Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/w_x3yh2dOuaBQT1OBwja3o05rTU.roa
File: w_x3yh2dOuaBQT1OBwja3o05rTU.roa (raw, json)
Hash identifier: GIUBP/jjZ4JiqRB9ETZNIF4B2I26IMVnmQncwFys2D8=
Subject key identifier: C3:FC:77:CA:1D:9D:3A:E6:81:41:3D:4E:07:08:DA:DE:8D:39:AD:35
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018FECD5D4E551776098E496F6866BD7B88E
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/w_x3yh2dOuaBQT1OBwja3o05rTU.roa
Signing time: Thu 06 Jun 2024 09:16:27 +0000
ROA not before: Thu 06 Jun 2024 09:16:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25159
IP address blocks: 31.173.0.0/21 maxlen: 21
31.173.8.0/21 maxlen: 21
31.173.16.0/21 maxlen: 21
31.173.24.0/21 maxlen: 21
31.173.32.0/19 maxlen: 19
31.173.60.0/24 maxlen: 24
31.173.64.0/21 maxlen: 21
31.173.72.0/21 maxlen: 21
31.173.80.0/21 maxlen: 21
31.173.88.0/21 maxlen: 21
37.28.176.0/21 maxlen: 21
37.29.32.0/21 maxlen: 21
46.229.128.0/22 maxlen: 22
62.64.0.0/20 maxlen: 20
62.64.16.0/20 maxlen: 20
78.25.112.0/22 maxlen: 22
78.25.116.0/23 maxlen: 23
78.25.118.0/24 maxlen: 24
78.25.119.0/24 maxlen: 24
83.222.212.0/22 maxlen: 22
83.222.216.0/21 maxlen: 21
83.229.211.0/24 maxlen: 24
83.229.254.0/24 maxlen: 24
85.26.144.0/20 maxlen: 20
91.205.168.0/23 maxlen: 23
91.205.170.0/23 maxlen: 23
94.25.131.0/24 maxlen: 24
94.25.144.0/20 maxlen: 20
94.25.160.0/24 maxlen: 24
94.25.164.0/24 maxlen: 24
94.25.168.0/22 maxlen: 22
94.25.172.0/22 maxlen: 22
94.25.176.0/21 maxlen: 21
94.25.184.0/21 maxlen: 21
109.188.64.0/19 maxlen: 19
109.188.96.0/21 maxlen: 21
109.188.112.0/23 maxlen: 23
109.188.114.0/24 maxlen: 24
128.204.76.0/22 maxlen: 22
128.204.76.0/23 maxlen: 23
128.204.78.0/23 maxlen: 23
178.176.0.0/19 maxlen: 19
178.176.32.0/21 maxlen: 21
178.176.40.0/21 maxlen: 21
178.176.52.0/22 maxlen: 22
178.176.72.0/21 maxlen: 21
178.176.92.0/22 maxlen: 22
178.177.0.0/18 maxlen: 18
178.177.3.0/24 maxlen: 24
178.178.192.0/22 maxlen: 22
178.178.198.0/23 maxlen: 23
178.178.204.0/24 maxlen: 24
178.178.205.0/24 maxlen: 24
178.178.216.0/21 maxlen: 21
178.178.235.0/24 maxlen: 24
178.178.236.0/24 maxlen: 24
188.170.0.0/19 maxlen: 19
188.170.24.0/24 maxlen: 24
188.170.25.0/24 maxlen: 24
188.170.32.0/21 maxlen: 21
188.170.40.0/21 maxlen: 21
193.201.228.0/22 maxlen: 22
195.16.96.0/19 maxlen: 19
195.16.110.0/23 maxlen: 23
195.16.114.0/23 maxlen: 23
195.230.70.0/23 maxlen: 23
195.230.91.0/24 maxlen: 24
195.230.92.0/24 maxlen: 24
212.69.106.0/24 maxlen: 24
212.69.113.0/24 maxlen: 24
212.69.114.0/24 maxlen: 24
212.69.125.0/24 maxlen: 24
213.243.109.0/24 maxlen: 24
213.243.116.0/24 maxlen: 24
2a03:d000:4000::/36 maxlen: 36
2a03:d000:4100::/40 maxlen: 40
2a03:d000:4200::/40 maxlen: 40
2a03:d000:4300::/40 maxlen: 40
2a03:d000:4400::/40 maxlen: 40
2a03:d004::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ec:d5:d4:e5:51:77:60:98:e4:96:f6:86:6b:d7:b8:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jun 6 09:16:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3fc77ca1d9d3ae681413d4e0708dade8d39ad35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:92:ec:3c:8e:4f:5f:aa:13:04:2c:ea:c3:17:
c8:b1:68:ae:df:b1:6a:2f:b8:cc:e7:7c:d9:b3:34:
76:1b:15:2f:d5:ad:fb:16:59:35:4b:7b:ed:41:73:
ea:b8:f9:40:58:2e:ca:81:b1:8e:74:02:3d:a2:e9:
ce:7f:4c:fc:ba:69:23:69:62:35:62:17:39:a7:92:
e8:b0:3a:b2:07:f0:3a:fd:02:17:af:86:f5:a6:22:
78:84:2e:2a:6c:20:0c:8a:21:80:3c:0a:76:95:2e:
b9:15:9a:5b:c0:76:1a:91:b4:0f:72:27:32:56:38:
f9:57:9f:fc:6b:b2:bf:a2:bf:05:54:92:ba:22:04:
80:c3:79:33:3e:6c:50:88:21:eb:3e:b6:6a:05:07:
0e:6b:64:eb:79:30:8b:10:e1:f2:85:9c:36:c6:cf:
19:ab:57:f5:44:6b:4f:0c:f6:cf:eb:d5:0a:9d:22:
39:2d:25:76:e2:d4:59:b9:10:7b:90:9a:f2:be:b6:
d7:52:7e:2a:5f:3b:f7:93:f3:ce:68:9e:72:a2:ec:
7e:e2:1d:ea:66:76:bd:64:3b:05:cb:e0:01:ed:cc:
45:11:59:de:e2:62:89:d6:df:7e:d8:27:86:de:71:
6e:ee:88:cd:82:10:42:96:55:ac:0b:37:0a:b3:6c:
8d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:FC:77:CA:1D:9D:3A:E6:81:41:3D:4E:07:08:DA:DE:8D:39:AD:35
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/w_x3yh2dOuaBQT1OBwja3o05rTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.0.0-31.173.95.255
37.28.176.0/21
37.29.32.0/21
46.229.128.0/22
62.64.0.0/19
78.25.112.0/21
83.222.212.0-83.222.223.255
83.229.211.0/24
83.229.254.0/24
85.26.144.0/20
91.205.168.0/22
94.25.131.0/24
94.25.144.0-94.25.160.255
94.25.164.0/24
94.25.168.0-94.25.191.255
109.188.64.0-109.188.103.255
109.188.112.0-109.188.114.255
128.204.76.0/22
178.176.0.0-178.176.47.255
178.176.52.0/22
178.176.72.0/21
178.176.92.0/22
178.177.0.0/18
178.178.192.0/22
178.178.198.0/23
178.178.204.0/23
178.178.216.0/21
178.178.235.0-178.178.236.255
188.170.0.0-188.170.47.255
193.201.228.0/22
195.16.96.0/19
195.230.70.0/23
195.230.91.0-195.230.92.255
212.69.106.0/24
212.69.113.0-212.69.114.255
212.69.125.0/24
213.243.109.0/24
213.243.116.0/24
IPv6:
2a03:d000:4000::/36
2a03:d004::/40
Signature Algorithm: sha256WithRSAEncryption
82:1f:cb:c3:11:1a:df:c0:8a:ea:f8:6e:57:55:10:6f:3d:50:
80:3e:37:b7:53:dc:42:82:86:e7:e4:68:2e:ad:05:22:2f:95:
e6:d3:33:61:c4:dc:d1:47:79:17:be:43:cf:42:e0:77:8d:59:
68:7d:67:27:3c:3a:c0:07:a1:f5:ea:27:40:d6:1b:79:89:84:
e1:2e:17:94:d7:82:d6:ab:61:3e:cb:2a:65:97:9d:3d:3b:d0:
1f:87:9d:15:21:6a:b9:f1:ac:0e:10:62:bf:15:30:c5:78:f0:
8e:0d:65:75:ea:b1:75:16:6b:ce:b1:ae:bd:98:b5:0a:8a:a1:
9c:c5:5d:ed:94:4f:bb:00:60:18:43:90:b3:9d:ca:07:35:6e:
55:bb:90:75:52:03:87:fd:f2:21:a5:dc:44:a5:23:43:47:21:
00:cb:70:68:34:3d:cb:52:67:f5:2d:09:ec:c9:75:5a:56:94:
01:e9:46:45:87:d8:a3:41:9d:a3:7e:e0:cc:c6:33:f1:10:47:
1b:5f:64:99:22:87:92:cb:60:65:65:64:80:4b:17:f6:30:ad:
36:bf:91:20:54:f4:b4:6e:89:2f:2a:34:2c:c7:33:cb:b7:9c:
5d:e7:d9:10:07:f7:cf:9c:84:1b:90:3e:eb:e5:c0:e4:17:e9:
d9:86:59:06
-----BEGIN CERTIFICATE-----
MIIGUjCCBTqgAwIBAgISAY/s1dTlUXdgmOSW9oZr17iOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwNjA2MDkxNjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2ZjNzdjYTFkOWQzYWU2ODE0MTNkNGUwNzA4ZGFkZThkMzlhZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZLsPI5PX6oTBCzqwxfIsWiu37Fq
L7jM53zZszR2GxUv1a37Flk1S3vtQXPquPlAWC7KgbGOdAI9ounOf0z8umkjaWI1
Yhc5p5LosDqyB/A6/QIXr4b1piJ4hC4qbCAMiiGAPAp2lS65FZpbwHYakbQPcicy
Vjj5V5/8a7K/or8FVJK6IgSAw3kzPmxQiCHrPrZqBQcOa2TreTCLEOHyhZw2xs8Z
q1f1RGtPDPbP69UKnSI5LSV24tRZuRB7kJryvrbXUn4qXzv3k/POaJ5youx+4h3q
Zna9ZDsFy+AB7cxFEVne4mKJ1t9+2CeG3nFu7ojNghBCllWsCzcKs2yNbwIDAQAB
o4IDXjCCA1owHQYDVR0OBBYEFMP8d8odnTrmgUE9TgcI2t6NOa01MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvd194M3loMmRPdWFCUVQxT0J3amEzbzA1clRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBcgYIKwYBBQUHAQcBAf8EggFhMIIBXTCCAUEEAgABMIIB
OTALAwMAH60DBAUfrUADBAMlHLADBAMlHSADBAIu5YADBAU+QAADBANOGXAwDAME
AlPe1AMEBVPewAMEAFPl0wMEAFPl/gMEBFUakAMEAlvNqAMEAF4ZgzAMAwQEXhmQ
AwQAXhmgAwQAXhmkMAwDBANeGagDBAZeGYAwDAMEBm28QAMEA228YDAMAwQEbbxw
AwQAbbxyAwQCgMxMMAsDAwSysAMEBLKwIAMEArKwNAMEA7KwSAMEArKwXAMEBrKx
AAMEArKywAMEAbKyxgMEAbKyzAMEA7Ky2DAMAwQAsrLrAwQAsrLsMAsDAwG8qgME
BLyqIAMEAsHJ5AMEBcMQYAMEAcPmRjAMAwQAw+ZbAwQAw+ZcAwQA1EVqMAwDBADU
RXEDBADURXIDBADURX0DBADV820DBADV83QwFgQCAAIwEAMGBCoD0ABAAwYAKgPQ
BAAwDQYJKoZIhvcNAQELBQADggEBAIIfy8MRGt/Aiur4bldVEG89UIA+N7dT3EKC
hufkaC6tBSIvlebTM2HE3NFHeRe+Q89C4HeNWWh9Zyc8OsAHofXqJ0DWG3mJhOEu
F5TXgtarYT7LKmWXnT070B+HnRUharnxrA4QYr8VMMV48I4NZXXqsXUWa86xrr2Y
tQqKoZzFXe2UT7sAYBhDkLOdygc1blW7kHVSA4f98iGl3ESlI0NHIQDLcGg0PctS
Z/UtCezJdVpWlAHpRkWH2KNBnaN+4MzGM/EQRxtfZJkih5LLYGVlZIBLF/YwrTa/
kSBU9LRuiS8qNCzHM8u3nF3n2RAH98+chBuQPuvlwOQX6dmGWQY=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:22:24 2024 by rpki-client on console-ams.rpki-client.org