Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/uU-KqUsNVXeAtCoBcRjjtS5ImTg.roa
File: uU-KqUsNVXeAtCoBcRjjtS5ImTg.roa (raw, json)
Hash identifier: +0uM0Ca/iNzpsGymO/de4oMn2dJhW2fRHeOMF5vTGrE=
Subject key identifier: B9:4F:8A:A9:4B:0D:55:77:80:B4:2A:01:71:18:E3:B5:2E:48:99:38
Certificate issuer: /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial: 01934D80D8A0E51A5BDA106B51ED594C2A72
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/uU-KqUsNVXeAtCoBcRjjtS5ImTg.roa
Signing time: Thu 21 Nov 2024 06:55:09 +0000
ROA not before: Thu 21 Nov 2024 06:55:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42772
IP address blocks: 87.252.246.0/24 maxlen: 24
87.252.252.0/24 maxlen: 24
87.252.254.0/24 maxlen: 24
87.252.255.0/24 maxlen: 24
91.149.128.0/21 maxlen: 21
91.149.128.0/24 maxlen: 24
91.149.129.0/24 maxlen: 24
91.149.130.0/24 maxlen: 24
91.149.131.0/24 maxlen: 24
91.149.132.0/24 maxlen: 24
91.149.133.0/24 maxlen: 24
91.149.134.0/24 maxlen: 24
91.149.135.0/24 maxlen: 24
91.149.144.0/21 maxlen: 21
91.149.152.0/24 maxlen: 24
91.149.153.0/24 maxlen: 24
91.149.154.0/24 maxlen: 24
91.149.162.0/24 maxlen: 24
91.149.165.0/24 maxlen: 24
91.149.168.0/24 maxlen: 24
91.149.169.0/24 maxlen: 24
91.149.184.0/24 maxlen: 24
91.149.185.0/24 maxlen: 24
91.149.186.0/24 maxlen: 24
91.149.187.0/24 maxlen: 24
91.149.188.0/24 maxlen: 24
91.149.190.0/24 maxlen: 24
91.149.191.0/24 maxlen: 24
93.125.0.0/24 maxlen: 24
93.125.2.0/24 maxlen: 24
93.125.3.0/24 maxlen: 24
93.125.4.0/24 maxlen: 24
93.125.5.0/24 maxlen: 24
93.125.6.0/24 maxlen: 24
93.125.7.0/24 maxlen: 24
93.125.8.0/24 maxlen: 24
93.125.9.0/24 maxlen: 24
93.125.10.0/24 maxlen: 24
93.125.11.0/24 maxlen: 24
93.125.12.0/24 maxlen: 24
93.125.13.0/24 maxlen: 24
93.125.14.0/24 maxlen: 24
93.125.15.0/24 maxlen: 24
93.125.16.0/24 maxlen: 24
93.125.17.0/24 maxlen: 24
93.125.41.0/24 maxlen: 24
93.125.62.0/24 maxlen: 24
93.125.63.0/24 maxlen: 24
93.125.64.0/24 maxlen: 24
93.125.65.0/24 maxlen: 24
93.125.66.0/24 maxlen: 24
93.125.67.0/24 maxlen: 24
93.125.68.0/24 maxlen: 24
93.125.69.0/24 maxlen: 24
93.125.81.0/24 maxlen: 24
93.125.83.0/24 maxlen: 24
93.125.84.0/24 maxlen: 24
93.125.85.0/24 maxlen: 24
93.125.86.0/24 maxlen: 24
93.125.100.0/24 maxlen: 24
93.125.101.0/24 maxlen: 24
93.125.102.0/24 maxlen: 24
93.125.103.0/24 maxlen: 24
93.125.112.0/24 maxlen: 24
93.125.115.0/24 maxlen: 24
93.125.116.0/24 maxlen: 24
93.125.117.0/24 maxlen: 24
93.125.125.0/24 maxlen: 24
178.172.146.0/24 maxlen: 24
178.172.147.0/24 maxlen: 24
178.172.151.0/24 maxlen: 24
178.172.152.0/24 maxlen: 24
178.172.206.0/24 maxlen: 24
178.172.207.0/24 maxlen: 24
178.172.209.0/24 maxlen: 24
178.172.210.0/24 maxlen: 24
178.172.240.0/24 maxlen: 24
178.172.241.0/24 maxlen: 24
213.184.224.0/22 maxlen: 22
213.184.224.0/24 maxlen: 24
213.184.225.0/24 maxlen: 24
213.184.226.0/24 maxlen: 24
213.184.227.0/24 maxlen: 24
213.184.233.0/24 maxlen: 24
213.184.244.0/24 maxlen: 24
213.184.245.0/24 maxlen: 24
213.184.248.0/24 maxlen: 24
213.184.249.0/24 maxlen: 24
213.184.250.0/24 maxlen: 24
213.184.251.0/24 maxlen: 24
213.184.252.0/24 maxlen: 24
213.184.253.0/24 maxlen: 24
213.184.254.0/24 maxlen: 24
213.184.255.0/24 maxlen: 24
217.21.33.0/24 maxlen: 24
217.21.48.0/24 maxlen: 24
217.21.54.0/24 maxlen: 24
217.21.59.0/24 maxlen: 24
217.21.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.mft
rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4d:80:d8:a0:e5:1a:5b:da:10:6b:51:ed:59:4c:2a:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
Validity
Not Before: Nov 21 06:55:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b94f8aa94b0d557780b42a017118e3b52e489938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ff:a3:5a:b4:74:5d:05:f8:e6:a7:a9:be:6a:
50:fd:fe:89:f7:d8:41:99:28:1e:92:c8:2f:13:e7:
06:3a:1d:aa:a5:77:dc:4f:00:6e:dc:d5:c7:cd:9c:
cb:5a:ad:6b:f7:f3:9f:6d:1c:35:20:c0:c1:12:cc:
c0:1b:94:ae:67:41:e7:f2:06:0f:23:4a:ef:2d:5d:
43:72:81:a4:b3:2a:a6:69:09:2d:56:ef:ac:56:ea:
c3:4d:4e:54:f5:2d:01:a8:24:7f:04:60:9f:71:ca:
27:db:81:70:93:33:d9:81:5e:51:c0:27:60:dc:12:
66:84:a1:10:bf:83:7e:a3:7c:1a:32:02:88:da:81:
ef:7c:29:92:83:b6:3a:b2:30:e4:b2:20:49:84:c9:
c6:d6:6d:f3:e0:3b:e2:8d:d6:f9:c3:22:b3:7d:2a:
0c:fd:fd:c2:0e:27:43:d5:a9:04:97:93:d2:49:c0:
ea:d1:a1:1d:4d:40:7a:27:cb:81:96:1e:61:95:8d:
f8:d0:81:19:85:eb:19:da:09:d5:db:4c:73:d8:92:
e6:27:d7:26:16:0f:b9:4d:6d:91:6e:8b:7f:8c:bd:
c5:a5:19:93:91:38:3a:fe:b4:d3:03:08:0e:5c:61:
9b:93:19:56:31:3a:b5:12:16:58:21:4b:f5:9a:22:
07:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:4F:8A:A9:4B:0D:55:77:80:B4:2A:01:71:18:E3:B5:2E:48:99:38
X509v3 Authority Key Identifier:
keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/uU-KqUsNVXeAtCoBcRjjtS5ImTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.252.246.0/24
87.252.252.0/24
87.252.254.0/23
91.149.128.0/21
91.149.144.0-91.149.154.255
91.149.162.0/24
91.149.165.0/24
91.149.168.0/23
91.149.184.0-91.149.188.255
91.149.190.0/23
93.125.0.0/24
93.125.2.0-93.125.17.255
93.125.41.0/24
93.125.62.0-93.125.69.255
93.125.81.0/24
93.125.83.0-93.125.86.255
93.125.100.0/22
93.125.112.0/24
93.125.115.0-93.125.117.255
93.125.125.0/24
178.172.146.0/23
178.172.151.0-178.172.152.255
178.172.206.0/23
178.172.209.0-178.172.210.255
178.172.240.0/23
213.184.224.0/22
213.184.233.0/24
213.184.244.0/23
213.184.248.0/21
217.21.33.0/24
217.21.48.0/24
217.21.54.0/24
217.21.59.0-217.21.60.255
Signature Algorithm: sha256WithRSAEncryption
46:fe:97:66:f9:a2:fc:88:77:c5:0f:cd:a6:62:50:f0:e3:69:
78:79:f6:f3:db:2b:2f:8c:4e:e7:1f:71:2e:e8:ca:6b:be:be:
3e:67:97:ca:97:a1:17:8a:23:9d:77:cf:f9:db:db:2f:6b:b5:
bf:e0:05:a2:4c:3d:a7:c7:1f:87:59:ea:99:fd:e8:24:bd:71:
5e:45:11:7c:e8:f7:44:bf:9a:1d:c9:4c:34:f0:2a:ec:28:26:
16:65:01:b5:16:6b:a4:33:24:d2:af:2d:3b:f9:8b:20:bd:5f:
1e:dc:66:9f:cd:5e:78:bc:a7:46:09:da:f2:ba:5a:0e:92:c8:
98:c0:23:a7:dc:9e:83:cc:c3:16:60:d9:57:76:d2:5a:db:ee:
9d:4d:36:b2:3b:10:c7:d0:1c:b2:99:79:37:34:fc:ab:20:0e:
21:49:5f:ad:0b:57:22:60:cd:d2:ca:10:50:3a:4b:93:4e:9f:
8e:18:20:8e:37:94:60:da:d4:75:5a:73:37:87:19:f3:be:8b:
3f:dc:af:9e:60:c6:bd:6d:55:f9:52:d6:a9:db:68:08:1d:ae:
fd:e5:00:ba:05:a0:88:c4:9d:bb:b0:bf:2f:4e:62:f0:50:92:
c6:58:ea:b8:89:0f:34:47:61:eb:ce:ee:f1:f9:d0:23:6f:52:
77:99:bd:40
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAZNNgNig5Rpb2hBrUe1ZTCpyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTQ5ZjYyNDQ3ODUzNjg5YzEyZmIyODhhZmViNmI2ODFj
ZmViYzEwHhcNMjQxMTIxMDY1NTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTRmOGFhOTRiMGQ1NTc3ODBiNDJhMDE3MTE4ZTNiNTJlNDg5OTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwP+jWrR0XQX45qepvmpQ/f6J99hB
mSgeksgvE+cGOh2qpXfcTwBu3NXHzZzLWq1r9/OfbRw1IMDBEszAG5SuZ0Hn8gYP
I0rvLV1DcoGksyqmaQktVu+sVurDTU5U9S0BqCR/BGCfccon24FwkzPZgV5RwCdg
3BJmhKEQv4N+o3waMgKI2oHvfCmSg7Y6sjDksiBJhMnG1m3z4Dvijdb5wyKzfSoM
/f3CDidD1akEl5PSScDq0aEdTUB6J8uBlh5hlY340IEZhesZ2gnV20xz2JLmJ9cm
Fg+5TW2Rbot/jL3FpRmTkTg6/rTTAwgOXGGbkxlWMTq1EhZYIUv1miIH0wIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFLlPiqlLDVV3gLQqAXEY47UuSJk4MB8GA1UdIwQY
MBaAFH0Un2JEeFNonBL7KIr+traBz+vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTct
YWFiMGU0MTRjYzYzLzEvdVUtS3FVc05WWGVBdENvQmNSamp0UzVJbVRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTctYWFiMGU0MTRjYzYz
LzEvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAFf89gMEAFf8/AMEAVf8/gMEA1uVgDAMAwQEW5WQAwQAW5WaAwQAW5WiAwQA
W5WlAwQBW5WoMAwDBANblbgDBABblbwDBAFblb4DBABdfQAwDAMEAV19AgMEAV19
EAMEAF19KTAMAwQBXX0+AwQBXX1EAwQAXX1RMAwDBABdfVMDBABdfVYDBAJdfWQD
BABdfXAwDAMEAF19cwMEAV19dAMEAF19fQMEAbKskjAMAwQAsqyXAwQAsqyYAwQB
sqzOMAwDBACyrNEDBACyrNIDBAGyrPADBALVuOADBADVuOkDBAHVuPQDBAPVuPgD
BADZFSEDBADZFTADBADZFTYwDAMEANkVOwMEANkVPDANBgkqhkiG9w0BAQsFAAOC
AQEARv6XZvmi/Ih3xQ/NpmJQ8ONpeHn289srL4xO5x9xLujKa76+PmeXypehF4oj
nXfP+dvbL2u1v+AFokw9p8cfh1nqmf3oJL1xXkURfOj3RL+aHclMNPAq7CgmFmUB
tRZrpDMk0q8tO/mLIL1fHtxmn81eeLynRgna8rpaDpLImMAjp9yeg8zDFmDZV3bS
WtvunU02sjsQx9Acspl5NzT8qyAOIUlfrQtXImDN0soQUDpLk06fjhggjjeUYNrU
dVpzN4cZ876LP9yvnmDGvW1V+VLWqdtoCB2u/eUAugWgiMSdu7C/L05i8FCSxljq
uIkPNEdh687u8fnQI29Sd5m9QA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:43:33 2024 by rpki-client on console-ams.rpki-client.org