Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/YEVEq99x_S8XcneTMoUBT-1bOQ4.roa
File: YEVEq99x_S8XcneTMoUBT-1bOQ4.roa (raw, json)
Hash identifier: F8Z7UVtZrPgGB9ZgJgtyNBtPC1IwzWMX6y3YHLUTLFI=
Subject key identifier: 60:45:44:AB:DF:71:FD:2F:17:72:77:93:32:85:01:4F:ED:5B:39:0E
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 0196529BE5998B7B35F7E34860F6A551274D
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/YEVEq99x_S8XcneTMoUBT-1bOQ4.roa
Signing time: Sun 20 Apr 2025 09:51:10 +0000
ROA not before: Sun 20 Apr 2025 09:51:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1680
IP address blocks: 37.26.144.0/21 maxlen: 21
37.26.145.0/24 maxlen: 24
37.26.146.0/24 maxlen: 24
37.26.147.0/24 maxlen: 24
37.26.148.0/24 maxlen: 24
37.26.149.0/24 maxlen: 24
37.26.150.0/24 maxlen: 24
37.26.151.0/24 maxlen: 24
46.116.0.0/16 maxlen: 18
46.117.0.0/16 maxlen: 18
46.210.0.0/16 maxlen: 24
62.0.0.0/16 maxlen: 24
62.0.87.0/24 maxlen: 24
62.0.88.0/22 maxlen: 24
62.0.92.0/23 maxlen: 24
62.0.94.0/24 maxlen: 24
62.0.114.0/23 maxlen: 24
62.0.116.0/22 maxlen: 24
62.0.120.0/21 maxlen: 24
62.0.128.0/23 maxlen: 24
62.90.0.0/16 maxlen: 24
62.90.135.0/24 maxlen: 24
62.90.143.0/24 maxlen: 24
80.250.144.0/20 maxlen: 24
82.166.0.0/16 maxlen: 24
82.166.100.0/22 maxlen: 24
82.166.112.0/21 maxlen: 24
82.166.201.128/25 maxlen: 25
85.64.0.0/16 maxlen: 16
85.65.0.0/16 maxlen: 16
85.250.0.0/16 maxlen: 16
89.138.0.0/16 maxlen: 16
89.139.0.0/16 maxlen: 16
93.172.0.0/16 maxlen: 16
93.173.0.0/16 maxlen: 16
95.35.0.0/16 maxlen: 24
109.186.0.0/16 maxlen: 16
109.253.0.0/16 maxlen: 24
141.226.132.0/24 maxlen: 24
141.226.134.0/24 maxlen: 24
147.161.8.0/21 maxlen: 24
147.234.17.0/24 maxlen: 24
147.234.22.0/24 maxlen: 24
147.234.27.0/24 maxlen: 24
147.234.27.0/25 maxlen: 25
147.234.27.128/25 maxlen: 25
147.234.28.0/24 maxlen: 24
147.234.43.0/24 maxlen: 24
147.234.83.0/24 maxlen: 24
147.234.84.0/24 maxlen: 24
147.234.86.0/24 maxlen: 24
176.12.128.0/17 maxlen: 24
176.13.0.0/16 maxlen: 24
192.115.84.0/22 maxlen: 24
192.115.112.0/20 maxlen: 24
192.115.140.0/22 maxlen: 24
192.115.152.0/21 maxlen: 24
192.115.160.0/22 maxlen: 24
192.115.200.0/21 maxlen: 24
192.116.32.0/19 maxlen: 24
192.118.28.0/22 maxlen: 22
192.118.28.0/23 maxlen: 23
192.118.30.0/23 maxlen: 23
192.118.84.0/22 maxlen: 24
194.90.0.0/16 maxlen: 24
194.90.1.0/24 maxlen: 24
194.90.229.0/24 maxlen: 24
199.203.0.0/16 maxlen: 16
199.203.1.0/24 maxlen: 24
199.203.21.0/24 maxlen: 24
199.203.76.0/24 maxlen: 24
199.203.191.0/24 maxlen: 24
207.232.0.0/18 maxlen: 18
207.232.50.0/24 maxlen: 24
212.29.192.0/18 maxlen: 18
212.29.244.0/24 maxlen: 24
212.143.0.0/16 maxlen: 24
212.143.194.0/24 maxlen: 24
212.150.0.0/16 maxlen: 24
212.235.0.0/17 maxlen: 24
217.132.0.0/16 maxlen: 16
2001:4df0::/29 maxlen: 32
2001:4df0::/32 maxlen: 32
2001:4df1::/32 maxlen: 32
2001:4df2::/32 maxlen: 32
2001:4df3::/32 maxlen: 32
2001:4df4::/32 maxlen: 32
2001:4df5::/32 maxlen: 32
2001:4df6::/32 maxlen: 32
2001:4df7::/32 maxlen: 32
2a02:148::/29 maxlen: 32
2a02:148::/32 maxlen: 32
2a02:149::/32 maxlen: 32
2a02:14a::/32 maxlen: 32
2a02:14b::/32 maxlen: 32
2a02:14c::/32 maxlen: 32
2a02:14d::/32 maxlen: 32
2a02:14e::/32 maxlen: 32
2a02:14f::/32 maxlen: 32
2a03:c5c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:52:9b:e5:99:8b:7b:35:f7:e3:48:60:f6:a5:51:27:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Apr 20 09:51:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=604544abdf71fd2f177277933285014fed5b390e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9d:89:84:d7:0f:42:1e:40:95:35:ab:ad:07:
b2:e6:3e:9b:5f:5c:51:97:7e:3d:93:e2:7d:52:0b:
b0:82:f1:08:14:4b:3d:b7:d6:11:25:ef:0e:93:14:
bf:dd:9c:51:ed:7b:3c:4b:79:72:c2:bf:7a:31:7c:
07:b9:e1:d1:ad:a5:ed:7c:1a:4e:a8:00:8a:c7:46:
f8:a2:0f:d6:bd:5f:2c:72:f9:79:50:6b:2d:56:10:
10:57:eb:11:b0:de:46:20:0b:fc:eb:ae:c5:0f:74:
84:c5:a8:87:2d:43:a1:93:0a:49:16:5d:40:b5:ca:
8a:21:45:8d:05:00:07:27:e9:a9:d7:11:3a:e0:c4:
59:b4:69:e3:6d:64:e0:dd:0f:b0:e6:b9:1e:5b:cd:
c1:54:6c:ab:ee:0a:ed:3f:47:32:80:f0:08:de:0f:
47:28:38:97:3a:3d:94:4f:0a:85:2c:59:0b:86:f8:
f4:bd:50:f8:2a:20:54:a7:e9:99:e6:b0:51:3d:98:
c0:2c:5a:1b:b9:f4:2e:80:e2:ef:25:a8:ef:2a:3b:
83:dd:6d:af:cb:e5:2a:60:f2:15:62:49:f6:b7:c6:
52:58:52:2f:a1:b4:07:6f:12:8e:0d:cf:06:b6:6f:
ca:f0:a5:dd:00:69:59:d1:c5:9a:8a:cc:52:a3:14:
de:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:45:44:AB:DF:71:FD:2F:17:72:77:93:32:85:01:4F:ED:5B:39:0E
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/YEVEq99x_S8XcneTMoUBT-1bOQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.144.0/21
46.116.0.0/15
46.210.0.0/16
62.0.0.0/16
62.90.0.0/16
80.250.144.0/20
82.166.0.0/16
85.64.0.0/15
85.250.0.0/16
89.138.0.0/15
93.172.0.0/15
95.35.0.0/16
109.186.0.0/16
109.253.0.0/16
141.226.132.0/24
141.226.134.0/24
147.161.8.0/21
147.234.17.0/24
147.234.22.0/24
147.234.27.0-147.234.28.255
147.234.43.0/24
147.234.83.0-147.234.84.255
147.234.86.0/24
176.12.128.0-176.13.255.255
192.115.84.0/22
192.115.112.0/20
192.115.140.0/22
192.115.152.0-192.115.163.255
192.115.200.0/21
192.116.32.0/19
192.118.28.0/22
192.118.84.0/22
194.90.0.0/16
199.203.0.0/16
207.232.0.0/18
212.29.192.0/18
212.143.0.0/16
212.150.0.0/16
212.235.0.0/17
217.132.0.0/16
IPv6:
2001:4df0::/29
2a02:148::/29
2a03:c5c0::/32
Signature Algorithm: sha256WithRSAEncryption
48:13:b7:12:8d:3b:69:80:31:3e:71:29:07:bf:d5:a3:4e:ad:
a2:49:8e:41:78:b6:74:d1:a1:5e:12:c3:de:03:d8:2f:03:40:
3d:10:c7:f8:a7:10:c1:2a:be:c5:e9:ba:e9:b6:c1:75:f9:8f:
5f:ee:6b:c4:0a:16:69:4b:66:a4:bb:46:ff:77:af:62:3b:db:
4a:e4:f4:7f:ac:79:88:dd:cc:b7:6a:4c:39:ab:98:40:39:d2:
f1:93:73:1b:1d:a2:83:73:b6:fb:82:b7:08:15:28:36:49:35:
ba:ac:bc:6e:8c:2a:22:01:5d:ca:c6:5c:14:0d:b4:88:58:2d:
aa:dd:e3:c3:e9:0b:06:f7:e1:df:92:30:9d:f0:9f:32:24:5b:
07:4e:17:b2:66:f4:ac:16:29:a6:71:24:63:07:d7:d6:e5:fb:
f0:99:6e:86:c2:d3:31:e5:ab:c5:c0:a4:29:1c:d3:df:63:0f:
ca:69:42:a6:7c:3e:57:eb:5a:92:7b:6d:f7:bb:98:c2:9a:f2:
f6:20:68:a4:a4:a2:0b:ee:d9:eb:18:16:b5:60:78:34:71:e9:
b7:7c:c2:01:bd:36:7a:b1:7f:19:e6:da:ed:97:83:4e:b2:0a:
2c:36:ed:79:82:0a:d0:e2:c3:64:b8:2a:24:51:de:78:6b:0c:
d0:ec:d1:8a
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISAZZSm+WZi3s19+NIYPalUSdNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjUwNDIwMDk1MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDQ1NDRhYmRmNzFmZDJmMTc3Mjc3OTMzMjg1MDE0ZmVkNWIzOTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJ2JhNcPQh5AlTWrrQey5j6bX1xR
l349k+J9UguwgvEIFEs9t9YRJe8OkxS/3ZxR7Xs8S3lywr96MXwHueHRraXtfBpO
qACKx0b4og/WvV8scvl5UGstVhAQV+sRsN5GIAv8667FD3SExaiHLUOhkwpJFl1A
tcqKIUWNBQAHJ+mp1xE64MRZtGnjbWTg3Q+w5rkeW83BVGyr7grtP0cygPAI3g9H
KDiXOj2UTwqFLFkLhvj0vVD4KiBUp+mZ5rBRPZjALFobufQugOLvJajvKjuD3W2v
y+UqYPIVYkn2t8ZSWFIvobQHbxKODc8Gtm/K8KXdAGlZ0cWaisxSoxTeyQIDAQAB
o4IDJzCCAyMwHQYDVR0OBBYEFGBFRKvfcf0vF3J3kzKFAU/tWzkOMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvWUVWRXE5OXhfUzhYY25lVE1vVUJULTFiT1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOwYIKwYBBQUHAQcBAf8EggEqMIIBJjCCAQUEAgABMIH+
AwQDJRqQAwMBLnQDAwAu0gMDAD4AAwMAPloDBARQ+pADAwBSpgMDAVVAAwMAVfoD
AwFZigMDAV2sAwMAXyMDAwBtugMDAG39AwQAjeKEAwQAjeKGAwQDk6EIAwQAk+oR
AwQAk+oWMAwDBACT6hsDBACT6hwDBACT6iswDAMEAJPqUwMEAJPqVAMEAJPqVjAL
AwQHsAyAAwMBsAwDBALAc1QDBATAc3ADBALAc4wwDAMEA8BzmAMEAsBzoAMEA8Bz
yAMEBcB0IAMEAsB2HAMEAsB2VAMDAMJaAwMAx8sDBAbP6AADBAbUHcADAwDUjwMD
ANSWAwQH1OsAAwMA2YQwGwQCAAIwFQMFAyABTfADBQMqAgFIAwUAKgPFwDANBgkq
hkiG9w0BAQsFAAOCAQEASBO3Eo07aYAxPnEpB7/Vo06tokmOQXi2dNGhXhLD3gPY
LwNAPRDH+KcQwSq+xem66bbBdfmPX+5rxAoWaUtmpLtG/3evYjvbSuT0f6x5iN3M
t2pMOauYQDnS8ZNzGx2ig3O2+4K3CBUoNkk1uqy8bowqIgFdysZcFA20iFgtqt3j
w+kLBvfh35IwnfCfMiRbB04Xsmb0rBYppnEkYwfX1uX78JluhsLTMeWrxcCkKRzT
32MPymlCpnw+V+takntt97uYwpry9iBopKSiC+7Z6xgWtWB4NHHpt3zCAb02erF/
Geba7ZeDTrIKLDbteYIK0OLDZLgqJFHeeGsM0OzRig==
-----END CERTIFICATE-----
Generated at Sat May 10 13:52:54 2025 by rpki-client