Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/wcN8b0Zz-0x_nu7aU86jEsJZXwY.roa
File: wcN8b0Zz-0x_nu7aU86jEsJZXwY.roa (raw, json)
Hash identifier: 5ebWHbGSCwZUy4uOTkuMm7+HCgytBKkTjDwcQYjNZdE=
Subject key identifier: C1:C3:7C:6F:46:73:FB:4C:7F:9E:EE:DA:53:CE:A3:12:C2:59:5F:06
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018CC56DE3A1EA1355DB9BC1A52D7770AE83
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/wcN8b0Zz-0x_nu7aU86jEsJZXwY.roa
Signing time: Mon 01 Jan 2024 14:29:22 +0000
ROA not before: Mon 01 Jan 2024 14:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31208
IP address blocks: 178.178.82.0/24 maxlen: 24
178.178.130.0/24 maxlen: 24
178.178.129.0/24 maxlen: 24
178.178.132.0/24 maxlen: 24
178.178.131.0/24 maxlen: 24
178.178.128.0/24 maxlen: 24
37.28.186.0/24 maxlen: 24
188.170.50.0/24 maxlen: 24
37.28.184.0/24 maxlen: 24
188.170.49.0/24 maxlen: 24
188.170.48.0/24 maxlen: 24
188.170.52.0/24 maxlen: 24
188.170.57.0/24 maxlen: 24
188.170.56.0/24 maxlen: 24
188.170.53.0/24 maxlen: 24
188.170.63.0/24 maxlen: 24
188.170.60.0/24 maxlen: 24
188.170.62.0/24 maxlen: 24
188.170.59.0/24 maxlen: 24
188.170.61.0/24 maxlen: 24
37.29.74.0/24 maxlen: 24
37.29.75.0/24 maxlen: 24
37.29.72.0/24 maxlen: 24
178.176.56.0/24 maxlen: 24
178.176.58.0/24 maxlen: 24
178.176.57.0/24 maxlen: 24
178.176.62.0/24 maxlen: 24
178.176.59.0/24 maxlen: 24
178.176.61.0/24 maxlen: 24
178.176.63.0/24 maxlen: 24
178.176.60.0/24 maxlen: 24
83.149.42.0/23 maxlen: 23
83.149.40.0/24 maxlen: 24
83.169.212.0/24 maxlen: 24
83.169.208.0/24 maxlen: 24
83.169.213.0/24 maxlen: 24
83.169.211.0/24 maxlen: 24
83.169.214.0/24 maxlen: 24
178.178.135.0/24 maxlen: 24
178.178.137.0/24 maxlen: 24
178.178.134.0/24 maxlen: 24
178.178.133.0/24 maxlen: 24
178.178.136.0/24 maxlen: 24
178.178.143.0/24 maxlen: 24
178.178.142.0/24 maxlen: 24
46.229.136.0/22 maxlen: 22
46.229.140.0/24 maxlen: 24
46.229.143.0/24 maxlen: 24
46.229.141.0/24 maxlen: 24
46.229.142.0/24 maxlen: 24
2a03:d000:3000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e3:a1:ea:13:55:db:9b:c1:a5:2d:77:70:ae:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 14:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1c37c6f4673fb4c7f9eeeda53cea312c2595f06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3c:79:e8:17:ea:fa:d5:51:ae:00:03:c9:a6:
36:0e:bb:34:f5:6c:db:49:c0:9e:3e:a6:38:9a:92:
2a:76:96:b0:57:6f:a2:09:bf:a7:53:cf:68:99:7c:
61:89:45:79:7e:39:bd:11:d0:a6:fa:bf:e2:97:28:
f5:56:6b:ca:b5:45:69:ed:2f:a2:6d:4c:12:66:c9:
c6:c0:a4:eb:8c:73:9d:b3:95:16:6d:7f:dd:d6:0e:
3d:15:7d:68:8c:8a:86:74:67:0f:2f:42:46:d2:d6:
7b:41:39:c5:a5:1e:4e:99:f1:42:e2:cb:7e:e1:58:
fe:97:91:cb:a2:b0:cd:1f:80:3b:75:1d:49:c7:c3:
4d:f4:5c:1e:9e:57:d8:1d:f4:38:f5:17:60:95:20:
ad:96:4b:6b:73:4f:39:45:ae:1e:14:18:6f:40:d9:
bc:9e:83:9d:2d:02:64:28:23:96:23:a4:84:0c:3b:
70:d6:8e:ec:fc:2d:ca:41:f0:5f:de:db:8d:db:fe:
21:34:25:c0:27:b8:fa:94:a5:18:03:55:b1:9e:79:
78:8b:05:0a:ba:0a:f7:fe:6d:f2:47:c0:91:68:7e:
26:2f:3b:e0:07:d6:93:07:b5:fd:05:f1:15:a2:67:
4e:e3:a3:44:53:20:a4:36:ac:29:81:99:3a:c6:d0:
21:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C3:7C:6F:46:73:FB:4C:7F:9E:EE:DA:53:CE:A3:12:C2:59:5F:06
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/wcN8b0Zz-0x_nu7aU86jEsJZXwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.184.0/24
37.28.186.0/24
37.29.72.0/24
37.29.74.0/23
46.229.136.0/21
83.149.40.0/24
83.149.42.0/23
83.169.208.0/24
83.169.211.0-83.169.214.255
178.176.56.0/21
178.178.82.0/24
178.178.128.0-178.178.137.255
178.178.142.0/23
188.170.48.0-188.170.50.255
188.170.52.0/23
188.170.56.0/23
188.170.59.0-188.170.63.255
IPv6:
2a03:d000:3000::/36
Signature Algorithm: sha256WithRSAEncryption
1f:eb:b0:7d:b4:fb:73:fb:ba:3b:b2:72:65:e1:b6:9f:a9:93:
03:2f:6f:2b:63:13:47:54:59:38:42:1d:8e:59:07:55:39:58:
a5:6c:9d:56:ef:7a:c7:40:96:25:06:4b:dc:6e:4e:b7:c0:37:
32:89:b8:85:f5:33:49:87:8c:01:bb:59:63:4d:29:e6:62:2a:
0a:7d:40:91:4c:dc:04:d8:25:85:25:ae:00:7e:de:6e:e6:11:
26:4c:ca:ec:03:b5:13:db:35:6a:ce:f5:c9:7a:8a:fc:a3:a3:
65:e2:3f:a6:75:a1:a5:1e:24:9e:45:c1:39:38:dc:b0:91:5e:
96:4a:6b:72:0a:a0:83:0b:3c:83:cd:e5:de:f3:ab:9a:98:d8:
98:8e:1d:47:71:e6:8a:d0:79:d6:fa:0d:23:a4:86:b5:63:39:
c2:1e:0b:2c:5c:ad:ca:4c:35:8f:4f:15:c8:ca:e6:c6:85:0d:
a3:20:5c:17:42:fc:5d:62:22:93:cf:bd:e6:58:24:48:fc:87:
c2:ed:19:a8:e2:48:aa:cd:ce:4f:96:d9:f1:31:fe:4d:81:f7:
24:f2:0b:5a:cf:82:a7:36:0a:39:49:b9:08:38:28:0c:b7:86:
11:33:bd:db:12:c0:94:71:d2:50:4f:61:c5:cc:6f:d7:c0:dc:
df:06:3a:61
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYzFbeOh6hNV25vBpS13cK6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwMTAxMTQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWMzN2M2ZjQ2NzNmYjRjN2Y5ZWVlZGE1M2NlYTMxMmMyNTk1ZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzx56Bfq+tVRrgADyaY2Drs09Wzb
ScCePqY4mpIqdpawV2+iCb+nU89omXxhiUV5fjm9EdCm+r/ilyj1VmvKtUVp7S+i
bUwSZsnGwKTrjHOds5UWbX/d1g49FX1ojIqGdGcPL0JG0tZ7QTnFpR5OmfFC4st+
4Vj+l5HLorDNH4A7dR1Jx8NN9FwenlfYHfQ49RdglSCtlktrc085Ra4eFBhvQNm8
noOdLQJkKCOWI6SEDDtw1o7s/C3KQfBf3tuN2/4hNCXAJ7j6lKUYA1Wxnnl4iwUK
ugr3/m3yR8CRaH4mLzvgB9aTB7X9BfEVomdO46NEUyCkNqwpgZk6xtAhzwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFMHDfG9Gc/tMf57u2lPOoxLCWV8GMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvd2NOOGIwWnotMHhfbnU3YVU4NmpFc0paWHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBjQQCAAEwgYYDBAAl
HLgDBAAlHLoDBAAlHUgDBAElHUoDBAMu5YgDBABTlSgDBAFTlSoDBABTqdAwDAME
AFOp0wMEAFOp1gMEA7KwOAMEALKyUjAMAwQHsrKAAwQBsrKIAwQBsrKOMAwDBAS8
qjADBAC8qjIDBAG8qjQDBAG8qjgwDAMEALyqOwMEBryqADAOBAIAAjAIAwYEKgPQ
ADAwDQYJKoZIhvcNAQELBQADggEBAB/rsH20+3P7ujuycmXhtp+pkwMvbytjE0dU
WThCHY5ZB1U5WKVsnVbvesdAliUGS9xuTrfANzKJuIX1M0mHjAG7WWNNKeZiKgp9
QJFM3ATYJYUlrgB+3m7mESZMyuwDtRPbNWrO9cl6ivyjo2XiP6Z1oaUeJJ5FwTk4
3LCRXpZKa3IKoIMLPIPN5d7zq5qY2JiOHUdx5orQedb6DSOkhrVjOcIeCyxcrcpM
NY9PFcjK5saFDaMgXBdC/F1iIpPPveZYJEj8h8LtGajiSKrNzk+W2fEx/k2B9yTy
C1rPgqc2CjlJuQg4KAy3hhEzvdsSwJRx0lBPYcXMb9fA3N8GOmE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:22:24 2024 by rpki-client on console-ams.rpki-client.org