Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/wWu_mnG1mF1XhVWaW0DZDLRaMZA.roa
File: wWu_mnG1mF1XhVWaW0DZDLRaMZA.roa (raw, json)
Hash identifier: OxlFGiJEt7spgwhfyEKbeiDTLip5JYbp9FNAPkL6rNQ=
Subject key identifier: C1:6B:BF:9A:71:B5:98:5D:57:85:55:9A:5B:40:D9:0C:B4:5A:31:90
Certificate issuer: /CN=29fb7da3b44e41b32369e4a5c790d3081fc69aa9
Certificate serial: 01941F8CA73C38EA96AC7559512347B2D21B
Authority key identifier: 29:FB:7D:A3:B4:4E:41:B3:23:69:E4:A5:C7:90:D3:08:1F:C6:9A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kft9o7ROQbMjaeSlx5DTCB_Gmqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/wWu_mnG1mF1XhVWaW0DZDLRaMZA.roa
Signing time: Wed 01 Jan 2025 01:48:19 +0000
ROA not before: Wed 01 Jan 2025 01:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16019
IP address blocks: 31.30.0.0/16 maxlen: 16
31.30.0.0/17 maxlen: 17
31.30.128.0/17 maxlen: 17
31.169.128.0/17 maxlen: 17
31.169.128.0/18 maxlen: 18
31.169.192.0/18 maxlen: 18
46.135.0.0/16 maxlen: 16
46.167.192.0/18 maxlen: 18
46.167.192.0/19 maxlen: 19
46.167.224.0/19 maxlen: 19
62.24.64.0/19 maxlen: 19
62.24.64.0/20 maxlen: 20
62.24.80.0/20 maxlen: 20
62.240.160.0/19 maxlen: 19
62.240.160.0/20 maxlen: 20
62.240.176.0/20 maxlen: 20
62.245.64.0/18 maxlen: 18
62.245.64.0/19 maxlen: 19
62.245.96.0/19 maxlen: 19
77.48.0.0/16 maxlen: 16
77.48.0.0/17 maxlen: 17
77.48.128.0/17 maxlen: 17
78.44.0.0/15 maxlen: 15
78.44.0.0/16 maxlen: 16
78.45.0.0/16 maxlen: 16
78.102.0.0/16 maxlen: 16
78.102.0.0/17 maxlen: 17
78.102.128.0/17 maxlen: 17
80.95.96.0/19 maxlen: 19
81.27.192.0/20 maxlen: 20
81.27.192.0/21 maxlen: 21
81.27.200.0/21 maxlen: 21
82.142.64.0/18 maxlen: 18
84.42.128.0/17 maxlen: 17
84.42.128.0/18 maxlen: 18
84.42.192.0/18 maxlen: 18
84.242.64.0/18 maxlen: 18
84.242.64.0/19 maxlen: 19
84.242.96.0/19 maxlen: 19
86.49.0.0/16 maxlen: 16
86.49.0.0/17 maxlen: 17
86.49.128.0/17 maxlen: 17
88.146.128.0/17 maxlen: 17
88.146.128.0/18 maxlen: 18
88.146.192.0/18 maxlen: 18
89.102.0.0/15 maxlen: 15
89.102.0.0/16 maxlen: 16
89.103.0.0/16 maxlen: 16
89.176.0.0/15 maxlen: 15
89.176.0.0/16 maxlen: 16
89.177.0.0/16 maxlen: 16
93.90.160.0/20 maxlen: 20
93.99.0.0/16 maxlen: 16
93.99.0.0/17 maxlen: 17
93.99.128.0/17 maxlen: 17
94.112.0.0/15 maxlen: 15
94.112.0.0/16 maxlen: 16
94.113.0.0/16 maxlen: 16
109.107.192.0/19 maxlen: 19
141.170.128.0/18 maxlen: 18
141.170.128.0/19 maxlen: 19
141.170.160.0/19 maxlen: 19
178.77.192.0/18 maxlen: 18
178.77.192.0/19 maxlen: 19
178.77.224.0/19 maxlen: 19
188.95.120.0/21 maxlen: 21
213.192.0.0/18 maxlen: 18
213.192.0.0/19 maxlen: 19
213.192.32.0/19 maxlen: 19
213.220.192.0/18 maxlen: 18
213.220.192.0/19 maxlen: 19
213.220.224.0/19 maxlen: 19
217.77.160.0/20 maxlen: 20
2a00:11b0::/29 maxlen: 29
2a01:5e0::/32 maxlen: 32
2a01:5e0::/33 maxlen: 33
2a01:5e0:8000::/33 maxlen: 33
2a02:8300::/28 maxlen: 28
2a02:8300::/29 maxlen: 29
2a02:8308::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/Kft9o7ROQbMjaeSlx5DTCB_Gmqk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/Kft9o7ROQbMjaeSlx5DTCB_Gmqk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Kft9o7ROQbMjaeSlx5DTCB_Gmqk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 19:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:a7:3c:38:ea:96:ac:75:59:51:23:47:b2:d2:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29fb7da3b44e41b32369e4a5c790d3081fc69aa9
Validity
Not Before: Jan 1 01:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c16bbf9a71b5985d5785559a5b40d90cb45a3190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:48:a2:cb:b1:f7:95:30:6b:0a:48:06:c4:e7:
eb:5c:fc:c0:44:e4:8b:dd:8e:a7:0c:01:c6:99:85:
dc:67:25:a6:3e:1f:eb:bb:b1:38:ca:1f:eb:0e:70:
45:e3:61:fd:56:e4:f3:c9:d8:96:7f:15:b7:b1:79:
a0:4d:07:25:76:11:0d:3a:20:7c:c7:c3:eb:72:f9:
0a:3b:67:fc:56:44:9b:92:08:b8:ad:bf:8c:db:a1:
73:54:79:db:08:aa:c7:d5:46:2f:e6:cc:3d:38:1d:
3b:0c:0b:f6:61:34:a1:91:5a:32:36:4e:fc:6f:71:
17:cb:b5:cb:a9:47:c6:c4:74:40:9e:42:65:6d:71:
a3:e5:c0:40:2b:6c:ee:75:68:a8:38:3c:b9:6e:f9:
0e:d4:1c:2e:04:2a:59:e8:ce:4e:5e:1f:1b:c5:d0:
43:2f:ed:04:a5:ae:29:be:69:29:b8:39:88:ab:58:
1d:c7:0a:b3:52:32:5e:02:38:45:65:fc:5b:60:9e:
9e:36:aa:b3:2b:e8:b5:b3:96:05:ea:dd:e9:7b:19:
70:2f:0e:fb:09:18:8c:65:8b:76:86:80:7e:d9:07:
c0:05:4a:81:f0:61:8c:b9:a4:74:cf:f8:c4:65:e4:
86:92:9c:f0:e9:ee:dd:f3:da:0c:5d:74:49:46:c1:
8c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:6B:BF:9A:71:B5:98:5D:57:85:55:9A:5B:40:D9:0C:B4:5A:31:90
X509v3 Authority Key Identifier:
keyid:29:FB:7D:A3:B4:4E:41:B3:23:69:E4:A5:C7:90:D3:08:1F:C6:9A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kft9o7ROQbMjaeSlx5DTCB_Gmqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/wWu_mnG1mF1XhVWaW0DZDLRaMZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/Kft9o7ROQbMjaeSlx5DTCB_Gmqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.30.0.0/16
31.169.128.0/17
46.135.0.0/16
46.167.192.0/18
62.24.64.0/19
62.240.160.0/19
62.245.64.0/18
77.48.0.0/16
78.44.0.0/15
78.102.0.0/16
80.95.96.0/19
81.27.192.0/20
82.142.64.0/18
84.42.128.0/17
84.242.64.0/18
86.49.0.0/16
88.146.128.0/17
89.102.0.0/15
89.176.0.0/15
93.90.160.0/20
93.99.0.0/16
94.112.0.0/15
109.107.192.0/19
141.170.128.0/18
178.77.192.0/18
188.95.120.0/21
213.192.0.0/18
213.220.192.0/18
217.77.160.0/20
IPv6:
2a00:11b0::/29
2a01:5e0::/32
2a02:8300::/28
Signature Algorithm: sha256WithRSAEncryption
8a:17:c5:25:70:a6:0f:a2:18:35:38:3a:1b:3f:e5:28:42:2b:
74:f2:8b:b5:90:5e:bf:7c:98:ee:b7:99:14:66:23:f1:2a:a4:
d4:51:c9:b0:94:ba:89:17:17:11:17:05:71:17:50:40:a2:74:
a6:48:f0:58:b7:47:2e:26:ca:e1:2d:70:14:a4:c3:c5:8a:31:
de:b2:26:78:58:8b:8e:7c:08:09:00:ab:4b:a8:b0:7c:5e:8d:
d2:da:9c:ed:12:1b:4c:a0:f7:7c:a6:61:45:03:19:5a:b8:5e:
6b:fb:d7:8a:4e:03:aa:ae:81:0d:6c:13:5e:65:e4:cb:f7:2d:
f6:19:a2:f1:03:7d:fa:7d:b3:7c:80:30:f0:8b:04:34:66:d7:
72:e6:90:38:be:b0:0c:f8:b3:b9:fa:5d:a0:85:0b:96:33:34:
f6:66:cb:53:e0:31:72:43:c4:af:23:11:b8:41:5e:24:29:6b:
00:14:5b:8d:9a:75:12:f7:a6:2e:41:03:44:a8:27:c4:a1:4c:
08:69:c7:02:3a:39:a9:97:19:2c:c4:8a:dc:a7:4e:aa:be:a0:
ff:3a:14:7f:60:80:fe:cc:3b:c4:e9:e8:aa:43:8a:e4:4b:75:
69:e4:d5:95:c2:69:7f:09:2e:1c:bc:89:63:8c:77:aa:41:09:
48:7e:7f:53
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgISAZQfjKc8OOqWrHVZUSNHstIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmI3ZGEzYjQ0ZTQxYjMyMzY5ZTRhNWM3OTBkMzA4MWZj
NjlhYTkwHhcNMjUwMTAxMDE0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTZiYmY5YTcxYjU5ODVkNTc4NTU1OWE1YjQwZDkwY2I0NWEzMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0iiy7H3lTBrCkgGxOfrXPzAROSL
3Y6nDAHGmYXcZyWmPh/ru7E4yh/rDnBF42H9VuTzydiWfxW3sXmgTQcldhENOiB8
x8PrcvkKO2f8VkSbkgi4rb+M26FzVHnbCKrH1UYv5sw9OB07DAv2YTShkVoyNk78
b3EXy7XLqUfGxHRAnkJlbXGj5cBAK2zudWioODy5bvkO1BwuBCpZ6M5OXh8bxdBD
L+0Epa4pvmkpuDmIq1gdxwqzUjJeAjhFZfxbYJ6eNqqzK+i1s5YF6t3pexlwLw77
CRiMZYt2hoB+2QfABUqB8GGMuaR0z/jEZeSGkpzw6e7d89oMXXRJRsGMEQIDAQAB
o4ICyTCCAsUwHQYDVR0OBBYEFMFrv5pxtZhdV4VVmltA2Qy0WjGQMB8GA1UdIwQY
MBaAFCn7faO0TkGzI2nkpceQ0wgfxpqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Z0OW83Uk9RYk1qYWVTbHg1RFRDQl9HbXFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8xN2EwMTYtMjZjNy00MjRjLTg2MmYt
YmNhYzhiNTUyYTlhLzEvd1d1X21uRzFtRjFYaFZXYVcwRFpETFJhTVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8xN2EwMTYtMjZjNy00MjRjLTg2MmYtYmNhYzhiNTUyYTlh
LzEvS2Z0OW83Uk9RYk1qYWVTbHg1RFRDQl9HbXFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHeBggrBgEFBQcBBwEB/wSBzjCByzCBqwQCAAEwgaQDAwAf
HgMEBx+pgAMDAC6HAwQGLqfAAwQFPhhAAwQFPvCgAwQGPvVAAwMATTADAwFOLAMD
AE5mAwQFUF9gAwQEURvAAwQGUo5AAwQHVCqAAwQGVPJAAwMAVjEDBAdYkoADAwFZ
ZgMDAVmwAwQEXVqgAwMAXWMDAwFecAMEBW1rwAMEBo2qgAMEBrJNwAMEA7xfeAME
BtXAAAMEBtXcwAMEBNlNoDAbBAIAAjAVAwUDKgARsAMFACoBBeADBQQqAoMAMA0G
CSqGSIb3DQEBCwUAA4IBAQCKF8UlcKYPohg1ODobP+UoQit08ou1kF6/fJjut5kU
ZiPxKqTUUcmwlLqJFxcRFwVxF1BAonSmSPBYt0cuJsrhLXAUpMPFijHesiZ4WIuO
fAgJAKtLqLB8Xo3S2pztEhtMoPd8pmFFAxlauF5r+9eKTgOqroENbBNeZeTL9y32
GaLxA336fbN8gDDwiwQ0Ztdy5pA4vrAM+LO5+l2ghQuWMzT2ZstT4DFyQ8SvIxG4
QV4kKWsAFFuNmnUS96YuQQNEqCfEoUwIaccCOjmplxksxIrcp06qvqD/OhR/YID+
zDvE6eiqQ4rkS3Vp5NWVwml/CS4cvIljjHeqQQlIfn9T
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:38:03 2025 by rpki-client