Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/1Ftg1A7mOc8ZY8xscCIDcUvyYv0.roa
File: 1Ftg1A7mOc8ZY8xscCIDcUvyYv0.roa (raw, json)
Hash identifier: BilC4bo6EL7dWbwLQ1TG46LTCJz5C4orIwg/K6kjPl4=
Subject key identifier: D4:5B:60:D4:0E:E6:39:CF:19:63:CC:6C:70:22:03:71:4B:F2:62:FD
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0194228D8ACF9E3057828F673EF45593A3FF
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/1Ftg1A7mOc8ZY8xscCIDcUvyYv0.roa
Signing time: Wed 01 Jan 2025 15:48:08 +0000
ROA not before: Wed 01 Jan 2025 15:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3257
IP address blocks: 46.33.64.0/19 maxlen: 24
62.41.0.0/20 maxlen: 24
62.41.16.0/21 maxlen: 24
62.41.24.0/22 maxlen: 24
62.41.32.0/24 maxlen: 24
62.41.37.0/24 maxlen: 24
62.41.56.0/21 maxlen: 24
62.41.64.0/20 maxlen: 24
62.41.80.0/22 maxlen: 24
62.41.84.0/23 maxlen: 24
62.41.102.0/24 maxlen: 24
62.41.160.0/24 maxlen: 24
62.50.128.0/19 maxlen: 19
62.132.0.0/22 maxlen: 22
62.132.16.0/22 maxlen: 22
62.132.24.0/23 maxlen: 23
62.132.28.0/24 maxlen: 24
62.132.42.0/23 maxlen: 23
62.132.114.0/23 maxlen: 23
62.132.116.0/23 maxlen: 23
62.132.132.0/23 maxlen: 23
77.67.0.0/17 maxlen: 24
77.77.128.0/18 maxlen: 24
87.119.64.0/18 maxlen: 24
89.149.128.0/18 maxlen: 24
92.71.0.0/17 maxlen: 17
92.71.128.0/18 maxlen: 18
134.222.0.0/16 maxlen: 16
141.136.96.0/20 maxlen: 20
185.160.40.0/22 maxlen: 22
192.16.202.0/24 maxlen: 24
192.54.104.0/24 maxlen: 24
192.67.190.0/23 maxlen: 23
192.67.192.0/22 maxlen: 22
192.67.196.0/24 maxlen: 24
192.129.32.0/23 maxlen: 23
192.129.36.0/24 maxlen: 24
192.129.43.0/24 maxlen: 24
192.129.44.0/24 maxlen: 24
192.129.46.0/23 maxlen: 23
192.129.48.0/23 maxlen: 23
192.129.54.0/24 maxlen: 24
192.129.56.0/23 maxlen: 24
193.141.0.0/23 maxlen: 23
193.141.2.0/24 maxlen: 24
193.141.40.0/22 maxlen: 22
193.141.44.0/23 maxlen: 23
193.141.140.0/23 maxlen: 23
193.242.80.0/20 maxlen: 20
194.41.62.0/24 maxlen: 24
194.45.4.0/23 maxlen: 23
194.45.12.0/23 maxlen: 23
194.45.47.0/24 maxlen: 24
194.45.98.0/23 maxlen: 23
194.45.182.0/23 maxlen: 23
194.120.0.0/24 maxlen: 24
194.120.43.0/24 maxlen: 24
194.120.112.0/22 maxlen: 22
194.120.120.0/22 maxlen: 22
194.121.52.0/22 maxlen: 22
194.121.104.0/23 maxlen: 23
194.121.123.0/24 maxlen: 24
194.121.203.0/24 maxlen: 24
194.121.220.0/22 maxlen: 22
194.122.76.0/22 maxlen: 22
194.122.80.0/21 maxlen: 21
194.122.120.0/21 maxlen: 21
194.122.224.0/20 maxlen: 20
194.122.248.0/22 maxlen: 22
194.123.122.0/24 maxlen: 24
194.123.164.0/24 maxlen: 24
195.143.0.0/16 maxlen: 24
212.0.224.0/19 maxlen: 19
212.1.0.0/19 maxlen: 19
212.14.64.0/19 maxlen: 19
212.27.160.0/19 maxlen: 19
212.56.0.0/19 maxlen: 19
212.81.64.0/18 maxlen: 18
212.115.128.0/18 maxlen: 24
212.189.0.0/17 maxlen: 17
212.221.0.0/17 maxlen: 24
212.222.0.0/16 maxlen: 24
213.200.64.0/18 maxlen: 18
213.251.0.0/18 maxlen: 24
213.254.192.0/18 maxlen: 24
217.114.112.0/20 maxlen: 20
217.117.160.0/20 maxlen: 20
217.118.112.0/20 maxlen: 20
217.195.224.0/19 maxlen: 19
2001:668::/29 maxlen: 64
2001:680::/32 maxlen: 32
2001:680:12::/48 maxlen: 48
2001:680:16::/48 maxlen: 48
2001:680:19::/48 maxlen: 48
2001:680:20::/48 maxlen: 48
2a00:1750::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:8a:cf:9e:30:57:82:8f:67:3e:f4:55:93:a3:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jan 1 15:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d45b60d40ee639cf1963cc6c702203714bf262fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c8:03:db:52:b7:bd:bb:cc:b2:a4:5a:b5:e4:
4a:8f:fe:e7:c6:8b:37:18:90:8b:d8:fa:b4:1a:1e:
24:c4:db:0a:53:48:42:d4:16:2b:30:12:09:d1:ee:
1d:bf:9c:69:10:90:54:dd:ff:f0:23:34:a7:5d:b3:
1e:1d:6c:3f:55:d1:74:13:bf:5e:c2:af:61:66:bb:
53:9d:25:53:2a:8c:e1:4b:0c:6b:a7:c7:1d:98:e3:
1c:c6:0b:12:b7:4a:82:b8:07:7d:e9:f0:ce:13:1d:
65:b2:93:bf:75:53:fc:35:09:fc:82:70:8e:a7:3f:
c6:ba:db:7f:a1:e6:e8:8b:df:eb:1f:75:4f:0f:a4:
ae:8e:06:d2:35:14:98:38:0a:32:aa:9e:a3:ea:bf:
9c:1b:3d:3c:3a:ad:94:18:87:be:d6:ae:81:83:1f:
35:de:5c:9a:30:3b:26:ee:5d:f4:ff:f5:a0:48:2e:
51:95:ed:ba:a8:b3:2e:dc:9e:81:15:4c:26:14:02:
6a:ce:c5:40:24:8b:60:7a:4e:16:81:93:52:7a:72:
ed:eb:0f:85:eb:51:71:2f:fe:5d:d0:7b:f7:52:7c:
eb:ad:55:9c:34:35:ca:a2:78:b5:61:ce:18:f6:06:
77:e3:7d:16:e0:57:a5:27:9b:7a:c7:85:5c:fa:5c:
0a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:5B:60:D4:0E:E6:39:CF:19:63:CC:6C:70:22:03:71:4B:F2:62:FD
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/1Ftg1A7mOc8ZY8xscCIDcUvyYv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.64.0/19
62.41.0.0-62.41.27.255
62.41.32.0/24
62.41.37.0/24
62.41.56.0-62.41.85.255
62.41.102.0/24
62.41.160.0/24
62.50.128.0/19
62.132.0.0/22
62.132.16.0/22
62.132.24.0/23
62.132.28.0/24
62.132.42.0/23
62.132.114.0-62.132.117.255
62.132.132.0/23
77.67.0.0/17
77.77.128.0/18
87.119.64.0/18
89.149.128.0/18
92.71.0.0-92.71.191.255
134.222.0.0/16
141.136.96.0/20
185.160.40.0/22
192.16.202.0/24
192.54.104.0/24
192.67.190.0-192.67.196.255
192.129.32.0/23
192.129.36.0/24
192.129.43.0-192.129.44.255
192.129.46.0-192.129.49.255
192.129.54.0/24
192.129.56.0/23
193.141.0.0-193.141.2.255
193.141.40.0-193.141.45.255
193.141.140.0/23
193.242.80.0/20
194.41.62.0/24
194.45.4.0/23
194.45.12.0/23
194.45.47.0/24
194.45.98.0/23
194.45.182.0/23
194.120.0.0/24
194.120.43.0/24
194.120.112.0/22
194.120.120.0/22
194.121.52.0/22
194.121.104.0/23
194.121.123.0/24
194.121.203.0/24
194.121.220.0/22
194.122.76.0-194.122.87.255
194.122.120.0/21
194.122.224.0/20
194.122.248.0/22
194.123.122.0/24
194.123.164.0/24
195.143.0.0/16
212.0.224.0-212.1.31.255
212.14.64.0/19
212.27.160.0/19
212.56.0.0/19
212.81.64.0/18
212.115.128.0/18
212.189.0.0/17
212.221.0.0/17
212.222.0.0/16
213.200.64.0/18
213.251.0.0/18
213.254.192.0/18
217.114.112.0/20
217.117.160.0/20
217.118.112.0/20
217.195.224.0/19
IPv6:
2001:668::/29
2001:680::/32
2a00:1750::/32
Signature Algorithm: sha256WithRSAEncryption
cd:29:c8:6c:37:24:97:b0:5c:cb:f9:47:2e:7c:3d:c7:37:e1:
36:d6:7d:d1:34:9a:5f:69:56:12:a9:6d:55:24:d5:52:75:3a:
f7:29:b4:f1:9b:37:db:55:8c:02:a5:0c:ee:1c:60:a9:a9:09:
92:d3:18:44:19:dd:0f:0d:a1:b4:bf:85:f2:b2:a9:a6:80:de:
cc:ce:ea:72:66:e6:b5:a4:44:a9:51:76:37:65:32:a3:23:01:
73:b6:e2:ed:ae:b5:c2:03:6f:72:19:c9:c3:91:9d:3b:cd:de:
3f:c2:bd:2d:61:2b:ec:84:2e:cd:78:8f:2f:ec:98:95:24:8e:
9d:44:c2:02:d9:fe:c7:67:d6:80:85:da:0d:71:29:55:d8:ce:
08:9b:55:39:32:f9:be:05:c5:7a:a3:77:c1:b9:7b:0e:66:6f:
15:fd:18:9f:95:1a:16:86:6c:91:3b:df:cb:73:31:56:6a:bd:
17:bf:5c:68:9b:2c:d2:36:f3:c7:e2:95:87:24:49:e6:9f:de:
bd:06:98:e5:bc:4f:62:b9:04:00:57:0d:b1:70:78:50:5e:91:
b6:81:c4:ba:eb:71:f8:1d:1d:c0:3d:25:45:3d:3b:c1:e4:e6:
98:af:9b:77:34:22:18:40:af:63:57:2e:8f:b1:4c:a8:55:ee:
de:fb:b9:ee
-----BEGIN CERTIFICATE-----
MIIHLDCCBhSgAwIBAgISAZQijYrPnjBXgo9nPvRVk6P/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwMTAxMTU0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDViNjBkNDBlZTYzOWNmMTk2M2NjNmM3MDIyMDM3MTRiZjI2MmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcgD21K3vbvMsqRateRKj/7nxos3
GJCL2Pq0Gh4kxNsKU0hC1BYrMBIJ0e4dv5xpEJBU3f/wIzSnXbMeHWw/VdF0E79e
wq9hZrtTnSVTKozhSwxrp8cdmOMcxgsSt0qCuAd96fDOEx1lspO/dVP8NQn8gnCO
pz/Gutt/oeboi9/rH3VPD6SujgbSNRSYOAoyqp6j6r+cGz08Oq2UGIe+1q6Bgx81
3lyaMDsm7l30//WgSC5Rle26qLMu3J6BFUwmFAJqzsVAJItgek4WgZNSenLt6w+F
61FxL/5d0Hv3UnzrrVWcNDXKoni1Yc4Y9gZ3430W4FelJ5t6x4Vc+lwKxQIDAQAB
o4IEODCCBDQwHQYDVR0OBBYEFNRbYNQO5jnPGWPMbHAiA3FL8mL9MB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvMUZ0ZzFBN21PYzhaWTh4c2NDSURjVXZ5WXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICTAYIKwYBBQUHAQcBAf8EggI7MIICNzCCAhYEAgABMIIC
DgMEBS4hQDALAwMAPikDBAI+KRgDBAA+KSADBAA+KSUwDAMEAz4pOAMEAT4pVAME
AD4pZgMEAD4poAMEBT4ygAMEAj6EAAMEAj6EEAMEAT6EGAMEAD6EHAMEAT6EKjAM
AwQBPoRyAwQBPoR0AwQBPoSEAwQHTUMAAwQGTU2AAwQGV3dAAwQGWZWAMAsDAwBc
RwMEBlxHgAMDAIbeAwQEjYhgAwQCuaAoAwQAwBDKAwQAwDZoMAwDBAHAQ74DBADA
Q8QDBAHAgSADBADAgSQwDAMEAMCBKwMEAMCBLDAMAwQBwIEuAwQBwIEwAwQAwIE2
AwQBwIE4MAsDAwDBjQMEAMGNAjAMAwQDwY0oAwQBwY0sAwQBwY2MAwQEwfJQAwQA
wik+AwQBwi0EAwQBwi0MAwQAwi0vAwQBwi1iAwQBwi22AwQAwngAAwQAwngrAwQC
wnhwAwQCwnh4AwQCwnk0AwQBwnloAwQAwnl7AwQAwnnLAwQCwnncMAwDBALCekwD
BAPCelADBAPCengDBATCeuADBALCevgDBADCe3oDBADCe6QDAwDDjzAMAwQF1ADg
AwQF1AEAAwQF1A5AAwQF1BugAwQF1DgAAwQG1FFAAwQG1HOAAwQH1L0AAwQH1N0A
AwMA1N4DBAbVyEADBAbV+wADBAbV/sADBATZcnADBATZdaADBATZdnADBAXZw+Aw
GwQCAAIwFQMFAyABBmgDBQAgAQaAAwUAKgAXUDANBgkqhkiG9w0BAQsFAAOCAQEA
zSnIbDckl7Bcy/lHLnw9xzfhNtZ90TSaX2lWEqltVSTVUnU69ym08Zs321WMAqUM
7hxgqakJktMYRBndDw2htL+F8rKppoDezM7qcmbmtaREqVF2N2UyoyMBc7bi7a61
wgNvchnJw5GdO83eP8K9LWEr7IQuzXiPL+yYlSSOnUTCAtn+x2fWgIXaDXEpVdjO
CJtVOTL5vgXFeqN3wbl7DmZvFf0Yn5UaFoZskTvfy3MxVmq9F79caJss0jbzx+KV
hyRJ5p/evQaY5bxPYrkEAFcNsXB4UF6RtoHEuutx+B0dwD0lRT07weTmmK+bdzQi
GECvY1cuj7FMqFXu3vu57g==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:29 2025 by rpki-client