Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/sRonNrCs6y33jenHcvZ1sZP9aLU.roa
File: sRonNrCs6y33jenHcvZ1sZP9aLU.roa (raw, json)
Hash identifier: vkQgecNTjHtzPpTMomOaK4zGpy6Af90jhrtqRzVbsA0=
Subject key identifier: B1:1A:27:36:B0:AC:EB:2D:F7:8D:E9:C7:72:F6:75:B1:93:FD:68:B5
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01963E0F45C3281AE43F5A3DF8EEE4B87B16
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/sRonNrCs6y33jenHcvZ1sZP9aLU.roa
Signing time: Wed 16 Apr 2025 10:05:10 +0000
ROA not before: Wed 16 Apr 2025 10:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15557
IP address blocks: 37.64.0.0/13 maxlen: 24
46.35.0.0/19 maxlen: 24
62.8.0.0/19 maxlen: 19
62.39.0.0/16 maxlen: 24
62.62.128.0/17 maxlen: 24
62.106.128.0/17 maxlen: 24
62.129.160.0/19 maxlen: 24
62.241.64.0/18 maxlen: 24
77.128.0.0/13 maxlen: 24
77.134.204.0/24 maxlen: 24
77.136.0.0/16 maxlen: 24
77.136.172.0/24 maxlen: 24
77.136.173.0/24 maxlen: 24
77.136.174.0/24 maxlen: 24
77.137.196.0/22 maxlen: 24
77.137.200.0/21 maxlen: 24
77.137.208.0/20 maxlen: 24
77.140.0.0/14 maxlen: 24
77.140.0.0/15 maxlen: 24
77.142.0.0/16 maxlen: 24
77.144.0.0/12 maxlen: 24
77.192.0.0/12 maxlen: 24
78.112.0.0/12 maxlen: 24
78.155.128.0/19 maxlen: 24
79.80.0.0/12 maxlen: 24
79.174.192.0/18 maxlen: 24
79.174.232.0/21 maxlen: 21
80.70.32.0/20 maxlen: 24
80.118.0.0/15 maxlen: 24
80.118.4.0/24 maxlen: 24
80.124.0.0/15 maxlen: 24
80.124.0.0/16 maxlen: 24
80.125.0.0/16 maxlen: 24
80.236.0.0/17 maxlen: 24
81.1.0.0/18 maxlen: 24
81.64.0.0/14 maxlen: 24
81.65.0.0/16 maxlen: 16
81.185.0.0/16 maxlen: 24
81.185.160.0/20 maxlen: 20
81.185.160.0/21 maxlen: 21
81.185.168.0/21 maxlen: 21
81.220.0.0/16 maxlen: 24
82.216.0.0/16 maxlen: 24
83.141.128.0/17 maxlen: 24
84.4.0.0/14 maxlen: 24
84.55.128.0/18 maxlen: 24
84.96.0.0/13 maxlen: 24
84.205.128.0/19 maxlen: 24
84.205.144.0/20 maxlen: 20
85.68.0.0/15 maxlen: 24
85.168.0.0/14 maxlen: 24
86.64.0.0/12 maxlen: 24
86.66.127.0/24 maxlen: 24
87.231.0.0/16 maxlen: 24
88.136.0.0/13 maxlen: 24
88.136.0.0/14 maxlen: 24
88.140.0.0/15 maxlen: 24
88.140.0.0/16 maxlen: 24
88.141.0.0/16 maxlen: 24
88.142.0.0/16 maxlen: 24
88.143.251.0/24 maxlen: 24
88.143.252.0/24 maxlen: 24
88.143.253.0/24 maxlen: 24
88.143.254.0/24 maxlen: 24
88.143.255.0/24 maxlen: 24
88.219.0.0/16 maxlen: 16
89.2.0.0/15 maxlen: 24
89.156.0.0/14 maxlen: 24
91.68.0.0/14 maxlen: 24
91.68.0.0/22 maxlen: 22
91.151.112.0/20 maxlen: 24
92.88.0.0/13 maxlen: 24
93.0.0.0/11 maxlen: 24
93.191.80.0/21 maxlen: 21
95.157.192.0/18 maxlen: 18
109.0.0.0/11 maxlen: 24
141.170.216.0/21 maxlen: 24
185.147.204.0/22 maxlen: 24
194.6.128.0/19 maxlen: 19
194.183.192.0/19 maxlen: 19
194.242.176.0/20 maxlen: 20
195.3.0.0/18 maxlen: 24
195.7.96.0/19 maxlen: 24
195.98.96.0/19 maxlen: 24
195.115.0.0/16 maxlen: 24
195.132.0.0/16 maxlen: 24
195.146.192.0/19 maxlen: 24
212.30.96.0/19 maxlen: 24
212.39.128.0/19 maxlen: 24
212.94.160.0/19 maxlen: 24
212.198.0.0/16 maxlen: 24
213.128.32.0/19 maxlen: 24
213.144.192.0/19 maxlen: 24
213.169.160.0/19 maxlen: 24
213.203.64.0/18 maxlen: 24
213.223.0.0/16 maxlen: 24
213.245.0.0/16 maxlen: 24
217.19.192.0/20 maxlen: 24
217.70.80.0/20 maxlen: 24
217.112.224.0/20 maxlen: 24
2a00:6200::/29 maxlen: 48
2a00:7180::/32 maxlen: 32
2a00:8380::/32 maxlen: 32
2a00:8d80::/32 maxlen: 32
2a00:9380::/32 maxlen: 32
2a00:b280::/32 maxlen: 32
2a00:c780::/32 maxlen: 32
2a00:cc80::/32 maxlen: 32
2a00:d780::/32 maxlen: 32
2a00:e080::/32 maxlen: 32
2a00:ec80::/32 maxlen: 32
2a02:8400::/25 maxlen: 48
2a02:8400::/48 maxlen: 48
2a02:8400:11::/48 maxlen: 48
2a02:8400:12::/48 maxlen: 48
2a02:8400:13::/48 maxlen: 48
2a02:8400:14::/48 maxlen: 48
2a02:8440:5000::/36 maxlen: 36
2a04:800::/30 maxlen: 30
2a04:807::/48 maxlen: 48
2a04:807:1::/48 maxlen: 48
2a04:807:2::/48 maxlen: 48
2a04:807:3::/48 maxlen: 48
2a04:807:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.mft
rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 14:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:0f:45:c3:28:1a:e4:3f:5a:3d:f8:ee:e4:b8:7b:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Apr 16 10:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b11a2736b0aceb2df78de9c772f675b193fd68b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:42:65:66:44:bd:6c:03:8e:94:23:38:48:1e:
ab:4b:cb:a3:db:e3:cc:2f:6e:29:f5:71:d0:ca:f8:
ce:0b:e2:28:64:dd:53:a3:9b:73:7b:de:ab:3d:ac:
60:d6:c4:66:62:8d:0a:33:cb:71:1b:d2:04:cf:bf:
71:27:65:05:de:fb:6e:6f:d5:99:52:00:9f:d5:66:
39:98:e3:8b:e9:d9:aa:90:0e:35:8b:55:74:d4:d8:
56:7e:4d:19:3e:df:55:73:a4:61:48:12:c8:af:63:
36:53:5c:e3:18:62:bc:28:61:64:f5:43:e6:31:de:
54:17:bf:36:80:2b:20:aa:84:7d:db:c0:fd:05:70:
c1:bc:d3:bd:bb:d9:e8:07:ca:6d:8f:02:ee:4f:34:
01:52:7d:bb:31:ea:ca:72:8e:45:9e:bf:b4:c7:5f:
29:32:5a:56:38:a3:b0:c8:04:46:c2:14:71:07:f4:
c2:99:43:81:f9:77:1f:88:95:ed:db:4d:93:93:e9:
80:0b:2f:35:1f:5c:21:37:1d:ca:f7:a0:41:8b:40:
8c:04:a4:19:2a:56:0e:17:8d:8c:b7:81:1c:8e:e4:
9e:80:9a:1e:20:32:b9:39:36:b8:87:3f:3b:b2:d3:
f3:b0:54:b9:14:47:4d:6b:ff:9b:77:b0:06:36:42:
ce:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:1A:27:36:B0:AC:EB:2D:F7:8D:E9:C7:72:F6:75:B1:93:FD:68:B5
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/sRonNrCs6y33jenHcvZ1sZP9aLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.64.0.0/13
46.35.0.0/19
62.8.0.0/19
62.39.0.0/16
62.62.128.0/17
62.106.128.0/17
62.129.160.0/19
62.241.64.0/18
77.128.0.0-77.136.255.255
77.137.196.0-77.137.223.255
77.140.0.0-77.159.255.255
77.192.0.0/12
78.112.0.0/12
78.155.128.0/19
79.80.0.0/12
79.174.192.0/18
80.70.32.0/20
80.118.0.0/15
80.124.0.0/15
80.236.0.0/17
81.1.0.0/18
81.64.0.0/14
81.185.0.0/16
81.220.0.0/16
82.216.0.0/16
83.141.128.0/17
84.4.0.0/14
84.55.128.0/18
84.96.0.0/13
84.205.128.0/19
85.68.0.0/15
85.168.0.0/14
86.64.0.0/12
87.231.0.0/16
88.136.0.0/13
88.219.0.0/16
89.2.0.0/15
89.156.0.0/14
91.68.0.0/14
91.151.112.0/20
92.88.0.0/13
93.0.0.0/11
93.191.80.0/21
95.157.192.0/18
109.0.0.0/11
141.170.216.0/21
185.147.204.0/22
194.6.128.0/19
194.183.192.0/19
194.242.176.0/20
195.3.0.0/18
195.7.96.0/19
195.98.96.0/19
195.115.0.0/16
195.132.0.0/16
195.146.192.0/19
212.30.96.0/19
212.39.128.0/19
212.94.160.0/19
212.198.0.0/16
213.128.32.0/19
213.144.192.0/19
213.169.160.0/19
213.203.64.0/18
213.223.0.0/16
213.245.0.0/16
217.19.192.0/20
217.70.80.0/20
217.112.224.0/20
IPv6:
2a00:6200::/29
2a00:7180::/32
2a00:8380::/32
2a00:8d80::/32
2a00:9380::/32
2a00:b280::/32
2a00:c780::/32
2a00:cc80::/32
2a00:d780::/32
2a00:e080::/32
2a00:ec80::/32
2a02:8400::/25
2a04:800::/30
2a04:807::-2a04:807:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
01:5e:fd:ca:44:89:3f:31:09:a5:09:8e:66:10:8f:79:85:5d:
66:ae:6a:1a:a6:80:5b:6a:8e:cb:c3:85:12:cd:a9:91:18:22:
e6:7b:96:d4:d8:34:93:9a:aa:c4:1c:69:13:4b:1c:a5:f3:2e:
1c:0c:52:14:80:70:95:a8:b3:14:f5:63:df:fc:b8:1d:bc:c9:
be:e4:6b:f3:5c:01:69:31:b0:50:ff:80:9c:70:03:cf:1e:90:
ee:74:05:c7:15:65:83:2d:b9:12:57:54:8e:71:e6:9a:5e:18:
7a:d2:f9:69:d7:63:53:da:33:50:6e:70:ed:e7:7b:27:17:a7:
36:d5:6b:67:9d:20:b6:81:85:4f:c3:1c:f6:b0:b4:45:0d:63:
d5:0e:72:28:ee:59:f1:57:72:40:28:6c:03:5b:33:8a:38:05:
a9:a3:63:7b:a4:32:1e:1f:fd:8b:bd:25:27:26:c0:18:50:23:
93:11:6d:e5:4c:17:28:12:05:dd:d3:ef:67:c9:e2:97:4a:a7:
85:d2:14:b7:bc:1e:3d:f1:41:a1:0b:a4:f5:d5:f2:3e:ac:e7:
8b:59:94:42:f4:fe:35:f3:8d:a4:ce:92:1b:32:0e:03:99:f3:
30:e2:5e:ab:5c:b0:d5:85:cd:74:da:51:9a:3c:ea:3a:f7:c7:
4f:57:41:17
-----BEGIN CERTIFICATE-----
MIIHCjCCBfKgAwIBAgISAZY+D0XDKBrkP1o9+O7kuHsWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjUwNDE2MTAwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTFhMjczNmIwYWNlYjJkZjc4ZGU5Yzc3MmY2NzViMTkzZmQ2OGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEJlZkS9bAOOlCM4SB6rS8uj2+PM
L24p9XHQyvjOC+IoZN1To5tze96rPaxg1sRmYo0KM8txG9IEz79xJ2UF3vtub9WZ
UgCf1WY5mOOL6dmqkA41i1V01NhWfk0ZPt9Vc6RhSBLIr2M2U1zjGGK8KGFk9UPm
Md5UF782gCsgqoR928D9BXDBvNO9u9noB8ptjwLuTzQBUn27MerKco5Fnr+0x18p
MlpWOKOwyARGwhRxB/TCmUOB+XcfiJXt202Tk+mACy81H1whNx3K96BBi0CMBKQZ
KlYOF42Mt4EcjuSegJoeIDK5OTa4hz87stPzsFS5FEdNa/+bd7AGNkLODQIDAQAB
o4IEFjCCBBIwHQYDVR0OBBYEFLEaJzawrOst943px3L2dbGT/Wi1MB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvc1Jvbk5yQ3M2eTMzamVuSGN2WjFzWlA5YUxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICKgYIKwYBBQUHAQcBAf8EggIZMIICFTCCAZwEAgABMIIB
lAMDAyVAAwQFLiMAAwQFPggAAwMAPicDBAc+PoADBAc+aoADBAU+gaADBAY+8UAw
CgMDB02AAwMATYgwDAMEAk2JxAMEBU2JwDAKAwMCTYwDAwVNgAMDBE3AAwMETnAD
BAVOm4ADAwRPUAMEBk+uwAMEBFBGIAMDAVB2AwMBUHwDBAdQ7AADBAZRAQADAwJR
QAMDAFG5AwMAUdwDAwBS2AMEB1ONgAMDAlQEAwQGVDeAAwMDVGADBAVUzYADAwFV
RAMDAlWoAwMEVkADAwBX5wMDA1iIAwMAWNsDAwFZAgMDAlmcAwMCW0QDBARbl3AD
AwNcWAMDBV0AAwQDXb9QAwQGX53AAwMFbQADBAONqtgDBAK5k8wDBAXCBoADBAXC
t8ADBATC8rADBAbDAwADBAXDB2ADBAXDYmADAwDDcwMDAMOEAwQFw5LAAwQF1B5g
AwQF1CeAAwQF1F6gAwMA1MYDBAXVgCADBAXVkMADBAXVqaADBAbVy0ADAwDV3wMD
ANX1AwQE2RPAAwQE2UZQAwQE2XDgMHMEAgACMG0DBQMqAGIAAwUAKgBxgAMFACoA
g4ADBQAqAI2AAwUAKgCTgAMFACoAsoADBQAqAMeAAwUAKgDMgAMFACoA14ADBQAq
AOCAAwUAKgDsgAMFByoChAADBQIqBAgAMBADBQAqBAgHAwcAKgQIBwAEMA0GCSqG
SIb3DQEBCwUAA4IBAQABXv3KRIk/MQmlCY5mEI95hV1mrmoapoBbao7Lw4USzamR
GCLme5bU2DSTmqrEHGkTSxyl8y4cDFIUgHCVqLMU9WPf/LgdvMm+5GvzXAFpMbBQ
/4CccAPPHpDudAXHFWWDLbkSV1SOceaaXhh60vlp12NT2jNQbnDt53snF6c21Wtn
nSC2gYVPwxz2sLRFDWPVDnIo7lnxV3JAKGwDWzOKOAWpo2N7pDIeH/2LvSUnJsAY
UCOTEW3lTBcoEgXd0+9nyeKXSqeF0hS3vB498UGhC6T11fI+rOeLWZRC9P41842k
zpIbMg4DmfMw4l6rXLDVhc102lGaPOo698dPV0EX
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:06:20 2025 by rpki-client