Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Dio5kiskGfunnURI-Fy5pzrMkfY.roa
File: Dio5kiskGfunnURI-Fy5pzrMkfY.roa (raw, json)
Hash identifier: QPX68VIlMM6pqLWw5wCr9xFl55vVyyi4ZzLho0BPvbI=
Subject key identifier: 0E:2A:39:92:2B:24:19:FB:A7:9D:44:48:F8:5C:B9:A7:3A:CC:91:F6
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018E2C6881AE1ACB5E3FC7FB21C34D5F6FCE
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Dio5kiskGfunnURI-Fy5pzrMkfY.roa
Signing time: Mon 11 Mar 2024 07:27:10 +0000
ROA not before: Mon 11 Mar 2024 07:27:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31205
IP address blocks: 31.173.240.0/23 maxlen: 23
31.173.242.0/23 maxlen: 23
31.173.244.0/22 maxlen: 22
37.29.86.0/23 maxlen: 23
46.232.200.0/24 maxlen: 24
46.232.202.0/23 maxlen: 23
78.25.92.0/23 maxlen: 23
78.25.94.0/23 maxlen: 23
83.149.48.0/24 maxlen: 24
83.149.49.0/24 maxlen: 24
83.149.50.0/24 maxlen: 24
83.149.51.0/24 maxlen: 24
83.169.248.0/22 maxlen: 22
83.169.252.0/22 maxlen: 22
85.26.224.0/24 maxlen: 24
85.26.226.0/24 maxlen: 24
85.26.227.0/24 maxlen: 24
85.26.228.0/24 maxlen: 24
85.26.229.0/24 maxlen: 24
85.26.230.0/24 maxlen: 24
85.26.231.0/24 maxlen: 24
128.204.66.0/24 maxlen: 24
128.204.67.0/24 maxlen: 24
178.176.48.0/24 maxlen: 24
178.176.240.0/22 maxlen: 22
178.176.244.0/22 maxlen: 22
178.178.207.0/24 maxlen: 24
185.210.140.0/23 maxlen: 23
185.210.142.0/23 maxlen: 23
188.162.0.0/24 maxlen: 24
188.162.1.0/24 maxlen: 24
188.162.2.0/23 maxlen: 23
188.162.4.0/22 maxlen: 22
188.162.8.0/23 maxlen: 23
188.162.10.0/23 maxlen: 23
188.162.12.0/23 maxlen: 23
188.162.14.0/23 maxlen: 23
188.162.72.0/22 maxlen: 22
188.162.76.0/23 maxlen: 23
188.162.78.0/24 maxlen: 24
188.162.79.0/24 maxlen: 24
188.162.80.0/24 maxlen: 24
188.162.81.0/24 maxlen: 24
188.162.82.0/24 maxlen: 24
188.162.83.0/24 maxlen: 24
188.162.84.0/24 maxlen: 24
188.162.85.0/24 maxlen: 24
188.162.86.0/24 maxlen: 24
188.162.87.0/24 maxlen: 24
188.162.88.0/24 maxlen: 24
188.162.89.0/24 maxlen: 24
188.162.90.0/23 maxlen: 23
188.162.92.0/22 maxlen: 22
188.170.240.0/22 maxlen: 22
188.170.247.0/24 maxlen: 24
2a03:d000:6400::/40 maxlen: 40
2a03:d000:6500::/40 maxlen: 40
2a03:d000:67fe::/48 maxlen: 48
2a03:d000:67ff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2c:68:81:ae:1a:cb:5e:3f:c7:fb:21:c3:4d:5f:6f:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Mar 11 07:27:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e2a39922b2419fba79d4448f85cb9a73acc91f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e4:a2:4e:0a:1a:76:54:73:18:da:37:ca:e7:
51:4d:99:aa:09:c5:b0:e4:30:e0:ab:b7:5b:9c:49:
fe:ef:7a:50:d9:9f:6c:0e:80:e1:19:3b:8b:3d:1f:
00:0c:a4:6b:d4:cb:d4:21:67:fe:7b:df:43:fe:3b:
ef:03:5c:05:17:c1:19:32:8f:42:7e:54:0c:3d:fa:
f7:37:a5:7c:af:77:40:91:0e:67:0e:0d:e3:49:ea:
13:82:0e:6b:32:b8:d6:58:5f:d0:5f:6d:5f:90:9f:
16:ad:34:ce:1f:cc:ed:d8:8f:b8:77:d6:41:ff:fe:
36:8b:fd:c4:d3:7c:a0:22:8d:dc:cb:97:af:c3:6c:
65:b6:c3:fa:9a:fe:c5:57:91:ab:48:da:7b:0a:bb:
37:87:e4:87:1e:5f:66:61:dd:e9:af:f5:2a:51:09:
8d:a1:45:f7:a2:ed:bf:6c:10:c9:2a:fc:15:ac:bc:
f7:bb:8b:bd:c6:8f:d8:bb:f9:59:1f:11:86:3b:aa:
a0:49:88:aa:3b:1b:17:76:72:8d:eb:92:b4:bd:2d:
54:63:36:2c:a0:cf:2b:97:10:32:8f:7e:27:60:43:
b4:a4:79:ff:de:ba:71:8a:72:33:48:d5:9e:d3:7d:
ce:d9:88:48:6b:49:03:43:f0:32:82:f4:f8:b6:b3:
e7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:2A:39:92:2B:24:19:FB:A7:9D:44:48:F8:5C:B9:A7:3A:CC:91:F6
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Dio5kiskGfunnURI-Fy5pzrMkfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.240.0/21
37.29.86.0/23
46.232.200.0/24
46.232.202.0/23
78.25.92.0/22
83.149.48.0/22
83.169.248.0/21
85.26.224.0/24
85.26.226.0-85.26.231.255
128.204.66.0/23
178.176.48.0/24
178.176.240.0/21
178.178.207.0/24
185.210.140.0/22
188.162.0.0/20
188.162.72.0-188.162.95.255
188.170.240.0/22
188.170.247.0/24
IPv6:
2a03:d000:6400::/39
2a03:d000:67fe::/47
Signature Algorithm: sha256WithRSAEncryption
8f:b8:92:21:73:6b:e3:da:04:9a:3f:b4:15:b1:89:d3:74:ea:
e0:0f:b3:6b:b8:0a:89:d2:47:49:b1:84:21:c7:c8:cb:6d:e5:
15:7d:fc:20:23:1a:7b:fa:a9:35:11:4d:ec:b2:2b:69:e5:be:
fe:e9:3e:c1:1c:27:ab:1c:45:a9:64:3b:3c:67:a8:90:22:3f:
d7:28:2a:17:54:4b:41:d1:9c:c3:95:e4:16:c4:9f:eb:a4:41:
6c:b9:f1:d2:04:9b:45:b8:9d:42:64:ab:c6:e4:bc:78:63:1b:
f6:21:d4:f3:d7:a3:2f:67:28:99:34:df:77:15:9f:38:64:41:
4d:13:7a:77:95:74:d0:e6:f1:34:24:ba:f6:f1:cd:46:04:3f:
90:13:39:4c:4d:ae:35:86:18:84:56:2c:d7:dc:fc:a5:1e:7e:
a6:2d:e9:61:e7:93:bf:07:cc:c2:79:87:f1:de:d7:18:52:0e:
e3:07:30:50:e6:a4:17:08:5a:c9:5a:b3:a2:f6:57:83:6d:50:
0d:ea:4b:24:be:15:16:78:4a:54:3c:b8:f7:6a:07:b8:76:ef:
47:9b:49:bd:27:85:3b:f0:e7:3b:59:0c:2b:a2:2d:ae:39:84:
5b:73:32:f3:12:1f:00:97:69:b9:f3:18:35:a6:03:45:0f:6c:
e0:b8:ac:07
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAY4saIGuGsteP8f7IcNNX2/OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwMzExMDcyNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTJhMzk5MjJiMjQxOWZiYTc5ZDQ0NDhmODVjYjlhNzNhY2M5MWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquSiTgoadlRzGNo3yudRTZmqCcWw
5DDgq7dbnEn+73pQ2Z9sDoDhGTuLPR8ADKRr1MvUIWf+e99D/jvvA1wFF8EZMo9C
flQMPfr3N6V8r3dAkQ5nDg3jSeoTgg5rMrjWWF/QX21fkJ8WrTTOH8zt2I+4d9ZB
//42i/3E03ygIo3cy5evw2xltsP6mv7FV5GrSNp7Crs3h+SHHl9mYd3pr/UqUQmN
oUX3ou2/bBDJKvwVrLz3u4u9xo/Yu/lZHxGGO6qgSYiqOxsXdnKN65K0vS1UYzYs
oM8rlxAyj34nYEO0pHn/3rpxinIzSNWe033O2YhIa0kDQ/AygvT4trPn9wIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFA4qOZIrJBn7p51ESPhcuac6zJH2MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvRGlvNWtpc2tHZnVublVSSS1GeTVwenJNa2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBggQCAAEwfAMEAx+t
8AMEASUdVgMEAC7oyAMEAS7oygMEAk4ZXAMEAlOVMAMEA1Op+AMEAFUa4DAMAwQB
VRriAwQDVRrgAwQBgMxCAwQAsrAwAwQDsrDwAwQAsrLPAwQCudKMAwQEvKIAMAwD
BAO8okgDBAW8okADBAK8qvADBAC8qvcwFwQCAAIwEQMGASoD0ABkAwcBKgPQAGf+
MA0GCSqGSIb3DQEBCwUAA4IBAQCPuJIhc2vj2gSaP7QVsYnTdOrgD7NruAqJ0kdJ
sYQhx8jLbeUVffwgIxp7+qk1EU3ssitp5b7+6T7BHCerHEWpZDs8Z6iQIj/XKCoX
VEtB0ZzDleQWxJ/rpEFsufHSBJtFuJ1CZKvG5Lx4Yxv2IdTz16MvZyiZNN93FZ84
ZEFNE3p3lXTQ5vE0JLr28c1GBD+QEzlMTa41hhiEVizX3PylHn6mLelh55O/B8zC
eYfx3tcYUg7jBzBQ5qQXCFrJWrOi9leDbVAN6kskvhUWeEpUPLj3age4du9Hm0m9
J4U78Oc7WQwroi2uOYRbczLzEh8Al2m58xg1pgNFD2zguKwH
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:30:26 2024 by rpki-client on console-ams.rpki-client.org