Ms3jW5cd4wiXR8
IkCqvXzSXSAB8tRNSH/jyXJksNpp2Soc/ssKddfxF137BC+h6i1K/aE3ECt4Ekwm
FKHMKYX/uelQKOVbFH3SR7f4tZYOSJwk/uvVkiZtCdVES0x+SsgL7DAsleTosljA
T/WkIoa7ymmadH2iXzelHtYhq05Wn7BA2IqG9gCrKH8xzzAqRJhab2tsxmBmG7ZE
NuQrPMAflY5qzxM+ceFV4vr/Yb/U7M8ZGt4aDR9lOKU3n8arQ6a8+tYH9wIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFAjyJtzf7AZP9QmetKXhRn8ZnJDXMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvQ1BJbTNOX3NCa18xQ1o2MHBlRkdmeG1ja05jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBABAIAATA6AwQDH634AwQC
JR1QAwQDLh3AAwQDsheQMAwDBAOysPgDBACysP4DBAG8qvQwDAMEA7yq+AMEALyq
/DAXBAIAAjARMA8DBQcqAJeAAwYBKgCXgAgwDQYJKoZIhvcNAQELBQADggEBAB9V
NNjbQXMl34nSy8HXqHcIiVXZci9C2jdKUggKMfrZOhI7g1A8FR/wSleUDjxYOyVq
1WYy5YQeoJpSv9lWl3CYSE81IVRGu9Rgflc5yrFAADcYDYakTK3SuRGHsPQEDbAv
/YjDq3/46BZqYC+/1LdT5WmQNMTc0Z5rRWM4RH7GTzTPcjBtwBtmiNbf8zq3RUQE
pFl+rkxUU4+jTMrjgUAjZtHDmC10RkY/4OlMAVvCbS05+e6/M2YT/RFX6RNsNm5u
/ha7XX8w301LWGuwIxb47uv++bvhMBxPMDp0kDCspXzQv9GPI0hE2/VonJ9ei2kO
SQ+UYr76ZOKWn+YsIxI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:22:24 2024 by rpki-client on console-ams.rpki-client.org