Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/2d36ab-dee5-469d-9216-6663faba1dd0/1/69uTurT2ow4gjTi1On2zUvXfZmo.roa
File: 69uTurT2ow4gjTi1On2zUvXfZmo.roa (raw, json)
Hash identifier: D9Iuhd5S4tNZn2g9x2RkNzFimGcVt47IAY1vvWMYr+8=
Subject key identifier: EB:DB:93:BA:B4:F6:A3:0E:20:8D:38:B5:3A:7D:B3:52:F5:DF:66:6A
Certificate issuer: /CN=6749aeda8a8ace7ec596fc187a2fe10582a6704d
Certificate serial: 018DC66983E335036230A9E309F161172122
Authority key identifier: 67:49:AE:DA:8A:8A:CE:7E:C5:96:FC:18:7A:2F:E1:05:82:A6:70:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mu2oqKzn7FlvwYei_hBYKmcE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/2d36ab-dee5-469d-9216-6663faba1dd0/1/69uTurT2ow4gjTi1On2zUvXfZmo.roa
Signing time: Tue 20 Feb 2024 12:07:00 +0000
ROA not before: Tue 20 Feb 2024 12:07:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6805
IP address blocks: 62.109.64.0/18 maxlen: 18
78.48.0.0/13 maxlen: 13
78.48.0.0/18 maxlen: 18
78.48.64.0/18 maxlen: 18
78.48.128.0/18 maxlen: 18
78.48.192.0/18 maxlen: 18
78.49.0.0/18 maxlen: 18
78.49.64.0/18 maxlen: 18
78.49.128.0/18 maxlen: 18
78.49.192.0/18 maxlen: 18
78.50.0.0/16 maxlen: 16
78.50.0.0/17 maxlen: 17
78.50.128.0/17 maxlen: 17
78.51.0.0/19 maxlen: 19
78.51.32.0/19 maxlen: 19
78.51.64.0/19 maxlen: 19
78.51.96.0/19 maxlen: 19
78.51.128.0/18 maxlen: 18
78.51.192.0/18 maxlen: 18
78.54.0.0/18 maxlen: 18
78.54.64.0/18 maxlen: 18
78.54.128.0/18 maxlen: 18
78.54.192.0/18 maxlen: 18
78.55.0.0/18 maxlen: 18
78.55.64.0/18 maxlen: 18
78.55.128.0/18 maxlen: 18
78.55.192.0/18 maxlen: 18
80.171.0.0/16 maxlen: 16
80.171.0.0/18 maxlen: 18
80.171.64.0/18 maxlen: 18
85.176.0.0/13 maxlen: 13
85.183.16.0/23 maxlen: 23
85.183.18.0/23 maxlen: 23
89.12.0.0/14 maxlen: 14
89.12.0.0/18 maxlen: 18
89.12.64.0/18 maxlen: 18
89.12.128.0/18 maxlen: 18
89.12.192.0/18 maxlen: 18
89.13.0.0/16 maxlen: 16
89.13.0.0/17 maxlen: 17
89.13.128.0/17 maxlen: 17
89.14.0.0/18 maxlen: 18
89.14.64.0/18 maxlen: 18
89.14.128.0/18 maxlen: 18
89.14.192.0/18 maxlen: 18
89.15.232.0/21 maxlen: 21
92.224.0.0/13 maxlen: 13
92.224.0.0/16 maxlen: 16
92.225.0.0/16 maxlen: 16
92.227.194.0/23 maxlen: 23
92.228.72.0/23 maxlen: 23
92.228.74.0/23 maxlen: 23
92.228.76.0/23 maxlen: 23
92.228.78.0/23 maxlen: 23
92.228.80.0/23 maxlen: 23
92.228.82.0/23 maxlen: 23
92.228.84.0/23 maxlen: 23
92.228.86.0/23 maxlen: 23
92.229.0.0/16 maxlen: 16
92.230.20.0/23 maxlen: 23
92.230.22.0/23 maxlen: 23
185.93.236.0/22 maxlen: 22
213.39.128.0/17 maxlen: 17
213.191.64.0/19 maxlen: 19
2a01:c00::/26 maxlen: 39
2a01:c08::/47 maxlen: 47
2a01:c20:7000::/39 maxlen: 39
2a01:c20:7200::/47 maxlen: 47
2a01:c22:1c00::/47 maxlen: 47
2a01:c22:1e00::/39 maxlen: 39
2a01:c22:3400::/39 maxlen: 39
2a01:c22:3600::/47 maxlen: 47
2a01:c22:6c00::/47 maxlen: 47
2a01:c22:6e00::/39 maxlen: 39
2a01:c22:7000::/47 maxlen: 47
2a01:c22:7200::/39 maxlen: 39
2a01:c22:7400::/47 maxlen: 47
2a01:c22:7600::/39 maxlen: 39
2a01:c22:7800::/47 maxlen: 47
2a01:c22:7a00::/39 maxlen: 39
2a01:c22:8400::/39 maxlen: 39
2a01:c22:8600::/47 maxlen: 47
2a01:c22:8800::/39 maxlen: 39
2a01:c22:8a00::/47 maxlen: 47
2a01:c22:8c00::/39 maxlen: 39
2a01:c22:8e00::/47 maxlen: 47
2a01:c22:a600::/47 maxlen: 47
2a01:c22:aa00::/47 maxlen: 47
2a01:c22:ae00::/47 maxlen: 47
2a01:c22:b200::/47 maxlen: 47
2a01:c22:b600::/47 maxlen: 47
2a01:c22:ba00::/47 maxlen: 47
2a01:c22:be00::/47 maxlen: 47
2a01:c22:c200::/47 maxlen: 47
2a01:c22:ca00::/47 maxlen: 47
2a01:c22:ce00::/47 maxlen: 47
2a01:c22:d200::/47 maxlen: 47
2a01:c22:d600::/47 maxlen: 47
2a01:c23:5e00::/47 maxlen: 47
2a01:c23:6200::/47 maxlen: 47
2a01:c23:6600::/47 maxlen: 47
2a01:c23:6a00::/47 maxlen: 47
2a01:c23:6e00::/47 maxlen: 47
2a01:c23:7200::/47 maxlen: 47
2a01:c23:7600::/47 maxlen: 47
2a01:c23:8a00::/47 maxlen: 47
2a01:c23:8e00::/47 maxlen: 47
2a01:c23:9200::/47 maxlen: 47
2a01:c23:9600::/47 maxlen: 47
2a01:c23:ba00::/47 maxlen: 47
2a01:c23:be00::/47 maxlen: 47
2a01:c23:c200::/47 maxlen: 47
2a01:c23:c600::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/2d36ab-dee5-469d-9216-6663faba1dd0/1/Z0mu2oqKzn7FlvwYei_hBYKmcE0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/2d36ab-dee5-469d-9216-6663faba1dd0/1/Z0mu2oqKzn7FlvwYei_hBYKmcE0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z0mu2oqKzn7FlvwYei_hBYKmcE0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c6:69:83:e3:35:03:62:30:a9:e3:09:f1:61:17:21:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6749aeda8a8ace7ec596fc187a2fe10582a6704d
Validity
Not Before: Feb 20 12:07:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ebdb93bab4f6a30e208d38b53a7db352f5df666a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bb:68:75:89:31:6f:03:15:e4:b1:ad:81:ec:
4a:78:7d:41:ac:71:6e:17:98:2c:b0:12:27:5b:e5:
26:a1:17:cb:1b:23:be:80:d1:fa:72:d2:9c:7c:1a:
e3:c7:9c:82:3c:a8:27:51:6f:50:72:4c:2b:0d:5b:
fd:b1:c2:72:f1:ba:24:6b:6c:fd:f2:5a:20:72:c4:
97:61:00:99:e5:c2:81:18:16:9f:89:4f:09:75:55:
81:02:d8:3b:d0:e0:bf:9f:bf:d4:83:18:1b:bf:2b:
c4:ed:5b:61:d5:15:a5:62:ec:47:b8:88:4e:3b:2e:
6d:a7:08:7b:61:9f:be:75:cc:31:f9:b3:85:2c:be:
63:e0:43:6b:6e:b7:04:a2:a7:3b:c5:3d:20:97:5c:
dd:32:84:76:2e:6e:b2:aa:2c:b4:a9:23:3a:b2:ea:
aa:f8:97:9f:06:5b:7d:a9:48:c5:36:7c:30:a0:83:
da:b2:e4:95:cb:2d:27:b4:b1:31:1e:30:5c:90:e3:
1a:c6:1a:83:cd:aa:61:f3:8a:58:9b:ef:dd:ed:be:
8e:fe:fd:3b:5a:98:04:f2:ec:98:ad:8f:6f:1b:3a:
7d:bc:f5:f5:86:fd:73:5a:aa:d9:be:30:3b:5a:1b:
0c:37:a7:f3:a0:25:67:78:6e:c8:e6:cc:1e:43:ab:
55:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:DB:93:BA:B4:F6:A3:0E:20:8D:38:B5:3A:7D:B3:52:F5:DF:66:6A
X509v3 Authority Key Identifier:
keyid:67:49:AE:DA:8A:8A:CE:7E:C5:96:FC:18:7A:2F:E1:05:82:A6:70:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mu2oqKzn7FlvwYei_hBYKmcE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2d36ab-dee5-469d-9216-6663faba1dd0/1/69uTurT2ow4gjTi1On2zUvXfZmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2d36ab-dee5-469d-9216-6663faba1dd0/1/Z0mu2oqKzn7FlvwYei_hBYKmcE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.109.64.0/18
78.48.0.0/13
80.171.0.0/16
85.176.0.0/13
89.12.0.0/14
92.224.0.0/13
185.93.236.0/22
213.39.128.0/17
213.191.64.0/19
IPv6:
2a01:c00::/26
Signature Algorithm: sha256WithRSAEncryption
8e:3b:3e:d9:33:a5:dc:7a:84:f9:b5:f2:b4:36:7c:de:d0:9f:
2c:5a:82:76:48:37:28:cd:a8:98:d2:d4:9b:f2:cf:fe:03:86:
d9:7f:5a:95:dd:b5:19:68:5d:c4:db:14:90:48:51:f4:15:7c:
29:37:1a:71:3d:95:eb:35:b6:2c:ac:42:24:f3:98:76:cd:61:
32:d8:e0:93:a2:66:e2:e0:cb:7e:22:e9:89:7c:58:95:a7:ca:
70:77:eb:b1:35:f8:18:2e:bb:67:4b:af:5d:20:c3:87:e1:a9:
8c:d1:55:fb:ff:c4:a3:57:4b:20:7a:0e:0b:f2:57:39:70:76:
f7:57:34:1e:4f:8a:ee:04:b9:e8:ec:66:ba:95:32:2c:0a:f1:
6d:c9:f5:c2:76:f8:bf:e7:30:b9:2c:7d:a9:6b:60:93:64:3d:
04:4b:ca:47:b5:0f:55:8a:a5:7e:0c:e3:58:36:56:cb:4d:b5:
4a:3e:78:77:25:d0:29:bc:59:ad:8c:8d:0d:ff:e3:b7:a2:7f:
69:a0:9e:3a:01:c4:99:74:79:ca:6d:2b:40:3a:b0:70:47:b8:
87:49:14:6d:da:7a:f9:03:cc:0d:39:e1:71:7f:c1:60:25:1e:
2b:92:69:e4:10:ad:64:50:34:30:12:11:0a:2c:83:0b:f3:1e:
c0:80:07:b5
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAY3GaYPjNQNiMKnjCfFhFyEiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDlhZWRhOGE4YWNlN2VjNTk2ZmMxODdhMmZlMTA1ODJh
NjcwNGQwHhcNMjQwMjIwMTIwNzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmRiOTNiYWI0ZjZhMzBlMjA4ZDM4YjUzYTdkYjM1MmY1ZGY2NjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7todYkxbwMV5LGtgexKeH1BrHFu
F5gssBInW+UmoRfLGyO+gNH6ctKcfBrjx5yCPKgnUW9QckwrDVv9scJy8boka2z9
8logcsSXYQCZ5cKBGBafiU8JdVWBAtg70OC/n7/UgxgbvyvE7Vth1RWlYuxHuIhO
Oy5tpwh7YZ++dcwx+bOFLL5j4ENrbrcEoqc7xT0gl1zdMoR2Lm6yqiy0qSM6suqq
+JefBlt9qUjFNnwwoIPasuSVyy0ntLExHjBckOMaxhqDzaph84pYm+/d7b6O/v07
WpgE8uyYrY9vGzp9vPX1hv1zWqrZvjA7WhsMN6fzoCVneG7I5sweQ6tV0wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFOvbk7q09qMOII04tTp9s1L132ZqMB8GA1UdIwQY
MBaAFGdJrtqKis5+xZb8GHov4QWCpnBNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtdTJvcUt6bjdGbHZ3WWVpX2hCWUttY0UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yZDM2YWItZGVlNS00NjlkLTkyMTYt
NjY2M2ZhYmExZGQwLzEvNjl1VHVyVDJvdzRnalRpMU9uMnpVdlhmWm1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yZDM2YWItZGVlNS00NjlkLTkyMTYtNjY2M2ZhYmExZGQw
LzEvWjBtdTJvcUt6bjdGbHZ3WWVpX2hCWUttY0UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDA3BAIAATAxAwQGPm1AAwMD
TjADAwBQqwMDA1WwAwMCWQwDAwNc4AMEArld7AMEB9UngAMEBdW/QDANBAIAAjAH
AwUGKgEMADANBgkqhkiG9w0BAQsFAAOCAQEAjjs+2TOl3HqE+bXytDZ83tCfLFqC
dkg3KM2omNLUm/LP/gOG2X9ald21GWhdxNsUkEhR9BV8KTcacT2V6zW2LKxCJPOY
ds1hMtjgk6Jm4uDLfiLpiXxYlafKcHfrsTX4GC67Z0uvXSDDh+GpjNFV+//Eo1dL
IHoOC/JXOXB291c0Hk+K7gS56OxmupUyLArxbcn1wnb4v+cwuSx9qWtgk2Q9BEvK
R7UPVYqlfgzjWDZWy021Sj54dyXQKbxZrYyNDf/jt6J/aaCeOgHEmXR5ym0rQDqw
cEe4h0kUbdp6+QPMDTnhcX/BYCUeK5Jp5BCtZFA0MBIRCiyDC/MewIAHtQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:57:43 2024 by rpki-client on console-ams.rpki-client.org