Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/9Vmf_GPyvR7oGAPXyheCbbfNApU.roa
File: 9Vmf_GPyvR7oGAPXyheCbbfNApU.roa (raw, json)
Hash identifier: WUvYIefZpbR6n8PkrDy+ZBb3qHfv+XKOuq3p7lQDp2o=
Subject key identifier: F5:59:9F:FC:63:F2:BD:1E:E8:18:03:D7:CA:17:82:6D:B7:CD:02:95
Certificate issuer: /CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Certificate serial: 018DC4E200930A95FEC2F1E8B5F41E48D256
Authority key identifier: E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/9Vmf_GPyvR7oGAPXyheCbbfNApU.roa
Signing time: Tue 20 Feb 2024 04:59:21 +0000
ROA not before: Tue 20 Feb 2024 04:59:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 45.94.14.0/24 maxlen: 24
45.94.15.0/24 maxlen: 24
91.229.52.0/22 maxlen: 22
212.26.6.0/23 maxlen: 24
212.26.7.0/24 maxlen: 24
212.26.8.0/24 maxlen: 24
212.26.16.0/24 maxlen: 24
212.26.17.0/24 maxlen: 24
212.26.18.0/24 maxlen: 24
212.26.19.0/24 maxlen: 24
212.26.20.0/24 maxlen: 24
212.26.21.0/24 maxlen: 24
212.26.22.0/24 maxlen: 24
212.26.23.0/24 maxlen: 24
212.26.24.0/21 maxlen: 24
212.26.32.0/24 maxlen: 24
212.26.36.0/24 maxlen: 24
212.26.37.0/24 maxlen: 24
212.26.38.0/24 maxlen: 24
212.26.39.0/24 maxlen: 24
212.26.40.0/24 maxlen: 24
212.26.41.0/24 maxlen: 24
212.26.42.0/24 maxlen: 24
212.26.43.0/24 maxlen: 24
212.26.44.0/24 maxlen: 24
212.26.45.0/24 maxlen: 24
212.26.46.0/24 maxlen: 24
212.26.48.0/24 maxlen: 24
212.26.50.0/24 maxlen: 24
212.26.51.0/24 maxlen: 24
212.26.52.0/24 maxlen: 24
212.26.53.0/24 maxlen: 24
212.26.54.0/24 maxlen: 24
212.26.56.0/24 maxlen: 24
212.26.58.0/24 maxlen: 24
212.26.60.0/24 maxlen: 24
212.26.63.0/24 maxlen: 24
212.26.64.0/24 maxlen: 24
212.26.65.0/24 maxlen: 24
212.26.68.0/23 maxlen: 24
212.26.71.0/24 maxlen: 24
212.26.72.0/24 maxlen: 24
212.26.74.0/24 maxlen: 25
212.26.76.0/24 maxlen: 24
212.26.78.0/24 maxlen: 24
212.138.41.0/24 maxlen: 24
212.138.42.0/24 maxlen: 25
212.138.43.0/24 maxlen: 24
212.138.52.0/22 maxlen: 24
212.138.56.0/21 maxlen: 24
212.138.64.0/22 maxlen: 24
212.138.70.0/24 maxlen: 24
212.138.71.0/24 maxlen: 24
212.138.72.0/22 maxlen: 24
212.138.76.0/22 maxlen: 24
212.138.80.0/23 maxlen: 23
212.138.82.0/24 maxlen: 24
212.138.83.0/24 maxlen: 24
212.138.84.0/23 maxlen: 24
212.138.86.0/24 maxlen: 24
212.138.88.0/24 maxlen: 25
212.138.92.0/24 maxlen: 24
212.138.94.0/24 maxlen: 24
212.138.96.0/24 maxlen: 24
212.138.97.0/24 maxlen: 24
212.138.98.0/23 maxlen: 23
212.138.104.0/24 maxlen: 25
212.138.108.0/24 maxlen: 24
212.138.115.0/24 maxlen: 24
212.138.116.0/24 maxlen: 24
212.138.117.0/24 maxlen: 24
212.138.118.0/24 maxlen: 24
212.138.119.0/24 maxlen: 24
212.138.120.0/24 maxlen: 24
212.138.121.0/24 maxlen: 24
212.138.125.0/24 maxlen: 25
212.138.126.0/24 maxlen: 25
212.138.127.0/24 maxlen: 25
212.138.128.0/24 maxlen: 24
212.138.130.0/24 maxlen: 24
212.138.134.0/24 maxlen: 24
212.138.139.0/24 maxlen: 24
212.138.140.0/24 maxlen: 24
212.138.150.0/24 maxlen: 24
212.138.153.0/24 maxlen: 24
212.138.155.0/24 maxlen: 25
212.138.157.0/24 maxlen: 24
212.138.160.0/24 maxlen: 24
212.138.162.0/24 maxlen: 24
212.138.164.0/24 maxlen: 25
212.138.166.0/24 maxlen: 24
212.138.168.0/24 maxlen: 24
212.138.170.0/24 maxlen: 25
212.138.172.0/24 maxlen: 24
212.138.175.0/24 maxlen: 25
212.138.176.0/24 maxlen: 24
212.138.177.0/24 maxlen: 24
212.138.180.0/24 maxlen: 25
212.138.181.0/24 maxlen: 25
212.138.183.0/24 maxlen: 25
212.138.185.0/24 maxlen: 24
212.138.187.0/24 maxlen: 24
212.138.188.0/24 maxlen: 25
212.138.190.0/24 maxlen: 24
212.138.192.0/24 maxlen: 24
212.138.194.0/24 maxlen: 24
212.138.196.0/24 maxlen: 24
212.138.201.0/24 maxlen: 24
212.138.202.0/24 maxlen: 24
212.138.203.0/24 maxlen: 24
212.138.206.0/24 maxlen: 24
212.138.250.0/24 maxlen: 24
2001:1490::/48 maxlen: 48
2001:1490:1::/48 maxlen: 48
2001:1490:103::/48 maxlen: 48
2001:1490:106::/48 maxlen: 48
2001:1490:107::/48 maxlen: 48
2001:1490:110::/48 maxlen: 49
2001:1490:110:8000::/49 maxlen: 49
2001:1490:111::/48 maxlen: 48
2001:1497:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.mft
rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c4:e2:00:93:0a:95:fe:c2:f1:e8:b5:f4:1e:48:d2:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Validity
Not Before: Feb 20 04:59:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5599ffc63f2bd1ee81803d7ca17826db7cd0295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:47:25:27:9e:d5:0d:0d:50:49:40:5a:e5:6f:
bc:6c:84:52:22:08:6f:83:80:19:7e:63:b9:0e:ea:
82:4f:c9:e6:36:62:c5:a4:46:09:1c:c9:92:d5:47:
64:ef:12:bd:86:b7:b2:71:66:1b:b1:f2:da:48:bd:
c5:0a:80:cf:47:56:89:d5:e3:58:e3:37:5f:b9:a4:
4f:1b:6f:10:14:2f:15:80:26:96:67:6c:a9:52:81:
96:98:92:69:68:43:b7:f6:ce:a1:51:57:d2:f9:30:
8e:3c:67:79:4e:da:88:34:39:e6:11:d8:32:93:eb:
a6:07:7a:aa:7c:72:77:42:4f:78:de:a4:66:5c:ed:
42:46:15:d2:c3:9a:f0:a8:8c:15:6b:05:ec:c9:b7:
35:39:4e:96:19:96:db:78:47:0c:c2:fd:ff:8f:fc:
7e:ae:7a:f0:11:9c:27:11:3f:1d:49:14:8b:6a:9f:
fc:7f:ab:d6:e2:35:d0:02:09:ea:fd:6d:b9:68:ed:
e2:6a:b1:77:90:91:b7:95:e7:ae:06:8a:09:a2:61:
5d:3e:ab:6e:2b:f0:90:a7:15:4f:96:2c:30:1b:46:
84:85:9a:76:38:31:18:30:40:b0:59:57:85:03:c3:
65:c7:c2:fd:4b:00:92:1e:a5:85:66:91:28:01:7d:
16:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:59:9F:FC:63:F2:BD:1E:E8:18:03:D7:CA:17:82:6D:B7:CD:02:95
X509v3 Authority Key Identifier:
keyid:E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/9Vmf_GPyvR7oGAPXyheCbbfNApU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.14.0/23
91.229.52.0/22
212.26.6.0-212.26.8.255
212.26.16.0-212.26.32.255
212.26.36.0-212.26.46.255
212.26.48.0/24
212.26.50.0-212.26.54.255
212.26.56.0/24
212.26.58.0/24
212.26.60.0/24
212.26.63.0-212.26.65.255
212.26.68.0/23
212.26.71.0-212.26.72.255
212.26.74.0/24
212.26.76.0/24
212.26.78.0/24
212.138.41.0-212.138.43.255
212.138.52.0-212.138.67.255
212.138.70.0-212.138.86.255
212.138.88.0/24
212.138.92.0/24
212.138.94.0/24
212.138.96.0/22
212.138.104.0/24
212.138.108.0/24
212.138.115.0-212.138.121.255
212.138.125.0-212.138.128.255
212.138.130.0/24
212.138.134.0/24
212.138.139.0-212.138.140.255
212.138.150.0/24
212.138.153.0/24
212.138.155.0/24
212.138.157.0/24
212.138.160.0/24
212.138.162.0/24
212.138.164.0/24
212.138.166.0/24
212.138.168.0/24
212.138.170.0/24
212.138.172.0/24
212.138.175.0-212.138.177.255
212.138.180.0/23
212.138.183.0/24
212.138.185.0/24
212.138.187.0-212.138.188.255
212.138.190.0/24
212.138.192.0/24
212.138.194.0/24
212.138.196.0/24
212.138.201.0-212.138.203.255
212.138.206.0/24
212.138.250.0/24
IPv6:
2001:1490::/47
2001:1490:103::/48
2001:1490:106::/47
2001:1490:110::/47
2001:1497:2::/48
Signature Algorithm: sha256WithRSAEncryption
3f:a2:c4:f2:98:56:b8:ca:2a:7f:ca:a2:4b:3f:39:3f:29:82:
aa:0b:80:23:1f:98:1f:4b:fa:31:d2:55:cb:03:f1:77:5b:db:
be:0a:63:60:45:4d:26:ff:97:38:d8:a3:cc:89:18:82:9f:a3:
93:51:c9:1c:34:96:58:a0:3b:46:5f:ec:cc:05:df:72:73:0a:
2e:af:04:49:63:03:83:c5:b7:71:11:3a:e3:1c:6f:cd:23:db:
37:b1:95:f7:91:15:34:98:5d:23:92:41:98:ac:49:bf:95:b7:
fa:61:2f:76:db:05:43:64:d4:15:54:bc:c2:94:06:21:17:57:
ce:d2:d8:19:ac:a8:9e:dc:62:b0:2e:9c:c0:59:0f:8f:67:28:
6a:7f:af:dc:ff:58:ba:ee:d3:4d:80:0f:75:1e:e1:7f:79:a1:
a6:de:c3:1c:21:a4:f3:62:56:21:13:1d:3c:99:cb:b9:55:c3:
4c:c2:a9:90:20:aa:ca:73:ee:1e:98:23:12:f4:9d:97:51:7e:
63:7a:9e:0d:6e:65:01:4e:d9:af:ea:f8:4b:3b:47:5d:ef:6b:
3c:11:07:88:62:32:cf:8a:c7:e9:45:70:7e:9e:46:be:8b:45:
9d:fa:c1:ee:5e:9e:93:95:bd:a7:f4:61:08:75:41:5f:b0:d3:
69:95:ec:b0
-----BEGIN CERTIFICATE-----
MIIG7DCCBdSgAwIBAgISAY3E4gCTCpX+wvHotfQeSNJWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NGRmNTJhZjQ2MGNhNmZhOGM5MjNhNDlmNWNiNzk1ZWE2
NzA3ZjcwHhcNMjQwMjIwMDQ1OTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTU5OWZmYzYzZjJiZDFlZTgxODAzZDdjYTE3ODI2ZGI3Y2QwMjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUclJ57VDQ1QSUBa5W+8bIRSIghv
g4AZfmO5DuqCT8nmNmLFpEYJHMmS1Udk7xK9hreycWYbsfLaSL3FCoDPR1aJ1eNY
4zdfuaRPG28QFC8VgCaWZ2ypUoGWmJJpaEO39s6hUVfS+TCOPGd5TtqINDnmEdgy
k+umB3qqfHJ3Qk943qRmXO1CRhXSw5rwqIwVawXsybc1OU6WGZbbeEcMwv3/j/x+
rnrwEZwnET8dSRSLap/8f6vW4jXQAgnq/W25aO3iarF3kJG3leeuBooJomFdPqtu
K/CQpxVPliwwG0aEhZp2ODEYMECwWVeFA8Nlx8L9SwCSHqWFZpEoAX0WPwIDAQAB
o4ID+DCCA/QwHQYDVR0OBBYEFPVZn/xj8r0e6BgD18oXgm23zQKVMB8GA1UdIwQY
MBaAFOhN9Sr0YMpvqMkjpJ9ct5XqZwf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUt
OTRjMmZkYTM5ZWFkLzEvOVZtZl9HUHl2UjdvR0FQWHloZUNiYmZOQXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUtOTRjMmZkYTM5ZWFk
LzEvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICDAYIKwYBBQUHAQcBAf8EggH7MIIB9zCCAb4EAgABMIIB
tgMEAS1eDgMEAlvlNDAMAwQB1BoGAwQA1BoIMAwDBATUGhADBADUGiAwDAMEAtQa
JAMEANQaLgMEANQaMDAMAwQB1BoyAwQA1Bo2AwQA1Bo4AwQA1Bo6AwQA1Bo8MAwD
BADUGj8DBAHUGkADBAHUGkQwDAMEANQaRwMEANQaSAMEANQaSgMEANQaTAMEANQa
TjAMAwQA1IopAwQC1IooMAwDBALUijQDBALUikAwDAMEAdSKRgMEANSKVgMEANSK
WAMEANSKXAMEANSKXgMEAtSKYAMEANSKaAMEANSKbDAMAwQA1IpzAwQB1Ip4MAwD
BADUin0DBADUioADBADUioIDBADUioYwDAMEANSKiwMEANSKjAMEANSKlgMEANSK
mQMEANSKmwMEANSKnQMEANSKoAMEANSKogMEANSKpAMEANSKpgMEANSKqAMEANSK
qgMEANSKrDAMAwQA1IqvAwQB1IqwAwQB1Iq0AwQA1Iq3AwQA1Iq5MAwDBADUirsD
BADUirwDBADUir4DBADUisADBADUisIDBADUisQwDAMEANSKyQMEAtSKyAMEANSK
zgMEANSK+jAzBAIAAjAtAwcBIAEUkAAAAwcAIAEUkAEDAwcBIAEUkAEGAwcBIAEU
kAEQAwcAIAEUlwACMA0GCSqGSIb3DQEBCwUAA4IBAQA/osTymFa4yip/yqJLPzk/
KYKqC4AjH5gfS/ox0lXLA/F3W9u+CmNgRU0m/5c42KPMiRiCn6OTUckcNJZYoDtG
X+zMBd9ycwourwRJYwODxbdxETrjHG/NI9s3sZX3kRU0mF0jkkGYrEm/lbf6YS92
2wVDZNQVVLzClAYhF1fO0tgZrKie3GKwLpzAWQ+PZyhqf6/c/1i67tNNgA91HuF/
eaGm3sMcIaTzYlYhEx08mcu5VcNMwqmQIKrKc+4emCMS9J2XUX5jep4NbmUBTtmv
6vhLO0dd72s8EQeIYjLPisfpRXB+nka+i0Wd+sHuXp6Tlb2n9GEIdUFfsNNpleyw
-----END CERTIFICATE-----
Generated at Thu May 2 21:28:19 2024 by rpki-client on console-ams.rpki-client.org