Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/IJqKtzXJoMJFtbg06nYEFVn7BaU.roa
File: IJqKtzXJoMJFtbg06nYEFVn7BaU.roa (raw, json)
Hash identifier: q6GjF556YVWcCJTz1vE1Rqc6HSNidhKrenAwIatbHeA=
Subject key identifier: 20:9A:8A:B7:35:C9:A0:C2:45:B5:B8:34:EA:76:04:15:59:FB:05:A5
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018E0910040DEE453159989BAFBE6BB1C2D3
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/IJqKtzXJoMJFtbg06nYEFVn7BaU.roa
Signing time: Mon 04 Mar 2024 10:43:48 +0000
ROA not before: Mon 04 Mar 2024 10:43:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31224
IP address blocks: 31.173.96.0/24 maxlen: 24
31.173.97.0/24 maxlen: 24
31.173.99.0/24 maxlen: 24
31.173.100.0/23 maxlen: 23
31.173.100.0/24 maxlen: 24
31.173.101.0/24 maxlen: 24
31.173.102.0/24 maxlen: 24
31.173.103.0/24 maxlen: 24
31.173.120.0/24 maxlen: 24
31.173.121.0/24 maxlen: 24
31.173.122.0/24 maxlen: 24
31.173.123.0/24 maxlen: 24
31.173.124.0/24 maxlen: 24
31.173.125.0/24 maxlen: 24
31.173.126.0/24 maxlen: 24
31.173.127.0/24 maxlen: 24
37.29.44.0/22 maxlen: 22
46.229.132.0/22 maxlen: 22
78.25.88.0/22 maxlen: 22
83.149.32.0/22 maxlen: 22
83.149.34.0/24 maxlen: 24
83.149.36.0/22 maxlen: 22
83.149.37.0/24 maxlen: 24
83.149.39.0/24 maxlen: 24
83.169.216.0/24 maxlen: 24
85.26.192.0/22 maxlen: 22
128.204.68.0/24 maxlen: 24
128.204.69.0/24 maxlen: 24
178.176.104.0/21 maxlen: 21
178.176.112.0/24 maxlen: 24
178.176.113.0/24 maxlen: 24
178.178.88.0/22 maxlen: 22
178.178.92.0/22 maxlen: 22
178.178.229.0/24 maxlen: 24
178.178.230.0/24 maxlen: 24
2a03:d000:5000::/40 maxlen: 40
2a03:d000:5100::/40 maxlen: 40
2a03:d000:5270::/44 maxlen: 44
2a03:d000:52f0::/44 maxlen: 44
2a03:d000:5301::/48 maxlen: 48
2a03:d000:5302::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:09:10:04:0d:ee:45:31:59:98:9b:af:be:6b:b1:c2:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Mar 4 10:43:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=209a8ab735c9a0c245b5b834ea76041559fb05a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ec:10:6e:c0:db:30:53:9c:b8:37:55:ac:29:
a4:38:63:a1:7b:1b:72:c4:83:e2:35:b0:e2:74:bc:
73:19:63:ef:08:33:aa:c2:1c:62:5f:65:c6:fb:e4:
87:47:ef:a3:6c:16:61:8b:bf:e8:97:eb:08:a6:2c:
40:60:fd:f7:dd:53:27:f7:17:1d:50:1b:77:c6:b5:
29:72:be:d3:17:15:c1:51:56:21:3d:f0:90:40:c6:
d1:f4:4b:fc:60:8e:73:3d:56:51:5a:73:a4:67:9b:
0d:6c:19:a0:9c:1e:6c:8c:7d:9b:95:7f:cb:dc:08:
da:f8:89:a1:63:64:a4:96:a4:6f:6d:ed:fe:25:7b:
80:70:f2:4d:19:3f:0a:e2:87:66:a1:3f:49:58:56:
43:a4:1d:94:fc:81:5c:16:b2:3b:e3:91:14:11:8a:
74:0e:8c:9b:19:75:e0:8c:78:a8:91:5a:f4:70:41:
d0:2b:c8:5d:99:df:8a:66:34:78:76:05:1f:c3:82:
00:d9:d8:a7:36:9b:48:e4:66:98:28:41:0d:6b:79:
cb:c2:b8:ca:25:12:a7:5e:ef:d9:4d:aa:59:b6:be:
78:ed:61:4f:04:45:d8:52:a7:2e:0f:af:90:89:c1:
3e:6c:8f:86:7d:d6:2a:82:c6:d4:fd:43:5e:2d:6b:
17:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:9A:8A:B7:35:C9:A0:C2:45:B5:B8:34:EA:76:04:15:59:FB:05:A5
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/IJqKtzXJoMJFtbg06nYEFVn7BaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.96.0/23
31.173.99.0-31.173.103.255
31.173.120.0/21
37.29.44.0/22
46.229.132.0/22
78.25.88.0/22
83.149.32.0/21
83.169.216.0/24
85.26.192.0/22
128.204.68.0/23
178.176.104.0-178.176.113.255
178.178.88.0/21
178.178.229.0-178.178.230.255
IPv6:
2a03:d000:5000::/39
2a03:d000:5270::/44
2a03:d000:52f0::/44
2a03:d000:5301::-2a03:d000:5302:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
17:8d:a4:de:d1:37:48:d8:39:c9:e4:de:0a:83:a9:65:27:67:
78:80:3a:45:9c:70:a9:8e:af:70:53:30:cd:f9:3a:fd:5e:18:
c5:a7:6d:2b:47:50:59:52:73:6b:26:79:51:4e:2d:7e:41:a0:
a9:9f:bf:46:0a:0c:94:1b:61:f1:98:34:b7:e9:41:b6:28:56:
aa:0f:8a:11:6a:31:6d:b1:e4:ea:90:51:db:ff:fc:4f:30:a4:
40:be:45:2a:63:31:b3:7a:62:54:fd:01:a5:ff:a1:66:3b:fd:
a4:db:f1:11:e6:fc:ed:cb:f0:35:35:16:06:13:0a:4d:2d:69:
bd:3d:49:f8:9c:88:29:95:17:26:86:c5:5b:3e:da:ff:b5:42:
ad:9d:60:ba:68:fc:0b:52:97:8a:6d:07:d5:29:b8:b5:a7:33:
0a:40:56:35:f4:7e:8e:c6:4e:59:f8:12:2b:06:4a:d7:bb:c5:
b5:f9:94:a2:ef:aa:3b:92:3a:57:d6:6e:e0:16:4b:e7:27:db:
f0:4c:6a:c3:59:8f:06:0e:7c:4c:f0:6d:3b:00:a8:b8:b5:fc:
ab:6f:49:d6:9f:12:30:51:02:4a:a6:60:b9:66:73:5c:02:5c:
cf:a1:8a:42:52:60:d9:ce:87:f9:fa:c4:5b:d4:b7:6d:71:92:
70:6d:3d:b6
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAY4JEAQN7kUxWZibr75rscLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwMzA0MTA0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDlhOGFiNzM1YzlhMGMyNDViNWI4MzRlYTc2MDQxNTU5ZmIwNWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuwQbsDbMFOcuDdVrCmkOGOhexty
xIPiNbDidLxzGWPvCDOqwhxiX2XG++SHR++jbBZhi7/ol+sIpixAYP333VMn9xcd
UBt3xrUpcr7TFxXBUVYhPfCQQMbR9Ev8YI5zPVZRWnOkZ5sNbBmgnB5sjH2blX/L
3Aja+ImhY2SklqRvbe3+JXuAcPJNGT8K4odmoT9JWFZDpB2U/IFcFrI745EUEYp0
DoybGXXgjHiokVr0cEHQK8hdmd+KZjR4dgUfw4IA2dinNptI5GaYKEENa3nLwrjK
JRKnXu/ZTapZtr547WFPBEXYUqcuD6+QicE+bI+GfdYqgsbU/UNeLWsXuQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFCCairc1yaDCRbW4NOp2BBVZ+wWlMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvSUpxS3R6WEpvTUpGdGJnMDZuWUVGVm43QmFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDBsBAIAATBmAwQBH61g
MAwDBAAfrWMDBAMfrWADBAMfrXgDBAIlHSwDBAIu5YQDBAJOGVgDBANTlSADBABT
qdgDBAJVGsADBAGAzEQwDAMEA7KwaAMEAbKwcAMEA7KyWDAMAwQAsrLlAwQAsrLm
MDQEAgACMC4DBgEqA9AAUAMHBCoD0ABScAMHBCoD0ABS8DASAwcAKgPQAFMBAwcA
KgPQAFMCMA0GCSqGSIb3DQEBCwUAA4IBAQAXjaTe0TdI2DnJ5N4Kg6llJ2d4gDpF
nHCpjq9wUzDN+Tr9XhjFp20rR1BZUnNrJnlRTi1+QaCpn79GCgyUG2HxmDS36UG2
KFaqD4oRajFtseTqkFHb//xPMKRAvkUqYzGzemJU/QGl/6FmO/2k2/ER5vzty/A1
NRYGEwpNLWm9PUn4nIgplRcmhsVbPtr/tUKtnWC6aPwLUpeKbQfVKbi1pzMKQFY1
9H6Oxk5Z+BIrBkrXu8W1+ZSi76o7kjpX1m7gFkvnJ9vwTGrDWY8GDnxM8G07AKi4
tfyrb0nWnxIwUQJKpmC5ZnNcAlzPoYpCUmDZzof5+sRb1LdtcZJwbT22
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:42:02 2024 by rpki-client on console-ams.rpki-client.org