Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/6f5746-b406-4c05-9741-54d8f6b06b83/1/NBipad7zmZ5c-zdKBVgriOgalbg.roa
File: NBipad7zmZ5c-zdKBVgriOgalbg.roa (raw, json)
Hash identifier: 6Af9ZBltcKxOpUFxOWlO0QVDU1CE8XizJa1OkEzfCSE=
Subject key identifier: 34:18:A9:69:DE:F3:99:9E:5C:FB:37:4A:05:58:2B:88:E8:1A:95:B8
Certificate issuer: /CN=f6eea10afacf3a9c26ea1b1ec488e955e4dfa06a
Certificate serial: 01919E59FA684EC8F8C7A20D12A787E6D2FA
Authority key identifier: F6:EE:A1:0A:FA:CF:3A:9C:26:EA:1B:1E:C4:88:E9:55:E4:DF:A0:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9u6hCvrPOpwm6hsexIjpVeTfoGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/6f5746-b406-4c05-9741-54d8f6b06b83/1/NBipad7zmZ5c-zdKBVgriOgalbg.roa
Signing time: Thu 29 Aug 2024 13:36:22 +0000
ROA not before: Thu 29 Aug 2024 13:36:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31263
IP address blocks: 31.44.160.0/20 maxlen: 20
31.193.144.0/20 maxlen: 20
45.67.40.0/22 maxlen: 22
45.94.0.0/22 maxlen: 22
45.142.184.0/22 maxlen: 22
46.102.173.0/24 maxlen: 24
77.81.166.0/24 maxlen: 24
77.240.224.0/20 maxlen: 20
77.241.0.0/21 maxlen: 21
77.241.6.0/24 maxlen: 24
77.241.10.0/23 maxlen: 23
77.241.10.0/24 maxlen: 24
77.241.11.0/24 maxlen: 24
77.241.12.0/22 maxlen: 22
79.133.100.0/22 maxlen: 22
80.68.176.0/20 maxlen: 20
80.88.160.0/20 maxlen: 20
84.247.16.0/24 maxlen: 24
84.247.192.0/18 maxlen: 18
84.247.208.0/20 maxlen: 20
84.247.224.0/19 maxlen: 19
85.204.252.0/24 maxlen: 24
89.34.203.0/24 maxlen: 24
92.62.80.0/20 maxlen: 20
93.91.128.0/20 maxlen: 20
119.12.32.0/20 maxlen: 20
176.62.48.0/20 maxlen: 20
178.175.192.0/18 maxlen: 18
178.238.48.0/20 maxlen: 20
185.5.196.0/22 maxlen: 22
185.229.172.0/22 maxlen: 22
193.135.15.0/24 maxlen: 24
193.135.24.0/24 maxlen: 24
2a02:600::/29 maxlen: 29
2a07:580::/29 maxlen: 29
2a07:4f00::/29 maxlen: 29
2a07:55c0::/29 maxlen: 29
2a07:5ec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/6f5746-b406-4c05-9741-54d8f6b06b83/1/9u6hCvrPOpwm6hsexIjpVeTfoGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/6f5746-b406-4c05-9741-54d8f6b06b83/1/9u6hCvrPOpwm6hsexIjpVeTfoGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9u6hCvrPOpwm6hsexIjpVeTfoGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9e:59:fa:68:4e:c8:f8:c7:a2:0d:12:a7:87:e6:d2:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6eea10afacf3a9c26ea1b1ec488e955e4dfa06a
Validity
Not Before: Aug 29 13:36:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3418a969def3999e5cfb374a05582b88e81a95b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:87:0a:ab:35:fa:28:02:86:b3:28:ec:dd:2f:
8d:36:ab:b9:74:33:ea:e4:5a:ab:22:7c:7d:d4:e4:
eb:d8:97:43:48:d8:33:d6:0e:1b:42:72:1f:9b:f7:
69:ea:8e:6b:47:85:25:ff:6d:ab:d6:6b:df:c1:f4:
62:ab:cd:61:3f:cd:f0:c9:4f:68:4f:11:8a:c5:bf:
6b:ed:23:27:4f:e8:dd:4d:82:2c:5b:47:d7:2d:c0:
b2:a5:a6:48:f4:b2:c1:c4:bd:6f:77:39:85:61:96:
95:04:d6:0d:9d:3e:ae:9a:eb:81:0f:a3:12:26:a4:
d7:b5:e4:ad:1b:36:f8:6d:71:43:c7:14:65:b9:04:
10:01:2b:a1:38:16:71:72:ff:61:04:61:09:b0:8a:
c4:d3:97:09:7b:0f:21:d7:7f:e6:49:d3:22:08:75:
7d:92:7a:2d:ac:67:32:38:4f:65:73:ec:9c:86:5b:
b3:28:53:32:ff:76:0a:e0:73:31:20:e8:a7:1a:72:
8d:25:c5:02:30:6c:35:47:64:d8:be:9b:25:41:19:
78:37:21:77:cc:60:0c:58:1f:0e:ad:c0:ae:3b:1e:
3d:92:57:47:fa:c4:d1:02:f4:cd:69:1c:55:34:5a:
75:f0:6b:b0:28:c6:b9:e7:ff:f2:1b:f3:4b:d6:f7:
54:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:18:A9:69:DE:F3:99:9E:5C:FB:37:4A:05:58:2B:88:E8:1A:95:B8
X509v3 Authority Key Identifier:
keyid:F6:EE:A1:0A:FA:CF:3A:9C:26:EA:1B:1E:C4:88:E9:55:E4:DF:A0:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9u6hCvrPOpwm6hsexIjpVeTfoGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/6f5746-b406-4c05-9741-54d8f6b06b83/1/NBipad7zmZ5c-zdKBVgriOgalbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/6f5746-b406-4c05-9741-54d8f6b06b83/1/9u6hCvrPOpwm6hsexIjpVeTfoGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.160.0/20
31.193.144.0/20
45.67.40.0/22
45.94.0.0/22
45.142.184.0/22
46.102.173.0/24
77.81.166.0/24
77.240.224.0/20
77.241.0.0/21
77.241.10.0-77.241.15.255
79.133.100.0/22
80.68.176.0/20
80.88.160.0/20
84.247.16.0/24
84.247.192.0/18
85.204.252.0/24
89.34.203.0/24
92.62.80.0/20
93.91.128.0/20
119.12.32.0/20
176.62.48.0/20
178.175.192.0/18
178.238.48.0/20
185.5.196.0/22
185.229.172.0/22
193.135.15.0/24
193.135.24.0/24
IPv6:
2a02:600::/29
2a07:580::/29
2a07:4f00::/29
2a07:55c0::/29
2a07:5ec0::/29
Signature Algorithm: sha256WithRSAEncryption
05:a2:df:98:66:66:fa:4a:ed:b5:43:cf:34:63:a3:52:cf:dc:
b0:b9:3c:60:e9:a1:af:38:4b:14:30:3e:1f:a8:ec:ea:aa:b5:
20:a5:2e:7f:b0:d7:53:c7:54:ad:36:d2:e0:52:89:66:df:02:
da:49:22:01:c9:7a:4a:0d:af:48:96:10:69:6f:aa:88:10:b9:
4b:d9:fd:72:42:b6:3d:d7:39:32:e1:7f:72:3d:ea:e3:96:6c:
7a:fe:57:0a:e7:29:1e:94:69:ae:46:49:9b:9e:2c:34:73:60:
1c:dd:23:8d:be:22:14:3e:8a:b9:2a:16:b5:8c:72:ca:dd:88:
1f:e0:c0:b5:16:18:09:c1:e9:1c:ef:fa:a5:fe:95:26:e7:54:
7d:3f:b6:28:95:cc:e2:7d:02:2e:13:a2:76:5a:3f:ad:49:b4:
04:d6:fb:4a:ec:4e:72:0a:c6:c0:63:8d:ff:4f:fc:4b:2f:63:
c2:0e:8e:b1:ae:d4:fc:92:0f:9f:4d:c6:d9:29:3a:be:0b:81:
b5:01:ba:00:48:4e:84:42:71:3e:6e:8c:6c:c4:ea:68:a6:72:
fa:75:46:25:b1:6c:83:0b:26:28:04:2c:66:24:54:72:d9:4c:
58:d9:c2:eb:87:ea:5d:59:aa:fe:13:56:6c:ac:72:56:a0:2d:
52:be:dd:d2
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgISAZGeWfpoTsj4x6INEqeH5tL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2ZWVhMTBhZmFjZjNhOWMyNmVhMWIxZWM0ODhlOTU1ZTRk
ZmEwNmEwHhcNMjQwODI5MTMzNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDE4YTk2OWRlZjM5OTllNWNmYjM3NGEwNTU4MmI4OGU4MWE5NWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4cKqzX6KAKGsyjs3S+NNqu5dDPq
5FqrInx91OTr2JdDSNgz1g4bQnIfm/dp6o5rR4Ul/22r1mvfwfRiq81hP83wyU9o
TxGKxb9r7SMnT+jdTYIsW0fXLcCypaZI9LLBxL1vdzmFYZaVBNYNnT6umuuBD6MS
JqTXteStGzb4bXFDxxRluQQQASuhOBZxcv9hBGEJsIrE05cJew8h13/mSdMiCHV9
knotrGcyOE9lc+ychluzKFMy/3YK4HMxIOinGnKNJcUCMGw1R2TYvpslQRl4NyF3
zGAMWB8OrcCuOx49kldH+sTRAvTNaRxVNFp18GuwKMa55//yG/NL1vdU+QIDAQAB
o4IC3TCCAtkwHQYDVR0OBBYEFDQYqWne85meXPs3SgVYK4joGpW4MB8GA1UdIwQY
MBaAFPbuoQr6zzqcJuobHsSI6VXk36BqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXU2aEN2clBPcHdtNmhzZXhJanBWZVRmb0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS82ZjU3NDYtYjQwNi00YzA1LTk3NDEt
NTRkOGY2YjA2YjgzLzEvTkJpcGFkN3ptWjVjLXpkS0JWZ3JpT2dhbGJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS82ZjU3NDYtYjQwNi00YzA1LTk3NDEtNTRkOGY2YjA2Yjgz
LzEvOXU2aEN2clBPcHdtNmhzZXhJanBWZVRmb0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHyBggrBgEFBQcBBwEB/wSB4jCB3zCBsQQCAAEwgaoDBAQf
LKADBAQfwZADBAItQygDBAItXgADBAItjrgDBAAuZq0DBABNUaYDBARN8OADBANN
8QAwDAMEAU3xCgMEBE3xAAMEAk+FZAMEBFBEsAMEBFBYoAMEAFT3EAMEBlT3wAME
AFXM/AMEAFkiywMEBFw+UAMEBF1bgAMEBHcMIAMEBLA+MAMEBrKvwAMEBLLuMAME
ArkFxAMEArnlrAMEAMGHDwMEAMGHGDApBAIAAjAjAwUDKgIGAAMFAyoHBYADBQMq
B08AAwUDKgdVwAMFAyoHXsAwDQYJKoZIhvcNAQELBQADggEBAAWi35hmZvpK7bVD
zzRjo1LP3LC5PGDpoa84SxQwPh+o7OqqtSClLn+w11PHVK020uBSiWbfAtpJIgHJ
ekoNr0iWEGlvqogQuUvZ/XJCtj3XOTLhf3I96uOWbHr+VwrnKR6Uaa5GSZueLDRz
YBzdI42+IhQ+irkqFrWMcsrdiB/gwLUWGAnB6Rzv+qX+lSbnVH0/tiiVzOJ9Ai4T
onZaP61JtATW+0rsTnIKxsBjjf9P/EsvY8IOjrGu1PySD59NxtkpOr4LgbUBugBI
ToRCcT5ujGzE6mimcvp1RiWxbIMLJigELGYkVHLZTFjZwuuH6l1Zqv4TVmysclag
LVK+3dI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:17:49 2024 by rpki-client on console-fra.rpki-client.org