Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/U3EttKoh4GhqwN7HKeoctyx66Ow.roa
File: U3EttKoh4GhqwN7HKeoctyx66Ow.roa (raw, json)
Hash identifier: OEfhH58qgZarg5h0zDqnQAYigCjvmBOh3+hwWRld8WI=
Subject key identifier: 53:71:2D:B4:AA:21:E0:68:6A:C0:DE:C7:29:EA:1C:B7:2C:7A:E8:EC
Certificate issuer: /CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Certificate serial: 018EEC7AF99431A34E2608A89D892AAAED2B
Authority key identifier: 72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/U3EttKoh4GhqwN7HKeoctyx66Ow.roa
Signing time: Wed 17 Apr 2024 14:34:25 +0000
ROA not before: Wed 17 Apr 2024 14:34:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15695
IP address blocks: 5.253.88.0/24 maxlen: 24
5.253.89.0/24 maxlen: 24
5.253.90.0/24 maxlen: 24
5.253.91.0/24 maxlen: 24
37.26.224.0/24 maxlen: 24
37.26.225.0/24 maxlen: 24
37.26.226.0/24 maxlen: 24
37.26.227.0/24 maxlen: 24
37.26.228.0/24 maxlen: 24
37.26.229.0/24 maxlen: 24
37.26.230.0/24 maxlen: 24
37.26.231.0/24 maxlen: 24
45.81.220.0/24 maxlen: 24
45.81.221.0/24 maxlen: 24
45.81.222.0/24 maxlen: 24
45.81.223.0/24 maxlen: 24
45.93.84.0/24 maxlen: 24
45.93.85.0/24 maxlen: 24
45.93.87.0/24 maxlen: 24
45.94.190.0/24 maxlen: 24
45.95.216.0/24 maxlen: 24
45.95.217.0/24 maxlen: 24
45.95.218.0/24 maxlen: 24
45.95.219.0/24 maxlen: 24
63.247.192.0/24 maxlen: 24
63.247.193.0/24 maxlen: 24
63.247.194.0/24 maxlen: 24
63.247.195.0/24 maxlen: 24
63.247.196.0/24 maxlen: 24
63.247.197.0/24 maxlen: 24
63.247.198.0/24 maxlen: 24
63.247.199.0/24 maxlen: 24
63.247.200.0/24 maxlen: 24
63.247.201.0/24 maxlen: 24
63.247.202.0/24 maxlen: 24
63.247.203.0/24 maxlen: 24
63.247.204.0/24 maxlen: 24
63.247.205.0/24 maxlen: 24
63.247.206.0/24 maxlen: 24
63.247.207.0/24 maxlen: 24
86.48.208.0/24 maxlen: 24
86.48.209.0/24 maxlen: 24
86.48.210.0/24 maxlen: 24
86.48.211.0/24 maxlen: 24
86.48.216.0/24 maxlen: 24
86.48.217.0/24 maxlen: 24
86.48.218.0/24 maxlen: 24
86.48.219.0/24 maxlen: 24
86.48.220.0/24 maxlen: 24
86.48.221.0/24 maxlen: 24
86.48.222.0/24 maxlen: 24
86.48.223.0/24 maxlen: 24
86.48.240.0/24 maxlen: 24
86.48.241.0/24 maxlen: 24
91.103.16.0/24 maxlen: 24
91.103.17.0/24 maxlen: 24
91.103.18.0/24 maxlen: 24
91.103.19.0/24 maxlen: 24
91.103.21.0/24 maxlen: 24
91.103.23.0/24 maxlen: 24
185.62.116.0/24 maxlen: 24
185.62.117.0/24 maxlen: 24
185.62.118.0/24 maxlen: 24
185.62.119.0/24 maxlen: 24
193.160.134.0/24 maxlen: 24
193.160.135.0/24 maxlen: 24
195.238.244.0/24 maxlen: 24
216.172.64.0/24 maxlen: 24
216.172.65.0/24 maxlen: 24
216.172.66.0/24 maxlen: 24
216.172.67.0/24 maxlen: 24
216.172.68.0/24 maxlen: 24
216.172.69.0/24 maxlen: 24
216.172.70.0/24 maxlen: 24
216.172.71.0/24 maxlen: 24
216.172.72.0/24 maxlen: 24
216.172.73.0/24 maxlen: 24
216.172.74.0/24 maxlen: 24
216.172.75.0/24 maxlen: 24
216.172.76.0/24 maxlen: 24
216.172.77.0/24 maxlen: 24
216.172.78.0/24 maxlen: 24
216.172.79.0/24 maxlen: 24
2a00:cb8:31::/48 maxlen: 48
2a00:cb8:33::/48 maxlen: 48
2a00:cb8:34::/48 maxlen: 48
2a00:cb8:39::/48 maxlen: 48
2a00:cb8:41::/48 maxlen: 48
2a00:cb8:44::/48 maxlen: 48
2a00:cb8:48::/48 maxlen: 48
2a00:cb8:49::/48 maxlen: 48
2a00:cb8:144::/48 maxlen: 48
2a00:cb8:353::/48 maxlen: 48
2a00:cb8:971::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/cugftc8PsyxFdfhBOsvUGqhLgvQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/cugftc8PsyxFdfhBOsvUGqhLgvQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ec:7a:f9:94:31:a3:4e:26:08:a8:9d:89:2a:aa:ed:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Validity
Not Before: Apr 17 14:34:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53712db4aa21e0686ac0dec729ea1cb72c7ae8ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a7:70:2b:54:20:17:51:b9:15:86:ac:aa:d6:
69:ba:52:11:47:13:5b:7a:7f:62:a4:c6:6f:f8:ba:
b6:5a:3a:c3:c9:3f:53:5b:70:da:fc:14:b0:6f:26:
cb:a1:70:f8:47:84:79:50:2d:4d:d4:b2:f5:e4:d4:
65:26:16:4a:5c:39:d5:4d:4e:e6:3c:32:6d:6f:be:
9c:55:c3:fa:e9:21:c3:5a:e3:97:df:ec:5b:1c:aa:
5e:a4:e1:65:b1:14:58:0b:bf:ae:1b:56:ba:d1:c4:
52:ef:da:79:31:cc:39:e4:6d:a1:a1:57:28:d1:66:
13:62:d9:73:f5:f0:03:8f:a6:c9:4c:95:b3:84:24:
d4:14:3e:4c:a1:9b:69:dc:95:b0:ff:b2:60:ae:ad:
6d:e2:57:44:6d:15:ef:7d:ab:9d:4e:99:fc:aa:18:
22:4c:02:4b:da:34:eb:12:8b:8c:8a:87:22:08:32:
8b:29:f7:8e:0e:92:3b:da:fa:6a:e7:ec:b9:0b:41:
a8:18:af:fb:1d:fd:c2:58:09:7b:4f:e7:7e:4e:ac:
17:de:b2:98:73:b4:d2:1c:fc:bd:40:05:30:cf:d5:
97:6c:a1:01:df:a2:51:23:bf:51:43:57:c0:2e:2e:
d0:28:20:36:2f:cc:ed:30:0e:9c:48:bc:1b:6d:57:
88:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:71:2D:B4:AA:21:E0:68:6A:C0:DE:C7:29:EA:1C:B7:2C:7A:E8:EC
X509v3 Authority Key Identifier:
keyid:72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/U3EttKoh4GhqwN7HKeoctyx66Ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/cugftc8PsyxFdfhBOsvUGqhLgvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.88.0/22
37.26.224.0/21
45.81.220.0/22
45.93.84.0/23
45.93.87.0/24
45.94.190.0/24
45.95.216.0/22
63.247.192.0/20
86.48.208.0/22
86.48.216.0/21
86.48.240.0/23
91.103.16.0/22
91.103.21.0/24
91.103.23.0/24
185.62.116.0/22
193.160.134.0/23
195.238.244.0/24
216.172.64.0/20
IPv6:
2a00:cb8:31::/48
2a00:cb8:33::-2a00:cb8:34:ffff:ffff:ffff:ffff:ffff
2a00:cb8:39::/48
2a00:cb8:41::/48
2a00:cb8:44::/48
2a00:cb8:48::/47
2a00:cb8:144::/48
2a00:cb8:353::/48
2a00:cb8:971::/48
Signature Algorithm: sha256WithRSAEncryption
24:de:1e:c3:fa:0a:fa:7c:51:a4:20:38:e1:bc:f4:43:b4:35:
d5:52:74:b2:d4:44:7c:80:6b:18:0d:98:ca:f9:75:01:09:ea:
60:17:3c:10:c5:14:d5:f6:aa:22:7e:c7:66:d6:a4:92:da:87:
7d:7d:f5:f8:1e:c5:62:29:af:79:c8:9d:e9:a2:43:19:22:ca:
00:4b:75:4a:44:37:c5:62:b0:9d:f1:2b:f2:3f:29:35:0e:79:
12:c6:79:a5:25:72:fe:bb:f5:ae:a8:cb:ed:b0:56:6c:63:96:
06:94:33:94:1f:8e:94:db:f7:36:d5:81:4a:8f:12:2d:6b:ca:
cf:7f:25:3f:fa:5a:26:4a:31:06:93:78:19:ae:c8:35:5f:60:
58:07:1f:2c:b5:3c:db:0f:5f:50:35:d7:67:3e:8e:5e:d2:78:
9d:f5:7f:dc:20:9a:e6:92:15:b9:e0:2d:d1:a8:28:6f:d2:ad:
23:e8:d8:97:23:70:9c:29:a1:07:64:16:eb:6a:e3:08:9b:36:
fa:6c:3f:fa:9f:ec:ea:b0:63:4c:ae:36:3e:e5:62:2d:c0:6f:
9d:ba:60:b4:11:44:15:9c:59:ea:d2:83:05:a6:83:3c:f2:fa:
ac:cb:30:e0:56:4e:e3:4e:89:25:53:69:e3:18:92:ff:f7:c6:
13:9e:e6:4b
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAY7sevmUMaNOJgionYkqqu0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTgxZmI1Y2YwZmIzMmM0NTc1Zjg0MTNhY2JkNDFhYTg0
YjgyZjQwHhcNMjQwNDE3MTQzNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzcxMmRiNGFhMjFlMDY4NmFjMGRlYzcyOWVhMWNiNzJjN2FlOGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKdwK1QgF1G5FYasqtZpulIRRxNb
en9ipMZv+Lq2WjrDyT9TW3Da/BSwbybLoXD4R4R5UC1N1LL15NRlJhZKXDnVTU7m
PDJtb76cVcP66SHDWuOX3+xbHKpepOFlsRRYC7+uG1a60cRS79p5Mcw55G2hoVco
0WYTYtlz9fADj6bJTJWzhCTUFD5MoZtp3JWw/7Jgrq1t4ldEbRXvfaudTpn8qhgi
TAJL2jTrEouMiociCDKLKfeODpI72vpq5+y5C0GoGK/7Hf3CWAl7T+d+TqwX3rKY
c7TSHPy9QAUwz9WXbKEB36JRI79RQ1fALi7QKCA2L8ztMA6cSLwbbVeIKQIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFFNxLbSqIeBoasDexynqHLcseujsMB8GA1UdIwQY
MBaAFHLoH7XPD7MsRXX4QTrL1BqoS4L0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQt
Y2RhNmUxOWZmYjg4LzEvVTNFdHRLb2g0R2hxd043SEtlb2N0eXg2Nk93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQtY2RhNmUxOWZmYjg4
LzEvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DByBAIAATBsAwQCBf1Y
AwQDJRrgAwQCLVHcAwQBLV1UAwQALV1XAwQALV6+AwQCLV/YAwQEP/fAAwQCVjDQ
AwQDVjDYAwQBVjDwAwQCW2cQAwQAW2cVAwQAW2cXAwQCuT50AwQBwaCGAwQAw+70
AwQE2KxAMGIEAgACMFwDBwAqAAy4ADEwEgMHACoADLgAMwMHACoADLgANAMHACoA
DLgAOQMHACoADLgAQQMHACoADLgARAMHASoADLgASAMHACoADLgBRAMHACoADLgD
UwMHACoADLgJcTANBgkqhkiG9w0BAQsFAAOCAQEAJN4ew/oK+nxRpCA44bz0Q7Q1
1VJ0stREfIBrGA2Yyvl1AQnqYBc8EMUU1faqIn7HZtakktqHfX31+B7FYimvecid
6aJDGSLKAEt1SkQ3xWKwnfEr8j8pNQ55EsZ5pSVy/rv1rqjL7bBWbGOWBpQzlB+O
lNv3NtWBSo8SLWvKz38lP/paJkoxBpN4Ga7INV9gWAcfLLU82w9fUDXXZz6OXtJ4
nfV/3CCa5pIVueAt0agob9KtI+jYlyNwnCmhB2QW62rjCJs2+mw/+p/s6rBjTK42
PuViLcBvnbpgtBFEFZxZ6tKDBaaDPPL6rMsw4FZO406JJVNp4xiS//fGE57mSw==
-----END CERTIFICATE-----
Generated at Sun Apr 21 04:28:12 2024 by rpki-client on console-ams.rpki-client.org