Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/_VoeAZW4QbXhNDoMO3c_GCKTmxg.roa
File: _VoeAZW4QbXhNDoMO3c_GCKTmxg.roa (raw, json)
Hash identifier: iQxq9sxZPbgX6iNmyVUzj92+81t/yUzdnNBUYVjbrSQ=
Subject key identifier: FD:5A:1E:01:95:B8:41:B5:E1:34:3A:0C:3B:77:3F:18:22:93:9B:18
Certificate issuer: /CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Certificate serial: 018F4E4021429F5E542361F3C5686844D472
Authority key identifier: A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/_VoeAZW4QbXhNDoMO3c_GCKTmxg.roa
Signing time: Mon 06 May 2024 14:12:56 +0000
ROA not before: Mon 06 May 2024 14:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1836
IP address blocks: 80.86.192.0/20 maxlen: 21
80.253.80.0/21 maxlen: 22
80.254.160.0/19 maxlen: 20
81.6.0.0/19 maxlen: 20
81.6.48.0/20 maxlen: 21
81.221.0.0/16 maxlen: 17
82.195.224.0/19 maxlen: 20
146.228.0.0/16 maxlen: 17
146.228.64.0/24 maxlen: 24
193.72.0.0/18 maxlen: 19
193.72.64.0/21 maxlen: 21
193.72.72.0/22 maxlen: 22
193.72.76.0/23 maxlen: 23
193.72.78.0/24 maxlen: 24
193.72.81.0/24 maxlen: 24
193.72.82.0/23 maxlen: 24
193.72.84.0/22 maxlen: 23
193.72.88.0/21 maxlen: 22
193.72.96.0/19 maxlen: 20
193.72.128.0/20 maxlen: 21
193.72.148.0/22 maxlen: 23
193.72.152.0/21 maxlen: 22
193.72.160.0/22 maxlen: 23
193.72.164.0/23 maxlen: 24
193.72.167.0/24 maxlen: 24
193.72.168.0/21 maxlen: 22
193.72.176.0/21 maxlen: 22
193.72.184.0/23 maxlen: 24
193.72.187.0/24 maxlen: 24
193.72.188.0/22 maxlen: 23
193.72.192.0/20 maxlen: 21
193.72.208.0/21 maxlen: 22
193.72.217.0/24 maxlen: 24
193.72.218.0/23 maxlen: 24
193.72.220.0/22 maxlen: 23
193.72.224.0/19 maxlen: 20
193.73.0.0/18 maxlen: 19
193.73.64.0/19 maxlen: 20
193.73.80.0/20 maxlen: 20
193.73.96.0/21 maxlen: 21
193.73.96.0/22 maxlen: 22
193.73.100.0/22 maxlen: 22
193.73.104.0/23 maxlen: 24
193.73.108.0/22 maxlen: 23
193.73.112.0/24 maxlen: 24
193.73.115.0/24 maxlen: 24
193.73.116.0/22 maxlen: 23
193.73.120.0/23 maxlen: 24
193.73.123.0/24 maxlen: 24
193.73.124.0/24 maxlen: 24
193.73.126.0/23 maxlen: 24
193.73.128.0/18 maxlen: 19
193.73.192.0/20 maxlen: 21
193.73.209.0/24 maxlen: 24
193.73.210.0/24 maxlen: 24
193.73.212.0/22 maxlen: 23
193.73.216.0/21 maxlen: 22
193.73.224.0/21 maxlen: 22
193.73.232.0/22 maxlen: 23
193.73.236.0/23 maxlen: 24
193.73.239.0/24 maxlen: 24
193.73.240.0/23 maxlen: 24
193.73.244.0/22 maxlen: 23
193.73.248.0/23 maxlen: 24
193.73.252.0/22 maxlen: 23
193.193.128.0/19 maxlen: 20
194.191.0.0/16 maxlen: 17
194.191.16.0/24 maxlen: 24
195.48.0.0/16 maxlen: 17
195.49.0.0/17 maxlen: 18
195.49.6.0/24 maxlen: 24
195.49.78.0/24 maxlen: 24
195.49.79.0/24 maxlen: 24
195.130.160.0/19 maxlen: 20
212.59.128.0/18 maxlen: 19
2001:1b50::/29 maxlen: 29
2a01:2a8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.mft
rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4e:40:21:42:9f:5e:54:23:61:f3:c5:68:68:44:d4:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Validity
Not Before: May 6 14:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd5a1e0195b841b5e1343a0c3b773f1822939b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:29:c3:1a:40:36:52:c4:8d:2c:7a:8f:bd:58:
34:27:69:ba:7f:f8:6f:6d:e4:52:24:cb:62:8d:ac:
6f:50:2b:35:4f:b1:46:91:57:25:57:1e:39:15:1b:
ba:f7:28:55:e0:16:e8:3c:d5:8b:4a:38:1d:40:59:
34:8a:01:67:51:ad:3a:df:bd:ba:fa:4e:2c:47:6f:
df:eb:4f:ec:d4:7d:0f:c8:08:63:a4:72:90:8f:13:
0f:91:1d:c8:25:d5:df:91:95:89:76:66:a4:ac:2e:
61:33:c7:42:53:eb:2f:cf:ad:6a:b9:44:55:7d:3e:
f6:37:9b:a1:25:79:4f:b2:76:6d:ab:c7:35:2e:bd:
84:24:e8:d8:34:bf:45:0a:f4:03:bb:97:e6:46:01:
e7:c5:5f:17:c1:49:07:2c:5c:e5:c9:d8:ad:91:20:
88:37:d1:e9:68:a3:fc:a4:b6:0f:c5:5a:fe:6b:be:
b9:49:fe:71:5c:c2:50:f0:f5:43:aa:83:ae:ac:2d:
05:cc:b7:6a:b2:ff:4d:01:5c:29:34:36:07:88:76:
18:52:5d:60:37:72:3a:72:2a:64:00:33:2c:89:c1:
cd:4f:a5:97:3d:f4:e6:2e:d6:a3:44:c7:fd:11:be:
95:cf:0a:ba:3b:f0:2b:0b:30:27:41:93:a9:eb:85:
a0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:5A:1E:01:95:B8:41:B5:E1:34:3A:0C:3B:77:3F:18:22:93:9B:18
X509v3 Authority Key Identifier:
keyid:A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/_VoeAZW4QbXhNDoMO3c_GCKTmxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.192.0/20
80.253.80.0/21
80.254.160.0/19
81.6.0.0/19
81.6.48.0/20
81.221.0.0/16
82.195.224.0/19
146.228.0.0/16
193.72.0.0-193.72.78.255
193.72.81.0-193.72.143.255
193.72.148.0-193.72.165.255
193.72.167.0-193.72.185.255
193.72.187.0-193.72.215.255
193.72.217.0-193.73.105.255
193.73.108.0-193.73.112.255
193.73.115.0-193.73.121.255
193.73.123.0-193.73.124.255
193.73.126.0-193.73.207.255
193.73.209.0-193.73.210.255
193.73.212.0-193.73.237.255
193.73.239.0-193.73.241.255
193.73.244.0-193.73.249.255
193.73.252.0/22
193.193.128.0/19
194.191.0.0/16
195.48.0.0-195.49.127.255
195.130.160.0/19
212.59.128.0/18
IPv6:
2001:1b50::/29
2a01:2a8::/29
Signature Algorithm: sha256WithRSAEncryption
e7:d5:5a:4c:a7:15:f0:58:6f:8f:dd:1a:f7:15:bb:4e:90:43:
de:8b:0e:02:cf:12:dc:ef:29:23:39:f7:cf:cf:62:56:f8:c5:
05:92:82:24:c2:4b:64:82:6d:c4:c6:80:9c:a3:db:96:c7:98:
73:94:3e:19:82:c4:50:78:fd:6e:20:3d:af:32:15:84:01:6f:
ef:af:7a:0d:cf:85:a7:6a:b1:a3:04:03:5f:e9:64:71:3d:8a:
9e:f9:d2:27:3f:97:34:e2:b7:7f:34:4f:47:e3:2c:df:46:91:
a8:ba:0c:f7:3b:32:f8:66:d0:1d:cc:58:17:2b:14:fa:f2:ce:
3a:f1:71:7e:b3:99:a2:28:6a:f0:48:ec:9b:e9:ee:db:cd:55:
62:70:e6:52:43:cb:bf:55:63:e9:58:1d:db:79:12:50:62:f0:
bc:ca:51:77:19:eb:9c:d3:06:47:e1:dd:3a:fc:91:0d:ee:ee:
0f:04:9a:71:92:f6:20:25:18:39:e3:7d:df:97:48:d7:52:af:
c8:e7:21:06:85:fa:0d:ad:59:fa:61:81:f8:eb:6e:13:51:71:
e4:03:d3:fd:62:7d:72:5e:88:f9:79:66:4c:b8:cc:18:be:39:
15:6d:37:b0:a9:aa:97:5d:67:d6:75:e0:72:a1:94:ed:8e:d0:
10:e7:5f:e3
-----BEGIN CERTIFICATE-----
MIIGMjCCBRqgAwIBAgISAY9OQCFCn15UI2HzxWhoRNRyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NGM2NzA2ZTNmYmViZGZmMTQ2YThhMTRlYzJhMzI4NGE5
MmJhNjIwHhcNMjQwNTA2MTQxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDVhMWUwMTk1Yjg0MWI1ZTEzNDNhMGMzYjc3M2YxODIyOTM5YjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsinDGkA2UsSNLHqPvVg0J2m6f/hv
beRSJMtijaxvUCs1T7FGkVclVx45FRu69yhV4BboPNWLSjgdQFk0igFnUa063726
+k4sR2/f60/s1H0PyAhjpHKQjxMPkR3IJdXfkZWJdmakrC5hM8dCU+svz61quURV
fT72N5uhJXlPsnZtq8c1Lr2EJOjYNL9FCvQDu5fmRgHnxV8XwUkHLFzlyditkSCI
N9HpaKP8pLYPxVr+a765Sf5xXMJQ8PVDqoOurC0FzLdqsv9NAVwpNDYHiHYYUl1g
N3I6cipkADMsicHNT6WXPfTmLtajRMf9Eb6Vzwq6O/ArCzAnQZOp64WgmwIDAQAB
o4IDPjCCAzowHQYDVR0OBBYEFP1aHgGVuEG14TQ6DDt3Pxgik5sYMB8GA1UdIwQY
MBaAFKdMZwbj++vf8UaooU7CoyhKkrpiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjIt
YWE3ODhhNDIwYWVjLzEvX1ZvZUFaVzRRYlhoTkRvTU8zY19HQ0tUbXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjItYWE3ODhhNDIwYWVj
LzEvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUgYIKwYBBQUHAQcBAf8EggFBMIIBPTCCASMEAgABMIIB
GwMEBFBWwAMEA1D9UAMEBVD+oAMEBVEGAAMEBFEGMAMDAFHdAwQFUsPgAwMAkuQw
CwMDA8FIAwQAwUhOMAwDBADBSFEDBATBSIAwDAMEAsFIlAMEAcFIpDAMAwQAwUin
AwQBwUi4MAwDBADBSLsDBAPBSNAwDAMEAMFI2QMEAcFJaDAMAwQCwUlsAwQAwUlw
MAwDBADBSXMDBAHBSXgwDAMEAMFJewMEAMFJfDAMAwQBwUl+AwQEwUnAMAwDBADB
SdEDBADBSdIwDAMEAsFJ1AMEAcFJ7DAMAwQAwUnvAwQBwUnwMAwDBALBSfQDBAHB
SfgDBALBSfwDBAXBwYADAwDCvzALAwMEwzADBAfDMQADBAXDgqADBAbUO4AwFAQC
AAIwDgMFAyABG1ADBQMqAQKoMA0GCSqGSIb3DQEBCwUAA4IBAQDn1VpMpxXwWG+P
3Rr3FbtOkEPeiw4CzxLc7ykjOffPz2JW+MUFkoIkwktkgm3ExoCco9uWx5hzlD4Z
gsRQeP1uID2vMhWEAW/vr3oNz4WnarGjBANf6WRxPYqe+dInP5c04rd/NE9H4yzf
RpGougz3OzL4ZtAdzFgXKxT68s468XF+s5miKGrwSOyb6e7bzVVicOZSQ8u/VWPp
WB3beRJQYvC8ylF3Geuc0wZH4d06/JEN7u4PBJpxkvYgJRg5433fl0jXUq/I5yEG
hfoNrVn6YYH4624TUXHkA9P9Yn1yXoj5eWZMuMwYvjkVbTewqaqXXWfWdeByoZTt
jtAQ51/j
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:16:10 2024 by rpki-client on console-ams.rpki-client.org