Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/12sEndDITu3xfG3rwq5fCgDFi4g.roa
File: 12sEndDITu3xfG3rwq5fCgDFi4g.roa (raw, json)
Hash identifier: INrDxDNjEOUhYyeyQWwSgSxYwST/jFhVVKOzmgcOx8U=
Subject key identifier: D7:6B:04:9D:D0:C8:4E:ED:F1:7C:6D:EB:C2:AE:5F:0A:00:C5:8B:88
Certificate issuer: /CN=91c10bfde5813ab47c38c5c1904ec26b32c2a095
Certificate serial: 0194FF4D49258E81D08C0B923AD6C043D750
Authority key identifier: 91:C1:0B:FD:E5:81:3A:B4:7C:38:C5:C1:90:4E:C2:6B:32:C2:A0:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcEL_eWBOrR8OMXBkE7CazLCoJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/12sEndDITu3xfG3rwq5fCgDFi4g.roa
Signing time: Thu 13 Feb 2025 12:34:02 +0000
ROA not before: Thu 13 Feb 2025 12:34:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33915
IP address blocks: 24.132.0.0/16 maxlen: 16
24.132.0.0/17 maxlen: 17
24.132.128.0/17 maxlen: 17
31.151.0.0/16 maxlen: 16
31.151.0.0/17 maxlen: 17
31.151.128.0/17 maxlen: 17
46.129.0.0/16 maxlen: 16
46.129.0.0/17 maxlen: 17
46.129.128.0/17 maxlen: 17
62.100.0.0/18 maxlen: 18
62.108.0.0/19 maxlen: 19
62.108.0.0/20 maxlen: 20
62.108.16.0/20 maxlen: 20
62.163.0.0/16 maxlen: 16
62.163.0.0/17 maxlen: 17
62.163.128.0/17 maxlen: 17
62.194.0.0/15 maxlen: 15
62.194.0.0/16 maxlen: 16
62.195.0.0/16 maxlen: 16
77.248.0.0/14 maxlen: 14
77.248.0.0/15 maxlen: 15
77.250.0.0/15 maxlen: 15
80.56.0.0/15 maxlen: 15
80.56.0.0/16 maxlen: 16
80.57.0.0/16 maxlen: 16
80.85.32.0/20 maxlen: 20
80.113.0.0/16 maxlen: 16
80.113.0.0/17 maxlen: 17
80.113.128.0/17 maxlen: 17
80.248.32.0/20 maxlen: 20
80.248.32.0/21 maxlen: 21
80.248.40.0/21 maxlen: 21
81.175.64.0/18 maxlen: 18
81.175.64.0/19 maxlen: 19
81.175.96.0/19 maxlen: 19
84.41.128.0/17 maxlen: 17
88.211.128.0/18 maxlen: 18
89.98.0.0/15 maxlen: 15
89.98.0.0/16 maxlen: 16
89.99.0.0/16 maxlen: 16
89.220.0.0/17 maxlen: 17
92.108.0.0/14 maxlen: 14
92.108.0.0/15 maxlen: 15
92.110.0.0/15 maxlen: 15
95.96.0.0/15 maxlen: 15
95.96.0.0/16 maxlen: 16
95.97.0.0/16 maxlen: 16
178.84.0.0/15 maxlen: 15
178.84.0.0/16 maxlen: 16
178.85.0.0/16 maxlen: 16
185.94.92.0/22 maxlen: 22
185.137.200.0/22 maxlen: 22
185.137.200.0/23 maxlen: 23
185.137.202.0/23 maxlen: 23
195.18.64.0/18 maxlen: 18
212.67.160.0/19 maxlen: 19
212.83.64.0/19 maxlen: 19
212.83.64.0/20 maxlen: 20
212.83.80.0/20 maxlen: 20
212.178.32.0/19 maxlen: 19
212.178.32.0/20 maxlen: 20
212.178.48.0/20 maxlen: 20
212.187.0.0/17 maxlen: 17
212.187.0.0/18 maxlen: 18
212.187.64.0/18 maxlen: 18
213.34.0.0/19 maxlen: 19
213.34.0.0/20 maxlen: 20
213.34.16.0/20 maxlen: 20
213.46.0.0/16 maxlen: 16
213.46.0.0/17 maxlen: 17
213.46.128.0/17 maxlen: 17
213.93.0.0/16 maxlen: 16
213.93.0.0/17 maxlen: 17
213.93.128.0/17 maxlen: 17
213.124.160.0/19 maxlen: 19
213.124.160.0/20 maxlen: 20
213.124.176.0/20 maxlen: 20
213.124.192.0/18 maxlen: 18
213.124.192.0/19 maxlen: 19
213.124.224.0/19 maxlen: 19
213.126.128.0/17 maxlen: 17
213.126.128.0/18 maxlen: 18
213.126.192.0/18 maxlen: 18
213.127.0.0/16 maxlen: 16
213.127.0.0/17 maxlen: 17
213.127.128.0/17 maxlen: 17
213.160.192.0/19 maxlen: 19
213.160.192.0/20 maxlen: 20
213.160.208.0/20 maxlen: 20
213.160.248.0/21 maxlen: 21
213.160.248.0/22 maxlen: 22
213.160.252.0/22 maxlen: 22
217.17.128.0/20 maxlen: 20
217.63.128.0/18 maxlen: 18
217.63.128.0/19 maxlen: 19
217.63.160.0/19 maxlen: 19
217.102.0.0/17 maxlen: 17
217.102.0.0/18 maxlen: 18
217.102.64.0/18 maxlen: 18
217.103.0.0/16 maxlen: 16
217.103.0.0/17 maxlen: 17
217.103.128.0/17 maxlen: 17
217.104.128.0/17 maxlen: 17
217.104.128.0/18 maxlen: 18
217.104.192.0/18 maxlen: 18
217.105.0.0/18 maxlen: 18
217.105.0.0/19 maxlen: 19
217.105.32.0/19 maxlen: 19
217.105.224.0/19 maxlen: 19
217.105.224.0/20 maxlen: 20
217.105.240.0/20 maxlen: 20
217.112.112.0/20 maxlen: 20
2a00:18b0::/32 maxlen: 32
2a02:938::/29 maxlen: 29
2a02:a200::/27 maxlen: 27
2a02:a200::/28 maxlen: 28
2a02:a210::/28 maxlen: 28
2a03:4aa0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/kcEL_eWBOrR8OMXBkE7CazLCoJU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/kcEL_eWBOrR8OMXBkE7CazLCoJU.mft
rsync://rpki.ripe.net/repository/DEFAULT/kcEL_eWBOrR8OMXBkE7CazLCoJU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 18:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ff:4d:49:25:8e:81:d0:8c:0b:92:3a:d6:c0:43:d7:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91c10bfde5813ab47c38c5c1904ec26b32c2a095
Validity
Not Before: Feb 13 12:34:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d76b049dd0c84eedf17c6debc2ae5f0a00c58b88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8c:02:38:b1:43:e9:34:49:54:77:06:6b:ec:
94:35:eb:5f:49:a1:a1:91:9e:49:ab:54:bc:4a:93:
79:6d:e9:c2:6d:02:cf:e0:fe:1d:e4:3f:97:bb:ec:
3e:cb:f1:31:fb:8b:e9:ff:a4:d4:4b:e3:b6:2c:11:
e7:48:a9:b6:fa:b5:12:7e:11:7b:9d:ab:c4:0b:47:
1b:67:52:6a:a5:a1:a8:ee:8f:be:a8:f3:ae:d9:fd:
33:41:ab:53:44:9c:62:8e:d5:61:61:81:2b:6c:b2:
54:7b:94:dc:4f:6e:19:09:0e:7a:7d:49:13:8c:4d:
1b:ad:0c:7c:91:e7:3b:4f:79:6c:5d:c2:e8:56:e8:
6e:26:e7:0d:b0:63:59:bb:34:9e:16:3d:2d:61:45:
a6:86:91:5b:bf:3f:37:4b:91:09:38:0c:b1:27:91:
d8:37:f8:0e:5b:d9:b0:26:db:b1:da:fc:48:22:1d:
0f:00:cf:ae:86:33:b8:bc:db:0f:c1:0e:4a:c4:01:
be:9e:aa:c4:40:dd:01:84:ae:18:7f:ed:99:a6:e7:
ff:f3:be:c1:69:81:74:ea:4f:42:01:3b:9c:ae:da:
20:a1:aa:95:db:6e:d7:53:ba:e1:e8:3d:99:20:83:
c4:75:0b:48:34:6a:13:5b:38:72:26:d5:f9:05:9e:
26:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:6B:04:9D:D0:C8:4E:ED:F1:7C:6D:EB:C2:AE:5F:0A:00:C5:8B:88
X509v3 Authority Key Identifier:
keyid:91:C1:0B:FD:E5:81:3A:B4:7C:38:C5:C1:90:4E:C2:6B:32:C2:A0:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcEL_eWBOrR8OMXBkE7CazLCoJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/12sEndDITu3xfG3rwq5fCgDFi4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/kcEL_eWBOrR8OMXBkE7CazLCoJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.132.0.0/16
31.151.0.0/16
46.129.0.0/16
62.100.0.0/18
62.108.0.0/19
62.163.0.0/16
62.194.0.0/15
77.248.0.0/14
80.56.0.0/15
80.85.32.0/20
80.113.0.0/16
80.248.32.0/20
81.175.64.0/18
84.41.128.0/17
88.211.128.0/18
89.98.0.0/15
89.220.0.0/17
92.108.0.0/14
95.96.0.0/15
178.84.0.0/15
185.94.92.0/22
185.137.200.0/22
195.18.64.0/18
212.67.160.0/19
212.83.64.0/19
212.178.32.0/19
212.187.0.0/17
213.34.0.0/19
213.46.0.0/16
213.93.0.0/16
213.124.160.0-213.124.255.255
213.126.128.0-213.127.255.255
213.160.192.0/19
213.160.248.0/21
217.17.128.0/20
217.63.128.0/18
217.102.0.0/17
217.103.0.0/16
217.104.128.0-217.105.63.255
217.105.224.0/19
217.112.112.0/20
IPv6:
2a00:18b0::/32
2a02:938::/29
2a02:a200::/27
2a03:4aa0::/29
Signature Algorithm: sha256WithRSAEncryption
60:a7:ac:92:9f:ae:57:ad:79:6a:35:a6:c1:71:b9:65:23:a9:
6f:c2:8c:03:b9:3e:c7:18:c3:96:91:e1:f8:6d:eb:e1:4a:a3:
b3:8d:2c:9c:9e:e6:de:08:a8:41:e0:c1:86:38:16:83:ba:6b:
83:71:35:ea:96:b1:77:70:83:83:a2:45:ac:af:14:25:54:14:
c3:73:90:ae:21:f1:40:e2:21:da:86:10:64:8f:ab:1b:f8:58:
f7:d7:8b:82:ab:62:d4:57:24:59:d5:e9:6f:db:79:c2:9d:b1:
6a:43:1c:bb:f3:e0:70:e8:b4:c0:da:b6:aa:a0:23:61:85:d0:
f9:14:0e:e4:2e:c3:af:3e:b7:24:c2:d1:a0:a7:00:38:64:af:
5b:b1:14:93:35:62:12:a0:2f:c3:54:74:a1:e2:55:37:56:0a:
46:79:e6:76:a2:9e:34:65:7b:72:f5:63:89:3b:be:08:fc:09:
f9:48:1a:5f:71:58:d3:68:c1:0b:21:47:f5:9b:4c:6a:1b:c2:
d2:1b:fe:fb:1e:bc:68:77:3c:e1:da:9e:40:a3:93:d9:b1:3b:
5c:bc:b5:aa:85:2c:f7:13:f5:3d:93:e9:0e:c4:d7:73:cc:ff:
4a:11:72:9e:b4:cb:d3:bf:52:ef:df:f5:05:d4:39:91:af:3d:
d0:65:9b:ff
-----BEGIN CERTIFICATE-----
MIIGITCCBQmgAwIBAgISAZT/TUkljoHQjAuSOtbAQ9dQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzEwYmZkZTU4MTNhYjQ3YzM4YzVjMTkwNGVjMjZiMzJj
MmEwOTUwHhcNMjUwMjEzMTIzNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzZiMDQ5ZGQwYzg0ZWVkZjE3YzZkZWJjMmFlNWYwYTAwYzU4Yjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYwCOLFD6TRJVHcGa+yUNetfSaGh
kZ5Jq1S8SpN5benCbQLP4P4d5D+Xu+w+y/Ex+4vp/6TUS+O2LBHnSKm2+rUSfhF7
navEC0cbZ1JqpaGo7o++qPOu2f0zQatTRJxijtVhYYErbLJUe5TcT24ZCQ56fUkT
jE0brQx8kec7T3lsXcLoVuhuJucNsGNZuzSeFj0tYUWmhpFbvz83S5EJOAyxJ5HY
N/gOW9mwJtux2vxIIh0PAM+uhjO4vNsPwQ5KxAG+nqrEQN0BhK4Yf+2Zpuf/877B
aYF06k9CATucrtogoaqV227XU7rh6D2ZIIPEdQtINGoTWzhyJtX5BZ4m5wIDAQAB
o4IDLTCCAykwHQYDVR0OBBYEFNdrBJ3QyE7t8Xxt68KuXwoAxYuIMB8GA1UdIwQY
MBaAFJHBC/3lgTq0fDjFwZBOwmsywqCVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NFTF9lV0JPclI4T01YQmtFN0NhekxDb0pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zZmViMTUtNjgzNC00M2UyLWI2ZTct
MDRkNzRmMzY4Njk4LzEvMTJzRW5kRElUdTN4ZkczcndxNWZDZ0RGaTRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zZmViMTUtNjgzNC00M2UyLWI2ZTctMDRkNzRmMzY4Njk4
LzEva2NFTF9lV0JPclI4T01YQmtFN0NhekxDb0pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQQYIKwYBBQUHAQcBAf8EggEwMIIBLDCCAQQEAgABMIH9
AwMAGIQDAwAflwMDAC6BAwQGPmQAAwQFPmwAAwMAPqMDAwE+wgMDAk34AwMBUDgD
BARQVSADAwBQcQMEBFD4IAMEBlGvQAMEB1QpgAMEBljTgAMDAVliAwQHWdwAAwMC
XGwDAwFfYAMDAbJUAwQCuV5cAwQCuYnIAwQGwxJAAwQF1EOgAwQF1FNAAwQF1LIg
AwQH1LsAAwQF1SIAAwMA1S4DAwDVXTALAwQF1XygAwMA1XwwCwMEB9V+gAMDB9UA
AwQF1aDAAwQD1aD4AwQE2RGAAwQG2T+AAwQH2WYAAwMA2WcwDAMEB9logAMEBtlp
AAMEBdlp4AMEBNlwcDAiBAIAAjAcAwUAKgAYsAMFAyoCCTgDBQUqAqIAAwUDKgNK
oDANBgkqhkiG9w0BAQsFAAOCAQEAYKeskp+uV615ajWmwXG5ZSOpb8KMA7k+xxjD
lpHh+G3r4Uqjs40snJ7m3gioQeDBhjgWg7prg3E16paxd3CDg6JFrK8UJVQUw3OQ
riHxQOIh2oYQZI+rG/hY99eLgqti1FckWdXpb9t5wp2xakMcu/PgcOi0wNq2qqAj
YYXQ+RQO5C7Drz63JMLRoKcAOGSvW7EUkzViEqAvw1R0oeJVN1YKRnnmdqKeNGV7
cvVjiTu+CPwJ+UgaX3FY02jBCyFH9ZtMahvC0hv++x68aHc84dqeQKOT2bE7XLy1
qoUs9xP1PZPpDsTXc8z/ShFynrTL079S79/1BdQ5ka890GWb/w==
-----END CERTIFICATE-----
Generated at Thu Apr 17 04:14:59 2025 by rpki-client