Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/2d36ab-dee5-469d-9216-6663faba1dd0/1/nTDhf9VvaUWtGXfSXd6ZXiNxw-A.roa
File: nTDhf9VvaUWtGXfSXd6ZXiNxw-A.roa (raw, json)
Hash identifier: TEsr7FEvfPnHZkOwTNPtPOQvAkTL24+b73nNoo3Z3WA=
Subject key identifier: 9D:30:E1:7F:D5:6F:69:45:AD:19:77:D2:5D:DE:99:5E:23:71:C3:E0
Certificate issuer: /CN=6749aeda8a8ace7ec596fc187a2fe10582a6704d
Certificate serial: 0194649C495C187D0C7FD61CEFFCF122E55C
Authority key identifier: 67:49:AE:DA:8A:8A:CE:7E:C5:96:FC:18:7A:2F:E1:05:82:A6:70:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mu2oqKzn7FlvwYei_hBYKmcE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/2d36ab-dee5-469d-9216-6663faba1dd0/1/nTDhf9VvaUWtGXfSXd6ZXiNxw-A.roa
Signing time: Tue 14 Jan 2025 11:39:11 +0000
ROA not before: Tue 14 Jan 2025 11:39:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6805
IP address blocks: 62.109.64.0/18 maxlen: 18
78.48.0.0/13 maxlen: 13
78.48.0.0/16 maxlen: 16
78.48.0.0/18 maxlen: 18
78.48.64.0/18 maxlen: 18
78.48.128.0/18 maxlen: 18
78.48.192.0/18 maxlen: 18
78.49.0.0/16 maxlen: 16
78.49.0.0/18 maxlen: 18
78.49.64.0/18 maxlen: 18
78.49.128.0/18 maxlen: 18
78.49.192.0/18 maxlen: 18
78.50.0.0/16 maxlen: 16
78.50.0.0/17 maxlen: 17
78.50.128.0/17 maxlen: 17
78.51.0.0/19 maxlen: 19
78.51.32.0/19 maxlen: 19
78.51.64.0/19 maxlen: 19
78.51.96.0/19 maxlen: 19
78.51.128.0/18 maxlen: 18
78.51.192.0/18 maxlen: 18
78.54.0.0/18 maxlen: 18
78.54.64.0/18 maxlen: 18
78.54.128.0/18 maxlen: 18
78.54.192.0/18 maxlen: 18
78.55.0.0/18 maxlen: 18
78.55.64.0/18 maxlen: 18
78.55.128.0/18 maxlen: 18
78.55.192.0/18 maxlen: 18
80.171.0.0/16 maxlen: 16
80.171.0.0/18 maxlen: 18
80.171.64.0/18 maxlen: 18
80.171.128.0/18 maxlen: 18
80.171.192.0/18 maxlen: 18
85.176.0.0/13 maxlen: 13
85.183.16.0/23 maxlen: 23
85.183.18.0/23 maxlen: 23
89.12.0.0/14 maxlen: 14
89.12.0.0/16 maxlen: 16
89.12.0.0/18 maxlen: 18
89.12.64.0/18 maxlen: 18
89.12.128.0/18 maxlen: 18
89.12.192.0/18 maxlen: 18
89.13.0.0/16 maxlen: 16
89.13.0.0/17 maxlen: 17
89.13.128.0/17 maxlen: 17
89.14.0.0/18 maxlen: 18
89.14.64.0/18 maxlen: 18
89.14.128.0/18 maxlen: 18
89.14.192.0/18 maxlen: 18
89.15.232.0/21 maxlen: 21
92.224.0.0/13 maxlen: 13
92.224.0.0/16 maxlen: 16
92.224.128.0/17 maxlen: 17
92.225.0.0/16 maxlen: 16
92.225.0.0/17 maxlen: 17
92.225.128.0/17 maxlen: 17
92.227.194.0/23 maxlen: 23
92.228.72.0/23 maxlen: 23
92.228.74.0/23 maxlen: 23
92.228.76.0/23 maxlen: 23
92.228.78.0/23 maxlen: 23
92.228.80.0/23 maxlen: 23
92.228.82.0/23 maxlen: 23
92.228.84.0/23 maxlen: 23
92.228.86.0/23 maxlen: 23
92.229.0.0/16 maxlen: 16
92.229.0.0/17 maxlen: 17
92.230.20.0/23 maxlen: 23
92.230.22.0/23 maxlen: 23
185.93.236.0/22 maxlen: 22
213.39.128.0/17 maxlen: 17
213.191.64.0/19 maxlen: 19
2a01:c00::/26 maxlen: 39
2a01:c08::/47 maxlen: 47
2a01:c20:7000::/39 maxlen: 39
2a01:c20:7200::/47 maxlen: 47
2a01:c22:1c00::/47 maxlen: 47
2a01:c22:1e00::/39 maxlen: 39
2a01:c22:3400::/39 maxlen: 39
2a01:c22:3600::/47 maxlen: 47
2a01:c22:6c00::/47 maxlen: 47
2a01:c22:6e00::/39 maxlen: 39
2a01:c22:7000::/47 maxlen: 47
2a01:c22:7200::/39 maxlen: 39
2a01:c22:7400::/47 maxlen: 47
2a01:c22:7600::/39 maxlen: 39
2a01:c22:7800::/47 maxlen: 47
2a01:c22:7a00::/39 maxlen: 39
2a01:c22:8400::/39 maxlen: 39
2a01:c22:8600::/47 maxlen: 47
2a01:c22:8800::/39 maxlen: 39
2a01:c22:8a00::/47 maxlen: 47
2a01:c22:8c00::/39 maxlen: 39
2a01:c22:8e00::/47 maxlen: 47
2a01:c22:a600::/47 maxlen: 47
2a01:c22:aa00::/47 maxlen: 47
2a01:c22:ae00::/47 maxlen: 47
2a01:c22:b200::/47 maxlen: 47
2a01:c22:b600::/47 maxlen: 47
2a01:c22:ba00::/47 maxlen: 47
2a01:c22:be00::/47 maxlen: 47
2a01:c22:c200::/47 maxlen: 47
2a01:c22:ca00::/47 maxlen: 47
2a01:c22:ce00::/47 maxlen: 47
2a01:c22:d200::/47 maxlen: 47
2a01:c22:d600::/47 maxlen: 47
2a01:c23:5e00::/47 maxlen: 47
2a01:c23:6200::/47 maxlen: 47
2a01:c23:6600::/47 maxlen: 47
2a01:c23:6a00::/47 maxlen: 47
2a01:c23:6e00::/47 maxlen: 47
2a01:c23:7200::/47 maxlen: 47
2a01:c23:7600::/47 maxlen: 47
2a01:c23:8a00::/47 maxlen: 47
2a01:c23:8e00::/47 maxlen: 47
2a01:c23:9200::/47 maxlen: 47
2a01:c23:9600::/47 maxlen: 47
2a01:c23:ba00::/47 maxlen: 47
2a01:c23:be00::/47 maxlen: 47
2a01:c23:c200::/47 maxlen: 47
2a01:c23:c600::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/2d36ab-dee5-469d-9216-6663faba1dd0/1/Z0mu2oqKzn7FlvwYei_hBYKmcE0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/2d36ab-dee5-469d-9216-6663faba1dd0/1/Z0mu2oqKzn7FlvwYei_hBYKmcE0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z0mu2oqKzn7FlvwYei_hBYKmcE0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:64:9c:49:5c:18:7d:0c:7f:d6:1c:ef:fc:f1:22:e5:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6749aeda8a8ace7ec596fc187a2fe10582a6704d
Validity
Not Before: Jan 14 11:39:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d30e17fd56f6945ad1977d25dde995e2371c3e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:89:a1:c6:35:ed:3a:7a:dd:c4:f7:18:bf:1d:
32:71:92:13:9c:8d:af:d6:df:46:d4:5e:e5:45:59:
af:5b:55:a2:26:69:1c:77:6a:55:07:08:cc:b7:75:
f1:b4:23:97:48:9c:b1:c1:56:ae:62:be:d9:35:52:
c9:cc:79:b3:ba:d9:0f:2a:43:4e:fe:7d:e4:bc:9c:
53:17:71:f6:f1:b5:1a:81:42:fc:48:ab:64:69:cb:
21:a6:ed:b8:cd:a5:90:db:1a:e2:48:b8:0c:f4:c7:
7d:b1:2f:06:95:85:57:e2:73:ff:13:cf:b2:e7:3b:
7a:82:80:06:be:b4:ce:71:13:4e:1c:78:6e:5d:ba:
82:48:da:08:ba:d7:e0:e0:f2:ec:1f:b2:25:c6:12:
de:ca:1d:68:56:ef:38:ff:e6:4f:8a:a3:f7:3e:63:
e7:d3:e6:25:ef:61:fc:a0:54:d2:e1:9c:60:5a:50:
9a:ea:da:83:94:3d:1c:a3:c1:ca:fb:12:6b:e9:8d:
50:74:f3:e8:17:33:96:d5:59:43:16:85:a7:a5:6e:
58:f1:13:d9:ce:c6:e3:f7:97:bc:df:d4:ed:f4:1c:
d8:98:36:20:3d:c5:00:d5:9c:a5:f0:5b:6f:bc:c8:
6e:a6:5f:c5:00:6c:a1:5c:3f:ec:51:1c:81:ec:9e:
9f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:30:E1:7F:D5:6F:69:45:AD:19:77:D2:5D:DE:99:5E:23:71:C3:E0
X509v3 Authority Key Identifier:
keyid:67:49:AE:DA:8A:8A:CE:7E:C5:96:FC:18:7A:2F:E1:05:82:A6:70:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mu2oqKzn7FlvwYei_hBYKmcE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2d36ab-dee5-469d-9216-6663faba1dd0/1/nTDhf9VvaUWtGXfSXd6ZXiNxw-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2d36ab-dee5-469d-9216-6663faba1dd0/1/Z0mu2oqKzn7FlvwYei_hBYKmcE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.109.64.0/18
78.48.0.0/13
80.171.0.0/16
85.176.0.0/13
89.12.0.0/14
92.224.0.0/13
185.93.236.0/22
213.39.128.0/17
213.191.64.0/19
IPv6:
2a01:c00::/26
Signature Algorithm: sha256WithRSAEncryption
8c:14:fa:85:2c:9d:88:3e:8f:e0:fa:c1:a5:00:64:0e:2b:3c:
75:f8:e6:c2:14:0a:07:c9:d9:e4:bb:e7:e5:69:28:b1:ad:27:
ff:9d:fe:3a:54:c4:c0:5e:18:df:c1:e6:0a:3d:0f:05:23:30:
32:24:af:8e:a9:87:be:55:f5:d2:89:64:4f:0d:51:76:fd:a1:
c2:e1:5d:a9:ac:b1:06:1a:38:19:44:55:66:55:3e:00:ea:06:
77:51:ed:e7:88:ff:0f:38:55:24:13:6c:f4:37:22:68:55:8b:
a3:34:c7:a4:f6:74:3e:37:e8:76:65:e5:df:68:cd:32:02:d7:
55:ce:1c:d7:19:f3:55:2b:3a:79:29:ff:5e:d3:9e:3e:a2:bb:
75:b8:3b:df:50:45:53:11:25:47:10:1d:b7:ec:8d:32:8c:50:
70:77:73:f3:e4:86:bb:7f:5d:d6:ec:99:25:db:cc:83:d8:9b:
74:4e:54:41:57:e8:2b:3a:06:fc:f9:e4:3a:fb:27:b7:5e:87:
aa:90:ff:d9:36:14:d1:c1:9a:df:f6:6a:cc:d6:80:04:21:3e:
d2:d6:ba:cc:f5:bd:fe:d7:cc:9b:e5:6f:8c:7b:d4:52:6c:a1:
f6:02:03:eb:de:94:d3:3c:e5:65:13:fc:0e:91:d2:b4:d2:5b:
70:fb:b5:d7
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZRknElcGH0Mf9Yc7/zxIuVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDlhZWRhOGE4YWNlN2VjNTk2ZmMxODdhMmZlMTA1ODJh
NjcwNGQwHhcNMjUwMTE0MTEzOTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDMwZTE3ZmQ1NmY2OTQ1YWQxOTc3ZDI1ZGRlOTk1ZTIzNzFjM2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnImhxjXtOnrdxPcYvx0ycZITnI2v
1t9G1F7lRVmvW1WiJmkcd2pVBwjMt3XxtCOXSJyxwVauYr7ZNVLJzHmzutkPKkNO
/n3kvJxTF3H28bUagUL8SKtkacshpu24zaWQ2xriSLgM9Md9sS8GlYVX4nP/E8+y
5zt6goAGvrTOcRNOHHhuXbqCSNoIutfg4PLsH7IlxhLeyh1oVu84/+ZPiqP3PmPn
0+Yl72H8oFTS4ZxgWlCa6tqDlD0co8HK+xJr6Y1QdPPoFzOW1VlDFoWnpW5Y8RPZ
zsbj95e839Tt9BzYmDYgPcUA1Zyl8FtvvMhupl/FAGyhXD/sURyB7J6f/wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFJ0w4X/Vb2lFrRl30l3emV4jccPgMB8GA1UdIwQY
MBaAFGdJrtqKis5+xZb8GHov4QWCpnBNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtdTJvcUt6bjdGbHZ3WWVpX2hCWUttY0UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yZDM2YWItZGVlNS00NjlkLTkyMTYt
NjY2M2ZhYmExZGQwLzEvblREaGY5VnZhVVd0R1hmU1hkNlpYaU54dy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yZDM2YWItZGVlNS00NjlkLTkyMTYtNjY2M2ZhYmExZGQw
LzEvWjBtdTJvcUt6bjdGbHZ3WWVpX2hCWUttY0UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDA3BAIAATAxAwQGPm1AAwMD
TjADAwBQqwMDA1WwAwMCWQwDAwNc4AMEArld7AMEB9UngAMEBdW/QDANBAIAAjAH
AwUGKgEMADANBgkqhkiG9w0BAQsFAAOCAQEAjBT6hSydiD6P4PrBpQBkDis8dfjm
whQKB8nZ5Lvn5Wkosa0n/53+OlTEwF4Y38HmCj0PBSMwMiSvjqmHvlX10olkTw1R
dv2hwuFdqayxBho4GURVZlU+AOoGd1Ht54j/DzhVJBNs9DciaFWLozTHpPZ0Pjfo
dmXl32jNMgLXVc4c1xnzVSs6eSn/XtOePqK7dbg731BFUxElRxAdt+yNMoxQcHdz
8+SGu39d1uyZJdvMg9ibdE5UQVfoKzoG/PnkOvsnt16HqpD/2TYU0cGa3/ZqzNaA
BCE+0ta6zPW9/tfMm+VvjHvUUmyh9gID696U0zzlZRP8DpHStNJbcPu11w==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:13 2025 by rpki-client