Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/6cb145-fe6a-45b7-885f-61d1f7fb1044/1/KpVZs7oEgRwa-e5i6Kr5cYXenfI.roa
File: KpVZs7oEgRwa-e5i6Kr5cYXenfI.roa (raw, json)
Hash identifier: I89CWfAmf1BXQVaI06YyujlV2WlhUJKBj+mHMkkXkvQ=
Subject key identifier: 2A:95:59:B3:BA:04:81:1C:1A:F9:EE:62:E8:AA:F9:71:85:DE:9D:F2
Certificate issuer: /CN=019969ac75abcd5968f189e0d45dbbdab2982bda
Certificate serial: 018CC5DBE70782C2C329D6B660EBA37982C9
Authority key identifier: 01:99:69:AC:75:AB:CD:59:68:F1:89:E0:D4:5D:BB:DA:B2:98:2B:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AZlprHWrzVlo8Yng1F272rKYK9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/6cb145-fe6a-45b7-885f-61d1f7fb1044/1/KpVZs7oEgRwa-e5i6Kr5cYXenfI.roa
Signing time: Mon 01 Jan 2024 16:29:32 +0000
ROA not before: Mon 01 Jan 2024 16:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33915
IP address blocks: 94.208.0.0/13 maxlen: 13
83.80.0.0/13 maxlen: 13
213.73.128.0/17 maxlen: 17
213.73.128.0/18 maxlen: 18
80.114.0.0/18 maxlen: 18
80.114.0.0/17 maxlen: 17
212.127.128.0/18 maxlen: 18
212.127.128.0/17 maxlen: 17
83.80.0.0/14 maxlen: 14
94.208.0.0/14 maxlen: 14
85.147.128.0/17 maxlen: 17
217.101.0.0/17 maxlen: 17
82.74.0.0/15 maxlen: 15
217.101.0.0/16 maxlen: 16
213.73.192.0/18 maxlen: 18
80.114.64.0/18 maxlen: 18
212.127.192.0/18 maxlen: 18
89.220.192.0/18 maxlen: 18
212.120.64.0/19 maxlen: 19
212.120.64.0/18 maxlen: 18
212.120.96.0/19 maxlen: 19
217.120.0.0/15 maxlen: 15
85.147.0.0/17 maxlen: 17
85.147.0.0/16 maxlen: 16
217.120.0.0/14 maxlen: 14
217.105.128.0/19 maxlen: 19
217.105.128.0/18 maxlen: 18
80.112.64.0/18 maxlen: 18
217.105.160.0/19 maxlen: 19
217.105.64.0/18 maxlen: 18
80.112.0.0/18 maxlen: 18
80.112.0.0/17 maxlen: 17
62.145.192.0/19 maxlen: 19
62.145.192.0/18 maxlen: 18
217.105.96.0/19 maxlen: 19
62.145.224.0/19 maxlen: 19
89.220.128.0/18 maxlen: 18
89.220.128.0/17 maxlen: 17
84.106.0.0/15 maxlen: 15
82.72.0.0/15 maxlen: 15
82.72.0.0/14 maxlen: 14
82.151.160.0/20 maxlen: 20
82.151.160.0/19 maxlen: 19
82.151.176.0/20 maxlen: 20
84.24.0.0/13 maxlen: 13
217.105.64.0/19 maxlen: 19
213.51.0.0/16 maxlen: 16
84.24.0.0/14 maxlen: 14
212.204.160.0/19 maxlen: 19
217.104.64.0/18 maxlen: 18
217.63.224.0/19 maxlen: 19
94.212.0.0/14 maxlen: 14
83.84.0.0/14 maxlen: 14
217.104.0.0/18 maxlen: 18
217.104.0.0/17 maxlen: 17
84.104.0.0/15 maxlen: 15
84.104.0.0/14 maxlen: 14
217.63.192.0/19 maxlen: 19
217.63.192.0/18 maxlen: 18
82.217.128.0/17 maxlen: 17
217.102.192.0/20 maxlen: 20
217.102.192.0/19 maxlen: 19
217.102.208.0/20 maxlen: 20
217.62.128.0/17 maxlen: 17
217.63.0.0/19 maxlen: 19
217.63.0.0/18 maxlen: 18
212.204.128.0/19 maxlen: 19
212.204.128.0/18 maxlen: 18
217.63.32.0/19 maxlen: 19
80.115.160.0/19 maxlen: 19
84.28.0.0/14 maxlen: 14
80.115.128.0/18 maxlen: 18
80.115.128.0/19 maxlen: 19
217.102.160.0/19 maxlen: 19
217.62.0.0/17 maxlen: 17
217.62.0.0/16 maxlen: 16
82.217.0.0/17 maxlen: 17
82.217.0.0/16 maxlen: 16
217.102.128.0/18 maxlen: 18
217.102.128.0/19 maxlen: 19
80.114.192.0/19 maxlen: 19
80.114.192.0/18 maxlen: 18
212.54.32.0/19 maxlen: 19
212.54.32.0/20 maxlen: 20
212.54.48.0/20 maxlen: 20
80.114.224.0/19 maxlen: 19
213.34.96.0/20 maxlen: 20
213.34.96.0/19 maxlen: 19
82.101.192.0/19 maxlen: 19
82.101.192.0/18 maxlen: 18
80.115.64.0/18 maxlen: 18
213.34.112.0/20 maxlen: 20
217.122.0.0/15 maxlen: 15
82.101.224.0/19 maxlen: 19
217.101.128.0/17 maxlen: 17
80.115.0.0/18 maxlen: 18
80.115.0.0/17 maxlen: 17
2001:1c00::/23 maxlen: 23
2001:1c00::/24 maxlen: 24
2001:b88::/33 maxlen: 33
2001:1d00::/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/6cb145-fe6a-45b7-885f-61d1f7fb1044/1/AZlprHWrzVlo8Yng1F272rKYK9o.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/6cb145-fe6a-45b7-885f-61d1f7fb1044/1/AZlprHWrzVlo8Yng1F272rKYK9o.mft
rsync://rpki.ripe.net/repository/DEFAULT/AZlprHWrzVlo8Yng1F272rKYK9o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e7:07:82:c2:c3:29:d6:b6:60:eb:a3:79:82:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=019969ac75abcd5968f189e0d45dbbdab2982bda
Validity
Not Before: Jan 1 16:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a9559b3ba04811c1af9ee62e8aaf97185de9df2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7e:f4:68:10:78:fc:4f:ec:44:24:cb:e1:0d:
78:fd:be:72:6b:50:6e:9e:3d:12:01:80:c0:8d:57:
54:8f:87:61:03:83:27:c5:33:f0:da:64:76:ab:ed:
27:0b:f8:1e:cc:fc:7d:d6:80:cd:b0:cb:71:98:80:
a0:fd:60:9c:51:83:35:dd:a6:6e:f0:c0:7a:85:62:
97:87:af:fb:90:44:23:77:d9:f8:b5:df:24:3f:3d:
89:59:ba:31:25:b7:ff:91:c0:64:13:1c:a5:91:b9:
ea:44:e3:97:14:7b:23:30:f3:11:80:f0:bb:aa:69:
75:38:d6:40:e9:7b:a0:d5:7f:64:fb:41:ba:b5:51:
a1:b6:10:d7:bd:f6:35:86:58:89:e5:03:59:e4:a8:
3f:6b:34:10:c4:13:5c:21:89:da:51:9b:3d:d7:7d:
de:74:c2:00:54:79:44:1e:53:15:97:43:da:ef:d4:
cd:10:25:22:3f:03:2e:89:66:4f:6b:f2:15:ba:27:
dd:cf:f0:ee:64:ff:cd:b7:a6:d1:b5:b0:53:c4:34:
43:77:c4:05:a3:29:7e:01:2a:32:9b:ca:91:a7:c9:
d7:10:56:f5:c1:ec:2e:5c:24:8c:23:72:d5:48:59:
fb:e4:7d:41:38:26:6c:d5:85:43:5f:97:92:b0:8c:
9d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:95:59:B3:BA:04:81:1C:1A:F9:EE:62:E8:AA:F9:71:85:DE:9D:F2
X509v3 Authority Key Identifier:
keyid:01:99:69:AC:75:AB:CD:59:68:F1:89:E0:D4:5D:BB:DA:B2:98:2B:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZlprHWrzVlo8Yng1F272rKYK9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/6cb145-fe6a-45b7-885f-61d1f7fb1044/1/KpVZs7oEgRwa-e5i6Kr5cYXenfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/6cb145-fe6a-45b7-885f-61d1f7fb1044/1/AZlprHWrzVlo8Yng1F272rKYK9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.145.192.0/18
80.112.0.0/17
80.114.0.0/17
80.114.192.0-80.115.191.255
82.72.0.0/14
82.101.192.0/18
82.151.160.0/19
82.217.0.0/16
83.80.0.0/13
84.24.0.0/13
84.104.0.0/14
85.147.0.0/16
89.220.128.0/17
94.208.0.0/13
212.54.32.0/19
212.120.64.0/18
212.127.128.0/17
212.204.128.0/18
213.34.96.0/19
213.51.0.0/16
213.73.128.0/17
217.62.0.0-217.63.63.255
217.63.192.0/18
217.101.0.0/16
217.102.128.0-217.102.223.255
217.104.0.0/17
217.105.64.0-217.105.191.255
217.120.0.0/14
IPv6:
2001:b88::/33
2001:1c00::/23
Signature Algorithm: sha256WithRSAEncryption
69:ea:8b:53:ff:da:ec:f7:d8:10:ba:d5:cc:e1:16:c5:58:cb:
6f:14:b0:2a:c5:59:ee:9d:b8:fd:81:c1:ef:f3:64:8d:38:a9:
da:4a:a3:22:be:f8:33:6f:a5:aa:ac:0d:f6:f5:bb:b5:1e:4c:
2a:e0:db:0b:dc:5f:7b:3d:22:e6:ee:df:18:3c:02:ef:ed:96:
be:96:be:54:d4:34:b6:e9:73:19:65:16:ce:7b:48:31:17:36:
24:29:fc:30:db:ef:66:e8:d0:36:3d:02:e9:3a:cc:58:90:64:
c3:35:0f:09:ae:f2:63:a6:c7:06:0b:29:b3:ca:1a:03:24:3a:
5f:fc:03:bb:49:04:56:20:8c:7a:70:4d:74:45:e0:cd:9b:3e:
9e:3f:49:00:ac:d0:57:7b:93:13:90:17:aa:29:45:8d:76:be:
f3:e3:93:ad:fb:4e:27:20:5c:f7:9c:2e:5e:55:b5:0a:f9:ce:
f1:85:20:ee:8e:03:d9:81:7a:fd:e2:e9:2c:eb:0e:f0:81:d6:
1d:d2:44:77:38:36:93:1a:c8:03:eb:79:ce:eb:9f:fd:49:25:
42:05:72:a5:77:bb:71:e5:0a:1a:bf:09:79:d4:f0:3a:89:00:
35:33:66:9e:a1:25:48:d6:a7:3c:32:75:aa:b2:b1:3a:bc:cc:
e8:7e:c9:67
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgISAYzF2+cHgsLDKda2YOujeYLJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOTk2OWFjNzVhYmNkNTk2OGYxODllMGQ0NWRiYmRhYjI5
ODJiZGEwHhcNMjQwMTAxMTYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTk1NTliM2JhMDQ4MTFjMWFmOWVlNjJlOGFhZjk3MTg1ZGU5ZGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoH70aBB4/E/sRCTL4Q14/b5ya1Bu
nj0SAYDAjVdUj4dhA4MnxTPw2mR2q+0nC/gezPx91oDNsMtxmICg/WCcUYM13aZu
8MB6hWKXh6/7kEQjd9n4td8kPz2JWboxJbf/kcBkExylkbnqROOXFHsjMPMRgPC7
qml1ONZA6Xug1X9k+0G6tVGhthDXvfY1hliJ5QNZ5Kg/azQQxBNcIYnaUZs9133e
dMIAVHlEHlMVl0Pa79TNECUiPwMuiWZPa/IVuifdz/DuZP/Nt6bRtbBTxDRDd8QF
oyl+ASoym8qRp8nXEFb1wewuXCSMI3LVSFn75H1BOCZs1YVDX5eSsIydIQIDAQAB
o4IC2zCCAtcwHQYDVR0OBBYEFCqVWbO6BIEcGvnuYuiq+XGF3p3yMB8GA1UdIwQY
MBaAFAGZaax1q81ZaPGJ4NRdu9qymCvaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVpscHJIV3J6VmxvOFluZzFGMjcycktZSzlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi82Y2IxNDUtZmU2YS00NWI3LTg4NWYt
NjFkMWY3ZmIxMDQ0LzEvS3BWWnM3b0VnUndhLWU1aTZLcjVjWVhlbmZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi82Y2IxNDUtZmU2YS00NWI3LTg4NWYtNjFkMWY3ZmIxMDQ0
LzEvQVpscHJIV3J6VmxvOFluZzFGMjcycktZSzlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHwBggrBgEFBQcBBwEB/wSB4DCB3TCBxAQCAAEwgb0DBAY+
kcADBAdQcAADBAdQcgAwDAMEBlBywAMEBlBzgAMDAlJIAwQGUmXAAwQFUpegAwMA
UtkDAwNTUAMDA1QYAwMCVGgDAwBVkwMEB1ncgAMDA17QAwQF1DYgAwQG1HhAAwQH
1H+AAwQG1MyAAwQF1SJgAwMA1TMDBAfVSYAwCwMDAdk+AwQG2T8AAwQG2T/AAwMA
2WUwDAMEB9lmgAMEBdlmwAMEB9loADAMAwQG2WlAAwQG2WmAAwMC2XgwFAQCAAIw
DgMGByABC4gAAwQBIAEcMA0GCSqGSIb3DQEBCwUAA4IBAQBp6otT/9rs99gQutXM
4RbFWMtvFLAqxVnunbj9gcHv82SNOKnaSqMivvgzb6WqrA329bu1Hkwq4NsL3F97
PSLm7t8YPALv7Za+lr5U1DS26XMZZRbOe0gxFzYkKfww2+9m6NA2PQLpOsxYkGTD
NQ8JrvJjpscGCymzyhoDJDpf/AO7SQRWIIx6cE10ReDNmz6eP0kArNBXe5MTkBeq
KUWNdr7z45Ot+04nIFz3nC5eVbUK+c7xhSDujgPZgXr94uks6w7wgdYd0kR3ODaT
GsgD63nO65/9SSVCBXKld7tx5Qoavwl51PA6iQA1M2aeoSVI1qc8MnWqsrE6vMzo
fsln
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:07:45 2024 by rpki-client on console-ams.rpki-client.org