Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/UPspiGWttJXsnkmmvnnUxizMOjU.roa
File: UPspiGWttJXsnkmmvnnUxizMOjU.roa (raw, json)
Hash identifier: qxoofBB5OcDyMJvq1WM6WEKaEUJVNclq4QgkjjOrmX8=
Subject key identifier: 50:FB:29:88:65:AD:B4:95:EC:9E:49:A6:BE:79:D4:C6:2C:CC:3A:35
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01919228088FB92630DA426D062F1550D852
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/UPspiGWttJXsnkmmvnnUxizMOjU.roa
Signing time: Tue 27 Aug 2024 04:46:22 +0000
ROA not before: Tue 27 Aug 2024 04:46:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31224
IP address blocks: 31.173.96.0/24 maxlen: 24
31.173.97.0/24 maxlen: 24
31.173.99.0/24 maxlen: 24
31.173.100.0/23 maxlen: 23
31.173.100.0/24 maxlen: 24
31.173.101.0/24 maxlen: 24
31.173.102.0/24 maxlen: 24
31.173.103.0/24 maxlen: 24
31.173.120.0/24 maxlen: 24
31.173.121.0/24 maxlen: 24
31.173.122.0/24 maxlen: 24
31.173.123.0/24 maxlen: 24
31.173.124.0/24 maxlen: 24
31.173.125.0/24 maxlen: 24
31.173.126.0/24 maxlen: 24
31.173.127.0/24 maxlen: 24
37.29.44.0/22 maxlen: 22
46.229.132.0/22 maxlen: 22
78.25.88.0/22 maxlen: 22
83.149.32.0/22 maxlen: 22
83.149.34.0/24 maxlen: 24
83.149.36.0/22 maxlen: 22
83.149.37.0/24 maxlen: 24
83.149.39.0/24 maxlen: 24
83.169.216.0/24 maxlen: 24
85.26.192.0/22 maxlen: 22
128.204.68.0/24 maxlen: 24
128.204.69.0/24 maxlen: 24
178.176.104.0/21 maxlen: 21
178.176.112.0/24 maxlen: 24
178.176.113.0/24 maxlen: 24
178.178.88.0/22 maxlen: 22
178.178.92.0/22 maxlen: 22
178.178.229.0/24 maxlen: 24
178.178.230.0/24 maxlen: 24
2a03:d000:5000::/40 maxlen: 40
2a03:d000:5000::/41 maxlen: 41
2a03:d000:5080::/41 maxlen: 41
2a03:d000:5100::/40 maxlen: 40
2a03:d000:5100::/41 maxlen: 41
2a03:d000:5180::/41 maxlen: 41
2a03:d000:5200::/41 maxlen: 41
2a03:d000:5270::/44 maxlen: 44
2a03:d000:5280::/41 maxlen: 41
2a03:d000:52f0::/44 maxlen: 44
2a03:d000:5301::/48 maxlen: 48
2a03:d000:5302::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:92:28:08:8f:b9:26:30:da:42:6d:06:2f:15:50:d8:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Aug 27 04:46:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50fb298865adb495ec9e49a6be79d4c62ccc3a35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:36:2a:89:76:9e:18:9c:02:65:8a:58:d7:a4:
6f:41:0b:53:06:dd:68:9f:4b:9f:89:10:4c:94:ea:
d8:02:60:3b:cd:5e:af:bf:19:0a:9b:aa:30:e4:cf:
00:65:72:8e:ba:8b:52:81:42:7f:6b:71:2f:dd:56:
e4:49:25:42:23:a5:b2:80:9d:bf:d0:b9:b0:9f:93:
01:42:51:d9:4f:4c:57:d0:9a:04:f7:7a:3a:bd:e1:
0b:32:f8:fa:63:9a:ff:3b:03:ae:89:62:5c:c0:0d:
68:0c:69:d1:ca:54:d2:0c:3b:8e:a9:c0:43:f4:49:
79:40:b1:d8:4a:a0:c4:5d:bf:9a:31:49:51:2d:3d:
04:f7:af:10:10:49:1e:17:e1:e4:91:48:17:4d:c2:
98:76:8b:ce:4e:cf:9e:4f:db:18:69:da:a9:c9:f4:
8d:59:22:f5:7e:0f:fe:e0:da:c8:df:be:a5:fa:a6:
5d:ed:3d:05:11:d1:4a:15:ec:2f:6a:b9:be:8e:b7:
35:e5:f6:96:f8:64:d3:b8:55:67:15:f9:79:80:48:
3c:18:fd:c4:30:fe:15:b9:35:91:35:b1:f5:68:15:
a2:3e:a4:da:ee:4e:36:89:4d:7f:11:8e:f6:d0:81:
b3:93:15:f6:67:d7:b0:b6:6e:be:38:19:c7:80:41:
f5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:FB:29:88:65:AD:B4:95:EC:9E:49:A6:BE:79:D4:C6:2C:CC:3A:35
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/UPspiGWttJXsnkmmvnnUxizMOjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.96.0/23
31.173.99.0-31.173.103.255
31.173.120.0/21
37.29.44.0/22
46.229.132.0/22
78.25.88.0/22
83.149.32.0/21
83.169.216.0/24
85.26.192.0/22
128.204.68.0/23
178.176.104.0-178.176.113.255
178.178.88.0/21
178.178.229.0-178.178.230.255
IPv6:
2a03:d000:5000::-2a03:d000:52ff:ffff:ffff:ffff:ffff:ffff
2a03:d000:5301::-2a03:d000:5302:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9b:52:fc:a0:71:a1:94:9c:6c:2e:c9:80:4d:e5:10:38:c8:67:
67:fe:42:87:2a:83:5a:c8:bd:e6:72:12:4d:07:9d:f8:1b:0a:
ad:2b:c8:37:14:71:e7:6c:6a:dc:dd:af:ed:e3:a7:f7:c9:7b:
7c:7a:27:8f:d6:59:3d:f3:99:bc:15:6f:2d:8a:f2:24:7c:75:
f9:99:21:3b:66:50:45:74:0c:34:9d:03:27:3c:dc:ce:9c:c0:
a2:3b:aa:d4:ce:f9:22:dd:c6:78:c1:51:bc:f6:18:b1:08:45:
fa:65:08:7b:c7:02:66:3f:8f:92:73:6c:46:5b:5c:ca:e5:51:
86:eb:0e:47:7f:22:48:47:94:c5:3b:29:30:cd:cc:7c:61:3d:
9e:87:5e:e2:40:ea:2d:af:72:f0:ae:d8:d7:59:0c:7e:fb:f1:
21:3e:c5:18:22:f6:fa:cb:aa:1f:12:09:78:93:dc:fe:23:fc:
76:be:11:6b:54:8b:08:6b:91:1d:58:e6:24:cd:e0:b4:c4:a2:
a1:d4:cc:4c:78:8d:a4:83:72:bb:83:a1:26:29:ee:10:a0:fb:
28:bf:ff:c5:9b:c2:08:39:5e:ea:02:b1:72:51:4d:86:f7:35:
f7:f4:f8:48:7b:83:9d:ef:52:2a:03:c4:04:c3:23:93:4a:65:
d7:15:0d:ec
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZGSKAiPuSYw2kJtBi8VUNhSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwODI3MDQ0NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGZiMjk4ODY1YWRiNDk1ZWM5ZTQ5YTZiZTc5ZDRjNjJjY2MzYTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjYqiXaeGJwCZYpY16RvQQtTBt1o
n0ufiRBMlOrYAmA7zV6vvxkKm6ow5M8AZXKOuotSgUJ/a3Ev3VbkSSVCI6WygJ2/
0Lmwn5MBQlHZT0xX0JoE93o6veELMvj6Y5r/OwOuiWJcwA1oDGnRylTSDDuOqcBD
9El5QLHYSqDEXb+aMUlRLT0E968QEEkeF+HkkUgXTcKYdovOTs+eT9sYadqpyfSN
WSL1fg/+4NrI376l+qZd7T0FEdFKFewvarm+jrc15faW+GTTuFVnFfl5gEg8GP3E
MP4VuTWRNbH1aBWiPqTa7k42iU1/EY720IGzkxX2Z9ewtm6+OBnHgEH1hQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFFD7KYhlrbSV7J5Jpr551MYszDo1MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvVVBzcGlHV3R0SlhzbmttbXZublV4aXpNT2pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDBsBAIAATBmAwQBH61g
MAwDBAAfrWMDBAMfrWADBAMfrXgDBAIlHSwDBAIu5YQDBAJOGVgDBANTlSADBABT
qdgDBAJVGsADBAGAzEQwDAMEA7KwaAMEAbKwcAMEA7KyWDAMAwQAsrLlAwQAsrLm
MCwEAgACMCYwEAMGBCoD0ABQAwYAKgPQAFIwEgMHACoD0ABTAQMHACoD0ABTAjAN
BgkqhkiG9w0BAQsFAAOCAQEAm1L8oHGhlJxsLsmATeUQOMhnZ/5ChyqDWsi95nIS
TQed+BsKrSvINxRx52xq3N2v7eOn98l7fHonj9ZZPfOZvBVvLYryJHx1+ZkhO2ZQ
RXQMNJ0DJzzczpzAojuq1M75It3GeMFRvPYYsQhF+mUIe8cCZj+PknNsRltcyuVR
husOR38iSEeUxTspMM3MfGE9node4kDqLa9y8K7Y11kMfvvxIT7FGCL2+suqHxIJ
eJPc/iP8dr4Ra1SLCGuRHVjmJM3gtMSiodTMTHiNpINyu4OhJinuEKD7KL//xZvC
CDle6gKxclFNhvc19/T4SHuDne9SKgPEBMMjk0pl1xUN7A==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:38:15 2024 by rpki-client on console-fra.rpki-client.org