Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/XYbT6yP37MVQytRjz04BPPzPYOw.roa
File: XYbT6yP37MVQytRjz04BPPzPYOw.roa (raw, json)
Hash identifier: WCX0oeshrNGios6moKGDBW4fxHN+erXZ54ZsoxBsG1c=
Subject key identifier: 5D:86:D3:EB:23:F7:EC:C5:50:CA:D4:63:CF:4E:01:3C:FC:CF:60:EC
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 0194A867DE2309A306CF77A0D62140C2E8B9
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/XYbT6yP37MVQytRjz04BPPzPYOw.roa
Signing time: Mon 27 Jan 2025 15:36:06 +0000
ROA not before: Mon 27 Jan 2025 15:36:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212046
IP address blocks: 82.140.133.0/24 maxlen: 24
82.140.152.0/24 maxlen: 24
82.140.171.0/24 maxlen: 24
82.140.176.0/24 maxlen: 24
82.140.179.0/24 maxlen: 24
82.140.184.0/24 maxlen: 24
82.140.185.0/24 maxlen: 24
84.46.136.0/24 maxlen: 24
84.46.146.0/24 maxlen: 24
84.46.147.0/24 maxlen: 24
84.46.148.0/24 maxlen: 24
84.46.149.0/24 maxlen: 24
84.46.160.0/24 maxlen: 24
84.46.161.0/24 maxlen: 24
84.46.162.0/24 maxlen: 24
84.46.163.0/24 maxlen: 24
84.46.168.0/24 maxlen: 24
84.46.169.0/24 maxlen: 24
84.46.204.0/24 maxlen: 24
84.46.205.0/24 maxlen: 24
84.46.207.0/24 maxlen: 24
86.38.6.0/24 maxlen: 24
86.38.18.0/24 maxlen: 24
86.38.28.0/24 maxlen: 24
86.38.29.0/24 maxlen: 24
86.38.30.0/24 maxlen: 24
86.38.31.0/24 maxlen: 24
86.38.33.0/24 maxlen: 24
86.38.36.0/24 maxlen: 24
86.38.38.0/24 maxlen: 24
86.38.39.0/24 maxlen: 24
86.38.100.0/24 maxlen: 24
86.38.102.0/24 maxlen: 24
86.38.152.0/24 maxlen: 24
86.38.153.0/24 maxlen: 24
86.38.154.0/24 maxlen: 24
86.38.161.0/24 maxlen: 24
86.38.165.0/24 maxlen: 24
86.38.166.0/24 maxlen: 24
86.38.167.0/24 maxlen: 24
86.38.168.0/24 maxlen: 24
86.38.169.0/24 maxlen: 24
86.38.171.0/24 maxlen: 24
86.38.173.0/24 maxlen: 24
86.38.174.0/24 maxlen: 24
86.38.176.0/24 maxlen: 24
86.38.188.0/24 maxlen: 24
86.38.201.0/24 maxlen: 24
86.38.215.0/24 maxlen: 24
86.38.234.0/24 maxlen: 24
86.38.236.0/24 maxlen: 24
89.116.14.0/24 maxlen: 24
89.116.71.0/24 maxlen: 24
89.116.77.0/24 maxlen: 24
89.116.78.0/24 maxlen: 24
89.116.90.0/24 maxlen: 24
89.116.93.0/24 maxlen: 24
89.116.97.0/24 maxlen: 24
89.116.124.0/24 maxlen: 24
89.116.129.0/24 maxlen: 24
89.116.143.0/24 maxlen: 24
89.116.151.0/24 maxlen: 24
89.116.155.0/24 maxlen: 24
89.116.160.0/24 maxlen: 24
89.116.162.0/24 maxlen: 24
89.116.174.0/24 maxlen: 24
89.116.176.0/24 maxlen: 24
89.116.178.0/24 maxlen: 24
89.116.232.0/24 maxlen: 24
89.116.235.0/24 maxlen: 24
89.116.238.0/24 maxlen: 24
89.116.240.0/24 maxlen: 24
89.116.245.0/24 maxlen: 24
89.116.249.0/24 maxlen: 24
89.117.10.0/24 maxlen: 24
89.117.14.0/24 maxlen: 24
89.117.69.0/24 maxlen: 24
89.117.125.0/24 maxlen: 24
89.117.127.0/24 maxlen: 24
89.117.128.0/24 maxlen: 24
89.117.137.0/24 maxlen: 24
89.117.138.0/24 maxlen: 24
89.117.140.0/24 maxlen: 24
89.117.165.0/24 maxlen: 24
89.117.219.0/24 maxlen: 24
89.117.223.0/24 maxlen: 24
89.117.247.0/24 maxlen: 24
89.117.249.0/24 maxlen: 24
217.9.240.0/24 maxlen: 24
217.9.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a8:67:de:23:09:a3:06:cf:77:a0:d6:21:40:c2:e8:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jan 27 15:36:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d86d3eb23f7ecc550cad463cf4e013cfccf60ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:07:d2:16:89:b2:ff:29:83:4e:89:14:ea:32:
e6:9a:0b:7e:0e:fc:ba:e3:6d:c6:06:87:df:52:ca:
31:5a:e6:5e:44:93:5c:3d:88:1f:f6:cc:03:50:4f:
7a:5e:bc:1e:61:cc:b6:bb:6b:3d:a1:de:de:05:47:
8b:36:82:d3:62:d3:6d:01:a2:ce:8d:a1:0d:58:98:
ec:e4:44:d1:7e:f8:b3:47:2a:7a:9f:41:57:16:ea:
5c:56:3e:8f:99:57:1e:c3:68:9e:50:02:ff:d7:dc:
39:c5:50:c0:dd:1d:e8:ee:98:fb:aa:4c:ec:8a:72:
0c:e7:bd:cd:d7:65:01:d1:9f:9f:fa:bb:ef:c8:ae:
91:6e:81:68:f4:bf:1d:8a:1a:1f:0d:4b:71:04:48:
5d:c7:16:d2:88:bd:5d:17:23:47:be:09:b1:63:e9:
ed:ed:76:0a:74:b8:65:1c:26:a0:ac:fe:a0:dc:ad:
ab:44:3e:fd:4a:05:a5:74:11:8a:8e:96:b8:59:25:
8b:d8:0f:2d:d9:23:ac:76:6c:11:45:e6:12:15:35:
80:e5:09:d6:85:78:22:69:00:46:c6:33:18:66:6e:
f8:aa:e6:c5:62:a5:49:7a:d5:c3:f1:07:31:1f:9b:
6e:4b:66:da:16:9c:48:11:70:9d:7f:5e:91:b8:df:
ea:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:86:D3:EB:23:F7:EC:C5:50:CA:D4:63:CF:4E:01:3C:FC:CF:60:EC
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/XYbT6yP37MVQytRjz04BPPzPYOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.133.0/24
82.140.152.0/24
82.140.171.0/24
82.140.176.0/24
82.140.179.0/24
82.140.184.0/23
84.46.136.0/24
84.46.146.0-84.46.149.255
84.46.160.0/22
84.46.168.0/23
84.46.204.0/23
84.46.207.0/24
86.38.6.0/24
86.38.18.0/24
86.38.28.0/22
86.38.33.0/24
86.38.36.0/24
86.38.38.0/23
86.38.100.0/24
86.38.102.0/24
86.38.152.0-86.38.154.255
86.38.161.0/24
86.38.165.0-86.38.169.255
86.38.171.0/24
86.38.173.0-86.38.174.255
86.38.176.0/24
86.38.188.0/24
86.38.201.0/24
86.38.215.0/24
86.38.234.0/24
86.38.236.0/24
89.116.14.0/24
89.116.71.0/24
89.116.77.0-89.116.78.255
89.116.90.0/24
89.116.93.0/24
89.116.97.0/24
89.116.124.0/24
89.116.129.0/24
89.116.143.0/24
89.116.151.0/24
89.116.155.0/24
89.116.160.0/24
89.116.162.0/24
89.116.174.0/24
89.116.176.0/24
89.116.178.0/24
89.116.232.0/24
89.116.235.0/24
89.116.238.0/24
89.116.240.0/24
89.116.245.0/24
89.116.249.0/24
89.117.10.0/24
89.117.14.0/24
89.117.69.0/24
89.117.125.0/24
89.117.127.0-89.117.128.255
89.117.137.0-89.117.138.255
89.117.140.0/24
89.117.165.0/24
89.117.219.0/24
89.117.223.0/24
89.117.247.0/24
89.117.249.0/24
217.9.240.0/24
217.9.243.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:36:bb:c0:b1:6e:63:26:fc:dc:bd:e3:5d:0b:32:66:9a:61:
f9:ad:aa:18:78:04:87:4b:15:97:d9:b4:68:68:38:84:d1:23:
39:e2:60:c8:ba:5c:94:7a:93:37:9b:90:88:9e:15:f1:0d:37:
29:66:3f:b2:34:a2:78:db:11:6d:e7:2b:62:a7:2d:bd:61:be:
2a:42:8a:1d:3d:aa:da:66:07:7f:53:a4:e5:69:2c:35:ce:c9:
09:f4:d3:e3:cb:df:4c:f2:a9:19:6b:1c:f1:98:fd:68:1c:9b:
68:bf:ce:53:c9:b3:bb:cb:0d:ef:97:82:c2:42:bd:15:4a:1b:
0a:a8:e5:b8:5c:17:74:4a:04:3d:6c:d4:91:df:13:55:39:cd:
a9:87:75:2f:c8:39:19:67:7b:d8:00:21:7e:b5:aa:a3:60:a3:
ad:31:dd:cf:f5:fc:4d:36:02:ca:32:ea:46:1c:4c:b4:08:2e:
40:ce:5d:79:ae:ac:51:93:64:97:73:3c:9d:63:7d:0f:cf:7b:
a0:ec:c6:31:fe:c5:c8:26:34:47:c6:a6:9c:10:00:a8:9f:f7:
4b:2b:88:8d:92:bb:6d:87:ef:e4:04:3a:89:c1:eb:3e:45:64:
76:66:65:fa:75:57:6b:ec:e0:cf:a8:d0:a4:3e:00:9a:4e:ec:
3f:ea:74:5d
-----BEGIN CERTIFICATE-----
MIIGyzCCBbOgAwIBAgISAZSoZ94jCaMGz3eg1iFAwui5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjUwMTI3MTUzNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDg2ZDNlYjIzZjdlY2M1NTBjYWQ0NjNjZjRlMDEzY2ZjY2Y2MGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgfSFomy/ymDTokU6jLmmgt+Dvy6
423GBoffUsoxWuZeRJNcPYgf9swDUE96XrweYcy2u2s9od7eBUeLNoLTYtNtAaLO
jaENWJjs5ETRfvizRyp6n0FXFupcVj6PmVcew2ieUAL/19w5xVDA3R3o7pj7qkzs
inIM573N12UB0Z+f+rvvyK6RboFo9L8dihofDUtxBEhdxxbSiL1dFyNHvgmxY+nt
7XYKdLhlHCagrP6g3K2rRD79SgWldBGKjpa4WSWL2A8t2SOsdmwRReYSFTWA5QnW
hXgiaQBGxjMYZm74qubFYqVJetXD8QcxH5tuS2baFpxIEXCdf16RuN/qywIDAQAB
o4ID1zCCA9MwHQYDVR0OBBYEFF2G0+sj9+zFUMrUY89OATz8z2DsMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvWFliVDZ5UDM3TVZReXRSanowNEJQUHpQWU93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB6wYIKwYBBQUHAQcBAf8EggHaMIIB1jCCAdIEAgABMIIB
ygMEAFKMhQMEAFKMmAMEAFKMqwMEAFKMsAMEAFKMswMEAVKMuAMEAFQuiDAMAwQB
VC6SAwQBVC6UAwQCVC6gAwQBVC6oAwQBVC7MAwQAVC7PAwQAViYGAwQAViYSAwQC
ViYcAwQAViYhAwQAViYkAwQBViYmAwQAViZkAwQAViZmMAwDBANWJpgDBABWJpoD
BABWJqEwDAMEAFYmpQMEAVYmqAMEAFYmqzAMAwQAViatAwQAViauAwQAViawAwQA
Via8AwQAVibJAwQAVibXAwQAVibqAwQAVibsAwQAWXQOAwQAWXRHMAwDBABZdE0D
BABZdE4DBABZdFoDBABZdF0DBABZdGEDBABZdHwDBABZdIEDBABZdI8DBABZdJcD
BABZdJsDBABZdKADBABZdKIDBABZdK4DBABZdLADBABZdLIDBABZdOgDBABZdOsD
BABZdO4DBABZdPADBABZdPUDBABZdPkDBABZdQoDBABZdQ4DBABZdUUDBABZdX0w
DAMEAFl1fwMEAFl1gDAMAwQAWXWJAwQAWXWKAwQAWXWMAwQAWXWlAwQAWXXbAwQA
WXXfAwQAWXX3AwQAWXX5AwQA2QnwAwQA2QnzMA0GCSqGSIb3DQEBCwUAA4IBAQB6
NrvAsW5jJvzcveNdCzJmmmH5raoYeASHSxWX2bRoaDiE0SM54mDIulyUepM3m5CI
nhXxDTcpZj+yNKJ42xFt5ytipy29Yb4qQoodParaZgd/U6TlaSw1zskJ9NPjy99M
8qkZaxzxmP1oHJtov85TybO7yw3vl4LCQr0VShsKqOW4XBd0SgQ9bNSR3xNVOc2p
h3UvyDkZZ3vYACF+taqjYKOtMd3P9fxNNgLKMupGHEy0CC5Azl15rqxRk2SXczyd
Y30Pz3ug7MYx/sXIJjRHxqacEACon/dLK4iNkrtth+/kBDqJwes+RWR2ZmX6dVdr
7ODPqNCkPgCaTuw/6nRd
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:15 2025 by rpki-client