Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/eICuzaT4cK9JTOBFw588Sv1n89w.roa
File: eICuzaT4cK9JTOBFw588Sv1n89w.roa (raw, json)
Hash identifier: Q2e/KY8i6jizrxlwZ1k5Qj2//ey4AVf9uw25cuDoGD4=
Subject key identifier: 78:80:AE:CD:A4:F8:70:AF:49:4C:E0:45:C3:9F:3C:4A:FD:67:F3:DC
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 0195ADF4B3A2ADCEB7FB12042AEDB00153E7
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/eICuzaT4cK9JTOBFw588Sv1n89w.roa
Signing time: Wed 19 Mar 2025 10:30:49 +0000
ROA not before: Wed 19 Mar 2025 10:30:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15557
IP address blocks: 37.64.0.0/13 maxlen: 24
46.35.0.0/19 maxlen: 24
62.8.0.0/19 maxlen: 19
62.39.0.0/16 maxlen: 24
62.62.128.0/17 maxlen: 24
62.106.128.0/17 maxlen: 24
62.129.160.0/19 maxlen: 24
62.241.64.0/18 maxlen: 24
77.128.0.0/13 maxlen: 24
77.134.204.0/24 maxlen: 24
77.136.0.0/16 maxlen: 24
77.136.172.0/24 maxlen: 24
77.136.173.0/24 maxlen: 24
77.136.174.0/24 maxlen: 24
77.137.196.0/22 maxlen: 24
77.137.200.0/21 maxlen: 24
77.137.208.0/20 maxlen: 24
77.140.0.0/14 maxlen: 24
77.140.0.0/15 maxlen: 24
77.142.0.0/16 maxlen: 24
77.144.0.0/12 maxlen: 24
77.192.0.0/12 maxlen: 24
78.112.0.0/12 maxlen: 24
78.155.128.0/19 maxlen: 24
79.80.0.0/12 maxlen: 24
79.174.192.0/18 maxlen: 24
79.174.232.0/21 maxlen: 21
80.70.32.0/20 maxlen: 24
80.118.0.0/15 maxlen: 24
80.118.4.0/24 maxlen: 24
80.124.0.0/15 maxlen: 24
80.124.0.0/16 maxlen: 24
80.125.0.0/16 maxlen: 24
80.236.0.0/17 maxlen: 24
81.1.0.0/18 maxlen: 24
81.64.0.0/14 maxlen: 24
81.65.0.0/16 maxlen: 16
81.185.0.0/16 maxlen: 24
81.185.160.0/20 maxlen: 20
81.185.160.0/21 maxlen: 21
81.185.168.0/21 maxlen: 21
81.220.0.0/16 maxlen: 24
82.216.0.0/16 maxlen: 24
83.141.128.0/17 maxlen: 24
84.4.0.0/14 maxlen: 24
84.55.128.0/18 maxlen: 24
84.96.0.0/13 maxlen: 24
84.205.128.0/19 maxlen: 24
84.205.144.0/20 maxlen: 20
85.68.0.0/15 maxlen: 24
85.168.0.0/14 maxlen: 24
86.64.0.0/12 maxlen: 24
86.66.127.0/24 maxlen: 24
87.231.0.0/16 maxlen: 24
88.136.0.0/13 maxlen: 24
88.136.0.0/14 maxlen: 24
88.140.0.0/15 maxlen: 24
88.140.0.0/16 maxlen: 24
88.141.0.0/16 maxlen: 24
88.142.0.0/16 maxlen: 24
88.143.251.0/24 maxlen: 24
88.143.252.0/24 maxlen: 24
88.143.253.0/24 maxlen: 24
88.143.254.0/24 maxlen: 24
88.143.255.0/24 maxlen: 24
88.219.0.0/16 maxlen: 16
89.2.0.0/15 maxlen: 24
89.156.0.0/14 maxlen: 24
91.68.0.0/14 maxlen: 24
91.68.0.0/22 maxlen: 22
91.151.112.0/20 maxlen: 24
92.88.0.0/13 maxlen: 24
93.0.0.0/11 maxlen: 24
95.157.192.0/18 maxlen: 18
109.0.0.0/11 maxlen: 24
141.170.216.0/21 maxlen: 24
185.147.204.0/22 maxlen: 24
194.6.128.0/19 maxlen: 19
194.183.192.0/19 maxlen: 19
194.242.176.0/20 maxlen: 20
195.3.0.0/18 maxlen: 24
195.7.96.0/19 maxlen: 24
195.98.96.0/19 maxlen: 24
195.115.0.0/16 maxlen: 24
195.132.0.0/16 maxlen: 24
195.146.192.0/19 maxlen: 24
212.30.96.0/19 maxlen: 24
212.39.128.0/19 maxlen: 24
212.94.160.0/19 maxlen: 24
212.198.0.0/16 maxlen: 24
213.128.32.0/19 maxlen: 24
213.144.192.0/19 maxlen: 24
213.169.160.0/19 maxlen: 24
213.203.64.0/18 maxlen: 24
213.223.0.0/16 maxlen: 24
213.245.0.0/16 maxlen: 24
217.19.192.0/20 maxlen: 24
217.70.80.0/20 maxlen: 24
217.112.224.0/20 maxlen: 24
2a00:6200::/29 maxlen: 48
2a00:7180::/32 maxlen: 32
2a00:8380::/32 maxlen: 32
2a00:8d80::/32 maxlen: 32
2a00:9380::/32 maxlen: 32
2a00:b280::/32 maxlen: 32
2a00:c780::/32 maxlen: 32
2a00:cc80::/32 maxlen: 32
2a00:d780::/32 maxlen: 32
2a00:e080::/32 maxlen: 32
2a00:ec80::/32 maxlen: 32
2a02:8400::/25 maxlen: 48
2a02:8400::/48 maxlen: 48
2a02:8400:11::/48 maxlen: 48
2a02:8400:12::/48 maxlen: 48
2a02:8400:13::/48 maxlen: 48
2a02:8400:14::/48 maxlen: 48
2a02:8440:5000::/36 maxlen: 36
2a04:800::/30 maxlen: 30
2a04:807::/48 maxlen: 48
2a04:807:1::/48 maxlen: 48
2a04:807:2::/48 maxlen: 48
2a04:807:3::/48 maxlen: 48
2a04:807:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.mft
rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 04:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ad:f4:b3:a2:ad:ce:b7:fb:12:04:2a:ed:b0:01:53:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Mar 19 10:30:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7880aecda4f870af494ce045c39f3c4afd67f3dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:68:10:e1:80:6a:df:f6:8f:31:db:22:76:d5:
89:e8:3d:fe:31:7e:8a:e0:93:33:16:c7:e7:13:7b:
e3:0a:22:b8:d5:0c:bb:ce:f5:41:62:17:2f:6d:65:
16:92:a0:eb:06:51:9f:4e:45:66:42:2f:8e:09:60:
56:3a:b2:e6:4b:b7:da:ae:1d:2e:8f:b8:10:c3:6b:
e9:22:1c:ff:1a:63:a3:0f:d6:fb:11:86:2f:62:06:
63:64:e8:c1:30:07:43:ec:4d:9d:2b:c6:fb:a2:7a:
66:dc:53:58:5a:b3:ff:26:e1:58:b7:13:69:a3:61:
51:63:f2:ca:96:f8:25:e0:0d:42:ae:73:24:5a:a5:
7d:6d:62:9c:98:f5:36:f4:eb:e6:e8:1a:dd:1c:80:
43:e6:c4:18:ad:b1:ed:88:2c:4c:b2:9b:e6:9e:18:
27:0d:ac:bb:1d:db:89:55:f7:8f:07:fa:93:ac:1f:
d8:7d:7b:f4:c9:28:70:c0:d1:dc:a7:30:b4:d5:db:
2e:b2:e0:4b:9f:07:75:94:a1:d0:52:66:ac:05:b5:
51:11:94:9a:41:a0:e7:0f:e5:32:f1:87:b2:a9:6e:
5d:3d:71:cf:b8:05:7b:27:96:b4:71:7e:39:89:d3:
ac:d5:69:82:67:2f:f0:a2:c0:03:7c:d6:ac:97:bd:
5c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:80:AE:CD:A4:F8:70:AF:49:4C:E0:45:C3:9F:3C:4A:FD:67:F3:DC
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/eICuzaT4cK9JTOBFw588Sv1n89w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.64.0.0/13
46.35.0.0/19
62.8.0.0/19
62.39.0.0/16
62.62.128.0/17
62.106.128.0/17
62.129.160.0/19
62.241.64.0/18
77.128.0.0-77.136.255.255
77.137.196.0-77.137.223.255
77.140.0.0-77.159.255.255
77.192.0.0/12
78.112.0.0/12
78.155.128.0/19
79.80.0.0/12
79.174.192.0/18
80.70.32.0/20
80.118.0.0/15
80.124.0.0/15
80.236.0.0/17
81.1.0.0/18
81.64.0.0/14
81.185.0.0/16
81.220.0.0/16
82.216.0.0/16
83.141.128.0/17
84.4.0.0/14
84.55.128.0/18
84.96.0.0/13
84.205.128.0/19
85.68.0.0/15
85.168.0.0/14
86.64.0.0/12
87.231.0.0/16
88.136.0.0/13
88.219.0.0/16
89.2.0.0/15
89.156.0.0/14
91.68.0.0/14
91.151.112.0/20
92.88.0.0/13
93.0.0.0/11
95.157.192.0/18
109.0.0.0/11
141.170.216.0/21
185.147.204.0/22
194.6.128.0/19
194.183.192.0/19
194.242.176.0/20
195.3.0.0/18
195.7.96.0/19
195.98.96.0/19
195.115.0.0/16
195.132.0.0/16
195.146.192.0/19
212.30.96.0/19
212.39.128.0/19
212.94.160.0/19
212.198.0.0/16
213.128.32.0/19
213.144.192.0/19
213.169.160.0/19
213.203.64.0/18
213.223.0.0/16
213.245.0.0/16
217.19.192.0/20
217.70.80.0/20
217.112.224.0/20
IPv6:
2a00:6200::/29
2a00:7180::/32
2a00:8380::/32
2a00:8d80::/32
2a00:9380::/32
2a00:b280::/32
2a00:c780::/32
2a00:cc80::/32
2a00:d780::/32
2a00:e080::/32
2a00:ec80::/32
2a02:8400::/25
2a04:800::/30
2a04:807::-2a04:807:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1d:08:fa:5b:3f:8d:fe:d6:2b:a0:ec:fe:2d:a6:9e:2b:00:40:
2f:84:ab:b5:65:f5:5a:f2:24:e1:f2:1b:29:14:76:a5:99:d4:
d9:53:ed:30:e2:71:7b:dd:ab:22:6f:7e:70:c2:e5:73:06:ab:
60:10:4c:14:20:60:b0:f0:6f:55:37:16:a6:d3:f3:58:9f:91:
b6:6a:da:a7:74:a5:51:34:1e:80:97:e6:9a:4d:3f:d8:35:12:
39:2d:03:43:3f:24:e8:70:94:2d:f4:55:19:3b:44:7f:3b:41:
c5:3b:f6:d6:0f:b5:dd:67:9e:3e:6d:56:a0:ce:8b:02:21:61:
03:dd:93:73:a4:13:40:5c:ef:44:35:90:08:43:54:10:2c:a3:
f2:5d:e4:9f:d1:f6:ea:4a:2f:a3:56:91:4d:d0:bf:39:67:16:
dd:8b:ed:bd:3d:81:bd:30:b4:ef:33:69:d0:79:08:98:31:13:
c3:43:13:b7:62:07:f0:c2:8d:7e:a9:06:d7:8e:4d:77:1b:19:
36:28:0d:89:53:49:2d:1a:b5:2a:67:22:8a:02:fc:9e:01:96:
47:60:fd:94:93:45:26:8f:92:dd:70:15:ff:c2:46:5a:5f:ae:
19:71:97:39:fc:39:a5:5d:e9:a6:f7:9a:ff:0e:73:4f:11:28:
6e:6d:da:64
-----BEGIN CERTIFICATE-----
MIIHBDCCBeygAwIBAgISAZWt9LOirc63+xIEKu2wAVPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjUwMzE5MTAzMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODgwYWVjZGE0Zjg3MGFmNDk0Y2UwNDVjMzlmM2M0YWZkNjdmM2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2gQ4YBq3/aPMdsidtWJ6D3+MX6K
4JMzFsfnE3vjCiK41Qy7zvVBYhcvbWUWkqDrBlGfTkVmQi+OCWBWOrLmS7farh0u
j7gQw2vpIhz/GmOjD9b7EYYvYgZjZOjBMAdD7E2dK8b7onpm3FNYWrP/JuFYtxNp
o2FRY/LKlvgl4A1CrnMkWqV9bWKcmPU29Ovm6BrdHIBD5sQYrbHtiCxMspvmnhgn
Day7HduJVfePB/qTrB/YfXv0yShwwNHcpzC01dsusuBLnwd1lKHQUmasBbVREZSa
QaDnD+Uy8YeyqW5dPXHPuAV7J5a0cX45idOs1WmCZy/wosADfNasl71cKQIDAQAB
o4IEEDCCBAwwHQYDVR0OBBYEFHiArs2k+HCvSUzgRcOfPEr9Z/PcMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvZUlDdXphVDRjSzlKVE9CRnc1ODhTdjFuODl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICJAYIKwYBBQUHAQcBAf8EggITMIICDzCCAZYEAgABMIIB
jgMDAyVAAwQFLiMAAwQFPggAAwMAPicDBAc+PoADBAc+aoADBAU+gaADBAY+8UAw
CgMDB02AAwMATYgwDAMEAk2JxAMEBU2JwDAKAwMCTYwDAwVNgAMDBE3AAwMETnAD
BAVOm4ADAwRPUAMEBk+uwAMEBFBGIAMDAVB2AwMBUHwDBAdQ7AADBAZRAQADAwJR
QAMDAFG5AwMAUdwDAwBS2AMEB1ONgAMDAlQEAwQGVDeAAwMDVGADBAVUzYADAwFV
RAMDAlWoAwMEVkADAwBX5wMDA1iIAwMAWNsDAwFZAgMDAlmcAwMCW0QDBARbl3AD
AwNcWAMDBV0AAwQGX53AAwMFbQADBAONqtgDBAK5k8wDBAXCBoADBAXCt8ADBATC
8rADBAbDAwADBAXDB2ADBAXDYmADAwDDcwMDAMOEAwQFw5LAAwQF1B5gAwQF1CeA
AwQF1F6gAwMA1MYDBAXVgCADBAXVkMADBAXVqaADBAbVy0ADAwDV3wMDANX1AwQE
2RPAAwQE2UZQAwQE2XDgMHMEAgACMG0DBQMqAGIAAwUAKgBxgAMFACoAg4ADBQAq
AI2AAwUAKgCTgAMFACoAsoADBQAqAMeAAwUAKgDMgAMFACoA14ADBQAqAOCAAwUA
KgDsgAMFByoChAADBQIqBAgAMBADBQAqBAgHAwcAKgQIBwAEMA0GCSqGSIb3DQEB
CwUAA4IBAQAdCPpbP43+1iug7P4tpp4rAEAvhKu1ZfVa8iTh8hspFHalmdTZU+0w
4nF73asib35wwuVzBqtgEEwUIGCw8G9VNxam0/NYn5G2atqndKVRNB6Al+aaTT/Y
NRI5LQNDPyTocJQt9FUZO0R/O0HFO/bWD7XdZ54+bVagzosCIWED3ZNzpBNAXO9E
NZAIQ1QQLKPyXeSf0fbqSi+jVpFN0L85Zxbdi+29PYG9MLTvM2nQeQiYMRPDQxO3
Ygfwwo1+qQbXjk13Gxk2KA2JU0ktGrUqZyKKAvyeAZZHYP2Uk0Umj5LdcBX/wkZa
X64ZcZc5/DmlXemm95r/DnNPEShubdpk
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:10:30 2025 by rpki-client