Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/DkTQgGku3eibDN_9nsW6d4P2wmc.roa
File: DkTQgGku3eibDN_9nsW6d4P2wmc.roa (raw, json)
Hash identifier: VrTm/PxCASRgBIogtHy8uYBihY+kVdmGReGg0Z/94Ss=
Subject key identifier: 0E:44:D0:80:69:2E:DD:E8:9B:0C:DF:FD:9E:C5:BA:77:83:F6:C2:67
Certificate issuer: /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial: 018E131A18F1880BC3159B7483031EB08F95
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/DkTQgGku3eibDN_9nsW6d4P2wmc.roa
Signing time: Wed 06 Mar 2024 09:31:01 +0000
ROA not before: Wed 06 Mar 2024 09:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12541
IP address blocks: 84.18.0.0/19 maxlen: 19
92.60.160.0/20 maxlen: 20
92.60.170.0/24 maxlen: 24
92.60.173.0/24 maxlen: 24
92.60.174.0/24 maxlen: 24
185.66.60.0/22 maxlen: 22
185.66.60.0/24 maxlen: 24
185.66.61.0/24 maxlen: 24
185.66.62.0/24 maxlen: 24
195.5.64.0/19 maxlen: 19
212.49.128.0/18 maxlen: 18
212.49.129.0/24 maxlen: 24
212.49.189.0/24 maxlen: 24
212.59.192.0/19 maxlen: 19
212.66.161.0/24 maxlen: 24
212.66.162.0/23 maxlen: 23
212.66.163.0/24 maxlen: 24
212.66.164.0/22 maxlen: 22
212.66.168.0/21 maxlen: 21
212.66.176.0/20 maxlen: 20
212.163.0.0/16 maxlen: 16
212.163.1.0/24 maxlen: 24
212.163.5.0/24 maxlen: 24
212.163.31.0/24 maxlen: 24
212.163.48.0/24 maxlen: 24
212.163.91.0/24 maxlen: 24
212.163.92.0/24 maxlen: 24
212.163.94.0/24 maxlen: 24
212.163.130.0/24 maxlen: 24
212.163.185.0/24 maxlen: 24
212.163.193.0/24 maxlen: 24
212.163.216.0/22 maxlen: 22
212.163.220.0/22 maxlen: 22
212.163.225.0/24 maxlen: 24
212.163.226.0/24 maxlen: 24
212.163.227.0/24 maxlen: 24
212.163.235.0/24 maxlen: 24
212.163.240.0/20 maxlen: 20
213.9.128.0/17 maxlen: 17
213.9.142.0/23 maxlen: 23
213.9.144.0/24 maxlen: 24
213.9.162.0/23 maxlen: 23
213.9.182.0/24 maxlen: 24
213.9.185.0/24 maxlen: 24
213.9.186.0/24 maxlen: 24
213.9.190.0/23 maxlen: 23
213.9.217.0/24 maxlen: 24
213.9.224.0/20 maxlen: 20
213.9.240.0/23 maxlen: 23
213.9.244.0/24 maxlen: 24
213.9.245.0/24 maxlen: 24
213.9.246.0/24 maxlen: 24
213.9.247.0/24 maxlen: 24
213.9.248.0/24 maxlen: 24
213.192.192.0/18 maxlen: 18
213.192.193.0/24 maxlen: 24
213.192.200.0/22 maxlen: 22
213.192.203.0/24 maxlen: 24
213.192.206.0/23 maxlen: 23
213.192.212.0/22 maxlen: 22
213.192.213.0/24 maxlen: 24
213.192.216.0/21 maxlen: 21
213.192.224.0/22 maxlen: 22
213.192.228.0/23 maxlen: 23
213.192.232.0/22 maxlen: 22
213.192.238.0/24 maxlen: 24
213.192.239.0/24 maxlen: 24
213.192.240.0/24 maxlen: 24
213.192.241.0/24 maxlen: 24
213.192.242.0/23 maxlen: 23
213.192.244.0/23 maxlen: 23
213.192.246.0/24 maxlen: 24
213.192.247.0/24 maxlen: 24
213.192.248.0/21 maxlen: 21
213.192.249.0/24 maxlen: 24
213.192.251.0/24 maxlen: 24
213.192.252.0/23 maxlen: 23
213.192.253.0/24 maxlen: 24
213.192.254.0/24 maxlen: 24
213.192.255.0/24 maxlen: 24
2001:ac0::/29 maxlen: 29
2001:ac0::/32 maxlen: 32
2001:ac0:30fd::/48 maxlen: 48
2001:ac0:c040::/44 maxlen: 44
2001:ac0:c0c0::/44 maxlen: 44
2001:ac0:c880::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:1a:18:f1:88:0b:c3:15:9b:74:83:03:1e:b0:8f:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Validity
Not Before: Mar 6 09:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e44d080692edde89b0cdffd9ec5ba7783f6c267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8b:e8:96:0f:3f:e6:98:60:bd:1a:0b:17:9b:
c8:b9:5d:a3:b5:e9:62:b0:90:ec:04:60:3e:e1:cd:
74:00:f6:26:48:e2:08:82:98:8b:44:6a:59:c8:54:
22:5f:5a:d3:39:1f:03:26:5f:41:d5:31:f2:15:40:
04:e4:e8:d2:ed:ba:0e:67:0e:c3:11:19:3e:1a:a1:
42:cd:fa:34:c2:8f:8d:43:67:d9:34:45:31:be:da:
28:bb:6c:bc:ff:1d:9a:da:2e:a0:f8:93:69:41:3f:
91:2e:b5:c3:61:3a:0f:53:1c:41:36:4b:a9:b5:99:
3f:07:c4:df:fa:2f:be:1b:c6:48:d6:04:bf:c0:f3:
0c:90:a5:94:ed:3b:6b:c7:0b:bb:58:2d:0e:a3:68:
23:72:fc:0a:ad:80:97:34:49:0d:61:fc:b9:7b:69:
b7:de:f3:50:d4:7e:a3:bb:b7:55:ac:bb:b3:da:57:
e9:58:19:31:5a:ba:c4:6c:b9:27:fe:8c:cf:63:81:
b5:c1:c1:5b:32:f0:2d:37:14:7f:70:e2:32:f5:d1:
fd:04:24:d4:21:a8:7d:12:3e:32:19:3d:69:46:9a:
eb:b6:80:f1:11:67:ab:33:45:6d:3b:01:2a:c4:dc:
3b:01:36:f7:28:ae:5b:20:fe:c5:6c:89:3b:c8:3e:
bc:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:44:D0:80:69:2E:DD:E8:9B:0C:DF:FD:9E:C5:BA:77:83:F6:C2:67
X509v3 Authority Key Identifier:
keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/DkTQgGku3eibDN_9nsW6d4P2wmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.18.0.0/19
92.60.160.0/20
185.66.60.0/22
195.5.64.0/19
212.49.128.0/18
212.59.192.0/19
212.66.161.0-212.66.191.255
212.163.0.0/16
213.9.128.0/17
213.192.192.0/18
IPv6:
2001:ac0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:6c:22:1e:f9:07:57:ee:c7:b7:b0:b0:dc:80:53:7a:ca:73:
6e:15:a6:e8:e1:53:01:40:43:d8:75:cb:f5:89:c0:e4:ec:8f:
53:c2:eb:9c:9c:47:aa:06:06:0c:63:fa:c7:da:2b:0e:ad:85:
4e:61:68:26:54:ba:2a:a9:17:2a:33:11:5d:2b:85:6c:45:56:
a6:34:68:c2:66:36:7c:7e:43:a6:1b:cc:76:8c:be:5d:b7:87:
56:da:8c:de:3e:08:f6:88:0d:c3:77:62:66:4a:d4:f6:1a:37:
92:1d:53:e4:7d:7a:58:6c:72:5d:53:4b:20:0a:bc:68:af:96:
d9:82:85:9d:27:ce:ce:37:37:2b:bb:e5:1e:cf:18:d6:69:e0:
78:1d:fc:bf:51:5f:da:b0:20:cd:a4:d7:d8:eb:1e:b2:23:c3:
e0:a4:60:6b:e4:0c:63:9b:19:c7:62:b9:54:da:0c:12:86:60:
e8:cb:c0:da:b8:6f:85:6c:ad:bd:40:1a:ed:fb:52:2b:16:4f:
6e:40:07:c9:31:f8:e3:7d:a1:93:80:08:4c:ad:c3:0a:66:06:
4f:e2:be:f3:df:ad:47:06:63:01:3f:7a:91:c7:28:e8:12:14:
b3:7d:a7:23:5a:33:0f:35:7b:08:61:11:71:9d:c3:2c:82:2f:
de:03:90:fb
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY4TGhjxiAvDFZt0gwMesI+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjQwMzA2MDkzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTQ0ZDA4MDY5MmVkZGU4OWIwY2RmZmQ5ZWM1YmE3NzgzZjZjMjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlovolg8/5phgvRoLF5vIuV2jteli
sJDsBGA+4c10APYmSOIIgpiLRGpZyFQiX1rTOR8DJl9B1THyFUAE5OjS7boOZw7D
ERk+GqFCzfo0wo+NQ2fZNEUxvtoou2y8/x2a2i6g+JNpQT+RLrXDYToPUxxBNkup
tZk/B8Tf+i++G8ZI1gS/wPMMkKWU7Ttrxwu7WC0Oo2gjcvwKrYCXNEkNYfy5e2m3
3vNQ1H6ju7dVrLuz2lfpWBkxWrrEbLkn/ozPY4G1wcFbMvAtNxR/cOIy9dH9BCTU
Iah9Ej4yGT1pRprrtoDxEWerM0VtOwEqxNw7ATb3KK5bIP7FbIk7yD684wIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFA5E0IBpLt3omwzf/Z7FuneD9sJnMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvRGtUUWdHa3UzZWliRE5fOW5zVzZkNFAyd21jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBJBAIAATBDAwQFVBIAAwQE
XDygAwQCuUI8AwQFwwVAAwQG1DGAAwQF1DvAMAwDBADUQqEDBAbUQoADAwDUowME
B9UJgAMEBtXAwDANBAIAAjAHAwUDIAEKwDANBgkqhkiG9w0BAQsFAAOCAQEAL2wi
HvkHV+7Ht7Cw3IBTespzbhWm6OFTAUBD2HXL9YnA5OyPU8LrnJxHqgYGDGP6x9or
Dq2FTmFoJlS6KqkXKjMRXSuFbEVWpjRowmY2fH5DphvMdoy+XbeHVtqM3j4I9ogN
w3diZkrU9ho3kh1T5H16WGxyXVNLIAq8aK+W2YKFnSfOzjc3K7vlHs8Y1mngeB38
v1Ff2rAgzaTX2OsesiPD4KRga+QMY5sZx2K5VNoMEoZg6MvA2rhvhWytvUAa7ftS
KxZPbkAHyTH4432hk4AITK3DCmYGT+K+89+tRwZjAT96kcco6BIUs32nI1ozDzV7
CGERcZ3DLIIv3gOQ+w==
-----END CERTIFICATE-----
Generated at Tue May 28 13:39:29 2024 by rpki-client on console-fra.rpki-client.org