Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/moigL1TF2AzvbMUnSuM0HeWYdnQ.roa
File: moigL1TF2AzvbMUnSuM0HeWYdnQ.roa (raw, json)
Hash identifier: zA1aP4/TeEw6hC0+s9IpRTSn0D+Z5Fv5tQgAGGRPD/s=
Subject key identifier: 9A:88:A0:2F:54:C5:D8:0C:EF:6C:C5:27:4A:E3:34:1D:E5:98:76:74
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 0190A29B70A6228D06A036C468A8D76B7C67
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/moigL1TF2AzvbMUnSuM0HeWYdnQ.roa
Signing time: Thu 11 Jul 2024 16:23:34 +0000
ROA not before: Thu 11 Jul 2024 16:23:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15557
IP address blocks: 37.64.0.0/13 maxlen: 24
46.35.0.0/19 maxlen: 24
62.8.0.0/19 maxlen: 19
62.39.0.0/16 maxlen: 24
62.62.128.0/17 maxlen: 24
62.106.128.0/17 maxlen: 24
62.129.160.0/19 maxlen: 24
62.241.64.0/18 maxlen: 24
77.128.0.0/13 maxlen: 24
77.134.204.0/24 maxlen: 24
77.136.0.0/16 maxlen: 24
77.136.172.0/24 maxlen: 24
77.136.173.0/24 maxlen: 24
77.136.174.0/24 maxlen: 24
77.137.196.0/22 maxlen: 24
77.137.200.0/21 maxlen: 24
77.137.208.0/20 maxlen: 24
77.140.0.0/14 maxlen: 24
77.140.0.0/15 maxlen: 24
77.142.0.0/16 maxlen: 24
77.144.0.0/12 maxlen: 24
77.192.0.0/12 maxlen: 24
78.112.0.0/12 maxlen: 24
78.155.128.0/19 maxlen: 24
79.80.0.0/12 maxlen: 24
79.174.192.0/18 maxlen: 24
79.174.232.0/21 maxlen: 21
80.70.32.0/20 maxlen: 24
80.118.0.0/15 maxlen: 24
80.118.4.0/24 maxlen: 24
80.124.0.0/15 maxlen: 24
80.124.0.0/16 maxlen: 24
80.125.0.0/16 maxlen: 24
80.236.0.0/17 maxlen: 24
81.1.0.0/18 maxlen: 24
81.64.0.0/14 maxlen: 24
81.65.0.0/16 maxlen: 16
81.185.0.0/16 maxlen: 24
81.185.160.0/20 maxlen: 20
81.185.160.0/21 maxlen: 21
81.185.168.0/21 maxlen: 21
81.220.0.0/16 maxlen: 24
82.216.0.0/16 maxlen: 24
83.141.128.0/17 maxlen: 24
84.4.0.0/14 maxlen: 24
84.55.128.0/18 maxlen: 24
84.96.0.0/13 maxlen: 24
84.205.128.0/19 maxlen: 24
84.205.144.0/20 maxlen: 20
85.68.0.0/15 maxlen: 24
85.168.0.0/14 maxlen: 24
86.64.0.0/12 maxlen: 24
86.66.127.0/24 maxlen: 24
87.231.0.0/16 maxlen: 24
88.136.0.0/13 maxlen: 24
88.136.0.0/14 maxlen: 24
88.140.0.0/15 maxlen: 24
88.140.0.0/16 maxlen: 24
88.141.0.0/16 maxlen: 24
88.142.0.0/16 maxlen: 24
88.143.252.0/24 maxlen: 24
88.143.253.0/24 maxlen: 24
88.143.254.0/24 maxlen: 24
88.143.255.0/24 maxlen: 24
89.2.0.0/15 maxlen: 24
89.156.0.0/14 maxlen: 24
91.68.0.0/14 maxlen: 24
91.68.0.0/22 maxlen: 22
91.151.112.0/20 maxlen: 24
92.88.0.0/13 maxlen: 24
93.0.0.0/11 maxlen: 24
109.0.0.0/11 maxlen: 24
141.170.216.0/21 maxlen: 24
185.147.204.0/22 maxlen: 24
194.6.128.0/19 maxlen: 19
194.183.192.0/19 maxlen: 19
194.242.176.0/20 maxlen: 20
195.3.0.0/18 maxlen: 24
195.7.96.0/19 maxlen: 24
195.98.96.0/19 maxlen: 24
195.115.0.0/16 maxlen: 24
195.132.0.0/16 maxlen: 24
195.146.192.0/19 maxlen: 24
212.30.96.0/19 maxlen: 24
212.39.128.0/19 maxlen: 24
212.94.160.0/19 maxlen: 24
212.198.0.0/16 maxlen: 24
213.128.32.0/19 maxlen: 24
213.144.192.0/19 maxlen: 24
213.169.160.0/19 maxlen: 24
213.203.64.0/18 maxlen: 24
213.223.0.0/16 maxlen: 24
213.245.0.0/16 maxlen: 24
217.19.192.0/20 maxlen: 24
217.70.80.0/20 maxlen: 24
217.112.224.0/20 maxlen: 24
2a00:6200::/29 maxlen: 48
2a00:7180::/32 maxlen: 32
2a00:8380::/32 maxlen: 32
2a00:8d80::/32 maxlen: 32
2a00:9380::/32 maxlen: 32
2a00:ec80::/32 maxlen: 32
2a02:8400::/25 maxlen: 48
2a02:8400::/48 maxlen: 48
2a02:8400:11::/48 maxlen: 48
2a02:8400:12::/48 maxlen: 48
2a02:8400:13::/48 maxlen: 48
2a02:8400:14::/48 maxlen: 48
2a02:8440:5000::/36 maxlen: 36
2a04:800::/30 maxlen: 30
2a04:807::/48 maxlen: 48
2a04:807:1::/48 maxlen: 48
2a04:807:2::/48 maxlen: 48
2a04:807:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.mft
rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a2:9b:70:a6:22:8d:06:a0:36:c4:68:a8:d7:6b:7c:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jul 11 16:23:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a88a02f54c5d80cef6cc5274ae3341de5987674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e4:ce:67:66:e1:23:e5:eb:60:20:5d:3c:e0:
40:ff:71:7d:9f:91:20:8b:30:09:42:e5:da:a0:c1:
82:ce:f6:d3:c0:44:97:27:ff:02:df:98:c1:d4:b1:
ac:29:8f:a1:4e:5b:fc:2b:37:5d:74:49:e6:12:11:
e2:7a:d9:35:0c:46:b1:82:8f:97:82:1d:dd:89:7d:
ce:32:35:8e:52:e8:5d:34:4f:f0:d8:7a:8a:04:4d:
10:7f:c3:d5:96:0f:0e:01:d3:5d:f0:8f:56:b7:b7:
97:40:6a:35:56:b2:fd:f4:ab:a6:71:f5:2f:9b:b7:
8b:7b:a4:f5:13:a8:c9:70:ab:13:3d:9e:23:34:8c:
7c:79:bb:d5:1b:0a:bd:81:e8:9f:65:41:66:13:d7:
3e:9c:89:76:a9:78:d0:43:33:4e:e2:be:4a:12:88:
b7:ea:4a:65:e9:34:3b:f4:27:9d:dc:c4:e1:f9:0b:
7a:f5:47:3c:26:7c:de:0e:48:d1:78:25:df:ba:50:
e0:d2:ca:09:e8:f8:7a:35:1b:d5:e1:e4:31:65:a6:
c1:17:ff:4d:2a:f7:53:42:4a:23:8f:cf:56:85:3f:
2b:c2:4a:d4:20:47:fe:50:e8:83:87:3c:7e:51:fb:
43:07:dc:b5:5f:5b:00:e2:17:28:26:18:9f:07:2c:
65:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:88:A0:2F:54:C5:D8:0C:EF:6C:C5:27:4A:E3:34:1D:E5:98:76:74
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/moigL1TF2AzvbMUnSuM0HeWYdnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.64.0.0/13
46.35.0.0/19
62.8.0.0/19
62.39.0.0/16
62.62.128.0/17
62.106.128.0/17
62.129.160.0/19
62.241.64.0/18
77.128.0.0-77.136.255.255
77.137.196.0-77.137.223.255
77.140.0.0-77.159.255.255
77.192.0.0/12
78.112.0.0/12
78.155.128.0/19
79.80.0.0/12
79.174.192.0/18
80.70.32.0/20
80.118.0.0/15
80.124.0.0/15
80.236.0.0/17
81.1.0.0/18
81.64.0.0/14
81.185.0.0/16
81.220.0.0/16
82.216.0.0/16
83.141.128.0/17
84.4.0.0/14
84.55.128.0/18
84.96.0.0/13
84.205.128.0/19
85.68.0.0/15
85.168.0.0/14
86.64.0.0/12
87.231.0.0/16
88.136.0.0/13
89.2.0.0/15
89.156.0.0/14
91.68.0.0/14
91.151.112.0/20
92.88.0.0/13
93.0.0.0/11
109.0.0.0/11
141.170.216.0/21
185.147.204.0/22
194.6.128.0/19
194.183.192.0/19
194.242.176.0/20
195.3.0.0/18
195.7.96.0/19
195.98.96.0/19
195.115.0.0/16
195.132.0.0/16
195.146.192.0/19
212.30.96.0/19
212.39.128.0/19
212.94.160.0/19
212.198.0.0/16
213.128.32.0/19
213.144.192.0/19
213.169.160.0/19
213.203.64.0/18
213.223.0.0/16
213.245.0.0/16
217.19.192.0/20
217.70.80.0/20
217.112.224.0/20
IPv6:
2a00:6200::/29
2a00:7180::/32
2a00:8380::/32
2a00:8d80::/32
2a00:9380::/32
2a00:ec80::/32
2a02:8400::/25
2a04:800::/30
2a04:807::/46
Signature Algorithm: sha256WithRSAEncryption
1b:f6:e0:1b:21:72:03:d4:44:1f:bf:89:b0:ca:0d:0e:64:36:
8e:e4:61:e6:d7:37:5b:03:8b:10:90:81:b4:8b:d7:09:cf:46:
5b:b5:1b:ee:39:f2:88:7b:56:f0:53:b8:06:b0:6a:19:2c:d7:
c5:8f:d3:86:cd:d6:9b:f9:58:a3:18:5f:5f:e0:4c:00:e9:d0:
ae:00:f1:c4:c2:b8:74:d5:7f:cb:b0:80:a2:66:3a:b7:8e:6e:
22:fe:19:28:bd:38:be:80:6c:78:24:24:e4:5e:92:ab:cc:41:
97:b0:94:59:a8:2e:c4:64:dd:2e:7a:3e:b6:bd:a7:2a:39:0e:
51:8b:b0:df:f6:58:57:1d:2b:d3:d1:b1:a4:df:4c:bd:b6:35:
8b:5d:e3:86:dc:f9:5c:dc:74:8b:83:3e:95:96:6f:18:59:9a:
07:6c:1a:5b:c5:c2:9f:2e:e1:ea:0b:d0:1a:af:3f:95:2e:71:
5f:3c:b5:4a:ab:50:a3:94:bd:7c:1f:cd:95:0d:2f:1c:04:ad:
b1:68:e8:42:54:62:50:32:63:50:43:33:36:a8:50:70:4d:dc:
83:01:ef:c0:1c:c2:ca:07:74:7d:f4:13:bb:01:07:a1:2a:aa:
d0:c6:17:1b:25:6b:1b:2f:12:09:b3:e2:b7:8e:fd:a3:bf:8e:
2c:12:9c:8b
-----BEGIN CERTIFICATE-----
MIIGzTCCBbWgAwIBAgISAZCim3CmIo0GoDbEaKjXa3xnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjQwNzExMTYyMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTg4YTAyZjU0YzVkODBjZWY2Y2M1Mjc0YWUzMzQxZGU1OTg3Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+TOZ2bhI+XrYCBdPOBA/3F9n5Eg
izAJQuXaoMGCzvbTwESXJ/8C35jB1LGsKY+hTlv8KzdddEnmEhHietk1DEaxgo+X
gh3diX3OMjWOUuhdNE/w2HqKBE0Qf8PVlg8OAdNd8I9Wt7eXQGo1VrL99KumcfUv
m7eLe6T1E6jJcKsTPZ4jNIx8ebvVGwq9geifZUFmE9c+nIl2qXjQQzNO4r5KEoi3
6kpl6TQ79Ced3MTh+Qt69Uc8JnzeDkjReCXfulDg0soJ6Ph6NRvV4eQxZabBF/9N
KvdTQkojj89WhT8rwkrUIEf+UOiDhzx+UftDB9y1X1sA4hcoJhifByxlQQIDAQAB
o4ID2TCCA9UwHQYDVR0OBBYEFJqIoC9UxdgM72zFJ0rjNB3lmHZ0MB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvbW9pZ0wxVEYyQXp2Yk1VblN1TTBIZVdZZG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB7QYIKwYBBQUHAQcBAf8EggHcMIIB2DCCAYsEAgABMIIB
gwMDAyVAAwQFLiMAAwQFPggAAwMAPicDBAc+PoADBAc+aoADBAU+gaADBAY+8UAw
CgMDB02AAwMATYgwDAMEAk2JxAMEBU2JwDAKAwMCTYwDAwVNgAMDBE3AAwMETnAD
BAVOm4ADAwRPUAMEBk+uwAMEBFBGIAMDAVB2AwMBUHwDBAdQ7AADBAZRAQADAwJR
QAMDAFG5AwMAUdwDAwBS2AMEB1ONgAMDAlQEAwQGVDeAAwMDVGADBAVUzYADAwFV
RAMDAlWoAwMEVkADAwBX5wMDA1iIAwMBWQIDAwJZnAMDAltEAwQEW5dwAwMDXFgD
AwVdAAMDBW0AAwQDjarYAwQCuZPMAwQFwgaAAwQFwrfAAwQEwvKwAwQGwwMAAwQF
wwdgAwQFw2JgAwMAw3MDAwDDhAMEBcOSwAMEBdQeYAMEBdQngAMEBdReoAMDANTG
AwQF1YAgAwQF1ZDAAwQF1amgAwQG1ctAAwMA1d8DAwDV9QMEBNkTwAMEBNlGUAME
BNlw4DBHBAIAAjBBAwUDKgBiAAMFACoAcYADBQAqAIOAAwUAKgCNgAMFACoAk4AD
BQAqAOyAAwUHKgKEAAMFAioECAADBwIqBAgHAAAwDQYJKoZIhvcNAQELBQADggEB
ABv24BshcgPURB+/ibDKDQ5kNo7kYebXN1sDixCQgbSL1wnPRlu1G+458oh7VvBT
uAawahks18WP04bN1pv5WKMYX1/gTADp0K4A8cTCuHTVf8uwgKJmOreObiL+GSi9
OL6AbHgkJORekqvMQZewlFmoLsRk3S56Pra9pyo5DlGLsN/2WFcdK9PRsaTfTL22
NYtd44bc+VzcdIuDPpWWbxhZmgdsGlvFwp8u4eoL0BqvP5UucV88tUqrUKOUvXwf
zZUNLxwErbFo6EJUYlAyY1BDMzaoUHBN3IMB78AcwsoHdH30E7sBB6EqqtDGFxsl
axsvEgmz4reO/aO/jiwSnIs=
-----END CERTIFICATE-----
Generated at Tue Nov 26 10:01:16 2024 by rpki-client on console-ams.rpki-client.org