Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/nb_Qa3vmIEHlBEM8EDKTDiMJeKs.roa
File: nb_Qa3vmIEHlBEM8EDKTDiMJeKs.roa (raw, json)
Hash identifier: yyJS8dcLQgXx9qO+lnSs+2rGfqyu6lmtJJbRTDyDvus=
Subject key identifier: 9D:BF:D0:6B:7B:E6:20:41:E5:04:43:3C:10:32:93:0E:23:09:78:AB
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018CC56DE0583BD77CA6DBB196F61613879B
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/nb_Qa3vmIEHlBEM8EDKTDiMJeKs.roa
Signing time: Mon 01 Jan 2024 14:29:21 +0000
ROA not before: Mon 01 Jan 2024 14:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20632
IP address blocks: 84.204.230.0/24 maxlen: 24
212.14.160.0/19 maxlen: 19
84.204.160.0/20 maxlen: 20
82.196.64.0/19 maxlen: 19
84.204.176.0/21 maxlen: 21
79.171.8.0/21 maxlen: 21
81.24.128.0/20 maxlen: 20
84.204.188.0/22 maxlen: 22
84.204.192.0/18 maxlen: 18
109.124.108.0/22 maxlen: 22
217.195.64.0/19 maxlen: 19
109.124.64.0/18 maxlen: 18
213.154.160.0/21 maxlen: 21
213.154.168.0/21 maxlen: 21
213.168.32.0/19 maxlen: 19
213.154.176.0/21 maxlen: 21
213.154.184.0/21 maxlen: 21
84.204.0.0/17 maxlen: 17
213.172.0.0/19 maxlen: 19
93.153.128.0/17 maxlen: 17
93.153.144.0/21 maxlen: 21
109.74.112.0/20 maxlen: 20
93.153.158.0/24 maxlen: 24
93.153.162.0/24 maxlen: 24
93.153.161.0/24 maxlen: 24
195.144.224.0/19 maxlen: 19
212.119.160.0/19 maxlen: 19
80.247.176.0/20 maxlen: 20
81.3.128.0/18 maxlen: 18
91.193.212.0/22 maxlen: 22
84.204.132.0/22 maxlen: 22
94.25.248.0/21 maxlen: 21
84.204.138.0/24 maxlen: 24
84.204.136.0/24 maxlen: 24
84.204.139.0/24 maxlen: 24
213.182.160.0/19 maxlen: 19
84.204.140.0/22 maxlen: 22
84.204.144.0/20 maxlen: 20
212.44.64.0/19 maxlen: 19
195.5.128.0/19 maxlen: 19
82.140.64.0/18 maxlen: 18
82.140.93.0/24 maxlen: 24
95.137.0.0/17 maxlen: 17
46.47.192.0/18 maxlen: 18
62.182.128.0/21 maxlen: 21
2a03:d000:9009::/48 maxlen: 48
2a03:d000:9008::/48 maxlen: 48
2a03:d000:9008::/46 maxlen: 46
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e0:58:3b:d7:7c:a6:db:b1:96:f6:16:13:87:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 14:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dbfd06b7be62041e504433c1032930e230978ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:9c:03:0c:4a:c7:31:e0:5b:32:7b:bb:ed:b5:
40:82:e6:97:2f:c6:ba:28:6d:dc:f4:b0:3f:f8:01:
71:af:96:56:cb:10:85:34:86:72:f4:8b:80:2a:0c:
af:37:48:f7:d7:cd:fc:b6:da:de:5e:b3:0e:ca:c8:
e0:75:b4:7c:62:97:bb:ca:7c:ab:22:27:2e:e2:f5:
a4:d7:ff:c5:31:29:e1:15:d1:5b:7f:e8:32:66:5d:
bd:a2:8e:1d:b2:73:79:fb:7b:a0:f7:6b:ec:6a:c1:
2a:5e:af:f7:01:93:45:9d:cc:7b:c7:d2:70:a5:96:
5e:e9:74:e1:be:86:64:db:77:5a:dc:a1:d2:3b:3b:
e5:74:e1:cb:22:67:bf:c4:9e:df:f9:bf:2a:37:68:
bc:b1:b9:89:22:33:4f:47:38:62:7a:92:22:c9:5b:
d3:99:09:52:f6:c2:ba:6c:96:e3:19:f3:35:3e:ca:
58:c7:08:67:76:de:c7:24:e0:87:b6:53:8c:1c:b3:
8c:e3:8d:56:85:fe:2b:16:97:e7:d0:3f:79:ea:18:
df:e2:6c:1a:75:59:7d:83:4f:7b:58:0f:1c:2e:1f:
b4:3a:c7:39:5c:88:24:c6:d7:40:b5:14:58:02:83:
93:25:a1:c6:28:5c:5d:79:70:9c:f0:fd:6f:8e:ab:
5a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:BF:D0:6B:7B:E6:20:41:E5:04:43:3C:10:32:93:0E:23:09:78:AB
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/nb_Qa3vmIEHlBEM8EDKTDiMJeKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.192.0/18
62.182.128.0/21
79.171.8.0/21
80.247.176.0/20
81.3.128.0/18
81.24.128.0/20
82.140.64.0/18
82.196.64.0/19
84.204.0.0/17
84.204.132.0-84.204.136.255
84.204.138.0-84.204.183.255
84.204.188.0-84.204.255.255
91.193.212.0/22
93.153.128.0/17
94.25.248.0/21
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
195.5.128.0/19
195.144.224.0/19
212.14.160.0/19
212.44.64.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.172.0.0/19
213.182.160.0/19
217.195.64.0/19
IPv6:
2a03:d000:9008::/46
Signature Algorithm: sha256WithRSAEncryption
19:d5:c3:94:55:16:15:f1:f5:99:ed:1d:1f:e4:af:1f:fc:42:
9c:60:35:7d:ae:6f:a7:e5:be:76:eb:7c:80:03:e1:48:85:2d:
9b:da:50:b5:71:a7:ae:18:7d:78:5a:66:d4:57:1c:ca:50:dd:
e4:e6:ee:14:d7:ce:f4:51:c0:d7:66:ba:db:79:dd:aa:08:13:
cd:eb:61:6a:f4:99:60:98:c8:80:5a:36:7f:7c:da:60:03:2f:
f5:2e:1a:05:34:8a:11:91:4a:e5:84:6d:02:23:a7:23:77:ce:
cb:6d:b8:56:2a:d1:9c:9b:19:75:d9:8a:bb:8e:ec:99:67:9a:
89:eb:70:12:57:ae:8e:86:96:d4:3c:0a:91:14:7e:da:71:29:
b1:66:60:37:77:27:d5:f2:31:62:3e:3d:f1:98:da:28:46:8d:
2f:4f:b1:c5:d6:bb:16:83:4f:71:f0:2e:3f:e4:97:32:c2:f1:
fe:5e:c9:2f:42:67:ad:90:26:8c:e4:85:ea:a8:92:70:75:2a:
a4:11:1a:f8:59:86:5a:97:ce:ca:fe:b4:df:66:33:98:4e:05:
c1:08:a1:85:ff:6f:76:74:d4:71:52:7b:a7:12:83:10:19:80:
b2:bc:c6:3c:a2:24:f7:bf:86:24:1a:6c:1f:65:76:56:2e:2e:
b1:8c:bf:bb
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAYzFbeBYO9d8ptuxlvYWE4ebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwMTAxMTQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGJmZDA2YjdiZTYyMDQxZTUwNDQzM2MxMDMyOTMwZTIzMDk3OGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JwDDErHMeBbMnu77bVAguaXL8a6
KG3c9LA/+AFxr5ZWyxCFNIZy9IuAKgyvN0j31838ttreXrMOysjgdbR8Ype7ynyr
Iicu4vWk1//FMSnhFdFbf+gyZl29oo4dsnN5+3ug92vsasEqXq/3AZNFncx7x9Jw
pZZe6XThvoZk23da3KHSOzvldOHLIme/xJ7f+b8qN2i8sbmJIjNPRzhiepIiyVvT
mQlS9sK6bJbjGfM1PspYxwhndt7HJOCHtlOMHLOM441Whf4rFpfn0D956hjf4mwa
dVl9g097WA8cLh+0Osc5XIgkxtdAtRRYAoOTJaHGKFxdeXCc8P1vjqtaTQIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFJ2/0Gt75iBB5QRDPBAykw4jCXirMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvbmJfUWEzdm1JRUhsQkVNOEVES1REaU1KZUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCBxgQCAAEwgb8DBAYu
L8ADBAM+toADBANPqwgDBARQ97ADBAZRA4ADBARRGIADBAZSjEADBAVSxEADBAdU
zAAwDAMEAlTMhAMEAFTMiDAMAwQBVMyKAwQDVMywMAsDBAJUzLwDAwBUzAMEAlvB
1AMEB12ZgAMEA14Z+AMEB1+JAAMEBG1KcAMEBm18QAMEBcMFgAMEBcOQ4AMEBdQO
oAMEBdQsQAMEBdR3oAMEBdWaoAMEBdWoIAMEBdWsAAMEBdW2oAMEBdnDQDAPBAIA
AjAJAwcCKgPQAJAIMA0GCSqGSIb3DQEBCwUAA4IBAQAZ1cOUVRYV8fWZ7R0f5K8f
/EKcYDV9rm+n5b5263yAA+FIhS2b2lC1caeuGH14WmbUVxzKUN3k5u4U1870UcDX
Zrrbed2qCBPN62Fq9JlgmMiAWjZ/fNpgAy/1LhoFNIoRkUrlhG0CI6cjd87LbbhW
KtGcmxl12Yq7juyZZ5qJ63ASV66OhpbUPAqRFH7acSmxZmA3dyfV8jFiPj3xmNoo
Ro0vT7HF1rsWg09x8C4/5JcywvH+XskvQmetkCaM5IXqqJJwdSqkERr4WYZal87K
/rTfZjOYTgXBCKGF/292dNRxUnunEoMQGYCyvMY8oiT3v4YkGmwfZXZWLi6xjL+7
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:38:15 2024 by rpki-client on console-fra.rpki-client.org