Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/zB8vLgonXw95iTubUaenQT57vEQ.roa
File: zB8vLgonXw95iTubUaenQT57vEQ.roa (raw, json)
Hash identifier: 6BoMbGr4x1XE+8eQVgNL0m+orvTIxzF8h4oCjHG3qY4=
Subject key identifier: CC:1F:2F:2E:0A:27:5F:0F:79:89:3B:9B:51:A7:A7:41:3E:7B:BC:44
Certificate issuer: /CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Certificate serial: 018D83A50D578B16F2110789CD2CC837959E
Authority key identifier: 7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/zB8vLgonXw95iTubUaenQT57vEQ.roa
Signing time: Wed 07 Feb 2024 12:57:28 +0000
ROA not before: Wed 07 Feb 2024 12:57:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2116
IP address blocks: 31.185.24.0/21 maxlen: 21
37.191.128.0/17 maxlen: 17
62.63.0.0/18 maxlen: 18
62.101.192.0/18 maxlen: 18
64.28.0.0/19 maxlen: 19
77.40.128.0/17 maxlen: 17
77.88.64.0/18 maxlen: 18
77.234.48.0/21 maxlen: 21
78.24.144.0/21 maxlen: 21
79.135.0.0/19 maxlen: 19
80.64.192.0/20 maxlen: 20
80.241.80.0/20 maxlen: 20
81.0.128.0/18 maxlen: 18
81.175.0.0/20 maxlen: 20
81.175.20.0/22 maxlen: 22
81.175.24.0/21 maxlen: 21
81.175.32.0/19 maxlen: 19
81.191.0.0/16 maxlen: 16
82.196.192.0/19 maxlen: 19
84.20.96.0/19 maxlen: 19
85.112.128.0/19 maxlen: 19
85.196.64.0/18 maxlen: 18
85.221.0.0/17 maxlen: 17
85.252.0.0/16 maxlen: 16
86.62.128.0/18 maxlen: 18
87.118.0.0/18 maxlen: 18
88.84.160.0/19 maxlen: 19
89.191.0.0/19 maxlen: 19
91.135.32.0/20 maxlen: 20
91.202.80.0/22 maxlen: 22
109.199.192.0/19 maxlen: 19
178.74.0.0/18 maxlen: 18
185.8.16.0/22 maxlen: 22
185.35.80.0/22 maxlen: 22
185.67.116.0/22 maxlen: 22
185.129.156.0/22 maxlen: 22
193.69.0.0/16 maxlen: 16
193.71.0.0/16 maxlen: 16
193.75.0.0/17 maxlen: 17
193.90.0.0/16 maxlen: 16
193.91.128.0/17 maxlen: 17
194.19.0.0/17 maxlen: 17
194.29.200.0/22 maxlen: 22
194.54.96.0/19 maxlen: 19
195.0.128.0/17 maxlen: 17
195.1.0.0/16 maxlen: 16
195.18.128.0/17 maxlen: 17
195.139.0.0/16 maxlen: 16
195.159.0.0/16 maxlen: 16
195.204.0.0/16 maxlen: 16
212.62.224.0/19 maxlen: 19
212.71.64.0/19 maxlen: 19
213.52.0.0/17 maxlen: 17
213.151.128.0/19 maxlen: 19
213.158.224.0/19 maxlen: 19
213.160.224.0/20 maxlen: 20
213.160.240.0/21 maxlen: 21
213.172.192.0/19 maxlen: 19
213.239.64.0/18 maxlen: 18
217.8.128.0/19 maxlen: 19
217.14.0.0/20 maxlen: 20
217.77.32.0/20 maxlen: 20
217.118.32.0/19 maxlen: 19
217.144.224.0/19 maxlen: 19
2001:840::/29 maxlen: 29
2001:8c0::/29 maxlen: 29
2001:4dd8::/29 maxlen: 29
2a00:c440::/29 maxlen: 29
2a01:520::/29 maxlen: 29
2a02:270::/29 maxlen: 29
2a03:c000::/29 maxlen: 29
2a04:6340::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.mft
rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:a5:0d:57:8b:16:f2:11:07:89:cd:2c:c8:37:95:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Validity
Not Before: Feb 7 12:57:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc1f2f2e0a275f0f79893b9b51a7a7413e7bbc44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:21:1e:2b:9f:5b:13:0e:16:25:a6:6e:e9:16:
28:b4:65:f8:d2:ec:32:25:23:17:cd:f2:9d:a9:77:
de:5d:be:f9:cf:bd:ae:fe:34:86:5c:38:f4:b5:d2:
8a:5a:29:bd:44:ec:38:bd:a9:4e:d4:29:a3:dc:c8:
f6:ad:be:c2:26:b5:ea:2d:3f:9f:05:39:74:2b:ce:
b9:05:9a:c0:3d:54:8e:1e:99:ed:b6:62:c9:ab:3d:
b5:b4:23:33:d8:dc:62:22:1a:29:0f:59:ce:f4:8a:
b4:b4:f4:52:0b:49:cf:d6:5f:1a:7d:2c:3a:b6:4b:
9f:e2:bf:24:65:c6:6f:24:80:b5:66:c2:0f:42:29:
4b:ff:aa:65:0a:72:4c:2c:0b:ae:07:c9:80:87:a3:
96:ba:d8:78:18:5b:6b:44:eb:9e:6e:72:35:62:6b:
d1:2b:14:4d:85:e0:19:30:8f:74:04:45:f2:fd:52:
cf:d2:83:a4:bf:13:b7:5b:79:dc:9a:48:87:fb:d4:
49:7d:1f:87:6c:a4:c8:26:ac:ae:cc:27:71:40:5d:
53:85:41:d2:bb:06:23:bc:0a:94:c8:a9:10:d1:e6:
28:76:55:af:e7:53:e6:b4:17:0a:54:1c:4a:4d:42:
b6:60:dc:4a:18:e6:35:77:79:50:5d:54:a7:85:f0:
b8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:1F:2F:2E:0A:27:5F:0F:79:89:3B:9B:51:A7:A7:41:3E:7B:BC:44
X509v3 Authority Key Identifier:
keyid:7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/zB8vLgonXw95iTubUaenQT57vEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.24.0/21
37.191.128.0/17
62.63.0.0/18
62.101.192.0/18
64.28.0.0/19
77.40.128.0/17
77.88.64.0/18
77.234.48.0/21
78.24.144.0/21
79.135.0.0/19
80.64.192.0/20
80.241.80.0/20
81.0.128.0/18
81.175.0.0/20
81.175.20.0-81.175.63.255
81.191.0.0/16
82.196.192.0/19
84.20.96.0/19
85.112.128.0/19
85.196.64.0/18
85.221.0.0/17
85.252.0.0/16
86.62.128.0/18
87.118.0.0/18
88.84.160.0/19
89.191.0.0/19
91.135.32.0/20
91.202.80.0/22
109.199.192.0/19
178.74.0.0/18
185.8.16.0/22
185.35.80.0/22
185.67.116.0/22
185.129.156.0/22
193.69.0.0/16
193.71.0.0/16
193.75.0.0/17
193.90.0.0/16
193.91.128.0/17
194.19.0.0/17
194.29.200.0/22
194.54.96.0/19
195.0.128.0-195.1.255.255
195.18.128.0/17
195.139.0.0/16
195.159.0.0/16
195.204.0.0/16
212.62.224.0/19
212.71.64.0/19
213.52.0.0/17
213.151.128.0/19
213.158.224.0/19
213.160.224.0-213.160.247.255
213.172.192.0/19
213.239.64.0/18
217.8.128.0/19
217.14.0.0/20
217.77.32.0/20
217.118.32.0/19
217.144.224.0/19
IPv6:
2001:840::/29
2001:8c0::/29
2001:4dd8::/29
2a00:c440::/29
2a01:520::/29
2a02:270::/29
2a03:c000::/29
2a04:6340::/29
Signature Algorithm: sha256WithRSAEncryption
6a:4f:9e:f4:a3:ac:3e:e1:9a:c0:3c:5c:de:72:67:81:02:41:
52:02:d1:f5:16:6e:c9:29:75:40:97:69:e6:94:d2:a5:7d:cb:
aa:91:c9:51:f5:72:70:d5:2c:fd:0c:ae:db:b6:4f:bb:2a:94:
91:c1:d0:29:3b:94:e7:f1:05:28:f6:d2:c9:4e:ac:6f:d8:d9:
42:b9:d0:9c:0b:9d:3f:e1:8e:50:e8:6a:df:d5:77:8d:27:40:
56:05:9c:00:e1:fe:7a:47:8e:b9:8a:b8:83:45:d4:ef:89:84:
0c:70:51:a6:70:fd:59:7c:b5:55:3a:51:63:48:26:56:01:56:
de:1e:0d:60:f4:9d:20:7b:ee:88:75:43:7f:40:63:72:bb:35:
70:fc:83:81:f2:42:6b:1f:de:df:e1:d6:6b:9b:84:8c:7d:5b:
03:55:ba:ed:bb:a2:03:c4:2c:70:6a:61:7c:e3:7d:80:8a:27:
d1:89:8c:6b:9c:22:0f:66:59:0f:e2:e1:df:02:92:34:d3:f9:
4b:3a:13:03:84:60:5f:a7:8e:72:da:51:ad:6b:08:15:aa:f5:
e7:57:98:79:3f:23:83:5f:5d:f1:e2:dd:50:7a:9c:2b:05:1a:
2f:37:a3:88:18:16:bb:23:01:37:de:4d:64:a1:e8:b6:7f:1e:
8c:53:7e:13
-----BEGIN CERTIFICATE-----
MIIGuDCCBaCgAwIBAgISAY2DpQ1XixbyEQeJzSzIN5WeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYzRhY2VkY2I4NmNkZGZlZDdmNmRlOGNhZGZjYTAwNDY5
YmJjOGUwHhcNMjQwMjA3MTI1NzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzFmMmYyZTBhMjc1ZjBmNzk4OTNiOWI1MWE3YTc0MTNlN2JiYzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryEeK59bEw4WJaZu6RYotGX40uwy
JSMXzfKdqXfeXb75z72u/jSGXDj0tdKKWim9ROw4valO1Cmj3Mj2rb7CJrXqLT+f
BTl0K865BZrAPVSOHpnttmLJqz21tCMz2NxiIhopD1nO9Iq0tPRSC0nP1l8afSw6
tkuf4r8kZcZvJIC1ZsIPQilL/6plCnJMLAuuB8mAh6OWuth4GFtrROuebnI1YmvR
KxRNheAZMI90BEXy/VLP0oOkvxO3W3ncmkiH+9RJfR+HbKTIJqyuzCdxQF1ThUHS
uwYjvAqUyKkQ0eYodlWv51PmtBcKVBxKTUK2YNxKGOY1d3lQXVSnhfC4bwIDAQAB
o4IDxDCCA8AwHQYDVR0OBBYEFMwfLy4KJ18PeYk7m1Gnp0E+e7xEMB8GA1UdIwQY
MBaAFH3ErO3Lhs3f7X9t6MrfygBGm7yOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1Nzkt
Mzk0ODAyODVhOTQ4LzEvekI4dkxnb25Ydzk1aVR1YlVhZW5RVDU3dkVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1NzktMzk0ODAyODVhOTQ4
LzEvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB2AYIKwYBBQUHAQcBAf8EggHHMIIBwzCCAX8EAgABMIIB
dwMEAx+5GAMEByW/gAMEBj4/AAMEBj5lwAMEBUAcAAMEB00ogAMEBk1YQAMEA03q
MAMEA04YkAMEBU+HAAMEBFBAwAMEBFDxUAMEBlEAgAMEBFGvADAMAwQCUa8UAwQG
Ua8AAwMAUb8DBAVSxMADBAVUFGADBAVVcIADBAZVxEADBAdV3QADAwBV/AMEBlY+
gAMEBld2AAMEBVhUoAMEBVm/AAMEBFuHIAMEAlvKUAMEBW3HwAMEBrJKAAMEArkI
EAMEArkjUAMEArlDdAMEArmBnAMDAMFFAwMAwUcDBAfBSwADAwDBWgMEB8FbgAME
B8ITAAMEAsIdyAMEBcI2YDALAwQHwwCAAwMBwwADBAfDEoADAwDDiwMDAMOfAwMA
w8wDBAXUPuADBAXUR0ADBAfVNAADBAXVl4ADBAXVnuAwDAMEBdWg4AMEA9Wg8AME
BdWswAMEBtXvQAMEBdkIgAMEBNkOAAMEBNlNIAMEBdl2IAMEBdmQ4DA+BAIAAjA4
AwUDIAEIQAMFAyABCMADBQMgAU3YAwUDKgDEQAMFAyoBBSADBQMqAgJwAwUDKgPA
AAMFAyoEY0AwDQYJKoZIhvcNAQELBQADggEBAGpPnvSjrD7hmsA8XN5yZ4ECQVIC
0fUWbskpdUCXaeaU0qV9y6qRyVH1cnDVLP0Mrtu2T7sqlJHB0Ck7lOfxBSj20slO
rG/Y2UK50JwLnT/hjlDoat/Vd40nQFYFnADh/npHjrmKuINF1O+JhAxwUaZw/Vl8
tVU6UWNIJlYBVt4eDWD0nSB77oh1Q39AY3K7NXD8g4HyQmsf3t/h1mubhIx9WwNV
uu27ogPELHBqYXzjfYCKJ9GJjGucIg9mWQ/i4d8CkjTT+Us6EwOEYF+njnLaUa1r
CBWq9edXmHk/I4NfXfHi3VB6nCsFGi83o4gYFrsjATfeTWSh6LZ/HoxTfhM=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:47:32 2024 by rpki-client on console-ams.rpki-client.org