Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/FnAlRB9RreWw5G5J-xc04Usjrhk.roa
File: FnAlRB9RreWw5G5J-xc04Usjrhk.roa (raw, json)
Hash identifier: jZfAk96tsDh9N3x1zt1EfC5xxg1vK+T4ZAcw1lE4TFA=
Subject key identifier: 16:70:25:44:1F:51:AD:E5:B0:E4:6E:49:FB:17:34:E1:4B:23:AE:19
Certificate issuer: /CN=91c10bfde5813ab47c38c5c1904ec26b32c2a095
Certificate serial: 018CC3B6EDC012DF8FA4988E608A4C757069
Authority key identifier: 91:C1:0B:FD:E5:81:3A:B4:7C:38:C5:C1:90:4E:C2:6B:32:C2:A0:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcEL_eWBOrR8OMXBkE7CazLCoJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/FnAlRB9RreWw5G5J-xc04Usjrhk.roa
Signing time: Mon 01 Jan 2024 06:29:54 +0000
ROA not before: Mon 01 Jan 2024 06:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33915
IP address blocks: 213.127.128.0/17 maxlen: 17
213.93.128.0/17 maxlen: 17
213.160.252.0/22 maxlen: 22
213.160.248.0/21 maxlen: 21
213.160.248.0/22 maxlen: 22
213.46.128.0/17 maxlen: 17
62.195.0.0/16 maxlen: 16
212.187.64.0/18 maxlen: 18
62.194.0.0/16 maxlen: 16
62.194.0.0/15 maxlen: 15
213.93.0.0/17 maxlen: 17
213.93.0.0/16 maxlen: 16
212.187.0.0/18 maxlen: 18
212.187.0.0/17 maxlen: 17
80.113.0.0/17 maxlen: 17
80.113.0.0/16 maxlen: 16
213.126.128.0/18 maxlen: 18
213.126.128.0/17 maxlen: 17
62.100.0.0/18 maxlen: 18
80.113.128.0/17 maxlen: 17
213.127.0.0/17 maxlen: 17
213.127.0.0/16 maxlen: 16
213.160.192.0/19 maxlen: 19
213.160.192.0/20 maxlen: 20
213.160.208.0/20 maxlen: 20
213.126.192.0/18 maxlen: 18
77.248.0.0/15 maxlen: 15
77.248.0.0/14 maxlen: 14
213.46.0.0/17 maxlen: 17
213.46.0.0/16 maxlen: 16
80.248.32.0/20 maxlen: 20
89.220.0.0/17 maxlen: 17
24.132.128.0/17 maxlen: 17
80.85.32.0/20 maxlen: 20
217.105.240.0/20 maxlen: 20
217.112.112.0/20 maxlen: 20
89.99.0.0/16 maxlen: 16
195.18.64.0/18 maxlen: 18
217.105.224.0/20 maxlen: 20
217.105.224.0/19 maxlen: 19
213.124.224.0/19 maxlen: 19
217.104.192.0/18 maxlen: 18
89.98.0.0/16 maxlen: 16
89.98.0.0/15 maxlen: 15
213.124.160.0/20 maxlen: 20
213.124.160.0/19 maxlen: 19
213.124.176.0/20 maxlen: 20
217.104.128.0/18 maxlen: 18
217.104.128.0/17 maxlen: 17
213.124.192.0/19 maxlen: 19
213.124.192.0/18 maxlen: 18
24.132.0.0/17 maxlen: 17
24.132.0.0/16 maxlen: 16
217.17.128.0/20 maxlen: 20
217.105.32.0/19 maxlen: 19
178.85.0.0/16 maxlen: 16
217.105.0.0/18 maxlen: 18
217.105.0.0/19 maxlen: 19
31.151.0.0/17 maxlen: 17
31.151.0.0/16 maxlen: 16
217.63.128.0/18 maxlen: 18
217.63.128.0/19 maxlen: 19
88.211.128.0/18 maxlen: 18
95.97.0.0/16 maxlen: 16
178.84.0.0/16 maxlen: 16
178.84.0.0/15 maxlen: 15
31.151.128.0/17 maxlen: 17
212.178.32.0/19 maxlen: 19
212.178.32.0/20 maxlen: 20
217.63.160.0/19 maxlen: 19
212.178.48.0/20 maxlen: 20
185.137.202.0/23 maxlen: 23
185.137.200.0/23 maxlen: 23
185.137.200.0/22 maxlen: 22
80.57.0.0/16 maxlen: 16
217.103.0.0/17 maxlen: 17
217.103.0.0/16 maxlen: 16
95.96.0.0/16 maxlen: 16
95.96.0.0/15 maxlen: 15
62.163.128.0/17 maxlen: 17
212.83.64.0/19 maxlen: 19
212.83.64.0/20 maxlen: 20
217.103.128.0/17 maxlen: 17
212.83.80.0/20 maxlen: 20
80.56.0.0/16 maxlen: 16
80.56.0.0/15 maxlen: 15
92.110.0.0/15 maxlen: 15
84.41.128.0/17 maxlen: 17
217.102.64.0/18 maxlen: 18
217.102.0.0/18 maxlen: 18
217.102.0.0/17 maxlen: 17
46.129.0.0/17 maxlen: 17
46.129.0.0/16 maxlen: 16
46.129.128.0/17 maxlen: 17
62.163.0.0/17 maxlen: 17
62.163.0.0/16 maxlen: 16
81.175.96.0/19 maxlen: 19
62.108.0.0/20 maxlen: 20
62.108.0.0/19 maxlen: 19
62.108.16.0/20 maxlen: 20
212.67.160.0/19 maxlen: 19
92.108.0.0/15 maxlen: 15
92.108.0.0/14 maxlen: 14
213.34.0.0/19 maxlen: 19
213.34.0.0/20 maxlen: 20
213.34.16.0/20 maxlen: 20
185.94.92.0/22 maxlen: 22
81.175.64.0/19 maxlen: 19
81.175.64.0/18 maxlen: 18
77.250.0.0/15 maxlen: 15
2a02:a200::/28 maxlen: 28
2a02:a200::/27 maxlen: 27
2a02:938::/29 maxlen: 29
2a03:4aa0::/29 maxlen: 29
2a02:a210::/28 maxlen: 28
2a00:18b0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/kcEL_eWBOrR8OMXBkE7CazLCoJU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/kcEL_eWBOrR8OMXBkE7CazLCoJU.mft
rsync://rpki.ripe.net/repository/DEFAULT/kcEL_eWBOrR8OMXBkE7CazLCoJU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:ed:c0:12:df:8f:a4:98:8e:60:8a:4c:75:70:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91c10bfde5813ab47c38c5c1904ec26b32c2a095
Validity
Not Before: Jan 1 06:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=167025441f51ade5b0e46e49fb1734e14b23ae19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3c:f8:30:c6:d5:61:02:0d:f7:b6:48:58:d3:
a8:cf:3b:f7:df:85:62:0a:6a:7b:11:c1:8e:c6:eb:
cd:fb:4c:8f:0e:4c:d2:73:88:ee:d4:b2:ad:00:06:
fb:07:78:40:1c:0e:95:37:10:be:b0:05:fb:cd:9a:
2a:94:2d:60:93:ac:91:89:43:4c:e8:66:36:d6:a5:
69:df:4b:57:50:d1:cf:eb:01:1e:d1:3b:2a:09:80:
53:9b:70:f5:c5:d4:3c:95:89:d1:b0:9a:27:a6:2e:
87:73:e1:ca:d3:cd:8e:48:23:f8:ec:c0:ef:b0:61:
7d:be:c1:45:c4:56:02:a6:f2:fd:81:c0:ea:93:6a:
a8:e8:cd:6d:d0:63:5a:97:27:a9:8c:40:37:fd:c9:
43:42:5f:fe:f1:b3:9c:ce:2c:50:10:7f:7d:2e:69:
43:97:7f:1f:17:83:3c:6b:59:34:5b:59:65:d9:fa:
43:02:f7:f5:8e:cd:35:00:42:55:99:19:b6:af:2c:
5b:6c:c7:e9:eb:6a:2f:b8:eb:dd:50:f6:7e:91:06:
0d:c9:b6:56:f8:1c:37:f9:10:ec:2a:b1:7e:c6:42:
fd:90:1f:b7:ce:82:dc:80:f2:c1:d6:1d:b4:60:52:
94:8d:51:3f:85:1c:fe:78:c1:04:f0:88:48:3d:90:
ed:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:70:25:44:1F:51:AD:E5:B0:E4:6E:49:FB:17:34:E1:4B:23:AE:19
X509v3 Authority Key Identifier:
keyid:91:C1:0B:FD:E5:81:3A:B4:7C:38:C5:C1:90:4E:C2:6B:32:C2:A0:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcEL_eWBOrR8OMXBkE7CazLCoJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/FnAlRB9RreWw5G5J-xc04Usjrhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/kcEL_eWBOrR8OMXBkE7CazLCoJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.132.0.0/16
31.151.0.0/16
46.129.0.0/16
62.100.0.0/18
62.108.0.0/19
62.163.0.0/16
62.194.0.0/15
77.248.0.0/14
80.56.0.0/15
80.85.32.0/20
80.113.0.0/16
80.248.32.0/20
81.175.64.0/18
84.41.128.0/17
88.211.128.0/18
89.98.0.0/15
89.220.0.0/17
92.108.0.0/14
95.96.0.0/15
178.84.0.0/15
185.94.92.0/22
185.137.200.0/22
195.18.64.0/18
212.67.160.0/19
212.83.64.0/19
212.178.32.0/19
212.187.0.0/17
213.34.0.0/19
213.46.0.0/16
213.93.0.0/16
213.124.160.0-213.124.255.255
213.126.128.0-213.127.255.255
213.160.192.0/19
213.160.248.0/21
217.17.128.0/20
217.63.128.0/18
217.102.0.0/17
217.103.0.0/16
217.104.128.0-217.105.63.255
217.105.224.0/19
217.112.112.0/20
IPv6:
2a00:18b0::/32
2a02:938::/29
2a02:a200::/27
2a03:4aa0::/29
Signature Algorithm: sha256WithRSAEncryption
36:20:8d:f3:2a:32:e1:b7:0a:f4:d2:ac:07:fc:bd:e0:44:d1:
e4:76:63:a8:91:3e:87:a1:f7:92:89:81:fd:cd:17:7f:28:b3:
0f:97:b6:e9:9a:b5:be:fd:f8:f0:df:d0:b9:85:8d:f5:a6:0c:
d9:28:70:2a:26:e1:81:23:96:4e:05:98:ef:1f:27:3e:4b:6c:
59:06:7d:7a:97:22:82:7f:e4:ff:f1:2a:cc:e1:12:fd:9d:3d:
dc:e0:91:a2:8c:66:19:c5:14:c0:cd:98:90:8c:c6:0c:32:48:
23:80:a2:28:37:b0:5d:24:d5:6e:73:d5:92:a3:0e:1a:11:0a:
5a:ba:bd:8d:03:73:74:73:20:e4:ea:9b:af:5c:75:4f:59:58:
74:9b:4d:0d:2c:80:95:19:c6:6b:0c:35:55:07:df:fa:1b:dd:
0e:79:92:83:c1:80:10:29:4e:15:4f:c1:41:d5:8c:2a:da:1d:
2b:77:2e:3f:91:77:44:aa:4b:55:16:68:22:0e:9d:1f:10:55:
29:dc:a0:d7:3a:f2:85:ed:53:f3:af:3c:ca:2a:9d:39:ea:f5:
de:f1:ab:f1:ad:c2:9e:a5:5e:97:f7:b2:42:a7:11:a3:98:77:
9d:de:24:65:11:91:71:f1:d9:da:d0:44:ce:c8:51:19:2c:ae:
74:6d:25:7b
-----BEGIN CERTIFICATE-----
MIIGITCCBQmgAwIBAgISAYzDtu3AEt+PpJiOYIpMdXBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzEwYmZkZTU4MTNhYjQ3YzM4YzVjMTkwNGVjMjZiMzJj
MmEwOTUwHhcNMjQwMTAxMDYyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjcwMjU0NDFmNTFhZGU1YjBlNDZlNDlmYjE3MzRlMTRiMjNhZTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTz4MMbVYQIN97ZIWNOozzv334Vi
Cmp7EcGOxuvN+0yPDkzSc4ju1LKtAAb7B3hAHA6VNxC+sAX7zZoqlC1gk6yRiUNM
6GY21qVp30tXUNHP6wEe0TsqCYBTm3D1xdQ8lYnRsJonpi6Hc+HK082OSCP47MDv
sGF9vsFFxFYCpvL9gcDqk2qo6M1t0GNalyepjEA3/clDQl/+8bOczixQEH99LmlD
l38fF4M8a1k0W1ll2fpDAvf1js01AEJVmRm2ryxbbMfp62ovuOvdUPZ+kQYNybZW
+Bw3+RDsKrF+xkL9kB+3zoLcgPLB1h20YFKUjVE/hRz+eMEE8IhIPZDtxQIDAQAB
o4IDLTCCAykwHQYDVR0OBBYEFBZwJUQfUa3lsORuSfsXNOFLI64ZMB8GA1UdIwQY
MBaAFJHBC/3lgTq0fDjFwZBOwmsywqCVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NFTF9lV0JPclI4T01YQmtFN0NhekxDb0pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zZmViMTUtNjgzNC00M2UyLWI2ZTct
MDRkNzRmMzY4Njk4LzEvRm5BbFJCOVJyZVd3NUc1Si14YzA0VXNqcmhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zZmViMTUtNjgzNC00M2UyLWI2ZTctMDRkNzRmMzY4Njk4
LzEva2NFTF9lV0JPclI4T01YQmtFN0NhekxDb0pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQQYIKwYBBQUHAQcBAf8EggEwMIIBLDCCAQQEAgABMIH9
AwMAGIQDAwAflwMDAC6BAwQGPmQAAwQFPmwAAwMAPqMDAwE+wgMDAk34AwMBUDgD
BARQVSADAwBQcQMEBFD4IAMEBlGvQAMEB1QpgAMEBljTgAMDAVliAwQHWdwAAwMC
XGwDAwFfYAMDAbJUAwQCuV5cAwQCuYnIAwQGwxJAAwQF1EOgAwQF1FNAAwQF1LIg
AwQH1LsAAwQF1SIAAwMA1S4DAwDVXTALAwQF1XygAwMA1XwwCwMEB9V+gAMDB9UA
AwQF1aDAAwQD1aD4AwQE2RGAAwQG2T+AAwQH2WYAAwMA2WcwDAMEB9logAMEBtlp
AAMEBdlp4AMEBNlwcDAiBAIAAjAcAwUAKgAYsAMFAyoCCTgDBQUqAqIAAwUDKgNK
oDANBgkqhkiG9w0BAQsFAAOCAQEANiCN8yoy4bcK9NKsB/y94ETR5HZjqJE+h6H3
komB/c0XfyizD5e26Zq1vv348N/QuYWN9aYM2ShwKibhgSOWTgWY7x8nPktsWQZ9
epcign/k//EqzOES/Z093OCRooxmGcUUwM2YkIzGDDJII4CiKDewXSTVbnPVkqMO
GhEKWrq9jQNzdHMg5Oqbr1x1T1lYdJtNDSyAlRnGaww1VQff+hvdDnmSg8GAEClO
FU/BQdWMKtodK3cuP5F3RKpLVRZoIg6dHxBVKdyg1zryhe1T8688yiqdOer13vGr
8a3CnqVel/eyQqcRo5h3nd4kZRGRcfHZ2tBEzshRGSyudG0lew==
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:31:16 2024 by rpki-client on console-fra.rpki-client.org