Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/fnKt6utoYVosEbmbHowKK9HvV7o.roa
File: fnKt6utoYVosEbmbHowKK9HvV7o.roa (raw, json)
Hash identifier: 6S/CgN88G2FM75SAwSZ736IwwJzHmPL6fFUdYmu6gj8=
Subject key identifier: 7E:72:AD:EA:EB:68:61:5A:2C:11:B9:9B:1E:8C:0A:2B:D1:EF:57:BA
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 018E84612E7D8F68E5B76B1485EBE21C6242
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/fnKt6utoYVosEbmbHowKK9HvV7o.roa
Signing time: Thu 28 Mar 2024 09:25:45 +0000
ROA not before: Thu 28 Mar 2024 09:25:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15557
IP address blocks: 37.64.0.0/13 maxlen: 24
46.35.0.0/19 maxlen: 24
62.8.0.0/19 maxlen: 19
62.39.0.0/16 maxlen: 24
62.62.128.0/17 maxlen: 24
62.106.128.0/17 maxlen: 24
62.129.160.0/19 maxlen: 24
62.241.64.0/18 maxlen: 24
77.128.0.0/13 maxlen: 24
77.134.204.0/24 maxlen: 24
77.136.0.0/16 maxlen: 24
77.136.172.0/24 maxlen: 24
77.136.173.0/24 maxlen: 24
77.136.174.0/24 maxlen: 24
77.137.196.0/22 maxlen: 24
77.137.200.0/21 maxlen: 24
77.137.208.0/20 maxlen: 24
77.140.0.0/14 maxlen: 24
77.144.0.0/12 maxlen: 24
77.192.0.0/12 maxlen: 24
78.112.0.0/12 maxlen: 24
78.155.128.0/19 maxlen: 24
79.80.0.0/12 maxlen: 24
79.174.192.0/18 maxlen: 24
79.174.232.0/21 maxlen: 21
80.70.32.0/20 maxlen: 24
80.118.0.0/15 maxlen: 24
80.118.4.0/24 maxlen: 24
80.124.0.0/15 maxlen: 24
80.124.0.0/16 maxlen: 24
80.125.0.0/16 maxlen: 24
80.236.0.0/17 maxlen: 24
81.1.0.0/18 maxlen: 24
81.64.0.0/14 maxlen: 24
81.65.0.0/16 maxlen: 16
81.185.0.0/16 maxlen: 24
81.185.160.0/20 maxlen: 20
81.185.160.0/21 maxlen: 21
81.185.168.0/21 maxlen: 21
81.220.0.0/16 maxlen: 24
82.216.0.0/16 maxlen: 24
83.141.128.0/17 maxlen: 24
84.4.0.0/14 maxlen: 24
84.55.128.0/18 maxlen: 24
84.96.0.0/13 maxlen: 24
84.205.128.0/19 maxlen: 24
84.205.144.0/20 maxlen: 20
85.68.0.0/15 maxlen: 24
85.168.0.0/14 maxlen: 24
86.64.0.0/12 maxlen: 24
86.66.127.0/24 maxlen: 24
87.231.0.0/16 maxlen: 24
88.136.0.0/13 maxlen: 24
88.136.0.0/14 maxlen: 24
88.140.0.0/16 maxlen: 24
88.141.0.0/16 maxlen: 24
88.142.0.0/16 maxlen: 24
88.143.252.0/24 maxlen: 24
88.143.253.0/24 maxlen: 24
88.143.254.0/24 maxlen: 24
88.143.255.0/24 maxlen: 24
89.2.0.0/15 maxlen: 24
89.156.0.0/14 maxlen: 24
91.68.0.0/14 maxlen: 24
91.68.0.0/22 maxlen: 22
91.151.112.0/20 maxlen: 24
92.88.0.0/13 maxlen: 24
93.0.0.0/11 maxlen: 24
109.0.0.0/11 maxlen: 24
141.170.216.0/21 maxlen: 24
185.147.204.0/22 maxlen: 24
194.6.128.0/19 maxlen: 19
194.183.192.0/19 maxlen: 19
194.242.176.0/20 maxlen: 20
195.3.0.0/18 maxlen: 24
195.7.96.0/19 maxlen: 24
195.98.96.0/19 maxlen: 24
195.115.0.0/16 maxlen: 24
195.132.0.0/16 maxlen: 24
195.146.192.0/19 maxlen: 24
212.30.96.0/19 maxlen: 24
212.39.128.0/19 maxlen: 24
212.94.160.0/19 maxlen: 24
212.198.0.0/16 maxlen: 24
213.128.32.0/19 maxlen: 24
213.144.192.0/19 maxlen: 24
213.169.160.0/19 maxlen: 24
213.203.64.0/18 maxlen: 24
213.223.0.0/16 maxlen: 24
213.245.0.0/16 maxlen: 24
217.19.192.0/20 maxlen: 24
217.70.80.0/20 maxlen: 24
217.112.224.0/20 maxlen: 24
2a00:6200::/29 maxlen: 48
2a00:7180::/32 maxlen: 32
2a00:8380::/32 maxlen: 32
2a00:8d80::/32 maxlen: 32
2a00:9380::/32 maxlen: 32
2a00:ec80::/32 maxlen: 32
2a02:8400::/25 maxlen: 48
2a02:8400::/48 maxlen: 48
2a02:8400:11::/48 maxlen: 48
2a02:8400:12::/48 maxlen: 48
2a02:8400:13::/48 maxlen: 48
2a02:8400:14::/48 maxlen: 48
2a02:8440:5000::/36 maxlen: 36
2a04:800::/29 maxlen: 29
2a04:807::/48 maxlen: 48
2a04:807:1::/48 maxlen: 48
2a04:807:2::/48 maxlen: 48
2a04:807:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.mft
rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 05:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:84:61:2e:7d:8f:68:e5:b7:6b:14:85:eb:e2:1c:62:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Mar 28 09:25:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e72adeaeb68615a2c11b99b1e8c0a2bd1ef57ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ed:9e:2a:a0:db:82:09:82:ef:c8:da:97:7f:
5e:7b:a0:44:48:b1:f7:51:f8:88:f7:59:ae:a7:ea:
d6:02:b0:c7:8e:85:47:ec:1a:87:53:99:36:b9:ca:
16:ec:23:9b:21:3c:f2:d5:b7:ef:42:48:e0:87:28:
f2:5a:9c:9e:d2:8f:33:f2:7c:5c:fe:b9:16:50:31:
e0:0b:dd:66:d6:4b:8a:ba:c2:8d:27:19:4c:90:73:
78:13:8d:b6:c9:7e:03:64:5d:b2:d7:d7:d0:90:6b:
32:c7:40:41:a0:20:c0:33:e4:bd:bb:cd:c0:1c:40:
cb:0c:58:41:bb:7c:7a:af:eb:12:fd:c3:73:14:78:
a1:02:d5:51:71:f5:f9:a6:e4:b3:ae:62:f2:d9:5d:
1f:48:7b:0f:ee:7e:da:27:1a:32:6f:df:78:bf:8d:
8e:fe:27:c6:20:f2:c0:d3:ec:21:2f:55:a7:af:80:
45:3c:33:74:ad:cb:57:61:98:bd:d3:ea:0a:eb:30:
b1:61:de:54:a2:1d:86:78:04:20:b6:d2:1d:33:7b:
27:04:e3:a0:88:1d:0e:44:54:db:db:fc:7e:7a:1f:
fb:c3:6d:d5:cc:06:0d:65:fd:7c:a9:f5:96:f2:ed:
7d:cd:e3:ac:df:8f:29:6b:f3:dd:40:89:39:60:eb:
7f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:72:AD:EA:EB:68:61:5A:2C:11:B9:9B:1E:8C:0A:2B:D1:EF:57:BA
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/fnKt6utoYVosEbmbHowKK9HvV7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.64.0.0/13
46.35.0.0/19
62.8.0.0/19
62.39.0.0/16
62.62.128.0/17
62.106.128.0/17
62.129.160.0/19
62.241.64.0/18
77.128.0.0-77.136.255.255
77.137.196.0-77.137.223.255
77.140.0.0-77.159.255.255
77.192.0.0/12
78.112.0.0/12
78.155.128.0/19
79.80.0.0/12
79.174.192.0/18
80.70.32.0/20
80.118.0.0/15
80.124.0.0/15
80.236.0.0/17
81.1.0.0/18
81.64.0.0/14
81.185.0.0/16
81.220.0.0/16
82.216.0.0/16
83.141.128.0/17
84.4.0.0/14
84.55.128.0/18
84.96.0.0/13
84.205.128.0/19
85.68.0.0/15
85.168.0.0/14
86.64.0.0/12
87.231.0.0/16
88.136.0.0/13
89.2.0.0/15
89.156.0.0/14
91.68.0.0/14
91.151.112.0/20
92.88.0.0/13
93.0.0.0/11
109.0.0.0/11
141.170.216.0/21
185.147.204.0/22
194.6.128.0/19
194.183.192.0/19
194.242.176.0/20
195.3.0.0/18
195.7.96.0/19
195.98.96.0/19
195.115.0.0/16
195.132.0.0/16
195.146.192.0/19
212.30.96.0/19
212.39.128.0/19
212.94.160.0/19
212.198.0.0/16
213.128.32.0/19
213.144.192.0/19
213.169.160.0/19
213.203.64.0/18
213.223.0.0/16
213.245.0.0/16
217.19.192.0/20
217.70.80.0/20
217.112.224.0/20
IPv6:
2a00:6200::/29
2a00:7180::/32
2a00:8380::/32
2a00:8d80::/32
2a00:9380::/32
2a00:ec80::/32
2a02:8400::/25
2a04:800::/29
Signature Algorithm: sha256WithRSAEncryption
b2:e7:53:97:bb:41:4f:52:99:01:c3:12:6f:74:bd:cb:3d:65:
1c:c8:aa:74:ba:31:d7:95:72:6f:53:ab:fc:8f:39:38:70:16:
a8:7c:d3:a3:ad:de:ba:a4:0b:ab:c3:55:3a:2c:a3:3a:3b:d8:
e6:09:d0:6e:9f:7c:93:6d:9c:87:7f:96:78:07:de:1e:ad:19:
01:c3:63:dc:54:0d:36:dd:91:7a:e2:a7:d0:d2:34:a4:2f:cb:
27:38:2a:02:07:14:09:e9:fe:17:1d:6f:30:f6:b0:c3:d5:15:
db:96:b7:ce:88:81:89:6e:65:ca:f2:ca:4a:a6:0c:18:ed:83:
bd:6b:68:0b:c0:d2:72:19:5a:c9:35:f3:34:19:ef:8d:ae:b5:
e4:31:32:53:95:d8:98:6b:17:da:b5:3e:2c:a7:fb:f3:4c:e2:
04:29:32:7f:16:bf:87:b2:f4:98:4d:49:d7:6c:74:d5:b0:d3:
78:87:4a:bf:87:ee:cf:4b:06:36:bc:2d:fe:f8:be:e1:f6:16:
c4:31:89:86:04:a9:19:af:b6:b3:13:d5:61:56:85:25:42:c5:
77:8f:2a:19:3f:18:9f:61:c4:d8:a1:d4:a7:53:ae:c8:0a:bc:
4b:0a:56:9b:db:1f:30:f7:b1:49:ca:dd:3c:9d:bb:4c:87:ab:
37:70:a7:23
-----BEGIN CERTIFICATE-----
MIIGxDCCBaygAwIBAgISAY6EYS59j2jlt2sUheviHGJCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjQwMzI4MDkyNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTcyYWRlYWViNjg2MTVhMmMxMWI5OWIxZThjMGEyYmQxZWY1N2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoe2eKqDbggmC78jal39ee6BESLH3
UfiI91mup+rWArDHjoVH7BqHU5k2ucoW7CObITzy1bfvQkjghyjyWpye0o8z8nxc
/rkWUDHgC91m1kuKusKNJxlMkHN4E422yX4DZF2y19fQkGsyx0BBoCDAM+S9u83A
HEDLDFhBu3x6r+sS/cNzFHihAtVRcfX5puSzrmLy2V0fSHsP7n7aJxoyb994v42O
/ifGIPLA0+whL1Wnr4BFPDN0rctXYZi90+oK6zCxYd5Uoh2GeAQgttIdM3snBOOg
iB0ORFTb2/x+eh/7w23VzAYNZf18qfWW8u19zeOs348pa/PdQIk5YOt/nwIDAQAB
o4ID0DCCA8wwHQYDVR0OBBYEFH5yrerraGFaLBG5mx6MCivR71e6MB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvZm5LdDZ1dG9ZVm9zRWJtYkhvd0tLOUh2VjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB5AYIKwYBBQUHAQcBAf8EggHTMIIBzzCCAYsEAgABMIIB
gwMDAyVAAwQFLiMAAwQFPggAAwMAPicDBAc+PoADBAc+aoADBAU+gaADBAY+8UAw
CgMDB02AAwMATYgwDAMEAk2JxAMEBU2JwDAKAwMCTYwDAwVNgAMDBE3AAwMETnAD
BAVOm4ADAwRPUAMEBk+uwAMEBFBGIAMDAVB2AwMBUHwDBAdQ7AADBAZRAQADAwJR
QAMDAFG5AwMAUdwDAwBS2AMEB1ONgAMDAlQEAwQGVDeAAwMDVGADBAVUzYADAwFV
RAMDAlWoAwMEVkADAwBX5wMDA1iIAwMBWQIDAwJZnAMDAltEAwQEW5dwAwMDXFgD
AwVdAAMDBW0AAwQDjarYAwQCuZPMAwQFwgaAAwQFwrfAAwQEwvKwAwQGwwMAAwQF
wwdgAwQFw2JgAwMAw3MDAwDDhAMEBcOSwAMEBdQeYAMEBdQngAMEBdReoAMDANTG
AwQF1YAgAwQF1ZDAAwQF1amgAwQG1ctAAwMA1d8DAwDV9QMEBNkTwAMEBNlGUAME
BNlw4DA+BAIAAjA4AwUDKgBiAAMFACoAcYADBQAqAIOAAwUAKgCNgAMFACoAk4AD
BQAqAOyAAwUHKgKEAAMFAyoECAAwDQYJKoZIhvcNAQELBQADggEBALLnU5e7QU9S
mQHDEm90vcs9ZRzIqnS6MdeVcm9Tq/yPOThwFqh806Ot3rqkC6vDVTosozo72OYJ
0G6ffJNtnId/lngH3h6tGQHDY9xUDTbdkXrip9DSNKQvyyc4KgIHFAnp/hcdbzD2
sMPVFduWt86IgYluZcryykqmDBjtg71raAvA0nIZWsk18zQZ742uteQxMlOV2Jhr
F9q1Piyn+/NM4gQpMn8Wv4ey9JhNSddsdNWw03iHSr+H7s9LBja8Lf74vuH2FsQx
iYYEqRmvtrMT1WFWhSVCxXePKhk/GJ9hxNih1KdTrsgKvEsKVpvbHzD3sUnK3Tyd
u0yHqzdwpyM=
-----END CERTIFICATE-----
Generated at Sat Jun 15 11:03:07 2024 by rpki-client on console-ams.rpki-client.org