Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/MPdaVdgeOQr3BbnNUglFFAkaePA.roa
File: MPdaVdgeOQr3BbnNUglFFAkaePA.roa (raw, json)
Hash identifier: gZWYmYyo7kUSmze0fOtTQ6y7DOhO3B70zBUPpb4LkTs=
Subject key identifier: 30:F7:5A:55:D8:1E:39:0A:F7:05:B9:CD:52:09:45:14:09:1A:78:F0
Certificate issuer: /CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Certificate serial: 018FE1A9BAE3E362646526F558DE7741A1F8
Authority key identifier: E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/MPdaVdgeOQr3BbnNUglFFAkaePA.roa
Signing time: Tue 04 Jun 2024 05:12:28 +0000
ROA not before: Tue 04 Jun 2024 05:12:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 45.94.14.0/24 maxlen: 24
45.94.15.0/24 maxlen: 24
91.229.52.0/22 maxlen: 22
212.26.6.0/23 maxlen: 24
212.26.7.0/24 maxlen: 24
212.26.8.0/22 maxlen: 24
212.26.16.0/24 maxlen: 24
212.26.17.0/24 maxlen: 24
212.26.18.0/24 maxlen: 24
212.26.19.0/24 maxlen: 24
212.26.20.0/24 maxlen: 24
212.26.21.0/24 maxlen: 24
212.26.22.0/24 maxlen: 24
212.26.23.0/24 maxlen: 24
212.26.24.0/21 maxlen: 24
212.26.32.0/24 maxlen: 24
212.26.36.0/24 maxlen: 24
212.26.37.0/24 maxlen: 24
212.26.38.0/24 maxlen: 24
212.26.39.0/24 maxlen: 24
212.26.40.0/24 maxlen: 24
212.26.41.0/24 maxlen: 24
212.26.42.0/24 maxlen: 24
212.26.43.0/24 maxlen: 24
212.26.44.0/24 maxlen: 24
212.26.45.0/24 maxlen: 24
212.26.46.0/23 maxlen: 24
212.26.48.0/24 maxlen: 24
212.26.50.0/23 maxlen: 24
212.26.52.0/24 maxlen: 24
212.26.53.0/24 maxlen: 24
212.26.54.0/24 maxlen: 24
212.26.56.0/24 maxlen: 24
212.26.58.0/24 maxlen: 24
212.26.60.0/24 maxlen: 24
212.26.63.0/24 maxlen: 24
212.26.64.0/24 maxlen: 24
212.26.65.0/24 maxlen: 24
212.26.68.0/23 maxlen: 24
212.26.71.0/24 maxlen: 24
212.26.72.0/24 maxlen: 24
212.26.74.0/24 maxlen: 25
212.26.76.0/24 maxlen: 24
212.26.78.0/24 maxlen: 24
212.138.41.0/24 maxlen: 24
212.138.42.0/24 maxlen: 25
212.138.43.0/24 maxlen: 24
212.138.52.0/22 maxlen: 24
212.138.56.0/21 maxlen: 24
212.138.64.0/22 maxlen: 24
212.138.70.0/24 maxlen: 24
212.138.71.0/24 maxlen: 24
212.138.72.0/22 maxlen: 24
212.138.76.0/22 maxlen: 24
212.138.80.0/23 maxlen: 23
212.138.82.0/24 maxlen: 24
212.138.83.0/24 maxlen: 24
212.138.84.0/23 maxlen: 24
212.138.86.0/24 maxlen: 24
212.138.88.0/24 maxlen: 25
212.138.92.0/24 maxlen: 24
212.138.94.0/24 maxlen: 24
212.138.96.0/21 maxlen: 24
212.138.97.0/24 maxlen: 24
212.138.98.0/23 maxlen: 23
212.138.104.0/24 maxlen: 25
212.138.108.0/24 maxlen: 24
212.138.115.0/24 maxlen: 24
212.138.116.0/24 maxlen: 24
212.138.117.0/24 maxlen: 24
212.138.118.0/24 maxlen: 24
212.138.119.0/24 maxlen: 24
212.138.120.0/24 maxlen: 24
212.138.121.0/24 maxlen: 24
212.138.125.0/24 maxlen: 25
212.138.126.0/24 maxlen: 25
212.138.127.0/24 maxlen: 25
212.138.128.0/24 maxlen: 24
212.138.130.0/24 maxlen: 24
212.138.134.0/24 maxlen: 24
212.138.139.0/24 maxlen: 24
212.138.140.0/24 maxlen: 24
212.138.150.0/24 maxlen: 24
212.138.153.0/24 maxlen: 24
212.138.155.0/24 maxlen: 25
212.138.157.0/24 maxlen: 24
212.138.160.0/24 maxlen: 24
212.138.162.0/24 maxlen: 24
212.138.164.0/24 maxlen: 25
212.138.166.0/24 maxlen: 24
212.138.168.0/24 maxlen: 24
212.138.170.0/24 maxlen: 25
212.138.172.0/24 maxlen: 24
212.138.175.0/24 maxlen: 25
212.138.176.0/24 maxlen: 24
212.138.177.0/24 maxlen: 24
212.138.180.0/24 maxlen: 25
212.138.181.0/24 maxlen: 25
212.138.183.0/24 maxlen: 25
212.138.185.0/24 maxlen: 24
212.138.187.0/24 maxlen: 24
212.138.188.0/24 maxlen: 25
212.138.190.0/24 maxlen: 24
212.138.192.0/24 maxlen: 24
212.138.194.0/24 maxlen: 24
212.138.196.0/24 maxlen: 24
212.138.201.0/24 maxlen: 24
212.138.202.0/24 maxlen: 24
212.138.203.0/24 maxlen: 24
212.138.206.0/24 maxlen: 24
212.138.207.0/24 maxlen: 24
212.138.250.0/24 maxlen: 24
2001:1490::/48 maxlen: 48
2001:1490:1::/48 maxlen: 48
2001:1490:103::/48 maxlen: 48
2001:1490:106::/48 maxlen: 48
2001:1490:107::/48 maxlen: 48
2001:1490:110::/48 maxlen: 49
2001:1490:110:8000::/49 maxlen: 49
2001:1490:111::/48 maxlen: 48
2001:1490:113::/48 maxlen: 48
2001:1497:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.mft
rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Jun 2024 14:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e1:a9:ba:e3:e3:62:64:65:26:f5:58:de:77:41:a1:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Validity
Not Before: Jun 4 05:12:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30f75a55d81e390af705b9cd52094514091a78f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a7:c6:c2:3d:57:8b:70:8b:b4:5c:d4:7d:c1:
c0:e4:05:0c:e2:c5:8c:f9:e4:a4:cc:70:c0:f9:44:
9b:9f:cc:67:e2:60:61:4f:3c:7e:e1:8c:3b:44:03:
f2:ec:6c:0f:b1:bc:b0:01:2e:7c:9a:42:f8:9f:f7:
af:82:af:2b:82:a0:df:62:b8:4f:d0:de:d9:b3:e4:
b3:60:89:61:0d:e2:39:fe:3a:ac:ac:9f:6d:83:f9:
28:21:87:15:5d:0f:eb:3e:8d:4c:94:f7:79:30:2b:
b7:c3:73:bd:bf:12:09:3b:bc:75:72:d0:22:f7:6a:
91:a9:3b:97:98:a3:06:c9:f0:25:59:6e:1b:db:86:
24:62:53:49:b0:6e:e1:0e:9f:fc:df:a2:8b:ae:4a:
1c:92:56:c2:2c:ac:9d:4b:1a:97:65:c4:10:cb:0d:
45:a4:34:50:17:61:cf:ca:d7:38:49:5e:a4:ee:5f:
39:c1:0e:cd:4a:2b:24:89:91:21:d3:10:d5:89:33:
83:cc:ae:59:44:2e:5c:8c:25:03:57:37:b3:5c:38:
24:2d:84:d6:2e:f0:25:b5:88:b3:87:2b:1a:e5:97:
b4:78:61:c0:2a:df:a8:94:1c:8e:40:8c:07:12:26:
99:cf:01:e9:fc:cd:a3:9c:96:82:79:82:55:0d:4e:
74:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F7:5A:55:D8:1E:39:0A:F7:05:B9:CD:52:09:45:14:09:1A:78:F0
X509v3 Authority Key Identifier:
keyid:E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/MPdaVdgeOQr3BbnNUglFFAkaePA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.14.0/23
91.229.52.0/22
212.26.6.0-212.26.11.255
212.26.16.0-212.26.32.255
212.26.36.0-212.26.48.255
212.26.50.0-212.26.54.255
212.26.56.0/24
212.26.58.0/24
212.26.60.0/24
212.26.63.0-212.26.65.255
212.26.68.0/23
212.26.71.0-212.26.72.255
212.26.74.0/24
212.26.76.0/24
212.26.78.0/24
212.138.41.0-212.138.43.255
212.138.52.0-212.138.67.255
212.138.70.0-212.138.86.255
212.138.88.0/24
212.138.92.0/24
212.138.94.0/24
212.138.96.0-212.138.104.255
212.138.108.0/24
212.138.115.0-212.138.121.255
212.138.125.0-212.138.128.255
212.138.130.0/24
212.138.134.0/24
212.138.139.0-212.138.140.255
212.138.150.0/24
212.138.153.0/24
212.138.155.0/24
212.138.157.0/24
212.138.160.0/24
212.138.162.0/24
212.138.164.0/24
212.138.166.0/24
212.138.168.0/24
212.138.170.0/24
212.138.172.0/24
212.138.175.0-212.138.177.255
212.138.180.0/23
212.138.183.0/24
212.138.185.0/24
212.138.187.0-212.138.188.255
212.138.190.0/24
212.138.192.0/24
212.138.194.0/24
212.138.196.0/24
212.138.201.0-212.138.203.255
212.138.206.0/23
212.138.250.0/24
IPv6:
2001:1490::/47
2001:1490:103::/48
2001:1490:106::/47
2001:1490:110::/47
2001:1490:113::/48
2001:1497:2::/48
Signature Algorithm: sha256WithRSAEncryption
86:40:86:5e:44:39:5f:a8:be:b3:71:af:72:3e:62:6f:82:84:
a5:9f:51:2f:12:35:4c:c2:2d:89:65:5c:70:23:d1:79:09:38:
c9:68:c4:1a:07:5d:93:73:0d:4c:be:cd:16:18:76:4b:96:a3:
05:4b:a6:49:f2:9e:6c:f2:cc:b7:f5:30:37:d7:cc:95:76:00:
a5:4f:95:c6:fe:b4:46:c3:8e:88:18:ca:e3:21:83:1c:2d:59:
48:f5:16:6c:42:7f:ac:61:74:d2:ac:1c:31:7c:bb:0f:a8:c9:
df:72:90:f4:91:04:f3:95:16:33:19:62:61:dc:8f:09:81:54:
2f:82:04:4d:a5:05:bd:34:84:c7:79:fc:89:75:f8:24:b8:da:
20:20:93:1a:a4:be:75:e2:4d:8d:ad:fd:37:0c:89:d8:53:ba:
95:a6:68:94:08:4f:9b:6c:41:c6:63:e8:a9:1d:b3:45:0c:ed:
02:55:86:27:8d:c7:79:57:4e:a6:1d:5d:76:c8:37:77:a4:a5:
f9:44:4c:25:6c:94:d5:bf:5f:84:24:7e:66:22:dd:f9:29:2e:
ee:df:02:ef:a4:4a:4c:45:a4:27:5b:2c:c1:93:48:24:6f:ab:
66:34:d2:e0:57:d4:1b:f0:0a:cc:ae:cf:95:ec:7b:09:60:77:
4f:22:84:ba
-----BEGIN CERTIFICATE-----
MIIG8TCCBdmgAwIBAgISAY/hqbrj42JkZSb1WN53QaH4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NGRmNTJhZjQ2MGNhNmZhOGM5MjNhNDlmNWNiNzk1ZWE2
NzA3ZjcwHhcNMjQwNjA0MDUxMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGY3NWE1NWQ4MWUzOTBhZjcwNWI5Y2Q1MjA5NDUxNDA5MWE3OGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6fGwj1Xi3CLtFzUfcHA5AUM4sWM
+eSkzHDA+USbn8xn4mBhTzx+4Yw7RAPy7GwPsbywAS58mkL4n/evgq8rgqDfYrhP
0N7Zs+SzYIlhDeI5/jqsrJ9tg/koIYcVXQ/rPo1MlPd5MCu3w3O9vxIJO7x1ctAi
92qRqTuXmKMGyfAlWW4b24YkYlNJsG7hDp/836KLrkocklbCLKydSxqXZcQQyw1F
pDRQF2HPytc4SV6k7l85wQ7NSiskiZEh0xDViTODzK5ZRC5cjCUDVzezXDgkLYTW
LvAltYizhysa5Ze0eGHAKt+olByOQIwHEiaZzwHp/M2jnJaCeYJVDU501QIDAQAB
o4ID/TCCA/kwHQYDVR0OBBYEFDD3WlXYHjkK9wW5zVIJRRQJGnjwMB8GA1UdIwQY
MBaAFOhN9Sr0YMpvqMkjpJ9ct5XqZwf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUt
OTRjMmZkYTM5ZWFkLzEvTVBkYVZkZ2VPUXIzQmJuTlVnbEZGQWthZVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUtOTRjMmZkYTM5ZWFk
LzEvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICEQYIKwYBBQUHAQcBAf8EggIAMIIB/DCCAboEAgABMIIB
sgMEAS1eDgMEAlvlNDAMAwQB1BoGAwQC1BoIMAwDBATUGhADBADUGiAwDAMEAtQa
JAMEANQaMDAMAwQB1BoyAwQA1Bo2AwQA1Bo4AwQA1Bo6AwQA1Bo8MAwDBADUGj8D
BAHUGkADBAHUGkQwDAMEANQaRwMEANQaSAMEANQaSgMEANQaTAMEANQaTjAMAwQA
1IopAwQC1IooMAwDBALUijQDBALUikAwDAMEAdSKRgMEANSKVgMEANSKWAMEANSK
XAMEANSKXjAMAwQF1IpgAwQA1IpoAwQA1IpsMAwDBADUinMDBAHUingwDAMEANSK
fQMEANSKgAMEANSKggMEANSKhjAMAwQA1IqLAwQA1IqMAwQA1IqWAwQA1IqZAwQA
1IqbAwQA1IqdAwQA1IqgAwQA1IqiAwQA1IqkAwQA1IqmAwQA1IqoAwQA1IqqAwQA
1IqsMAwDBADUiq8DBAHUirADBAHUirQDBADUircDBADUirkwDAMEANSKuwMEANSK
vAMEANSKvgMEANSKwAMEANSKwgMEANSKxDAMAwQA1IrJAwQC1IrIAwQB1IrOAwQA
1Ir6MDwEAgACMDYDBwEgARSQAAADBwAgARSQAQMDBwEgARSQAQYDBwEgARSQARAD
BwAgARSQARMDBwAgARSXAAIwDQYJKoZIhvcNAQELBQADggEBAIZAhl5EOV+ovrNx
r3I+Ym+ChKWfUS8SNUzCLYllXHAj0XkJOMloxBoHXZNzDUy+zRYYdkuWowVLpkny
nmzyzLf1MDfXzJV2AKVPlcb+tEbDjogYyuMhgxwtWUj1FmxCf6xhdNKsHDF8uw+o
yd9ykPSRBPOVFjMZYmHcjwmBVC+CBE2lBb00hMd5/Il1+CS42iAgkxqkvnXiTY2t
/TcMidhTupWmaJQIT5tsQcZj6Kkds0UM7QJVhieNx3lXTqYdXXbIN3ekpflETCVs
lNW/X4QkfmYi3fkpLu7fAu+kSkxFpCdbLMGTSCRvq2Y00uBX1BvwCsyuz5Xsewlg
d08ihLo=
-----END CERTIFICATE-----
Generated at Thu Jun 13 20:00:55 2024 by rpki-client on console-ams.rpki-client.org