Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/q-kzFzWdHxYVd9BrFrKLJ4d0RIQ.roa
File: q-kzFzWdHxYVd9BrFrKLJ4d0RIQ.roa (raw, json)
Hash identifier: GMAkDMrzsWCnVos+xh1WbimGMP/CqMUvIS+tRaFTcOw=
Subject key identifier: AB:E9:33:17:35:9D:1F:16:15:77:D0:6B:16:B2:8B:27:87:74:44:84
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 0195003401C2D714DEFD469F17761F68F7A9
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/q-kzFzWdHxYVd9BrFrKLJ4d0RIQ.roa
Signing time: Thu 13 Feb 2025 16:46:02 +0000
ROA not before: Thu 13 Feb 2025 16:46:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 37.64.0.0/13 maxlen: 24
46.35.0.0/19 maxlen: 24
46.165.64.0/18 maxlen: 24
62.8.0.0/19 maxlen: 24
62.39.0.0/16 maxlen: 24
62.62.128.0/17 maxlen: 24
62.62.169.0/24 maxlen: 24
62.85.128.0/19 maxlen: 24
62.106.128.0/17 maxlen: 24
62.129.160.0/19 maxlen: 24
62.241.64.0/18 maxlen: 24
77.84.0.0/16 maxlen: 24
77.128.0.0/13 maxlen: 24
77.136.0.0/16 maxlen: 24
77.137.196.0/22 maxlen: 24
77.137.200.0/21 maxlen: 24
77.137.208.0/20 maxlen: 24
77.137.224.0/19 maxlen: 24
77.140.0.0/14 maxlen: 24
77.144.0.0/12 maxlen: 24
77.192.0.0/12 maxlen: 24
77.233.96.0/19 maxlen: 24
78.112.0.0/12 maxlen: 24
78.155.128.0/19 maxlen: 24
78.159.0.0/19 maxlen: 24
79.80.0.0/12 maxlen: 24
79.132.32.0/19 maxlen: 24
79.174.192.0/18 maxlen: 24
80.70.32.0/20 maxlen: 24
80.118.0.0/15 maxlen: 24
80.124.0.0/15 maxlen: 24
80.185.0.0/16 maxlen: 24
80.236.0.0/17 maxlen: 24
81.1.0.0/18 maxlen: 24
81.64.0.0/14 maxlen: 24
81.185.0.0/16 maxlen: 24
81.220.0.0/16 maxlen: 24
82.151.0.0/19 maxlen: 24
82.216.0.0/16 maxlen: 24
83.141.128.0/17 maxlen: 24
84.4.0.0/14 maxlen: 24
84.55.128.0/18 maxlen: 24
84.96.0.0/13 maxlen: 24
84.205.128.0/19 maxlen: 24
85.68.0.0/15 maxlen: 24
85.117.128.0/19 maxlen: 24
85.168.0.0/14 maxlen: 24
85.192.192.0/18 maxlen: 24
86.63.224.0/19 maxlen: 24
86.64.0.0/12 maxlen: 24
87.100.0.0/17 maxlen: 24
87.231.0.0/16 maxlen: 24
87.255.128.0/19 maxlen: 24
88.136.0.0/13 maxlen: 24
88.219.0.0/16 maxlen: 24
89.2.0.0/15 maxlen: 24
89.156.0.0/14 maxlen: 24
89.170.0.0/16 maxlen: 24
89.185.160.0/19 maxlen: 24
91.68.0.0/14 maxlen: 24
91.88.0.0/16 maxlen: 24
91.91.0.0/16 maxlen: 24
91.151.112.0/20 maxlen: 24
92.88.0.0/13 maxlen: 24
93.0.0.0/11 maxlen: 24
93.182.192.0/18 maxlen: 24
93.191.80.0/21 maxlen: 24
95.136.128.0/17 maxlen: 24
95.157.128.0/18 maxlen: 24
95.157.192.0/18 maxlen: 18
95.168.0.0/19 maxlen: 24
95.171.128.0/19 maxlen: 24
95.174.160.0/19 maxlen: 24
95.175.160.0/19 maxlen: 24
95.181.220.0/22 maxlen: 24
109.0.0.0/11 maxlen: 24
130.0.96.0/19 maxlen: 19
141.170.216.0/21 maxlen: 24
159.20.8.0/21 maxlen: 24
176.52.224.0/20 maxlen: 20
178.18.176.0/20 maxlen: 24
178.19.0.0/20 maxlen: 24
185.39.216.0/22 maxlen: 24
185.147.204.0/22 maxlen: 24
185.147.232.0/22 maxlen: 22
185.150.120.0/22 maxlen: 24
188.7.0.0/16 maxlen: 24
188.141.128.0/17 maxlen: 24
188.224.0.0/17 maxlen: 24
194.6.128.0/19 maxlen: 24
194.153.88.0/23 maxlen: 24
194.153.90.0/24 maxlen: 24
194.153.92.0/24 maxlen: 24
194.153.97.0/24 maxlen: 24
194.183.192.0/19 maxlen: 24
194.242.176.0/20 maxlen: 24
195.3.0.0/18 maxlen: 24
195.7.96.0/19 maxlen: 24
195.98.96.0/19 maxlen: 24
195.115.0.0/16 maxlen: 24
195.132.0.0/16 maxlen: 24
195.146.192.0/19 maxlen: 24
212.23.160.0/19 maxlen: 24
212.30.96.0/19 maxlen: 24
212.39.128.0/19 maxlen: 24
212.94.160.0/19 maxlen: 24
212.198.0.0/16 maxlen: 24
213.128.32.0/19 maxlen: 24
213.144.192.0/19 maxlen: 24
213.169.160.0/19 maxlen: 24
213.176.192.0/19 maxlen: 24
213.203.64.0/18 maxlen: 24
213.222.64.0/18 maxlen: 24
213.223.0.0/16 maxlen: 24
213.245.0.0/16 maxlen: 24
217.19.192.0/20 maxlen: 24
217.70.80.0/20 maxlen: 24
217.112.224.0/20 maxlen: 24
2a00:5e80::/32 maxlen: 48
2a00:6200::/29 maxlen: 48
2a00:7180::/32 maxlen: 48
2a00:8380::/32 maxlen: 48
2a00:8d80::/32 maxlen: 48
2a00:9380::/32 maxlen: 32
2a00:a580::/32 maxlen: 48
2a00:b280::/32 maxlen: 48
2a00:ba80::/32 maxlen: 48
2a00:c780::/32 maxlen: 48
2a00:cc80::/32 maxlen: 48
2a00:d780::/32 maxlen: 48
2a00:e080::/32 maxlen: 48
2a00:e880::/32 maxlen: 48
2a00:ec80::/29 maxlen: 48
2a00:ec80::/32 maxlen: 48
2a00:ec81::/32 maxlen: 48
2a02:8400::/25 maxlen: 48
2a04:800::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.mft
rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 13:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:00:34:01:c2:d7:14:de:fd:46:9f:17:76:1f:68:f7:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Feb 13 16:46:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=abe93317359d1f161577d06b16b28b2787744484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:07:39:ea:d5:24:a9:9a:c3:f5:6b:73:e2:83:
fe:b6:49:0b:1b:87:42:c3:82:c0:92:a2:ba:ed:61:
90:9f:95:da:3c:76:6d:86:5c:54:33:99:e6:50:ae:
b5:c0:5f:a9:39:1c:a0:c7:b3:dc:a5:d2:f9:47:1a:
99:f2:74:9d:07:57:94:a7:a5:91:9b:14:b6:fa:d6:
a2:d1:a9:e1:1e:be:5b:10:20:b8:42:b2:34:b3:16:
e4:64:28:da:9f:f8:ce:2c:ce:21:87:48:24:4f:6a:
1d:64:0c:78:a0:0f:2f:4d:c1:2d:b5:90:9e:95:05:
08:ba:e8:63:ab:48:35:0f:d0:cf:30:73:b8:54:43:
be:c3:df:7b:0c:ac:3b:22:af:03:21:7d:a7:51:07:
bf:67:96:02:8f:1c:55:84:f5:5d:72:a5:e5:b9:70:
92:7b:1d:09:0f:ae:0a:b8:d1:e9:c5:56:4c:ee:79:
7c:02:f2:9c:dc:62:5d:62:ac:47:4e:3c:7f:79:5b:
08:2b:08:46:2b:dc:f5:17:df:96:93:ee:69:ee:36:
53:f2:60:c4:bc:09:36:5f:06:f3:22:07:38:80:a6:
e1:13:e8:16:e5:76:ab:b6:19:61:03:34:8b:2c:05:
9f:c0:de:44:ed:ab:f6:fd:9d:0d:e1:26:6c:d2:a0:
f1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:E9:33:17:35:9D:1F:16:15:77:D0:6B:16:B2:8B:27:87:74:44:84
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/q-kzFzWdHxYVd9BrFrKLJ4d0RIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.64.0.0/13
46.35.0.0/19
46.165.64.0/18
62.8.0.0/19
62.39.0.0/16
62.62.128.0/17
62.85.128.0/19
62.106.128.0/17
62.129.160.0/19
62.241.64.0/18
77.84.0.0/16
77.128.0.0-77.136.255.255
77.137.196.0-77.137.255.255
77.140.0.0-77.159.255.255
77.192.0.0/12
77.233.96.0/19
78.112.0.0/12
78.155.128.0/19
78.159.0.0/19
79.80.0.0/12
79.132.32.0/19
79.174.192.0/18
80.70.32.0/20
80.118.0.0/15
80.124.0.0/15
80.185.0.0/16
80.236.0.0/17
81.1.0.0/18
81.64.0.0/14
81.185.0.0/16
81.220.0.0/16
82.151.0.0/19
82.216.0.0/16
83.141.128.0/17
84.4.0.0/14
84.55.128.0/18
84.96.0.0/13
84.205.128.0/19
85.68.0.0/15
85.117.128.0/19
85.168.0.0/14
85.192.192.0/18
86.63.224.0-86.79.255.255
87.100.0.0/17
87.231.0.0/16
87.255.128.0/19
88.136.0.0/13
88.219.0.0/16
89.2.0.0/15
89.156.0.0/14
89.170.0.0/16
89.185.160.0/19
91.68.0.0/14
91.88.0.0/16
91.91.0.0/16
91.151.112.0/20
92.88.0.0/13
93.0.0.0/11
93.182.192.0/18
93.191.80.0/21
95.136.128.0/17
95.157.128.0/17
95.168.0.0/19
95.171.128.0/19
95.174.160.0/19
95.175.160.0/19
95.181.220.0/22
109.0.0.0/11
130.0.96.0/19
141.170.216.0/21
159.20.8.0/21
176.52.224.0/20
178.18.176.0/20
178.19.0.0/20
185.39.216.0/22
185.147.204.0/22
185.147.232.0/22
185.150.120.0/22
188.7.0.0/16
188.141.128.0/17
188.224.0.0/17
194.6.128.0/19
194.153.88.0-194.153.90.255
194.153.92.0/24
194.153.97.0/24
194.183.192.0/19
194.242.176.0/20
195.3.0.0/18
195.7.96.0/19
195.98.96.0/19
195.115.0.0/16
195.132.0.0/16
195.146.192.0/19
212.23.160.0/19
212.30.96.0/19
212.39.128.0/19
212.94.160.0/19
212.198.0.0/16
213.128.32.0/19
213.144.192.0/19
213.169.160.0/19
213.176.192.0/19
213.203.64.0/18
213.222.64.0/18
213.223.0.0/16
213.245.0.0/16
217.19.192.0/20
217.70.80.0/20
217.112.224.0/20
IPv6:
2a00:5e80::/32
2a00:6200::/29
2a00:7180::/32
2a00:8380::/32
2a00:8d80::/32
2a00:9380::/32
2a00:a580::/32
2a00:b280::/32
2a00:ba80::/32
2a00:c780::/32
2a00:cc80::/32
2a00:d780::/32
2a00:e080::/32
2a00:e880::/32
2a00:ec80::/29
2a02:8400::/25
2a04:800::/29
Signature Algorithm: sha256WithRSAEncryption
60:4a:20:1b:ef:60:78:3d:e6:cd:8a:fc:03:a0:76:4a:08:4f:
0f:a4:71:b9:26:5c:d2:c5:73:e3:10:d8:2d:f1:7f:69:46:cd:
51:e0:7b:9e:7e:e9:52:d5:e1:e8:5f:78:d8:bd:90:32:75:28:
58:7b:03:1a:1c:ae:31:af:9a:08:73:7c:d8:81:28:70:08:89:
69:ff:a5:53:ed:51:76:18:9c:be:1b:23:d5:1c:dc:ec:e4:5b:
14:c4:ad:88:df:88:00:ed:00:22:18:0d:08:e5:42:99:d9:b9:
54:33:f8:29:b9:81:0b:31:78:34:f0:e7:92:d8:41:9a:63:e8:
a4:45:3d:15:d7:df:fe:ca:ff:bc:27:ec:19:a7:92:74:7b:1c:
c0:c7:99:f3:62:f9:78:08:8a:7a:5b:77:c1:1c:9e:e9:55:0d:
4b:55:e5:b7:82:27:a0:bb:9f:cd:f0:cb:dc:2d:2c:43:a2:7b:
00:2c:00:85:c6:39:3e:6b:50:9a:fe:95:3c:e9:05:63:59:53:
21:95:6e:22:42:45:45:67:d9:3b:b4:a9:d7:7b:ea:e2:6f:d8:
70:8e:44:84:8d:0e:f0:18:7f:62:c4:3a:51:14:61:5f:d2:6e:
3c:91:a1:1c:07:f7:c0:9c:d9:5e:64:40:f4:72:7a:79:c4:cb:
29:ca:13:89
-----BEGIN CERTIFICATE-----
MIIIDTCCBvWgAwIBAgISAZUANAHC1xTe/UafF3YfaPepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjUwMjEzMTY0NjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmU5MzMxNzM1OWQxZjE2MTU3N2QwNmIxNmIyOGIyNzg3NzQ0NDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogc56tUkqZrD9Wtz4oP+tkkLG4dC
w4LAkqK67WGQn5XaPHZthlxUM5nmUK61wF+pORygx7PcpdL5RxqZ8nSdB1eUp6WR
mxS2+tai0anhHr5bECC4QrI0sxbkZCjan/jOLM4hh0gkT2odZAx4oA8vTcEttZCe
lQUIuuhjq0g1D9DPMHO4VEO+w997DKw7Iq8DIX2nUQe/Z5YCjxxVhPVdcqXluXCS
ex0JD64KuNHpxVZM7nl8AvKc3GJdYqxHTjx/eVsIKwhGK9z1F9+Wk+5p7jZT8mDE
vAk2XwbzIgc4gKbhE+gW5XarthlhAzSLLAWfwN5E7av2/Z0N4SZs0qDxbwIDAQAB
o4IFGTCCBRUwHQYDVR0OBBYEFKvpMxc1nR8WFXfQaxayiyeHdESEMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvcS1rekZ6V2RIeFlWZDlCckZyS0xKNGQwUklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIDLQYIKwYBBQUHAQcBAf8EggMcMIIDGDCCApUEAgABMIIC
jQMDAyVAAwQFLiMAAwQGLqVAAwQFPggAAwMAPicDBAc+PoADBAU+VYADBAc+aoAD
BAU+gaADBAY+8UADAwBNVDAKAwMHTYADAwBNiDALAwQCTYnEAwMBTYgwCgMDAk2M
AwMFTYADAwRNwAMEBU3pYAMDBE5wAwQFTpuAAwQFTp8AAwMET1ADBAVPhCADBAZP
rsADBARQRiADAwFQdgMDAVB8AwMAULkDBAdQ7AADBAZRAQADAwJRQAMDAFG5AwMA
UdwDBAVSlwADAwBS2AMEB1ONgAMDAlQEAwQGVDeAAwMDVGADBAVUzYADAwFVRAME
BVV1gAMDAlWoAwQGVcDAMAsDBAVWP+ADAwRWQAMEB1dkAAMDAFfnAwQFV/+AAwMD
WIgDAwBY2wMDAVkCAwMCWZwDAwBZqgMEBVm5oAMDAltEAwMAW1gDAwBbWwMEBFuX
cAMDA1xYAwMFXQADBAZdtsADBANdv1ADBAdfiIADBAdfnYADBAVfqAADBAVfq4AD
BAVfrqADBAVfr6ADBAJftdwDAwVtAAMEBYIAYAMEA42q2AMEA58UCAMEBLA04AME
BLISsAMEBLITAAMEArkn2AMEArmTzAMEArmT6AMEArmWeAMDALwHAwQHvI2AAwQH
vOAAAwQFwgaAMAwDBAPCmVgDBADCmVoDBADCmVwDBADCmWEDBAXCt8ADBATC8rAD
BAbDAwADBAXDB2ADBAXDYmADAwDDcwMDAMOEAwQFw5LAAwQF1BegAwQF1B5gAwQF
1CeAAwQF1F6gAwMA1MYDBAXVgCADBAXVkMADBAXVqaADBAXVsMADBAbVy0ADBAbV
3kADAwDV3wMDANX1AwQE2RPAAwQE2UZQAwQE2XDgMH0EAgACMHcDBQAqAF6AAwUD
KgBiAAMFACoAcYADBQAqAIOAAwUAKgCNgAMFACoAk4ADBQAqAKWAAwUAKgCygAMF
ACoAuoADBQAqAMeAAwUAKgDMgAMFACoA14ADBQAqAOCAAwUAKgDogAMFAyoA7IAD
BQcqAoQAAwUDKgQIADANBgkqhkiG9w0BAQsFAAOCAQEAYEogG+9geD3mzYr8A6B2
SghPD6RxuSZc0sVz4xDYLfF/aUbNUeB7nn7pUtXh6F942L2QMnUoWHsDGhyuMa+a
CHN82IEocAiJaf+lU+1Rdhicvhsj1Rzc7ORbFMStiN+IAO0AIhgNCOVCmdm5VDP4
KbmBCzF4NPDnkthBmmPopEU9Fdff/sr/vCfsGaeSdHscwMeZ82L5eAiKelt3wRye
6VUNS1Xlt4InoLufzfDL3C0sQ6J7ACwAhcY5PmtQmv6VPOkFY1lTIZVuIkJFRWfZ
O7Sp13vq4m/YcI5EhI0O8Bh/YsQ6URRhX9JuPJGhHAf3wJzZXmRA9HJ6ecTLKcoT
iQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:29:02 2025 by rpki-client