Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/aT0CVuxGpAWCZRs37r9FhsfI5jc.roa
File: aT0CVuxGpAWCZRs37r9FhsfI5jc.roa (raw, json)
Hash identifier: 1I9hKylkwvyudsmG/eCfRN1ARD0ICRcCIn5ggjRwZmk=
Subject key identifier: 69:3D:02:56:EC:46:A4:05:82:65:1B:37:EE:BF:45:86:C7:C8:E6:37
Certificate issuer: /CN=fdd2b36206439bbce15b363f09eeff1d738cecc7
Certificate serial: 019425218F3799DD05A5964B5770A7E5CCA6
Authority key identifier: FD:D2:B3:62:06:43:9B:BC:E1:5B:36:3F:09:EE:FF:1D:73:8C:EC:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/aT0CVuxGpAWCZRs37r9FhsfI5jc.roa
Signing time: Thu 02 Jan 2025 03:49:03 +0000
ROA not before: Thu 02 Jan 2025 03:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16010
IP address blocks: 5.178.128.0/17 maxlen: 24
46.49.0.0/17 maxlen: 24
62.168.160.0/19 maxlen: 24
77.74.40.0/21 maxlen: 21
80.241.240.0/22 maxlen: 22
80.241.248.0/22 maxlen: 22
80.241.253.0/24 maxlen: 24
80.241.254.0/23 maxlen: 23
82.211.128.0/18 maxlen: 19
85.114.224.0/19 maxlen: 24
89.232.32.0/19 maxlen: 24
93.177.128.0/18 maxlen: 24
94.137.160.0/19 maxlen: 24
94.240.192.0/18 maxlen: 24
95.104.0.0/17 maxlen: 24
109.172.128.0/17 maxlen: 24
134.19.224.0/19 maxlen: 24
185.115.4.0/22 maxlen: 22
185.115.4.0/24 maxlen: 24
188.121.192.0/19 maxlen: 24
188.129.128.0/17 maxlen: 18
212.58.96.0/19 maxlen: 24
212.72.128.0/23 maxlen: 24
212.72.131.0/24 maxlen: 24
212.72.132.0/22 maxlen: 22
212.72.136.0/21 maxlen: 24
212.72.144.0/21 maxlen: 21
212.72.152.0/23 maxlen: 23
212.72.154.0/24 maxlen: 24
212.72.156.0/22 maxlen: 22
213.157.192.0/19 maxlen: 24
213.200.0.0/19 maxlen: 24
2a0b:6200::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.mft
rsync://rpki.ripe.net/repository/DEFAULT/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:8f:37:99:dd:05:a5:96:4b:57:70:a7:e5:cc:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd2b36206439bbce15b363f09eeff1d738cecc7
Validity
Not Before: Jan 2 03:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=693d0256ec46a40582651b37eebf4586c7c8e637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b7:f7:85:51:f5:37:fd:1c:36:f9:09:2f:aa:
e9:06:b4:fb:b0:80:56:52:ce:ce:a7:bc:6a:35:4a:
a4:f2:54:43:d8:2e:cd:95:2f:f4:50:79:aa:5e:8d:
3c:ea:36:03:0e:c0:33:46:aa:f3:1b:c4:6e:5b:78:
15:2e:c4:f9:8c:04:d7:c2:d1:a6:02:61:3e:23:e2:
25:54:4a:40:56:7d:b8:8d:6f:e0:f9:45:4d:01:a7:
dc:4a:68:91:60:04:da:4c:e8:1b:db:72:0a:01:dc:
75:b2:ed:7d:75:5a:65:75:12:d4:a9:b9:84:eb:21:
29:f2:1e:0f:19:6f:b8:1e:26:d7:54:0a:16:9b:2a:
54:7f:9a:2b:b8:33:b4:8e:6e:3e:9b:44:b4:f4:5c:
16:1d:03:58:72:52:df:85:95:5d:4c:2f:b1:63:5c:
a2:d1:ac:4a:6b:4f:a5:1f:09:cb:ce:a5:7c:7f:50:
11:9b:ed:dd:ae:e1:7f:ac:0b:ad:bd:d8:24:13:20:
7f:97:82:b0:01:85:c4:0f:c0:cf:47:06:f2:e8:e3:
0a:fb:bd:95:81:d8:56:f9:c4:28:6e:50:04:02:26:
f4:21:8b:b3:af:5a:e2:43:aa:7c:3d:66:80:ce:2d:
32:03:ac:3c:53:7e:77:73:87:3c:8e:74:ba:c0:5f:
86:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:3D:02:56:EC:46:A4:05:82:65:1B:37:EE:BF:45:86:C7:C8:E6:37
X509v3 Authority Key Identifier:
keyid:FD:D2:B3:62:06:43:9B:BC:E1:5B:36:3F:09:EE:FF:1D:73:8C:EC:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/aT0CVuxGpAWCZRs37r9FhsfI5jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.128.0/17
46.49.0.0/17
62.168.160.0/19
77.74.40.0/21
80.241.240.0/22
80.241.248.0/22
80.241.253.0-80.241.255.255
82.211.128.0/18
85.114.224.0/19
89.232.32.0/19
93.177.128.0/18
94.137.160.0/19
94.240.192.0/18
95.104.0.0/17
109.172.128.0/17
134.19.224.0/19
185.115.4.0/22
188.121.192.0/19
188.129.128.0/17
212.58.96.0/19
212.72.128.0/23
212.72.131.0-212.72.154.255
212.72.156.0/22
213.157.192.0/19
213.200.0.0/19
IPv6:
2a0b:6200::/29
Signature Algorithm: sha256WithRSAEncryption
11:bf:5d:7c:5f:2d:9f:ca:f3:a2:cc:e2:4e:e4:99:e7:c2:01:
c5:88:0f:97:98:e3:ad:ca:29:a2:4e:06:77:98:dd:86:46:5b:
3f:03:1c:ee:1c:59:65:46:fc:b4:42:d5:af:e2:04:eb:d2:dd:
f1:ee:11:d7:16:bb:db:0a:df:29:d6:c3:57:54:59:01:a2:48:
85:d8:24:da:da:ed:d5:66:d5:31:9b:77:95:15:9c:d2:d8:2f:
a9:c6:df:1b:76:0a:15:ac:4c:83:47:1a:62:4c:af:44:34:2a:
20:8d:5d:47:7f:c7:4f:6f:33:2d:5d:70:a8:87:ba:18:c4:d4:
3d:59:39:92:0f:ce:6c:8d:21:80:a4:12:76:bb:33:29:77:7f:
fe:73:d1:5a:b5:87:6d:61:39:6a:4a:ea:ed:6f:12:9f:79:e9:
ee:0f:66:65:f6:8e:41:b6:2d:0b:b8:58:bf:ec:b5:22:0e:6f:
9a:4e:e1:91:0c:05:73:45:a7:f7:99:0f:64:ce:b9:1e:4c:5c:
db:d2:10:54:28:86:88:48:b1:3a:53:fd:dd:22:fe:b5:05:83:
16:0d:88:35:74:db:ab:73:ff:12:12:65:bc:c1:4e:78:2d:8b:
8d:7b:4c:6a:66:cf:6a:f5:90:f0:76:f0:00:d5:2f:81:15:c4:
b3:a0:c1:8f
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAZQlIY83md0FpZZLV3Cn5cymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDJiMzYyMDY0MzliYmNlMTViMzYzZjA5ZWVmZjFkNzM4
Y2VjYzcwHhcNMjUwMTAyMDM0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTNkMDI1NmVjNDZhNDA1ODI2NTFiMzdlZWJmNDU4NmM3YzhlNjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbf3hVH1N/0cNvkJL6rpBrT7sIBW
Us7Op7xqNUqk8lRD2C7NlS/0UHmqXo086jYDDsAzRqrzG8RuW3gVLsT5jATXwtGm
AmE+I+IlVEpAVn24jW/g+UVNAafcSmiRYATaTOgb23IKAdx1su19dVpldRLUqbmE
6yEp8h4PGW+4HibXVAoWmypUf5oruDO0jm4+m0S09FwWHQNYclLfhZVdTC+xY1yi
0axKa0+lHwnLzqV8f1ARm+3druF/rAutvdgkEyB/l4KwAYXED8DPRwby6OMK+72V
gdhW+cQoblAEAib0IYuzr1riQ6p8PWaAzi0yA6w8U353c4c8jnS6wF+GNwIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFGk9AlbsRqQFgmUbN+6/RYbHyOY3MB8GA1UdIwQY
MBaAFP3Ss2IGQ5u84Vs2Pwnu/x1zjOzHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RLellnWkRtN3poV3pZX0NlN19IWE9NN01jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82MmI5MDktMWUzZS00YTFiLTllMjQt
YjAxZTAyOTdiMDcwLzEvYVQwQ1Z1eEdwQVdDWlJzMzdyOUZoc2ZJNWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82MmI5MDktMWUzZS00YTFiLTllMjQtYjAxZTAyOTdiMDcw
LzEvX2RLellnWkRtN3poV3pZX0NlN19IWE9NN01jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBrAQCAAEwgaUDBAcF
soADBAcuMQADBAU+qKADBANNSigDBAJQ8fADBAJQ8fgwCwMEAFDx/QMDAVDwAwQG
UtOAAwQFVXLgAwQFWeggAwQGXbGAAwQFXomgAwQGXvDAAwQHX2gAAwQHbayAAwQF
hhPgAwQCuXMEAwQFvHnAAwQHvIGAAwQF1DpgAwQB1EiAMAwDBADUSIMDBADUSJoD
BALUSJwDBAXVncADBAXVyAAwDQQCAAIwBwMFAyoLYgAwDQYJKoZIhvcNAQELBQAD
ggEBABG/XXxfLZ/K86LM4k7kmefCAcWID5eY463KKaJOBneY3YZGWz8DHO4cWWVG
/LRC1a/iBOvS3fHuEdcWu9sK3ynWw1dUWQGiSIXYJNra7dVm1TGbd5UVnNLYL6nG
3xt2ChWsTINHGmJMr0Q0KiCNXUd/x09vMy1dcKiHuhjE1D1ZOZIPzmyNIYCkEna7
Myl3f/5z0Vq1h21hOWpK6u1vEp956e4PZmX2jkG2LQu4WL/stSIOb5pO4ZEMBXNF
p/eZD2TOuR5MXNvSEFQohohIsTpT/d0i/rUFgxYNiDV026tz/xISZbzBTngti417
TGpmz2r1kPB28ADVL4EVxLOgwY8=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:49 2025 by rpki-client