Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/00144f-85f3-4557-b1d6-9e3e9aafbce4/1/NlAquE-wusMvxudyA1NNhlbBl4I.roa
File: NlAquE-wusMvxudyA1NNhlbBl4I.roa (raw, json)
Hash identifier: 16tNWajnPVglB4KppnBNNbll+7CG/eOLqdusqicr2b8=
Subject key identifier: 36:50:2A:B8:4F:B0:BA:C3:2F:C6:E7:72:03:53:4D:86:56:C1:97:82
Certificate issuer: /CN=17e568417f59a21129fb2487f5e57bc171631f7b
Certificate serial: 018CC86F66277FD30C416D7AC37A06114DD8
Authority key identifier: 17:E5:68:41:7F:59:A2:11:29:FB:24:87:F5:E5:7B:C1:71:63:1F:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F-VoQX9ZohEp-ySH9eV7wXFjH3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/00144f-85f3-4557-b1d6-9e3e9aafbce4/1/NlAquE-wusMvxudyA1NNhlbBl4I.roa
Signing time: Tue 02 Jan 2024 04:29:53 +0000
ROA not before: Tue 02 Jan 2024 04:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30873
IP address blocks: 94.26.192.0/21 maxlen: 21
94.26.200.0/21 maxlen: 21
94.26.208.0/21 maxlen: 21
94.26.216.0/21 maxlen: 21
5.100.160.0/21 maxlen: 21
109.200.160.0/21 maxlen: 21
109.200.168.0/21 maxlen: 21
109.200.176.0/21 maxlen: 21
109.200.184.0/21 maxlen: 21
5.255.0.0/21 maxlen: 21
5.255.8.0/21 maxlen: 21
5.255.16.0/21 maxlen: 21
5.255.24.0/21 maxlen: 21
80.253.176.0/21 maxlen: 21
80.253.184.0/21 maxlen: 21
188.240.96.0/21 maxlen: 21
188.240.104.0/21 maxlen: 21
185.11.8.0/22 maxlen: 22
188.240.112.0/21 maxlen: 21
188.240.120.0/21 maxlen: 21
31.31.176.0/21 maxlen: 21
31.31.184.0/21 maxlen: 21
213.246.0.0/21 maxlen: 21
213.246.8.0/21 maxlen: 21
81.91.24.0/21 maxlen: 21
213.246.16.0/21 maxlen: 21
213.246.24.0/21 maxlen: 21
78.137.72.0/21 maxlen: 21
78.137.80.0/21 maxlen: 21
78.137.88.0/21 maxlen: 21
131.117.160.0/21 maxlen: 21
134.35.152.0/21 maxlen: 21
134.35.160.0/21 maxlen: 21
134.35.168.0/21 maxlen: 21
134.35.176.0/21 maxlen: 21
134.35.184.0/21 maxlen: 21
134.35.192.0/21 maxlen: 21
134.35.96.0/21 maxlen: 21
134.35.104.0/21 maxlen: 21
134.35.112.0/21 maxlen: 21
134.35.120.0/21 maxlen: 21
176.123.16.0/21 maxlen: 21
134.35.128.0/21 maxlen: 21
176.123.24.0/21 maxlen: 21
134.35.136.0/21 maxlen: 21
134.35.144.0/21 maxlen: 21
178.130.80.0/21 maxlen: 21
110.238.32.0/21 maxlen: 21
175.110.32.0/21 maxlen: 21
178.130.88.0/21 maxlen: 21
110.238.40.0/21 maxlen: 21
175.110.40.0/21 maxlen: 21
178.130.96.0/21 maxlen: 21
178.130.104.0/21 maxlen: 21
110.238.48.0/21 maxlen: 21
175.110.48.0/21 maxlen: 21
110.238.56.0/21 maxlen: 21
175.110.56.0/21 maxlen: 21
178.130.112.0/21 maxlen: 21
178.130.120.0/21 maxlen: 21
78.137.64.0/21 maxlen: 21
134.35.200.0/21 maxlen: 21
134.35.208.0/21 maxlen: 21
134.35.216.0/21 maxlen: 21
134.35.224.0/21 maxlen: 21
175.110.0.0/21 maxlen: 21
134.35.232.0/21 maxlen: 21
175.110.8.0/21 maxlen: 21
178.130.64.0/21 maxlen: 21
175.110.16.0/21 maxlen: 21
134.35.240.0/21 maxlen: 21
175.110.24.0/21 maxlen: 21
134.35.248.0/21 maxlen: 21
178.130.72.0/21 maxlen: 21
188.209.232.0/21 maxlen: 21
188.209.240.0/21 maxlen: 21
188.209.248.0/21 maxlen: 21
188.209.224.0/21 maxlen: 21
134.35.40.0/21 maxlen: 21
134.35.48.0/21 maxlen: 21
134.35.56.0/21 maxlen: 21
46.35.64.0/21 maxlen: 21
134.35.64.0/21 maxlen: 21
134.35.72.0/21 maxlen: 21
46.35.72.0/21 maxlen: 21
46.35.80.0/21 maxlen: 21
134.35.80.0/21 maxlen: 21
46.35.88.0/21 maxlen: 21
134.35.88.0/21 maxlen: 21
134.35.0.0/21 maxlen: 21
134.35.8.0/21 maxlen: 21
134.35.16.0/21 maxlen: 21
134.35.24.0/21 maxlen: 21
134.35.32.0/21 maxlen: 21
46.161.232.0/21 maxlen: 21
46.161.240.0/21 maxlen: 21
46.161.248.0/21 maxlen: 21
109.74.32.0/21 maxlen: 21
109.74.40.0/21 maxlen: 21
82.114.160.0/21 maxlen: 21
82.114.160.0/22 maxlen: 22
82.114.164.0/22 maxlen: 22
82.114.168.0/21 maxlen: 21
82.114.176.0/21 maxlen: 21
46.161.224.0/21 maxlen: 21
82.114.184.0/21 maxlen: 21
89.189.72.0/21 maxlen: 21
89.189.80.0/21 maxlen: 21
89.189.88.0/21 maxlen: 21
89.189.64.0/21 maxlen: 21
2a02:2719::/32 maxlen: 32
2a02:271a::/32 maxlen: 32
2a02:271c::/32 maxlen: 32
2a02:271d::/32 maxlen: 32
2a02:2719:4400::/44 maxlen: 44
2a02:2719:4300::/44 maxlen: 44
2a02:2719:4100::/44 maxlen: 44
2a02:271b::/32 maxlen: 32
2a02:2719:4410::/44 maxlen: 44
2a02:2719:4310::/44 maxlen: 44
2a02:2719:4110::/44 maxlen: 44
2a02:271f::/32 maxlen: 32
2a02:2718::/32 maxlen: 32
2a02:271e::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/00144f-85f3-4557-b1d6-9e3e9aafbce4/1/F-VoQX9ZohEp-ySH9eV7wXFjH3s.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/00144f-85f3-4557-b1d6-9e3e9aafbce4/1/F-VoQX9ZohEp-ySH9eV7wXFjH3s.mft
rsync://rpki.ripe.net/repository/DEFAULT/F-VoQX9ZohEp-ySH9eV7wXFjH3s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:66:27:7f:d3:0c:41:6d:7a:c3:7a:06:11:4d:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17e568417f59a21129fb2487f5e57bc171631f7b
Validity
Not Before: Jan 2 04:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36502ab84fb0bac32fc6e77203534d8656c19782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:93:65:1d:a8:a3:e4:55:24:05:79:00:47:d4:
4d:a8:4e:88:05:f0:80:ef:49:51:bc:c0:f0:ed:fa:
44:79:c1:60:d4:b5:ab:bc:49:91:8c:e8:6b:c0:46:
4a:8e:e1:7b:49:23:60:af:29:08:f1:72:93:b9:f3:
44:e6:be:b7:57:90:e5:dc:83:cc:6f:46:3c:b9:f9:
d4:cc:66:80:a9:ae:37:0e:80:62:8b:3a:90:47:44:
51:96:d5:2b:fd:c2:3a:fe:96:f8:10:58:18:3f:07:
e0:a1:32:f1:d6:ee:0e:ad:38:e4:17:70:6d:50:05:
b2:b3:98:5f:09:30:03:91:40:bb:b9:37:0b:f2:7e:
a6:3c:95:03:ab:0f:16:78:82:df:fd:4d:07:c9:88:
e9:f6:b4:1d:1e:5a:c8:b0:94:34:fe:b5:ae:5b:43:
c6:c6:d9:e5:a9:fd:a7:92:d3:ac:2b:f8:21:00:79:
14:ec:72:6f:06:c0:2d:40:d2:b2:9f:51:0a:31:a4:
b0:05:7b:9f:88:40:17:02:4f:28:02:9e:3c:61:c4:
0d:70:3b:dd:0c:da:2e:ea:9d:76:43:b9:14:95:46:
0f:13:81:07:57:85:5f:1c:9e:4f:b7:bc:82:bb:7a:
ed:f9:38:90:6b:9e:1d:5d:60:a4:89:5d:ac:07:c2:
bf:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:50:2A:B8:4F:B0:BA:C3:2F:C6:E7:72:03:53:4D:86:56:C1:97:82
X509v3 Authority Key Identifier:
keyid:17:E5:68:41:7F:59:A2:11:29:FB:24:87:F5:E5:7B:C1:71:63:1F:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F-VoQX9ZohEp-ySH9eV7wXFjH3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/00144f-85f3-4557-b1d6-9e3e9aafbce4/1/NlAquE-wusMvxudyA1NNhlbBl4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/00144f-85f3-4557-b1d6-9e3e9aafbce4/1/F-VoQX9ZohEp-ySH9eV7wXFjH3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.160.0/21
5.255.0.0/19
31.31.176.0/20
46.35.64.0/19
46.161.224.0/19
78.137.64.0/19
80.253.176.0/20
81.91.24.0/21
82.114.160.0/19
89.189.64.0/19
94.26.192.0/19
109.74.32.0/20
109.200.160.0/19
110.238.32.0/19
131.117.160.0/21
134.35.0.0/16
175.110.0.0/18
176.123.16.0/20
178.130.64.0/18
185.11.8.0/22
188.209.224.0/19
188.240.96.0/19
213.246.0.0/19
IPv6:
2a02:2718::/29
Signature Algorithm: sha256WithRSAEncryption
93:22:1f:10:80:10:b5:a4:02:a5:39:9e:89:8c:d9:d3:5f:9b:
6b:b8:1f:c6:57:ff:71:14:b0:8e:26:04:83:39:8c:aa:d7:81:
5e:19:c8:fe:9f:09:ba:88:9b:0c:b6:82:b2:a1:8f:a2:2a:31:
93:12:8d:d4:5e:58:4f:24:20:82:5f:20:cc:37:cf:b6:49:7f:
1f:22:10:e8:ac:dd:e9:17:7b:49:d6:06:36:30:7e:60:80:48:
57:15:38:6f:e7:47:29:da:15:55:f4:48:32:e7:e6:26:4d:3d:
7e:0e:6e:c2:98:0a:ad:1d:cc:77:a9:d4:84:fa:a9:80:e4:8c:
bf:5f:59:a5:6a:57:ce:c7:66:18:4b:03:e1:99:cd:4a:2b:51:
7e:07:ac:a7:a7:1c:1a:fa:30:f0:f6:66:42:ea:ca:31:0a:03:
89:3b:87:fa:c5:28:59:59:40:4c:15:3d:1b:a0:f8:15:ac:d8:
bd:7e:d1:77:ed:f5:d2:68:db:7c:0f:8a:d5:ac:2d:8c:22:33:
63:6d:99:0e:21:cd:f5:36:45:94:f0:43:7e:45:6f:83:d7:87:
8d:dc:51:b0:2e:04:43:ff:cd:eb:22:12:0c:18:1e:d9:57:34:
cc:00:37:12:fd:5b:7a:18:83:ea:b8:c6:ed:8d:ee:ab:b6:08:
87:9f:51:2f
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzIb2Ynf9MMQW16w3oGEU3YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZTU2ODQxN2Y1OWEyMTEyOWZiMjQ4N2Y1ZTU3YmMxNzE2
MzFmN2IwHhcNMjQwMTAyMDQyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjUwMmFiODRmYjBiYWMzMmZjNmU3NzIwMzUzNGQ4NjU2YzE5NzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5NlHaij5FUkBXkAR9RNqE6IBfCA
70lRvMDw7fpEecFg1LWrvEmRjOhrwEZKjuF7SSNgrykI8XKTufNE5r63V5Dl3IPM
b0Y8ufnUzGaAqa43DoBiizqQR0RRltUr/cI6/pb4EFgYPwfgoTLx1u4OrTjkF3Bt
UAWys5hfCTADkUC7uTcL8n6mPJUDqw8WeILf/U0HyYjp9rQdHlrIsJQ0/rWuW0PG
xtnlqf2nktOsK/ghAHkU7HJvBsAtQNKyn1EKMaSwBXufiEAXAk8oAp48YcQNcDvd
DNou6p12Q7kUlUYPE4EHV4VfHJ5Pt7yCu3rt+TiQa54dXWCkiV2sB8K/lQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFDZQKrhPsLrDL8bncgNTTYZWwZeCMB8GA1UdIwQY
MBaAFBflaEF/WaIRKfskh/Xle8FxYx97MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRi1Wb1FYOVpvaEVwLXlTSDllVjd3WEZqSDNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8wMDE0NGYtODVmMy00NTU3LWIxZDYt
OWUzZTlhYWZiY2U0LzEvTmxBcXVFLXd1c012eHVkeUExTk5obGJCbDRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8wMDE0NGYtODVmMy00NTU3LWIxZDYtOWUzZTlhYWZiY2U0
LzEvRi1Wb1FYOVpvaEVwLXlTSDllVjd3WEZqSDNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBkAQCAAEwgYkDBAMF
ZKADBAUF/wADBAQfH7ADBAUuI0ADBAUuoeADBAVOiUADBARQ/bADBANRWxgDBAVS
cqADBAVZvUADBAVeGsADBARtSiADBAVtyKADBAVu7iADBAODdaADAwCGIwMEBq9u
AAMEBLB7EAMEBrKCQAMEArkLCAMEBbzR4AMEBbzwYAMEBdX2ADANBAIAAjAHAwUD
KgInGDANBgkqhkiG9w0BAQsFAAOCAQEAkyIfEIAQtaQCpTmeiYzZ01+ba7gfxlf/
cRSwjiYEgzmMqteBXhnI/p8JuoibDLaCsqGPoioxkxKN1F5YTyQggl8gzDfPtkl/
HyIQ6Kzd6Rd7SdYGNjB+YIBIVxU4b+dHKdoVVfRIMufmJk09fg5uwpgKrR3Md6nU
hPqpgOSMv19ZpWpXzsdmGEsD4ZnNSitRfgesp6ccGvow8PZmQurKMQoDiTuH+sUo
WVlATBU9G6D4FazYvX7Rd+310mjbfA+K1awtjCIzY22ZDiHN9TZFlPBDfkVvg9eH
jdxRsC4EQ//N6yISDBge2Vc0zAA3Ev1behiD6rjG7Y3uq7YIh59RLw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:09:52 2024 by rpki-client on console-ams.rpki-client.org