Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/zcaR9Bho3tUXJzQjjyS6WMV254E.roa
File: zcaR9Bho3tUXJzQjjyS6WMV254E.roa (raw, json)
Hash identifier: nku4InVZAKHWp7wHxGEcJu+pPyIDjkEXhKhys9DHHG4=
Subject key identifier: CD:C6:91:F4:18:68:DE:D5:17:27:34:23:8F:24:BA:58:C5:76:E7:81
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0191C0DB0095F143672FD97ECBD22D92CA7F
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/zcaR9Bho3tUXJzQjjyS6WMV254E.roa
Signing time: Thu 05 Sep 2024 06:24:23 +0000
ROA not before: Thu 05 Sep 2024 06:24:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31205
IP address blocks: 31.173.240.0/23 maxlen: 23
31.173.242.0/23 maxlen: 23
31.173.244.0/22 maxlen: 22
37.29.86.0/23 maxlen: 23
46.232.200.0/24 maxlen: 24
46.232.202.0/23 maxlen: 23
78.25.92.0/23 maxlen: 23
78.25.94.0/23 maxlen: 23
83.149.48.0/24 maxlen: 24
83.149.49.0/24 maxlen: 24
83.149.50.0/24 maxlen: 24
83.149.51.0/24 maxlen: 24
83.169.248.0/22 maxlen: 22
83.169.252.0/22 maxlen: 22
85.26.224.0/24 maxlen: 24
85.26.226.0/24 maxlen: 24
85.26.227.0/24 maxlen: 24
85.26.228.0/24 maxlen: 24
85.26.229.0/24 maxlen: 24
85.26.230.0/24 maxlen: 24
85.26.231.0/24 maxlen: 24
128.204.66.0/24 maxlen: 24
128.204.67.0/24 maxlen: 24
178.176.48.0/24 maxlen: 24
178.176.240.0/22 maxlen: 22
178.176.244.0/22 maxlen: 22
178.177.208.0/21 maxlen: 21
178.178.207.0/24 maxlen: 24
185.210.140.0/23 maxlen: 23
185.210.142.0/23 maxlen: 23
188.162.0.0/24 maxlen: 24
188.162.1.0/24 maxlen: 24
188.162.2.0/23 maxlen: 23
188.162.4.0/22 maxlen: 22
188.162.8.0/23 maxlen: 23
188.162.10.0/23 maxlen: 23
188.162.12.0/23 maxlen: 23
188.162.14.0/23 maxlen: 23
188.162.72.0/22 maxlen: 22
188.162.76.0/23 maxlen: 23
188.162.78.0/24 maxlen: 24
188.162.79.0/24 maxlen: 24
188.162.80.0/24 maxlen: 24
188.162.81.0/24 maxlen: 24
188.162.82.0/24 maxlen: 24
188.162.83.0/24 maxlen: 24
188.162.84.0/24 maxlen: 24
188.162.85.0/24 maxlen: 24
188.162.86.0/24 maxlen: 24
188.162.87.0/24 maxlen: 24
188.162.88.0/24 maxlen: 24
188.162.89.0/24 maxlen: 24
188.162.90.0/23 maxlen: 23
188.162.92.0/22 maxlen: 22
188.170.240.0/22 maxlen: 22
188.170.247.0/24 maxlen: 24
2a03:d000:6400::/40 maxlen: 40
2a03:d000:6500::/40 maxlen: 40
2a03:d000:67fe::/48 maxlen: 48
2a03:d000:67ff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c0:db:00:95:f1:43:67:2f:d9:7e:cb:d2:2d:92:ca:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Sep 5 06:24:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdc691f41868ded5172734238f24ba58c576e781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f0:20:f7:a4:6e:15:56:33:b2:3e:3b:6c:4f:
32:44:a5:73:0e:90:3a:fe:4c:a6:c9:86:df:ac:ef:
d1:91:30:e8:12:71:08:cd:d5:65:a5:5b:24:f0:11:
e4:5a:91:47:03:fa:1a:26:aa:cb:ab:c3:8c:4a:e1:
37:53:61:b6:7c:41:39:41:77:95:54:b7:4f:a5:a9:
d1:ba:c6:f6:fb:38:7c:24:93:70:24:25:d3:90:af:
8c:76:14:24:8f:1f:52:10:4c:3a:2c:a0:93:b3:78:
fb:63:bf:3c:58:5d:a4:4c:bf:00:01:43:f4:80:88:
9c:f3:be:af:67:d3:c4:2f:5e:11:e6:0e:8b:5e:e8:
df:73:68:f8:b4:dc:3a:3d:10:78:e8:94:2b:ba:90:
bb:02:8f:2f:fb:28:b3:c3:b1:c2:69:60:9d:64:01:
ab:e5:fb:42:a8:99:7d:ed:4f:26:a7:09:57:9b:d7:
55:d3:8d:9d:34:6a:b7:2a:db:90:bb:01:47:d2:4c:
05:57:4d:f2:f2:a6:8c:11:c0:20:60:aa:8c:63:86:
4d:1f:3e:a2:70:19:13:10:e1:7a:47:04:16:d9:bc:
94:5a:75:f6:bf:35:a7:4d:2a:bd:27:16:73:09:b8:
1c:54:ea:2f:f6:42:e2:9f:5a:97:bf:25:43:14:df:
36:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:C6:91:F4:18:68:DE:D5:17:27:34:23:8F:24:BA:58:C5:76:E7:81
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/zcaR9Bho3tUXJzQjjyS6WMV254E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.240.0/21
37.29.86.0/23
46.232.200.0/24
46.232.202.0/23
78.25.92.0/22
83.149.48.0/22
83.169.248.0/21
85.26.224.0/24
85.26.226.0-85.26.231.255
128.204.66.0/23
178.176.48.0/24
178.176.240.0/21
178.177.208.0/21
178.178.207.0/24
185.210.140.0/22
188.162.0.0/20
188.162.72.0-188.162.95.255
188.170.240.0/22
188.170.247.0/24
IPv6:
2a03:d000:6400::/39
2a03:d000:67fe::/47
Signature Algorithm: sha256WithRSAEncryption
34:3e:f9:c0:7a:bd:34:d1:53:24:09:8b:f6:2b:69:1e:a8:5e:
24:a9:45:8f:ad:95:31:b3:68:92:a3:37:aa:a2:e1:72:7e:e2:
99:f6:38:4d:c8:f0:37:5f:99:3b:e5:c2:f5:52:34:1d:eb:67:
e8:be:92:92:1f:da:f7:06:77:40:b9:97:a1:f3:39:03:11:2b:
bf:5a:be:67:c4:22:56:68:89:a3:35:e9:b8:92:c1:b1:28:50:
d3:f7:8b:7c:c0:12:eb:a0:ed:7f:d3:ef:5c:19:73:ad:17:96:
50:56:6b:50:76:eb:22:ce:b2:a9:cf:13:55:bd:6f:39:46:1a:
e8:aa:5a:43:e5:c1:d7:3b:e3:e4:eb:0c:09:b8:91:1e:35:d9:
cf:50:8c:c1:a2:dd:08:c1:22:64:d7:d5:77:c7:d6:a7:c9:76:
e6:b7:1a:20:d6:7c:3c:57:1b:c5:7d:41:92:1c:ad:3b:a4:90:
27:9b:87:87:a9:28:82:d3:5c:47:bb:a2:39:b3:09:bd:90:29:
21:2f:2e:d9:5e:d6:61:7d:d8:6f:49:dc:21:66:97:d8:ca:82:
a3:96:67:50:c9:76:35:1c:c5:19:5d:21:a4:29:91:d3:8b:18:
e0:59:46:10:6c:9c:ae:8a:da:3b:82:aa:1a:3e:ba:ef:86:aa:
9d:38:29:3c
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAZHA2wCV8UNnL9l+y9Itksp/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwOTA1MDYyNDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGM2OTFmNDE4NjhkZWQ1MTcyNzM0MjM4ZjI0YmE1OGM1NzZlNzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPAg96RuFVYzsj47bE8yRKVzDpA6
/kymyYbfrO/RkTDoEnEIzdVlpVsk8BHkWpFHA/oaJqrLq8OMSuE3U2G2fEE5QXeV
VLdPpanRusb2+zh8JJNwJCXTkK+MdhQkjx9SEEw6LKCTs3j7Y788WF2kTL8AAUP0
gIic876vZ9PEL14R5g6LXujfc2j4tNw6PRB46JQrupC7Ao8v+yizw7HCaWCdZAGr
5ftCqJl97U8mpwlXm9dV042dNGq3KtuQuwFH0kwFV03y8qaMEcAgYKqMY4ZNHz6i
cBkTEOF6RwQW2byUWnX2vzWnTSq9JxZzCbgcVOov9kLin1qXvyVDFN82tQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFM3GkfQYaN7VFyc0I48kuljFdueBMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvemNhUjlCaG8zdFVYSnpRamp5UzZXTVYyNTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTCBiQQCAAEwgYIDBAMf
rfADBAElHVYDBAAu6MgDBAEu6MoDBAJOGVwDBAJTlTADBANTqfgDBABVGuAwDAME
AVUa4gMEA1Ua4AMEAYDMQgMEALKwMAMEA7Kw8AMEA7Kx0AMEALKyzwMEArnSjAME
BLyiADAMAwQDvKJIAwQFvKJAAwQCvKrwAwQAvKr3MBcEAgACMBEDBgEqA9AAZAMH
ASoD0ABn/jANBgkqhkiG9w0BAQsFAAOCAQEAND75wHq9NNFTJAmL9itpHqheJKlF
j62VMbNokqM3qqLhcn7imfY4TcjwN1+ZO+XC9VI0Hetn6L6Skh/a9wZ3QLmXofM5
AxErv1q+Z8QiVmiJozXpuJLBsShQ0/eLfMAS66Dtf9PvXBlzrReWUFZrUHbrIs6y
qc8TVb1vOUYa6KpaQ+XB1zvj5OsMCbiRHjXZz1CMwaLdCMEiZNfVd8fWp8l25rca
INZ8PFcbxX1BkhytO6SQJ5uHh6kogtNcR7uiObMJvZApIS8u2V7WYX3Yb0ncIWaX
2MqCo5ZnUMl2NRzFGV0hpCmR04sY4FlGEGycroraO4KqGj6674aqnTgpPA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:22:24 2024 by rpki-client on console-ams.rpki-client.org