Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/U7IGGV-QzeZyFI43ALHSLR0fRT4.roa
File: U7IGGV-QzeZyFI43ALHSLR0fRT4.roa (raw, json)
Hash identifier: YV6O4jGhX6w23lUDlEnTBaeFdLwSgpK6hJDxevkHnB8=
Subject key identifier: 53:B2:06:19:5F:90:CD:E6:72:14:8E:37:00:B1:D2:2D:1D:1F:45:3E
Certificate issuer: /CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Certificate serial: 01942444EDDF9E0BB357D8BAAF7BAAC07A43
Authority key identifier: BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/U7IGGV-QzeZyFI43ALHSLR0fRT4.roa
Signing time: Wed 01 Jan 2025 23:48:04 +0000
ROA not before: Wed 01 Jan 2025 23:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12301
IP address blocks: 62.77.192.0/22 maxlen: 24
62.77.200.0/21 maxlen: 24
62.77.208.0/20 maxlen: 24
62.77.224.0/20 maxlen: 24
62.77.242.0/23 maxlen: 24
62.77.244.0/22 maxlen: 24
79.120.128.0/19 maxlen: 24
79.120.168.0/23 maxlen: 24
79.120.176.0/20 maxlen: 24
79.120.179.0/24 maxlen: 24
79.120.192.0/19 maxlen: 24
79.120.198.0/24 maxlen: 24
79.120.200.0/24 maxlen: 24
79.120.224.0/20 maxlen: 24
79.120.240.0/21 maxlen: 24
79.120.250.0/23 maxlen: 24
81.0.64.0/20 maxlen: 24
81.0.80.0/23 maxlen: 24
81.0.88.0/23 maxlen: 24
81.0.96.0/23 maxlen: 24
81.0.100.0/22 maxlen: 24
81.0.104.0/22 maxlen: 24
81.0.110.0/23 maxlen: 24
81.0.112.0/21 maxlen: 24
81.0.120.0/23 maxlen: 24
81.0.120.0/24 maxlen: 24
81.0.121.0/24 maxlen: 24
81.0.124.0/23 maxlen: 24
81.94.176.0/20 maxlen: 24
82.131.160.0/20 maxlen: 24
82.131.176.0/22 maxlen: 24
82.131.180.0/23 maxlen: 24
82.131.192.0/22 maxlen: 24
82.131.199.0/24 maxlen: 24
82.131.208.0/21 maxlen: 24
82.141.128.0/18 maxlen: 24
82.144.160.0/22 maxlen: 24
82.144.168.0/22 maxlen: 24
82.144.178.0/23 maxlen: 24
82.144.180.0/22 maxlen: 24
82.144.184.0/22 maxlen: 24
82.144.190.0/23 maxlen: 24
87.97.64.0/20 maxlen: 24
89.186.98.0/23 maxlen: 24
89.186.100.0/23 maxlen: 24
89.186.104.0/23 maxlen: 24
89.186.116.0/23 maxlen: 24
91.82.8.0/21 maxlen: 24
91.82.16.0/21 maxlen: 24
91.82.40.0/21 maxlen: 24
91.82.48.0/21 maxlen: 24
91.82.58.0/23 maxlen: 24
91.82.62.0/23 maxlen: 24
91.82.72.0/21 maxlen: 24
91.82.80.0/23 maxlen: 24
91.82.84.0/22 maxlen: 24
91.82.88.0/21 maxlen: 24
91.82.96.0/19 maxlen: 24
91.82.128.0/23 maxlen: 24
91.82.148.0/22 maxlen: 24
91.82.152.0/21 maxlen: 24
91.82.174.0/23 maxlen: 24
91.82.184.0/22 maxlen: 24
91.82.192.0/20 maxlen: 24
91.82.208.0/23 maxlen: 24
91.82.216.0/21 maxlen: 24
91.82.224.0/22 maxlen: 24
91.82.236.0/22 maxlen: 24
91.82.244.0/22 maxlen: 24
91.82.248.0/23 maxlen: 24
91.82.252.0/22 maxlen: 24
91.83.40.0/21 maxlen: 24
91.83.48.0/22 maxlen: 24
91.83.56.0/21 maxlen: 24
91.83.64.0/20 maxlen: 24
91.83.80.0/21 maxlen: 24
91.83.88.0/22 maxlen: 24
91.83.92.0/23 maxlen: 24
91.83.96.0/22 maxlen: 24
91.83.100.0/23 maxlen: 24
91.83.104.0/22 maxlen: 24
91.83.108.0/23 maxlen: 24
91.83.122.0/23 maxlen: 24
91.83.124.0/22 maxlen: 24
91.83.128.0/21 maxlen: 24
91.83.146.0/23 maxlen: 24
91.83.148.0/22 maxlen: 24
91.83.152.0/23 maxlen: 24
91.83.156.0/22 maxlen: 24
91.83.160.0/20 maxlen: 24
91.83.176.0/22 maxlen: 24
91.83.208.0/20 maxlen: 24
91.83.220.0/22 maxlen: 22
91.83.224.0/20 maxlen: 24
91.83.240.0/21 maxlen: 24
91.83.248.0/22 maxlen: 24
91.83.254.0/23 maxlen: 24
94.125.248.0/21 maxlen: 24
185.50.28.0/22 maxlen: 24
193.68.32.0/19 maxlen: 24
193.91.64.0/19 maxlen: 24
193.226.194.0/23 maxlen: 24
193.226.196.0/22 maxlen: 24
193.226.200.0/21 maxlen: 24
193.226.208.0/22 maxlen: 24
193.226.216.0/21 maxlen: 24
193.226.224.0/23 maxlen: 24
193.226.228.0/22 maxlen: 24
193.226.234.0/23 maxlen: 24
193.226.236.0/23 maxlen: 24
193.226.242.0/23 maxlen: 24
193.226.250.0/23 maxlen: 24
193.226.252.0/22 maxlen: 24
194.143.224.0/19 maxlen: 24
194.169.253.0/24 maxlen: 24
195.184.0.0/19 maxlen: 24
212.24.160.0/19 maxlen: 19
212.108.192.0/18 maxlen: 24
213.16.64.0/18 maxlen: 24
213.163.0.0/18 maxlen: 24
213.197.64.0/21 maxlen: 24
213.253.192.0/18 maxlen: 24
2001:1aa0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.mft
rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 21:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:ed:df:9e:0b:b3:57:d8:ba:af:7b:aa:c0:7a:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Validity
Not Before: Jan 1 23:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53b206195f90cde672148e3700b1d22d1d1f453e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d1:28:c6:a8:3d:0f:dd:32:6b:c6:9f:b7:4f:
ed:7d:90:f9:01:cf:97:06:7a:08:8b:8a:b0:fa:29:
74:85:76:7e:26:71:0d:96:3b:7a:d6:c7:8a:5e:cf:
01:eb:0c:4a:b9:6f:05:09:7d:ec:bd:41:9e:85:6f:
2f:b2:08:8b:65:21:16:8f:8d:1d:73:80:c0:3e:7f:
d4:df:ff:a9:d7:cf:29:b1:4d:f3:a1:ca:80:6e:cf:
d5:bb:b4:0f:5e:01:b6:61:24:7d:b6:47:32:0a:e1:
dd:04:c3:06:de:ce:11:47:92:3d:68:e0:0c:fc:0e:
c5:d4:20:19:9f:91:25:73:07:4c:d9:eb:84:1a:b4:
39:cc:2a:20:ef:35:14:71:6e:a4:c1:25:49:93:a9:
e7:d7:96:58:b7:ba:41:86:e3:6a:ab:61:ed:49:57:
45:5f:6b:15:3a:a6:41:3d:6c:08:ed:b8:25:0a:c3:
6f:92:5f:f7:6e:ae:f9:38:47:b2:ae:96:84:5e:48:
01:ec:9e:cb:41:3d:2c:af:07:d7:0e:71:f5:60:7d:
78:5d:15:9e:29:8c:99:91:a3:37:79:8c:2b:dc:7d:
16:e0:79:51:c2:84:6e:03:e5:a2:69:72:d2:c9:c7:
f8:31:1b:ad:4c:cf:70:fa:7e:94:16:b8:fa:2a:91:
e6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B2:06:19:5F:90:CD:E6:72:14:8E:37:00:B1:D2:2D:1D:1F:45:3E
X509v3 Authority Key Identifier:
keyid:BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/U7IGGV-QzeZyFI43ALHSLR0fRT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.77.192.0/22
62.77.200.0-62.77.239.255
62.77.242.0-62.77.247.255
79.120.128.0/19
79.120.168.0/23
79.120.176.0-79.120.247.255
79.120.250.0/23
81.0.64.0-81.0.81.255
81.0.88.0/23
81.0.96.0/23
81.0.100.0-81.0.107.255
81.0.110.0-81.0.121.255
81.0.124.0/23
81.94.176.0/20
82.131.160.0-82.131.181.255
82.131.192.0/22
82.131.199.0/24
82.131.208.0/21
82.141.128.0/18
82.144.160.0/22
82.144.168.0/22
82.144.178.0-82.144.187.255
82.144.190.0/23
87.97.64.0/20
89.186.98.0-89.186.101.255
89.186.104.0/23
89.186.116.0/23
91.82.8.0-91.82.23.255
91.82.40.0-91.82.55.255
91.82.58.0/23
91.82.62.0/23
91.82.72.0-91.82.81.255
91.82.84.0-91.82.129.255
91.82.148.0-91.82.159.255
91.82.174.0/23
91.82.184.0/22
91.82.192.0-91.82.209.255
91.82.216.0-91.82.227.255
91.82.236.0/22
91.82.244.0-91.82.249.255
91.82.252.0/22
91.83.40.0-91.83.51.255
91.83.56.0-91.83.93.255
91.83.96.0-91.83.101.255
91.83.104.0-91.83.109.255
91.83.122.0-91.83.135.255
91.83.146.0-91.83.153.255
91.83.156.0-91.83.179.255
91.83.208.0-91.83.251.255
91.83.254.0/23
94.125.248.0/21
185.50.28.0/22
193.68.32.0/19
193.91.64.0/19
193.226.194.0-193.226.211.255
193.226.216.0-193.226.225.255
193.226.228.0/22
193.226.234.0-193.226.237.255
193.226.242.0/23
193.226.250.0-193.226.255.255
194.143.224.0/19
194.169.253.0/24
195.184.0.0/19
212.24.160.0/19
212.108.192.0/18
213.16.64.0/18
213.163.0.0/18
213.197.64.0/21
213.253.192.0/18
IPv6:
2001:1aa0::/29
Signature Algorithm: sha256WithRSAEncryption
8a:ce:34:db:a0:1c:d3:65:02:d6:82:d7:fd:4a:8b:37:ed:b2:
7e:6a:09:bb:f8:d0:2e:f0:fa:7f:66:66:59:02:44:3b:98:af:
db:47:93:d6:9a:78:eb:86:ba:af:2b:27:df:ec:a3:71:c7:96:
48:db:3e:a6:41:43:ec:36:57:c6:eb:80:43:ba:f8:5d:af:e2:
4a:37:1e:25:e0:f8:47:46:7a:67:27:d1:81:75:ee:ff:63:4e:
29:de:42:35:75:2e:bb:47:cd:ea:ed:92:f6:f3:a2:38:dc:ea:
0b:e4:09:8e:cc:01:70:68:47:96:49:a8:d7:c9:76:3c:34:4a:
7c:bd:61:38:6c:16:df:ed:ff:96:74:c7:84:ad:15:d5:04:45:
33:4c:ce:38:d7:5b:59:c8:c6:1f:ba:26:9a:6d:1a:11:92:8e:
a1:6d:cf:01:b4:ae:bf:a4:7b:6a:03:97:b4:e2:73:90:4e:e3:
f3:5d:ef:37:86:9e:e5:92:27:86:86:ab:33:a9:a7:66:c1:a8:
ec:d8:20:c9:05:b6:12:e3:e1:b7:32:23:20:0e:6b:18:12:c4:
b2:f6:13:a6:ee:41:12:54:4f:34:b5:47:ae:74:1b:52:ce:93:
80:bf:40:a6:dc:b8:1e:eb:f2:00:d3:74:73:c1:b6:3b:8c:9b:
2d:ac:de:be
-----BEGIN CERTIFICATE-----
MIIHlTCCBn2gAwIBAgISAZQkRO3fnguzV9i6r3uqwHpDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjA5N2EzNmMyMzI1ZDEwMzFmZjQwOTFiYTAwYTg2NDU5
ZDQyODgwHhcNMjUwMTAxMjM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2IyMDYxOTVmOTBjZGU2NzIxNDhlMzcwMGIxZDIyZDFkMWY0NTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNEoxqg9D90ya8aft0/tfZD5Ac+X
BnoIi4qw+il0hXZ+JnENljt61seKXs8B6wxKuW8FCX3svUGehW8vsgiLZSEWj40d
c4DAPn/U3/+p188psU3zocqAbs/Vu7QPXgG2YSR9tkcyCuHdBMMG3s4RR5I9aOAM
/A7F1CAZn5ElcwdM2euEGrQ5zCog7zUUcW6kwSVJk6nn15ZYt7pBhuNqq2HtSVdF
X2sVOqZBPWwI7bglCsNvkl/3bq75OEeyrpaEXkgB7J7LQT0srwfXDnH1YH14XRWe
KYyZkaM3eYwr3H0W4HlRwoRuA+WiaXLSycf4MRutTM9w+n6UFrj6KpHmUQIDAQAB
o4IEoTCCBJ0wHQYDVR0OBBYEFFOyBhlfkM3mchSONwCx0i0dH0U+MB8GA1UdIwQY
MBaAFL+wl6NsIyXRAx/0CRugCoZFnUKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2It
ZWNjNDliZGMyYWQ4LzEvVTdJR0dWLVF6ZVp5Rkk0M0FMSFNMUjBmUlQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2ItZWNjNDliZGMyYWQ4
LzEvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICtQYIKwYBBQUHAQcBAf8EggKkMIICoDCCAo0EAgABMIIC
hQMEAj5NwDAMAwQDPk3IAwQEPk3gMAwDBAE+TfIDBAM+TfADBAVPeIADBAFPeKgw
DAMEBE94sAMEA0948AMEAU94+jAMAwQGUQBAAwQBUQBQAwQBUQBYAwQBUQBgMAwD
BAJRAGQDBAJRAGgwDAMEAVEAbgMEAVEAeAMEAVEAfAMEBFFesDAMAwQFUoOgAwQB
UoO0AwQCUoPAAwQAUoPHAwQDUoPQAwQGUo2AAwQCUpCgAwQCUpCoMAwDBAFSkLID
BAJSkLgDBAFSkL4DBARXYUAwDAMEAVm6YgMEAVm6ZAMEAVm6aAMEAVm6dDAMAwQD
W1IIAwQDW1IQMAwDBANbUigDBANbUjADBAFbUjoDBAFbUj4wDAMEA1tSSAMEAVtS
UDAMAwQCW1JUAwQBW1KAMAwDBAJbUpQDBAVbUoADBAFbUq4DBAJbUrgwDAMEBltS
wAMEAVtS0DAMAwQDW1LYAwQCW1LgAwQCW1LsMAwDBAJbUvQDBAFbUvgDBAJbUvww
DAMEA1tTKAMEAltTMDAMAwQDW1M4AwQBW1NcMAwDBAVbU2ADBAFbU2QwDAMEA1tT
aAMEAVtTbDAMAwQBW1N6AwQDW1OAMAwDBAFbU5IDBAFbU5gwDAMEAltTnAMEAltT
sDAMAwQEW1PQAwQCW1P4AwQBW1P+AwQDXn34AwQCuTIcAwQFwUQgAwQFwVtAMAwD
BAHB4sIDBALB4tAwDAMEA8Hi2AMEAcHi4AMEAsHi5DAMAwQBweLqAwQBweLsAwQB
weLyMAsDBAHB4voDAwDB4gMEBcKP4AMEAMKp/QMEBcO4AAMEBdQYoAMEBtRswAME
BtUQQAMEBtWjAAMEA9XFQAMEBtX9wDANBAIAAjAHAwUDIAEaoDANBgkqhkiG9w0B
AQsFAAOCAQEAis4026Ac02UC1oLX/UqLN+2yfmoJu/jQLvD6f2ZmWQJEO5iv20eT
1pp464a6rysn3+yjcceWSNs+pkFD7DZXxuuAQ7r4Xa/iSjceJeD4R0Z6ZyfRgXXu
/2NOKd5CNXUuu0fN6u2S9vOiONzqC+QJjswBcGhHlkmo18l2PDRKfL1hOGwW3+3/
lnTHhK0V1QRFM0zOONdbWcjGH7ommm0aEZKOoW3PAbSuv6R7agOXtOJzkE7j813v
N4ae5ZInhoarM6mnZsGo7NggyQW2EuPhtzIjIA5rGBLEsvYTpu5BElRPNLVHrnQb
Us6TgL9Apty4HuvyANN0c8G2O4ybLazevg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:25:14 2025 by rpki-client