Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/_kjDn_DDtqJjlLfr15JCrlUsBs4.roa
File: _kjDn_DDtqJjlLfr15JCrlUsBs4.roa (raw, json)
Hash identifier: jybSc3mz+ll60aex4A0Ja+eXAtAJqeCFAGm8sC/emcE=
Subject key identifier: FE:48:C3:9F:F0:C3:B6:A2:63:94:B7:EB:D7:92:42:AE:55:2C:06:CE
Certificate issuer: /CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Certificate serial: 019426D99D527BA9F727F4F05FA83322AC24
Authority key identifier: 0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/_kjDn_DDtqJjlLfr15JCrlUsBs4.roa
Signing time: Thu 02 Jan 2025 11:49:43 +0000
ROA not before: Thu 02 Jan 2025 11:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29518
IP address blocks: 5.44.192.0/20 maxlen: 20
5.172.144.0/21 maxlen: 21
31.192.192.0/20 maxlen: 20
31.208.0.0/16 maxlen: 16
31.209.0.0/18 maxlen: 18
37.17.248.0/21 maxlen: 21
46.162.64.0/18 maxlen: 18
46.236.64.0/18 maxlen: 18
62.182.0.0/21 maxlen: 21
62.220.160.0/19 maxlen: 19
77.53.0.0/16 maxlen: 16
79.138.0.0/17 maxlen: 17
80.244.64.0/19 maxlen: 19
82.117.96.0/19 maxlen: 19
82.209.128.0/18 maxlen: 18
83.209.0.0/16 maxlen: 16
83.219.192.0/19 maxlen: 19
83.233.0.0/16 maxlen: 16
85.8.0.0/18 maxlen: 18
85.30.0.0/18 maxlen: 18
85.235.0.0/19 maxlen: 19
85.235.17.0/24 maxlen: 24
85.235.18.0/23 maxlen: 23
85.235.20.0/22 maxlen: 22
85.235.24.0/24 maxlen: 24
85.238.192.0/19 maxlen: 19
87.96.128.0/17 maxlen: 17
87.236.88.0/21 maxlen: 21
87.241.64.0/18 maxlen: 18
87.251.192.0/19 maxlen: 19
87.253.64.0/19 maxlen: 19
88.83.32.0/19 maxlen: 19
88.129.0.0/16 maxlen: 16
89.160.0.0/17 maxlen: 17
89.233.192.0/18 maxlen: 18
89.236.0.0/23 maxlen: 23
89.236.2.0/23 maxlen: 23
89.236.4.0/22 maxlen: 22
89.236.8.0/23 maxlen: 23
89.236.11.0/24 maxlen: 24
89.236.15.0/24 maxlen: 24
89.236.17.0/24 maxlen: 24
89.236.18.0/23 maxlen: 23
89.236.20.0/22 maxlen: 22
89.236.24.0/23 maxlen: 23
89.236.26.0/24 maxlen: 24
89.236.35.0/24 maxlen: 24
89.236.36.0/23 maxlen: 23
89.236.38.0/24 maxlen: 24
89.236.47.0/24 maxlen: 24
89.236.48.0/24 maxlen: 24
89.236.53.0/24 maxlen: 24
89.236.54.0/23 maxlen: 23
89.236.56.0/22 maxlen: 22
91.191.128.0/20 maxlen: 20
91.232.59.0/24 maxlen: 24
91.232.60.0/23 maxlen: 23
94.198.64.0/21 maxlen: 21
94.245.0.0/20 maxlen: 20
94.245.16.0/20 maxlen: 20
94.245.48.0/20 maxlen: 20
94.255.128.0/17 maxlen: 17
95.155.192.0/18 maxlen: 18
109.124.128.0/18 maxlen: 18
109.225.64.0/18 maxlen: 18
146.247.80.0/21 maxlen: 21
178.132.248.0/21 maxlen: 21
178.251.240.0/21 maxlen: 21
185.18.164.0/22 maxlen: 22
185.52.180.0/22 maxlen: 22
185.58.144.0/22 maxlen: 22
185.113.96.0/22 maxlen: 22
188.120.160.0/19 maxlen: 19
188.122.128.0/19 maxlen: 19
193.23.57.0/24 maxlen: 24
195.78.224.0/22 maxlen: 22
195.238.255.0/24 maxlen: 24
213.21.64.0/18 maxlen: 18
213.142.0.0/19 maxlen: 19
213.185.4.0/24 maxlen: 24
213.185.6.0/24 maxlen: 24
213.185.7.0/24 maxlen: 24
213.185.8.0/23 maxlen: 23
213.185.10.0/24 maxlen: 24
213.185.12.0/22 maxlen: 22
213.185.16.0/23 maxlen: 23
213.185.20.0/23 maxlen: 23
213.185.24.0/24 maxlen: 24
213.185.26.0/24 maxlen: 24
217.72.52.0/23 maxlen: 23
217.72.54.0/24 maxlen: 24
217.72.56.0/22 maxlen: 22
217.72.60.0/23 maxlen: 23
217.72.62.0/24 maxlen: 24
217.76.80.0/20 maxlen: 20
217.78.32.0/20 maxlen: 20
217.115.32.0/19 maxlen: 19
217.118.208.0/20 maxlen: 20
2001:9c8::/29 maxlen: 29
2a00:1598::/29 maxlen: 29
2a00:8280::/32 maxlen: 32
2a01:b700::/32 maxlen: 32
2a02:7b8::/32 maxlen: 32
2a02:23c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 18:31:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:9d:52:7b:a9:f7:27:f4:f0:5f:a8:33:22:ac:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Validity
Not Before: Jan 2 11:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe48c39ff0c3b6a26394b7ebd79242ae552c06ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:74:72:05:8f:a5:ba:c7:8c:fa:27:da:13:77:
1b:cf:33:1a:bc:ff:59:3e:0f:f4:3e:fb:c7:21:17:
cf:28:38:16:f8:01:63:cd:ff:30:2d:9a:46:46:36:
0e:d3:d4:cf:60:ae:9b:38:13:c8:bc:09:84:a4:14:
65:9d:df:b4:28:8c:bc:52:10:b2:5c:d5:91:3e:43:
2a:20:5a:b8:7c:67:cd:5e:76:e0:11:bb:0d:a7:38:
5e:41:79:3e:f5:62:66:2c:2c:d1:64:65:51:ad:c9:
b8:a0:e5:1c:c9:a0:c7:5e:12:9a:d6:93:a0:c5:e7:
83:0f:72:26:85:80:31:2c:61:b7:5e:49:00:ff:4c:
3a:b3:62:3e:5c:59:44:57:69:3b:df:9b:33:50:01:
6e:9c:5a:82:5d:a2:39:b4:ce:ce:e1:cb:71:d7:df:
80:76:19:5c:a8:ed:9a:a8:c4:23:2c:32:55:16:81:
d7:2d:f2:8e:7f:79:1b:f3:28:eb:09:c4:82:ab:b2:
07:00:79:1b:5a:ba:9a:ab:a3:41:67:48:32:84:49:
3c:2e:fb:ea:bb:f3:04:5d:61:0d:32:98:2b:d8:87:
fe:ad:b4:42:7a:07:86:83:bb:19:1d:3b:a0:9b:74:
c6:e4:19:76:51:5a:64:dc:83:2e:86:55:bb:f2:75:
2d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:48:C3:9F:F0:C3:B6:A2:63:94:B7:EB:D7:92:42:AE:55:2C:06:CE
X509v3 Authority Key Identifier:
keyid:0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/_kjDn_DDtqJjlLfr15JCrlUsBs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.192.0/20
5.172.144.0/21
31.192.192.0/20
31.208.0.0-31.209.63.255
37.17.248.0/21
46.162.64.0/18
46.236.64.0/18
62.182.0.0/21
62.220.160.0/19
77.53.0.0/16
79.138.0.0/17
80.244.64.0/19
82.117.96.0/19
82.209.128.0/18
83.209.0.0/16
83.219.192.0/19
83.233.0.0/16
85.8.0.0/18
85.30.0.0/18
85.235.0.0/19
85.238.192.0/19
87.96.128.0/17
87.236.88.0/21
87.241.64.0/18
87.251.192.0/19
87.253.64.0/19
88.83.32.0/19
88.129.0.0/16
89.160.0.0/17
89.233.192.0/18
89.236.0.0-89.236.9.255
89.236.11.0/24
89.236.15.0/24
89.236.17.0-89.236.26.255
89.236.35.0-89.236.38.255
89.236.47.0-89.236.48.255
89.236.53.0-89.236.59.255
91.191.128.0/20
91.232.59.0-91.232.61.255
94.198.64.0/21
94.245.0.0/19
94.245.48.0/20
94.255.128.0/17
95.155.192.0/18
109.124.128.0/18
109.225.64.0/18
146.247.80.0/21
178.132.248.0/21
178.251.240.0/21
185.18.164.0/22
185.52.180.0/22
185.58.144.0/22
185.113.96.0/22
188.120.160.0/19
188.122.128.0/19
193.23.57.0/24
195.78.224.0/22
195.238.255.0/24
213.21.64.0/18
213.142.0.0/19
213.185.4.0/24
213.185.6.0-213.185.10.255
213.185.12.0-213.185.17.255
213.185.20.0/23
213.185.24.0/24
213.185.26.0/24
217.72.52.0-217.72.54.255
217.72.56.0-217.72.62.255
217.76.80.0/20
217.78.32.0/20
217.115.32.0/19
217.118.208.0/20
IPv6:
2001:9c8::/29
2a00:1598::/29
2a00:8280::/32
2a01:b700::/32
2a02:7b8::/32
2a02:23c0::/32
Signature Algorithm: sha256WithRSAEncryption
09:4d:52:37:0e:c5:a3:ce:c3:76:e9:94:e7:16:5a:5f:55:e9:
b2:57:f2:a5:cc:80:3a:b0:43:f9:65:03:d8:68:3b:2a:b3:30:
fb:a3:fc:bf:4a:9e:d7:78:e6:ce:ea:4d:2c:4d:41:3b:47:d6:
ef:a5:75:3d:31:96:05:3d:a5:d3:a4:91:17:a6:8b:ae:a0:24:
0f:30:4f:9a:f6:95:be:05:cd:7b:9e:18:6c:db:04:f1:dd:30:
3c:ed:bd:ca:fe:0c:91:99:1d:89:92:f2:7c:dd:e9:f2:32:e3:
f8:3f:30:d0:a7:72:89:78:ee:a2:bc:a1:98:75:37:14:11:f5:
de:40:d1:ae:4f:ec:8f:a3:39:0c:7d:27:2c:d7:95:c5:44:b9:
8a:03:e5:16:00:8a:92:95:b7:28:30:fd:1b:eb:d6:93:b9:d7:
5d:5f:5b:27:3f:85:54:07:51:64:c9:26:bc:9f:da:37:86:db:
b4:f3:07:24:29:6e:e5:5f:d2:af:21:74:1b:01:61:a3:5d:c0:
85:70:49:05:1b:a2:67:c0:0f:66:51:40:92:aa:3c:b6:31:18:
c4:03:cc:87:39:bb:76:a5:b0:18:d2:8b:0e:17:b7:1d:48:ce:
3f:8c:04:2e:33:8f:45:70:eb:f7:3f:b9:c5:ed:60:ba:54:db:
9f:d4:44:ae
-----BEGIN CERTIFICATE-----
MIIHNTCCBh2gAwIBAgISAZQm2Z1Se6n3J/TwX6gzIqwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTEzMDhlYWQ2YWRiMWQwODVlN2U1OTEwYTBjYjJkZTU2
YWEzMmUwHhcNMjUwMTAyMTE0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTQ4YzM5ZmYwYzNiNmEyNjM5NGI3ZWJkNzkyNDJhZTU1MmMwNmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8nRyBY+luseM+ifaE3cbzzMavP9Z
Pg/0PvvHIRfPKDgW+AFjzf8wLZpGRjYO09TPYK6bOBPIvAmEpBRlnd+0KIy8UhCy
XNWRPkMqIFq4fGfNXnbgEbsNpzheQXk+9WJmLCzRZGVRrcm4oOUcyaDHXhKa1pOg
xeeDD3ImhYAxLGG3XkkA/0w6s2I+XFlEV2k735szUAFunFqCXaI5tM7O4ctx19+A
dhlcqO2aqMQjLDJVFoHXLfKOf3kb8yjrCcSCq7IHAHkbWrqaq6NBZ0gyhEk8Lvvq
u/MEXWENMpgr2If+rbRCegeGg7sZHTugm3TG5Bl2UVpk3IMuhlW78nUtGwIDAQAB
o4IEQTCCBD0wHQYDVR0OBBYEFP5Iw5/ww7aiY5S369eSQq5VLAbOMB8GA1UdIwQY
MBaAFAzhMI6tatsdCF5+WRCgyy3laqMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUt
YjBiYWQxOGYwMmQwLzEvX2tqRG5fRER0cUpqbExmcjE1SkNybFVzQnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUtYjBiYWQxOGYwMmQw
LzEvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICVQYIKwYBBQUHAQcBAf8EggJEMIICQDCCAgoEAgABMIIC
AgMEBAUswAMEAwWskAMEBB/AwDALAwMEH9ADBAYf0QADBAMlEfgDBAYuokADBAYu
7EADBAM+tgADBAU+3KADAwBNNQMEB0+KAAMEBVD0QAMEBVJ1YAMEBlLRgAMDAFPR
AwQFU9vAAwMAU+kDBAZVCAADBAZVHgADBAVV6wADBAVV7sADBAdXYIADBANX7FgD
BAZX8UADBAVX+8ADBAVX/UADBAVYUyADAwBYgQMEB1mgAAMEBlnpwDALAwMCWewD
BAFZ7AgDBABZ7AsDBABZ7A8wDAMEAFnsEQMEAFnsGjAMAwQAWewjAwQAWewmMAwD
BABZ7C8DBABZ7DAwDAMEAFnsNQMEAlnsOAMEBFu/gDAMAwQAW+g7AwQBW+g8AwQD
XsZAAwQFXvUAAwQEXvUwAwQHXv+AAwQGX5vAAwQGbXyAAwQGbeFAAwQDkvdQAwQD
soT4AwQDsvvwAwQCuRKkAwQCuTS0AwQCuTqQAwQCuXFgAwQFvHigAwQFvHqAAwQA
wRc5AwQCw07gAwQAw+7/AwQG1RVAAwQF1Y4AAwQA1bkEMAwDBAHVuQYDBADVuQow
DAMEAtW5DAMEAdW5EAMEAdW5FAMEANW5GAMEANW5GjAMAwQC2Ug0AwQA2Ug2MAwD
BAPZSDgDBADZSD4DBATZTFADBATZTiADBAXZcyADBATZdtAwMAQCAAIwKgMFAyAB
CcgDBQMqABWYAwUAKgCCgAMFACoBtwADBQAqAge4AwUAKgIjwDANBgkqhkiG9w0B
AQsFAAOCAQEACU1SNw7Fo87DdumU5xZaX1XpslfypcyAOrBD+WUD2Gg7KrMw+6P8
v0qe13jmzupNLE1BO0fW76V1PTGWBT2l06SRF6aLrqAkDzBPmvaVvgXNe54YbNsE
8d0wPO29yv4MkZkdiZLyfN3p8jLj+D8w0KdyiXjuoryhmHU3FBH13kDRrk/sj6M5
DH0nLNeVxUS5igPlFgCKkpW3KDD9G+vWk7nXXV9bJz+FVAdRZMkmvJ/aN4bbtPMH
JClu5V/SryF0GwFho13AhXBJBRuiZ8APZlFAkqo8tjEYxAPMhzm7dqWwGNKLDhe3
HUjOP4wELjOPRXDr9z+5xe1gulTbn9RErg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 03:48:53 2025 by rpki-client