Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/AHEAeyUnNhYTCu60p6sibDn8ib0.roa
File: AHEAeyUnNhYTCu60p6sibDn8ib0.roa (raw, json)
Hash identifier: izPftjE5J7c5NI/PFHX2Zn6dy9zse5G6pRFK8ZgQWzA=
Subject key identifier: 00:71:00:7B:25:27:36:16:13:0A:EE:B4:A7:AB:22:6C:39:FC:89:BD
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 019425FD57406B850AFDA886326B091E243F
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/AHEAeyUnNhYTCu60p6sibDn8ib0.roa
Signing time: Thu 02 Jan 2025 07:49:07 +0000
ROA not before: Thu 02 Jan 2025 07:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49505
IP address blocks: 62.76.7.0/24 maxlen: 24
62.76.155.0/24 maxlen: 24
62.76.164.0/24 maxlen: 24
193.232.88.0/22 maxlen: 24
193.232.113.0/24 maxlen: 24
193.232.204.0/23 maxlen: 24
193.232.220.0/23 maxlen: 24
193.232.222.0/24 maxlen: 24
194.85.179.0/24 maxlen: 24
194.85.180.0/24 maxlen: 24
194.85.181.0/24 maxlen: 24
194.85.182.0/24 maxlen: 24
194.190.131.0/24 maxlen: 24
194.190.149.0/24 maxlen: 24
194.190.210.0/23 maxlen: 24
194.226.4.0/24 maxlen: 24
194.226.5.0/24 maxlen: 24
194.226.20.0/24 maxlen: 24
194.226.97.0/24 maxlen: 24
194.226.112.0/24 maxlen: 24
194.226.113.0/24 maxlen: 24
194.226.115.0/24 maxlen: 24
194.226.120.0/24 maxlen: 24
194.226.123.0/24 maxlen: 24
194.226.124.0/24 maxlen: 24
194.226.125.0/24 maxlen: 24
194.226.126.0/24 maxlen: 24
194.226.165.0/24 maxlen: 24
194.226.166.0/24 maxlen: 24
194.226.184.0/24 maxlen: 24
194.226.187.0/24 maxlen: 24
195.19.29.0/24 maxlen: 24
195.19.168.0/22 maxlen: 24
195.19.172.0/22 maxlen: 24
195.19.195.0/24 maxlen: 24
195.19.199.0/24 maxlen: 24
195.19.219.0/24 maxlen: 24
195.208.20.0/24 maxlen: 24
195.208.21.0/24 maxlen: 24
195.208.56.0/24 maxlen: 24
195.208.80.0/22 maxlen: 24
195.208.84.0/24 maxlen: 24
195.208.86.0/23 maxlen: 24
195.208.88.0/22 maxlen: 24
195.208.92.0/22 maxlen: 24
195.208.110.0/24 maxlen: 24
195.208.117.0/24 maxlen: 24
195.208.178.0/24 maxlen: 24
195.208.180.0/24 maxlen: 24
195.209.135.0/24 maxlen: 24
195.209.145.0/24 maxlen: 24
195.209.188.0/24 maxlen: 24
212.192.56.0/22 maxlen: 24
212.192.60.0/24 maxlen: 24
212.192.61.0/24 maxlen: 24
212.192.63.0/24 maxlen: 24
212.192.168.0/24 maxlen: 24
212.192.192.0/24 maxlen: 24
212.192.195.0/24 maxlen: 24
212.192.196.0/22 maxlen: 24
212.192.228.0/24 maxlen: 24
212.193.102.0/24 maxlen: 24
212.193.162.0/24 maxlen: 24
212.193.164.0/24 maxlen: 24
212.193.167.0/24 maxlen: 24
212.193.168.0/24 maxlen: 24
212.193.171.0/24 maxlen: 24
212.193.184.0/22 maxlen: 24
212.193.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 07:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:57:40:6b:85:0a:fd:a8:86:32:6b:09:1e:24:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 2 07:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0071007b25273616130aeeb4a7ab226c39fc89bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:99:1c:51:80:73:dd:62:e6:62:ad:77:10:c0:
59:60:ee:08:1a:ce:be:0a:05:8b:34:fe:13:ac:52:
34:a3:a0:65:53:93:73:7c:5d:40:57:0f:ea:db:d8:
ac:1a:a1:51:27:60:30:17:73:e0:51:a7:3f:a4:4e:
75:c3:9f:a1:08:60:ae:ac:42:50:bc:bb:4f:52:5b:
1a:1b:21:78:ab:48:2f:2d:11:34:7d:eb:82:a2:ad:
42:69:61:eb:a9:35:70:70:d5:89:6d:ac:c9:56:33:
a2:c3:d8:c0:4b:35:95:5e:9b:35:bb:bc:f9:0b:d9:
a4:0d:d2:fc:25:60:d0:36:2c:26:62:68:af:e1:94:
85:04:97:4e:c5:bc:d5:e8:d5:93:bc:8c:df:44:c4:
de:ce:c9:71:6b:c6:79:2a:96:39:c0:b2:ec:9a:28:
68:27:70:30:f5:d0:00:fb:22:06:1f:50:8e:46:5b:
2d:a5:3a:78:60:6e:27:f4:95:9f:45:41:a9:ec:63:
2b:21:26:9b:d5:bb:31:90:89:1b:4c:92:25:74:67:
ec:d7:57:74:e2:29:1b:a0:0f:01:4d:43:a4:95:25:
09:f9:bc:0c:54:f3:64:9c:81:c9:24:46:85:77:06:
90:5f:b3:eb:c5:31:f5:72:ea:e0:0e:dd:cf:ef:7d:
62:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:71:00:7B:25:27:36:16:13:0A:EE:B4:A7:AB:22:6C:39:FC:89:BD
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/AHEAeyUnNhYTCu60p6sibDn8ib0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.7.0/24
62.76.155.0/24
62.76.164.0/24
193.232.88.0/22
193.232.113.0/24
193.232.204.0/23
193.232.220.0-193.232.222.255
194.85.179.0-194.85.182.255
194.190.131.0/24
194.190.149.0/24
194.190.210.0/23
194.226.4.0/23
194.226.20.0/24
194.226.97.0/24
194.226.112.0/23
194.226.115.0/24
194.226.120.0/24
194.226.123.0-194.226.126.255
194.226.165.0-194.226.166.255
194.226.184.0/24
194.226.187.0/24
195.19.29.0/24
195.19.168.0/21
195.19.195.0/24
195.19.199.0/24
195.19.219.0/24
195.208.20.0/23
195.208.56.0/24
195.208.80.0-195.208.84.255
195.208.86.0-195.208.95.255
195.208.110.0/24
195.208.117.0/24
195.208.178.0/24
195.208.180.0/24
195.209.135.0/24
195.209.145.0/24
195.209.188.0/24
212.192.56.0-212.192.61.255
212.192.63.0/24
212.192.168.0/24
212.192.192.0/24
212.192.195.0-212.192.199.255
212.192.228.0/24
212.193.102.0/24
212.193.162.0/24
212.193.164.0/24
212.193.167.0-212.193.168.255
212.193.171.0/24
212.193.184.0/21
Signature Algorithm: sha256WithRSAEncryption
1c:e3:ee:be:ff:01:91:c9:e5:72:15:fd:6a:de:46:d7:cb:73:
af:64:79:eb:ba:dc:10:d5:f0:29:91:bf:20:23:e0:c7:17:9b:
db:99:ea:54:46:2e:94:d4:e6:e6:17:1c:6a:dc:88:70:16:c0:
ad:4a:40:82:e3:bb:99:7d:1d:db:d7:4d:da:86:6f:3e:39:01:
3b:25:4b:83:e1:7b:60:f1:30:7f:c5:d6:0d:ee:12:fc:2d:d7:
84:94:3b:91:12:13:3e:1f:18:39:88:92:cc:e6:45:7b:19:9c:
17:68:ab:ca:17:9f:be:6d:28:0c:d7:08:7d:43:4a:38:d7:c2:
0c:de:c6:77:f2:69:cb:81:2b:8c:9c:9b:67:87:3b:9f:ff:76:
ad:98:93:0c:d7:fb:c6:70:30:d5:d3:e1:a1:70:47:67:57:6a:
55:ee:60:f0:1a:14:dc:06:9e:ff:f7:ae:04:fc:43:ce:69:8b:
f2:82:f2:08:8f:8f:46:61:91:6c:c4:d4:ed:97:f4:c8:d5:fe:
ec:3f:de:75:15:2f:3e:c1:9a:22:4b:42:45:3e:df:79:d6:f7:
7a:d7:2c:c1:07:ef:23:31:53:77:be:90:7f:b3:e3:06:fb:71:
26:17:eb:a1:cd:2d:77:5b:e4:3b:6f:77:b9:1b:36:9c:17:47:
bb:29:cd:0d
-----BEGIN CERTIFICATE-----
MIIGbzCCBVegAwIBAgISAZQl/VdAa4UK/aiGMmsJHiQ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwMTAyMDc0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDcxMDA3YjI1MjczNjE2MTMwYWVlYjRhN2FiMjI2YzM5ZmM4OWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5kcUYBz3WLmYq13EMBZYO4IGs6+
CgWLNP4TrFI0o6BlU5NzfF1AVw/q29isGqFRJ2AwF3PgUac/pE51w5+hCGCurEJQ
vLtPUlsaGyF4q0gvLRE0feuCoq1CaWHrqTVwcNWJbazJVjOiw9jASzWVXps1u7z5
C9mkDdL8JWDQNiwmYmiv4ZSFBJdOxbzV6NWTvIzfRMTezslxa8Z5KpY5wLLsmiho
J3Aw9dAA+yIGH1CORlstpTp4YG4n9JWfRUGp7GMrISab1bsxkIkbTJIldGfs11d0
4ikboA8BTUOklSUJ+bwMVPNknIHJJEaFdwaQX7PrxTH1curgDt3P731imQIDAQAB
o4IDezCCA3cwHQYDVR0OBBYEFABxAHslJzYWEwrutKerImw5/Im9MB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvQUhFQWV5VW5OaFlUQ3U2MHA2c2liRG44aWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBjwYIKwYBBQUHAQcBAf8EggF+MIIBejCCAXYEAgABMIIB
bgMEAD5MBwMEAD5MmwMEAD5MpAMEAsHoWAMEAMHocQMEAcHozDAMAwQCwejcAwQA
wejeMAwDBADCVbMDBADCVbYDBADCvoMDBADCvpUDBAHCvtIDBAHC4gQDBADC4hQD
BADC4mEDBAHC4nADBADC4nMDBADC4ngwDAMEAMLiewMEAMLifjAMAwQAwuKlAwQA
wuKmAwQAwuK4AwQAwuK7AwQAwxMdAwQDwxOoAwQAwxPDAwQAwxPHAwQAwxPbAwQB
w9AUAwQAw9A4MAwDBATD0FADBADD0FQwDAMEAcPQVgMEBcPQQAMEAMPQbgMEAMPQ
dQMEAMPQsgMEAMPQtAMEAMPRhwMEAMPRkQMEAMPRvDAMAwQD1MA4AwQB1MA8AwQA
1MA/AwQA1MCoAwQA1MDAMAwDBADUwMMDBAPUwMADBADUwOQDBADUwWYDBADUwaID
BADUwaQwDAMEANTBpwMEANTBqAMEANTBqwMEA9TBuDANBgkqhkiG9w0BAQsFAAOC
AQEAHOPuvv8BkcnlchX9at5G18tzr2R567rcENXwKZG/ICPgxxeb25nqVEYulNTm
5hccatyIcBbArUpAguO7mX0d29dN2oZvPjkBOyVLg+F7YPEwf8XWDe4S/C3XhJQ7
kRITPh8YOYiSzOZFexmcF2iryhefvm0oDNcIfUNKONfCDN7Gd/Jpy4ErjJybZ4c7
n/92rZiTDNf7xnAw1dPhoXBHZ1dqVe5g8BoU3Aae//euBPxDzmmL8oLyCI+PRmGR
bMTU7Zf0yNX+7D/edRUvPsGaIktCRT7fedb3etcswQfvIzFTd76Qf7PjBvtxJhfr
oc0td1vkO293uRs2nBdHuynNDQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:58:48 2025 by rpki-client