Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/7anSGolHHEUtE9eQp3FaQpx0s5k.roa
File: 7anSGolHHEUtE9eQp3FaQpx0s5k.roa (raw, json)
Hash identifier: xG+2GmGLBL0vL/CNhG9LqHQ9O78oNR276EBaVnrzFiM=
Subject key identifier: ED:A9:D2:1A:89:47:1C:45:2D:13:D7:90:A7:71:5A:42:9C:74:B3:99
Certificate issuer: /CN=845c2379efed10056cf865d52c32e1e1eba8c140
Certificate serial: 018CC9BCB1FBDA9A964597845DB5B9174257
Authority key identifier: 84:5C:23:79:EF:ED:10:05:6C:F8:65:D5:2C:32:E1:E1:EB:A8:C1:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFwjee_tEAVs-GXVLDLh4euowUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/7anSGolHHEUtE9eQp3FaQpx0s5k.roa
Signing time: Tue 02 Jan 2024 10:33:55 +0000
ROA not before: Tue 02 Jan 2024 10:33:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20845
IP address blocks: 79.120.160.0/21 maxlen: 24
79.120.172.0/22 maxlen: 24
79.120.170.0/23 maxlen: 24
89.147.96.0/22 maxlen: 24
89.147.112.0/21 maxlen: 24
212.40.72.0/21 maxlen: 24
212.40.80.0/20 maxlen: 24
79.120.252.0/22 maxlen: 24
79.120.248.0/23 maxlen: 24
85.66.0.0/15 maxlen: 24
77.234.64.0/19 maxlen: 24
176.241.0.0/18 maxlen: 24
92.52.224.0/19 maxlen: 24
89.147.64.0/20 maxlen: 24
193.226.192.0/23 maxlen: 24
89.186.96.0/23 maxlen: 24
89.186.102.0/23 maxlen: 24
193.226.212.0/22 maxlen: 24
89.186.112.0/22 maxlen: 24
89.186.108.0/22 maxlen: 24
89.186.106.0/23 maxlen: 24
89.186.118.0/23 maxlen: 24
193.226.226.0/23 maxlen: 24
193.226.232.0/23 maxlen: 24
89.186.120.0/21 maxlen: 24
193.226.240.0/23 maxlen: 24
193.226.238.0/23 maxlen: 24
81.17.176.0/20 maxlen: 24
193.226.244.0/22 maxlen: 24
193.226.248.0/23 maxlen: 24
195.38.96.0/19 maxlen: 24
94.247.88.0/21 maxlen: 24
62.77.196.0/22 maxlen: 24
82.131.184.0/21 maxlen: 24
82.131.182.0/23 maxlen: 24
82.131.198.0/24 maxlen: 24
82.131.196.0/23 maxlen: 24
82.131.128.0/19 maxlen: 24
62.165.192.0/18 maxlen: 24
82.131.200.0/21 maxlen: 24
62.77.240.0/23 maxlen: 24
82.131.216.0/21 maxlen: 24
82.131.224.0/19 maxlen: 24
62.77.248.0/21 maxlen: 24
91.83.154.0/23 maxlen: 24
178.164.128.0/17 maxlen: 24
91.83.184.0/21 maxlen: 24
91.83.180.0/22 maxlen: 24
91.83.192.0/20 maxlen: 24
91.83.94.0/23 maxlen: 24
91.83.102.0/23 maxlen: 24
91.83.110.0/23 maxlen: 24
91.83.120.0/23 maxlen: 24
91.83.136.0/21 maxlen: 24
87.97.0.0/18 maxlen: 24
92.245.64.0/19 maxlen: 24
91.83.144.0/23 maxlen: 24
82.144.164.0/22 maxlen: 24
82.144.172.0/22 maxlen: 24
82.144.176.0/23 maxlen: 24
82.144.188.0/23 maxlen: 24
78.131.0.0/17 maxlen: 24
87.97.80.0/20 maxlen: 24
87.97.96.0/19 maxlen: 24
91.83.252.0/23 maxlen: 24
91.82.188.0/22 maxlen: 24
213.197.72.0/21 maxlen: 24
213.197.80.0/20 maxlen: 24
91.82.212.0/22 maxlen: 24
91.82.210.0/23 maxlen: 24
91.82.232.0/22 maxlen: 24
91.82.228.0/22 maxlen: 24
91.82.240.0/22 maxlen: 24
91.82.144.0/22 maxlen: 24
91.82.172.0/23 maxlen: 24
91.82.168.0/22 maxlen: 24
91.82.176.0/21 maxlen: 24
185.62.128.0/22 maxlen: 24
217.197.176.0/20 maxlen: 24
185.29.80.0/22 maxlen: 24
91.83.52.0/22 maxlen: 24
193.110.56.0/21 maxlen: 24
85.238.64.0/19 maxlen: 24
91.82.250.0/23 maxlen: 24
91.83.0.0/19 maxlen: 24
91.83.32.0/21 maxlen: 24
91.82.0.0/21 maxlen: 24
91.82.24.0/21 maxlen: 24
80.95.64.0/19 maxlen: 24
188.142.128.0/19 maxlen: 24
91.82.82.0/23 maxlen: 24
188.143.0.0/17 maxlen: 24
91.82.132.0/22 maxlen: 24
91.82.130.0/23 maxlen: 24
91.82.32.0/21 maxlen: 24
91.82.56.0/23 maxlen: 24
91.82.64.0/21 maxlen: 24
91.82.60.0/23 maxlen: 24
84.236.0.0/17 maxlen: 24
92.249.128.0/17 maxlen: 24
81.0.82.0/23 maxlen: 24
81.0.84.0/22 maxlen: 24
81.0.90.0/23 maxlen: 24
81.0.92.0/22 maxlen: 24
81.0.98.0/23 maxlen: 24
89.148.64.0/18 maxlen: 24
94.21.0.0/16 maxlen: 24
81.0.108.0/23 maxlen: 24
81.0.122.0/23 maxlen: 24
81.0.126.0/23 maxlen: 24
2a01:368::/32 maxlen: 32
2a01:368::/29 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/hFwjee_tEAVs-GXVLDLh4euowUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/hFwjee_tEAVs-GXVLDLh4euowUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hFwjee_tEAVs-GXVLDLh4euowUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:b1:fb:da:9a:96:45:97:84:5d:b5:b9:17:42:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=845c2379efed10056cf865d52c32e1e1eba8c140
Validity
Not Before: Jan 2 10:33:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eda9d21a89471c452d13d790a7715a429c74b399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:33:bb:a0:35:1f:39:0e:a8:ae:58:0c:9c:0f:
52:e4:ad:a4:65:63:93:8d:d9:bb:9d:dc:d3:d9:05:
77:b2:ba:0b:0a:1e:ad:b8:83:0a:dc:41:af:bf:c7:
64:fd:f9:c1:1b:6b:d9:ab:31:76:bf:01:08:b8:c0:
69:7c:57:e7:0d:9f:78:07:05:06:22:b7:d0:60:9e:
1c:f9:0c:32:18:de:99:4e:6b:8f:8c:58:32:e1:96:
6b:6a:44:d3:f6:14:83:87:bb:16:89:fc:31:f7:10:
1d:9d:c2:29:29:31:cb:71:bd:9a:77:e8:10:14:6b:
c9:75:55:d1:84:0c:b0:20:03:47:b8:7d:9e:6f:63:
d0:53:a5:2f:b7:79:e4:08:a6:0f:33:ab:cb:3f:bf:
c2:20:0a:c7:d5:10:f5:e2:98:8d:a2:23:c1:98:5d:
46:d5:0b:d7:96:ea:15:4c:5d:72:30:d2:05:1e:75:
22:eb:04:5c:0a:f2:70:49:32:9c:64:4e:10:a1:2f:
66:77:75:12:f7:0f:68:63:ac:57:83:12:bf:fa:07:
2b:65:2f:9d:10:97:3c:e2:59:50:17:7b:ff:46:42:
58:fc:89:56:cc:35:39:e5:c1:1e:77:35:cf:ac:ab:
46:a0:78:c3:29:60:aa:e7:b6:89:d5:dc:e6:2f:b4:
8d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:A9:D2:1A:89:47:1C:45:2D:13:D7:90:A7:71:5A:42:9C:74:B3:99
X509v3 Authority Key Identifier:
keyid:84:5C:23:79:EF:ED:10:05:6C:F8:65:D5:2C:32:E1:E1:EB:A8:C1:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFwjee_tEAVs-GXVLDLh4euowUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/7anSGolHHEUtE9eQp3FaQpx0s5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/hFwjee_tEAVs-GXVLDLh4euowUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.77.196.0/22
62.77.240.0/23
62.77.248.0/21
62.165.192.0/18
77.234.64.0/19
78.131.0.0/17
79.120.160.0/21
79.120.170.0-79.120.175.255
79.120.248.0/23
79.120.252.0/22
80.95.64.0/19
81.0.82.0-81.0.87.255
81.0.90.0-81.0.95.255
81.0.98.0/23
81.0.108.0/23
81.0.122.0/23
81.0.126.0/23
81.17.176.0/20
82.131.128.0/19
82.131.182.0-82.131.191.255
82.131.196.0-82.131.198.255
82.131.200.0/21
82.131.216.0-82.131.255.255
82.144.164.0/22
82.144.172.0-82.144.177.255
82.144.188.0/23
84.236.0.0/17
85.66.0.0/15
85.238.64.0/19
87.97.0.0/18
87.97.80.0-87.97.127.255
89.147.64.0/20
89.147.96.0/22
89.147.112.0/21
89.148.64.0/18
89.186.96.0/23
89.186.102.0/23
89.186.106.0-89.186.115.255
89.186.118.0-89.186.127.255
91.82.0.0/21
91.82.24.0-91.82.39.255
91.82.56.0/23
91.82.60.0/23
91.82.64.0/21
91.82.82.0/23
91.82.130.0-91.82.135.255
91.82.144.0/22
91.82.168.0-91.82.173.255
91.82.176.0/21
91.82.188.0/22
91.82.210.0-91.82.215.255
91.82.228.0-91.82.235.255
91.82.240.0/22
91.82.250.0/23
91.83.0.0-91.83.39.255
91.83.52.0/22
91.83.94.0/23
91.83.102.0/23
91.83.110.0/23
91.83.120.0/23
91.83.136.0-91.83.145.255
91.83.154.0/23
91.83.180.0-91.83.207.255
91.83.252.0/23
92.52.224.0/19
92.245.64.0/19
92.249.128.0/17
94.21.0.0/16
94.247.88.0/21
176.241.0.0/18
178.164.128.0/17
185.29.80.0/22
185.62.128.0/22
188.142.128.0/19
188.143.0.0/17
193.110.56.0/21
193.226.192.0/23
193.226.212.0/22
193.226.226.0/23
193.226.232.0/23
193.226.238.0-193.226.241.255
193.226.244.0-193.226.249.255
195.38.96.0/19
212.40.72.0-212.40.95.255
213.197.72.0-213.197.95.255
217.197.176.0/20
IPv6:
2a01:368::/29
Signature Algorithm: sha256WithRSAEncryption
2d:44:07:13:c0:ec:b4:ba:f8:83:59:e8:d0:92:6a:1b:89:da:
a1:8f:8f:d2:a2:64:72:80:8b:1b:5a:97:0b:f0:98:cb:0b:52:
17:bc:59:3a:e6:26:36:dc:79:22:bb:bf:ba:99:6b:e6:8c:d8:
99:f3:0a:d0:d2:8a:c2:bb:2f:c6:99:93:78:49:52:4e:c3:e7:
a9:c0:c0:31:c9:45:a3:ca:cc:dd:9c:6c:b7:c7:2a:c0:33:bf:
d3:15:e7:e9:4e:d5:94:90:19:3e:b3:ee:a2:74:c1:07:d9:31:
f3:9c:0d:f9:33:ec:f7:6e:aa:5b:47:81:12:dd:77:0e:dd:53:
e1:66:9f:a9:77:02:9b:54:54:75:f1:92:da:5a:1b:36:cf:f2:
a4:b7:2d:25:0a:7f:7a:0c:1b:7f:8f:70:29:d3:4a:23:33:57:
21:3e:c1:6f:a2:10:fa:ff:3d:40:94:c4:37:38:f0:3d:f2:21:
79:f0:0b:f7:19:da:f1:e6:f3:4f:53:b8:59:3a:57:eb:a0:c3:
6d:41:f1:c7:b7:ed:1c:18:75:84:8c:f4:6e:34:a9:aa:fa:74:
ec:ad:51:e3:3d:4e:10:ca:8c:f4:65:38:2b:bd:dc:5b:48:d2:
34:fa:23:b5:83:e0:07:16:e6:70:b3:f7:76:d8:21:26:9f:13:
c0:28:5f:49
-----BEGIN CERTIFICATE-----
MIIHwDCCBqigAwIBAgISAYzJvLH72pqWRZeEXbW5F0JXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NWMyMzc5ZWZlZDEwMDU2Y2Y4NjVkNTJjMzJlMWUxZWJh
OGMxNDAwHhcNMjQwMTAyMTAzMzU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGE5ZDIxYTg5NDcxYzQ1MmQxM2Q3OTBhNzcxNWE0MjljNzRiMzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTO7oDUfOQ6orlgMnA9S5K2kZWOT
jdm7ndzT2QV3sroLCh6tuIMK3EGvv8dk/fnBG2vZqzF2vwEIuMBpfFfnDZ94BwUG
IrfQYJ4c+QwyGN6ZTmuPjFgy4ZZrakTT9hSDh7sWifwx9xAdncIpKTHLcb2ad+gQ
FGvJdVXRhAywIANHuH2eb2PQU6Uvt3nkCKYPM6vLP7/CIArH1RD14piNoiPBmF1G
1QvXluoVTF1yMNIFHnUi6wRcCvJwSTKcZE4QoS9md3US9w9oY6xXgxK/+gcrZS+d
EJc84llQF3v/RkJY/IlWzDU55cEedzXPrKtGoHjDKWCq57aJ1dzmL7SNnwIDAQAB
o4IEzDCCBMgwHQYDVR0OBBYEFO2p0hqJRxxFLRPXkKdxWkKcdLOZMB8GA1UdIwQY
MBaAFIRcI3nv7RAFbPhl1Swy4eHrqMFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZ3amVlX3RFQVZzLUdYVkxETGg0ZXVvd1VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MGU4ZmEtZWM1Yy00NTk0LTllYzQt
YmU3YTFhMDAxY2NmLzEvN2FuU0dvbEhIRVV0RTllUXAzRmFRcHgwczVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MGU4ZmEtZWM1Yy00NTk0LTllYzQtYmU3YTFhMDAxY2Nm
LzEvaEZ3amVlX3RFQVZzLUdYVkxETGg0ZXVvd1VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIC4AYIKwYBBQUHAQcBAf8EggLPMIICyzCCArgEAgABMIIC
sAMEAj5NxAMEAT5N8AMEAz5N+AMEBj6lwAMEBU3qQAMEB06DAAMEA094oDAMAwQB
T3iqAwQET3igAwQBT3j4AwQCT3j8AwQFUF9AMAwDBAFRAFIDBANRAFAwDAMEAVEA
WgMEBVEAQAMEAVEAYgMEAVEAbAMEAVEAegMEAVEAfgMEBFERsAMEBVKDgDAMAwQB
UoO2AwQGUoOAMAwDBAJSg8QDBABSg8YDBANSg8gwCwMEA1KD2AMDAlKAAwQCUpCk
MAwDBAJSkKwDBAFSkLADBAFSkLwDBAdU7AADAwFVQgMEBVXuQAMEBldhADAMAwQE
V2FQAwQHV2EAAwQEWZNAAwQCWZNgAwQDWZNwAwQGWZRAAwQBWbpgAwQBWbpmMAwD
BAFZumoDBAJZunAwDAMEAVm6dgMEB1m6AAMEA1tSADAMAwQDW1IYAwQDW1IgAwQB
W1I4AwQBW1I8AwQDW1JAAwQBW1JSMAwDBAFbUoIDBANbUoADBAJbUpAwDAMEA1tS
qAMEAVtSrAMEA1tSsAMEAltSvDAMAwQBW1LSAwQDW1LQMAwDBAJbUuQDBAJbUugD
BAJbUvADBAFbUvowCwMDAFtTAwQDW1MgAwQCW1M0AwQBW1NeAwQBW1NmAwQBW1Nu
AwQBW1N4MAwDBANbU4gDBAFbU5ADBAFbU5owDAMEAltTtAMEBFtTwAMEAVtT/AME
BVw04AMEBVz1QAMEB1z5gAMDAF4VAwQDXvdYAwQGsPEAAwQHsqSAAwQCuR1QAwQC
uT6AAwQFvI6AAwQHvI8AAwQDwW44AwQBweLAAwQCweLUAwQBweLiAwQBweLoMAwD
BAHB4u4DBAHB4vAwDAMEAsHi9AMEAcHi+AMEBcMmYDAMAwQD1ChIAwQF1ChAMAwD
BAPVxUgDBAXVxUADBATZxbAwDQQCAAIwBwMFAyoBA2gwDQYJKoZIhvcNAQELBQAD
ggEBAC1EBxPA7LS6+INZ6NCSahuJ2qGPj9KiZHKAixtalwvwmMsLUhe8WTrmJjbc
eSK7v7qZa+aM2JnzCtDSisK7L8aZk3hJUk7D56nAwDHJRaPKzN2cbLfHKsAzv9MV
5+lO1ZSQGT6z7qJ0wQfZMfOcDfkz7PduqltHgRLddw7dU+Fmn6l3AptUVHXxktpa
GzbP8qS3LSUKf3oMG3+PcCnTSiMzVyE+wW+iEPr/PUCUxDc48D3yIXnwC/cZ2vHm
809TuFk6V+ugw21B8ce37RwYdYSM9G40qar6dOytUeM9ThDKjPRlOCu93FtI0jT6
I7WD4AcW5nCz93bYISafE8AoX0k=
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:53:43 2024 by rpki-client on console-fra.rpki-client.org