Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/LqcJb6L5B8KOTGiQGPt2iZnBOWY.roa
File: LqcJb6L5B8KOTGiQGPt2iZnBOWY.roa (raw, json)
Hash identifier: XuM3oWplZURdj5eZpVo9/B/yDY0r0cqR6ZpenYsKQIA=
Subject key identifier: 2E:A7:09:6F:A2:F9:07:C2:8E:4C:68:90:18:FB:76:89:99:C1:39:66
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0194228D29EED6A72F7BBA6C15A5C975CA17
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/LqcJb6L5B8KOTGiQGPt2iZnBOWY.roa
Signing time: Wed 01 Jan 2025 15:47:44 +0000
ROA not before: Wed 01 Jan 2025 15:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31224
IP address blocks: 31.173.96.0/24 maxlen: 24
31.173.97.0/24 maxlen: 24
31.173.99.0/24 maxlen: 24
31.173.100.0/23 maxlen: 23
31.173.100.0/24 maxlen: 24
31.173.101.0/24 maxlen: 24
31.173.102.0/24 maxlen: 24
31.173.103.0/24 maxlen: 24
31.173.120.0/24 maxlen: 24
31.173.121.0/24 maxlen: 24
31.173.122.0/24 maxlen: 24
31.173.123.0/24 maxlen: 24
31.173.124.0/24 maxlen: 24
31.173.125.0/24 maxlen: 24
31.173.126.0/24 maxlen: 24
31.173.127.0/24 maxlen: 24
37.29.44.0/22 maxlen: 22
46.229.132.0/22 maxlen: 22
78.25.88.0/22 maxlen: 22
83.149.32.0/22 maxlen: 22
83.149.34.0/24 maxlen: 24
83.149.36.0/22 maxlen: 22
83.149.37.0/24 maxlen: 24
83.149.39.0/24 maxlen: 24
83.169.216.0/24 maxlen: 24
85.26.192.0/22 maxlen: 22
128.204.68.0/24 maxlen: 24
128.204.69.0/24 maxlen: 24
178.176.104.0/21 maxlen: 21
178.176.112.0/24 maxlen: 24
178.176.113.0/24 maxlen: 24
178.178.88.0/22 maxlen: 22
178.178.92.0/22 maxlen: 22
178.178.229.0/24 maxlen: 24
178.178.230.0/24 maxlen: 24
2a03:d000:5000::/40 maxlen: 40
2a03:d000:5000::/41 maxlen: 41
2a03:d000:5080::/41 maxlen: 41
2a03:d000:5100::/40 maxlen: 40
2a03:d000:5100::/41 maxlen: 41
2a03:d000:5180::/41 maxlen: 41
2a03:d000:5200::/41 maxlen: 41
2a03:d000:5270::/44 maxlen: 44
2a03:d000:5280::/41 maxlen: 41
2a03:d000:52f0::/44 maxlen: 44
2a03:d000:5301::/48 maxlen: 48
2a03:d000:5302::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 20:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:29:ee:d6:a7:2f:7b:ba:6c:15:a5:c9:75:ca:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 15:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ea7096fa2f907c28e4c689018fb768999c13966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f8:dd:ae:c7:25:d0:ed:fb:e6:36:89:b5:9d:
d9:7b:5b:ff:d4:b4:8f:e5:9f:60:d4:7f:61:90:2b:
ab:a8:39:3b:ab:00:d5:d4:1b:75:5d:57:03:d7:01:
ae:e5:a8:d5:f3:06:2d:9a:18:ee:04:2a:d5:24:5c:
e8:ea:5a:50:e1:37:4f:87:96:94:0f:6b:0b:28:ab:
3c:c1:51:45:a6:11:cb:08:f4:1d:a2:3b:30:9a:ab:
93:f4:41:3d:19:f8:de:bb:5c:4a:17:48:83:46:f6:
9f:e9:6c:a9:42:51:bf:09:f0:1b:d8:f1:26:1a:06:
1c:f5:99:62:18:57:8d:b9:50:af:21:16:97:67:24:
f7:64:81:06:af:f2:71:f9:07:b4:1c:30:9f:2a:f2:
26:e6:13:aa:73:20:51:cc:e6:2e:3d:8b:c9:f9:7c:
49:5d:c2:24:6b:38:15:1c:9f:38:9d:53:df:f0:a0:
81:5f:c0:40:49:cd:ae:ec:2b:75:86:da:95:cb:41:
d8:59:5a:1b:73:b1:87:73:52:ff:4d:31:d2:99:37:
f5:29:81:b2:4c:10:02:ca:2e:cd:55:e6:fd:bd:36:
a8:4a:6b:3a:6c:db:01:76:b0:e5:30:dc:6c:91:ae:
20:b2:e3:a1:a5:48:5a:d0:02:5c:05:d8:ea:5d:15:
13:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:A7:09:6F:A2:F9:07:C2:8E:4C:68:90:18:FB:76:89:99:C1:39:66
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/LqcJb6L5B8KOTGiQGPt2iZnBOWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.96.0/23
31.173.99.0-31.173.103.255
31.173.120.0/21
37.29.44.0/22
46.229.132.0/22
78.25.88.0/22
83.149.32.0/21
83.169.216.0/24
85.26.192.0/22
128.204.68.0/23
178.176.104.0-178.176.113.255
178.178.88.0/21
178.178.229.0-178.178.230.255
IPv6:
2a03:d000:5000::-2a03:d000:52ff:ffff:ffff:ffff:ffff:ffff
2a03:d000:5301::-2a03:d000:5302:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
12:58:7e:78:54:3e:3b:9b:16:69:6a:ef:83:31:4d:a9:d9:ab:
b1:29:e6:b5:98:7d:b8:dd:0e:40:e6:de:56:b7:b6:ea:b1:6d:
e2:d0:ae:d2:2b:a0:2d:0a:98:b6:e5:8c:0a:75:3d:ea:d8:4c:
6d:1e:b8:75:7d:5b:f7:bb:83:f0:26:6a:32:af:6b:5d:f5:68:
9c:70:b8:0d:a2:19:63:92:bd:30:e9:b0:6f:bc:f6:70:3e:73:
f0:cd:7b:4e:c8:0c:4b:97:ae:dd:30:0a:c9:90:49:7f:f9:3a:
50:c4:a0:f8:36:3b:fa:11:76:8a:4a:67:92:40:7c:e8:4a:03:
c6:74:94:59:5b:4b:fa:ea:0b:bb:2a:19:8e:46:f8:4c:60:81:
cc:65:df:4b:98:ea:56:b6:86:0b:8d:e4:ff:c3:1a:29:c4:9a:
45:6c:5f:2f:9f:1c:a7:39:68:69:85:9c:96:d7:dd:48:f5:f5:
89:34:e6:1e:5e:76:47:68:3b:29:cf:d2:77:5d:b5:9f:7f:cb:
7e:75:5b:a9:bd:d3:ca:ce:2c:70:b0:37:fe:80:8e:1c:68:bf:
14:f5:09:11:a0:1f:ca:ab:20:1d:1c:60:02:c1:d9:a0:93:d0:
c1:33:81:da:55:ed:e5:1b:56:61:22:2d:5b:e7:ab:8f:44:eb:
77:0d:5d:de
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZQijSnu1qcve7psFaXJdcoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjUwMTAxMTU0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWE3MDk2ZmEyZjkwN2MyOGU0YzY4OTAxOGZiNzY4OTk5YzEzOTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPjdrscl0O375jaJtZ3Ze1v/1LSP
5Z9g1H9hkCurqDk7qwDV1Bt1XVcD1wGu5ajV8wYtmhjuBCrVJFzo6lpQ4TdPh5aU
D2sLKKs8wVFFphHLCPQdojswmquT9EE9Gfjeu1xKF0iDRvaf6WypQlG/CfAb2PEm
GgYc9ZliGFeNuVCvIRaXZyT3ZIEGr/Jx+Qe0HDCfKvIm5hOqcyBRzOYuPYvJ+XxJ
XcIkazgVHJ84nVPf8KCBX8BASc2u7Ct1htqVy0HYWVobc7GHc1L/TTHSmTf1KYGy
TBACyi7NVeb9vTaoSms6bNsBdrDlMNxska4gsuOhpUha0AJcBdjqXRUTZQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFC6nCW+i+QfCjkxokBj7domZwTlmMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvTHFjSmI2TDVCOEtPVEdpUUdQdDJpWm5CT1dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDBsBAIAATBmAwQBH61g
MAwDBAAfrWMDBAMfrWADBAMfrXgDBAIlHSwDBAIu5YQDBAJOGVgDBANTlSADBABT
qdgDBAJVGsADBAGAzEQwDAMEA7KwaAMEAbKwcAMEA7KyWDAMAwQAsrLlAwQAsrLm
MCwEAgACMCYwEAMGBCoD0ABQAwYAKgPQAFIwEgMHACoD0ABTAQMHACoD0ABTAjAN
BgkqhkiG9w0BAQsFAAOCAQEAElh+eFQ+O5sWaWrvgzFNqdmrsSnmtZh9uN0OQObe
Vre26rFt4tCu0iugLQqYtuWMCnU96thMbR64dX1b97uD8CZqMq9rXfVonHC4DaIZ
Y5K9MOmwb7z2cD5z8M17TsgMS5eu3TAKyZBJf/k6UMSg+DY7+hF2ikpnkkB86EoD
xnSUWVtL+uoLuyoZjkb4TGCBzGXfS5jqVraGC43k/8MaKcSaRWxfL58cpzloaYWc
ltfdSPX1iTTmHl52R2g7Kc/Sd121n3/LfnVbqb3Tys4scLA3/oCOHGi/FPUJEaAf
yqsgHRxgAsHZoJPQwTOB2lXt5RtWYSItW+erj0Trdw1d3g==
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:48:38 2025 by rpki-client