Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/8edb82-ce2b-44e1-92cd-2fc9e6b6fc96/1/7IRBLSfQw70E4LzZcjXY-D8C8fA.roa
File: 7IRBLSfQw70E4LzZcjXY-D8C8fA.roa (raw, json)
Hash identifier: 79Al4HItKjf6ExxdXz6inRflLr9e/PUFqqQFaJ8eNK8=
Subject key identifier: EC:84:41:2D:27:D0:C3:BD:04:E0:BC:D9:72:35:D8:F8:3F:02:F1:F0
Certificate issuer: /CN=859b5b6a3d82bd00ed31c6ceb3aea7ad591ee537
Certificate serial: 018CC49375127CA7319919304F9F8A5074A8
Authority key identifier: 85:9B:5B:6A:3D:82:BD:00:ED:31:C6:CE:B3:AE:A7:AD:59:1E:E5:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hZtbaj2CvQDtMcbOs66nrVke5Tc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/8edb82-ce2b-44e1-92cd-2fc9e6b6fc96/1/7IRBLSfQw70E4LzZcjXY-D8C8fA.roa
Signing time: Mon 01 Jan 2024 10:30:47 +0000
ROA not before: Mon 01 Jan 2024 10:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12392
IP address blocks: 85.26.80.0/20 maxlen: 20
85.201.128.0/20 maxlen: 20
85.26.96.0/20 maxlen: 20
85.201.144.0/20 maxlen: 20
85.26.112.0/20 maxlen: 20
85.201.160.0/20 maxlen: 20
85.26.32.0/20 maxlen: 20
85.201.80.0/20 maxlen: 20
85.26.48.0/20 maxlen: 20
85.201.96.0/20 maxlen: 20
85.26.64.0/20 maxlen: 20
85.201.112.0/20 maxlen: 20
149.154.192.0/18 maxlen: 18
85.201.240.0/20 maxlen: 20
85.201.176.0/20 maxlen: 20
85.201.192.0/20 maxlen: 20
85.201.208.0/20 maxlen: 20
85.201.224.0/20 maxlen: 20
213.213.240.0/20 maxlen: 20
85.201.16.0/20 maxlen: 20
85.201.32.0/20 maxlen: 20
85.26.0.0/17 maxlen: 17
85.26.0.0/20 maxlen: 20
85.201.48.0/20 maxlen: 20
85.26.16.0/20 maxlen: 20
85.201.64.0/20 maxlen: 20
85.201.0.0/20 maxlen: 20
85.201.0.0/16 maxlen: 16
213.213.192.0/20 maxlen: 20
213.213.192.0/18 maxlen: 18
213.213.208.0/20 maxlen: 20
213.213.224.0/20 maxlen: 20
185.3.160.0/22 maxlen: 22
82.212.128.0/20 maxlen: 20
82.212.128.0/18 maxlen: 18
82.212.144.0/20 maxlen: 20
82.212.160.0/20 maxlen: 20
82.212.176.0/20 maxlen: 20
62.197.64.0/18 maxlen: 18
109.89.128.0/20 maxlen: 20
62.197.80.0/20 maxlen: 20
109.89.144.0/20 maxlen: 20
62.197.96.0/20 maxlen: 20
109.89.160.0/20 maxlen: 20
62.197.112.0/20 maxlen: 20
109.89.80.0/20 maxlen: 20
109.89.96.0/20 maxlen: 20
62.197.64.0/20 maxlen: 20
109.89.112.0/20 maxlen: 20
109.89.240.0/20 maxlen: 20
217.15.224.0/20 maxlen: 20
109.89.176.0/20 maxlen: 20
109.89.192.0/20 maxlen: 20
109.89.208.0/20 maxlen: 20
109.89.224.0/20 maxlen: 20
78.129.16.0/20 maxlen: 20
109.88.160.0/20 maxlen: 20
213.189.176.0/20 maxlen: 20
95.182.240.0/20 maxlen: 20
109.88.176.0/20 maxlen: 20
78.129.32.0/20 maxlen: 20
109.88.192.0/20 maxlen: 20
78.129.48.0/20 maxlen: 20
78.129.64.0/20 maxlen: 20
109.88.208.0/20 maxlen: 20
95.182.192.0/20 maxlen: 20
95.182.208.0/20 maxlen: 20
109.88.128.0/19 maxlen: 19
95.182.224.0/20 maxlen: 20
78.129.0.0/17 maxlen: 17
213.189.160.0/19 maxlen: 19
213.189.160.0/20 maxlen: 20
78.129.0.0/20 maxlen: 20
109.89.16.0/20 maxlen: 20
212.68.224.0/20 maxlen: 20
109.89.32.0/20 maxlen: 20
212.68.240.0/20 maxlen: 20
109.89.48.0/20 maxlen: 20
109.89.64.0/20 maxlen: 20
109.88.224.0/20 maxlen: 20
78.129.80.0/20 maxlen: 20
78.129.96.0/20 maxlen: 20
212.68.192.0/20 maxlen: 20
109.88.240.0/20 maxlen: 20
212.68.192.0/18 maxlen: 18
109.89.0.0/20 maxlen: 20
78.129.112.0/20 maxlen: 20
212.68.208.0/20 maxlen: 20
85.27.48.0/20 maxlen: 20
85.27.0.0/17 maxlen: 17
85.27.32.0/20 maxlen: 20
95.182.144.0/20 maxlen: 20
109.88.64.0/20 maxlen: 20
109.88.80.0/20 maxlen: 20
109.88.96.0/19 maxlen: 19
109.88.0.0/20 maxlen: 20
109.88.0.0/15 maxlen: 15
109.88.16.0/20 maxlen: 20
109.88.32.0/20 maxlen: 20
95.182.128.0/17 maxlen: 17
109.88.48.0/20 maxlen: 20
95.182.128.0/20 maxlen: 20
2a02:2788:900::/40 maxlen: 40
2a02:2788:300::/40 maxlen: 40
2a02:2788:600::/40 maxlen: 40
2a02:2788:a00::/40 maxlen: 40
2a02:2788:100::/40 maxlen: 40
2a02:2788:400::/40 maxlen: 40
2a02:2788:700::/40 maxlen: 40
2a02:2788:b00::/40 maxlen: 40
2a02:2788:800::/40 maxlen: 40
2a02:2788:500::/40 maxlen: 40
2a02:2788::/32 maxlen: 32
2a02:2788:e00::/40 maxlen: 40
2a02:2788:c00::/40 maxlen: 40
2a02:2788:f00::/40 maxlen: 40
2a02:2788:200::/40 maxlen: 40
2a02:2788:d00::/40 maxlen: 40
2a02:2788::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/8edb82-ce2b-44e1-92cd-2fc9e6b6fc96/1/hZtbaj2CvQDtMcbOs66nrVke5Tc.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/8edb82-ce2b-44e1-92cd-2fc9e6b6fc96/1/hZtbaj2CvQDtMcbOs66nrVke5Tc.mft
rsync://rpki.ripe.net/repository/DEFAULT/hZtbaj2CvQDtMcbOs66nrVke5Tc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:75:12:7c:a7:31:99:19:30:4f:9f:8a:50:74:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=859b5b6a3d82bd00ed31c6ceb3aea7ad591ee537
Validity
Not Before: Jan 1 10:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec84412d27d0c3bd04e0bcd97235d8f83f02f1f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f2:e1:f0:12:ec:2f:8b:b4:3f:09:bb:ac:0c:
d3:71:34:47:b6:23:13:0d:4e:ee:5a:ea:c8:17:c8:
29:bb:8c:a0:6a:fd:35:21:3e:46:fe:d6:af:4a:91:
fa:4c:f9:06:68:61:56:78:e9:f4:bd:23:e3:df:a4:
32:e3:9a:9b:bc:f7:d5:dc:76:92:dc:24:2f:7d:0d:
4e:6c:a8:77:fc:2c:d0:8d:e0:c1:4d:26:a9:b0:a6:
82:d9:db:55:ca:77:ee:55:ad:88:87:7b:fa:06:bb:
16:ae:fc:ea:de:70:7a:f0:79:91:2a:b9:e0:7a:da:
cb:ee:8f:19:d6:c1:13:e7:a6:df:38:4a:05:e6:7f:
48:99:41:6d:99:47:a9:3e:d4:34:45:7c:d0:c0:5c:
fa:03:e9:b2:15:e6:27:68:32:04:19:66:0f:2d:6f:
e1:e5:62:6c:3f:18:74:2c:4a:13:7c:af:20:7f:c9:
ee:d7:58:e3:67:c5:9c:f8:f5:8c:12:1c:34:cf:f0:
94:86:6f:f6:a8:62:d0:ae:0e:9d:c3:10:39:19:ec:
f9:00:d0:0a:ab:53:f8:9d:d7:4c:0c:23:58:90:d6:
47:f0:2c:04:97:9a:2d:2a:ce:7d:12:7c:69:2b:87:
4b:96:00:0f:47:c8:ce:1b:62:d7:4e:57:a8:04:ed:
6e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:84:41:2D:27:D0:C3:BD:04:E0:BC:D9:72:35:D8:F8:3F:02:F1:F0
X509v3 Authority Key Identifier:
keyid:85:9B:5B:6A:3D:82:BD:00:ED:31:C6:CE:B3:AE:A7:AD:59:1E:E5:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hZtbaj2CvQDtMcbOs66nrVke5Tc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/8edb82-ce2b-44e1-92cd-2fc9e6b6fc96/1/7IRBLSfQw70E4LzZcjXY-D8C8fA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/8edb82-ce2b-44e1-92cd-2fc9e6b6fc96/1/hZtbaj2CvQDtMcbOs66nrVke5Tc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.197.64.0/18
78.129.0.0/17
82.212.128.0/18
85.26.0.0/17
85.27.0.0/17
85.201.0.0/16
95.182.128.0/17
109.88.0.0/15
149.154.192.0/18
185.3.160.0/22
212.68.192.0/18
213.189.160.0/19
213.213.192.0/18
217.15.224.0/20
IPv6:
2a02:2788::/32
Signature Algorithm: sha256WithRSAEncryption
0c:b8:8d:b0:a2:a5:53:df:9b:f1:df:6f:26:ad:aa:04:34:82:
b5:be:f9:11:55:bd:f3:e5:54:59:27:98:aa:0e:f4:4b:90:5d:
39:96:5e:63:9e:c6:e3:a1:56:58:e9:30:88:90:cd:48:19:43:
2d:30:a3:cb:cc:41:b3:c4:4f:23:41:51:f8:97:85:31:f3:e2:
df:db:64:a9:b3:9f:52:c1:0d:e1:bf:b8:b3:57:d2:33:9e:80:
59:83:c6:6a:cb:50:bf:59:cc:3c:fb:8f:a2:ae:40:c2:f9:01:
5e:9d:2e:f0:46:40:1e:97:b4:5d:1f:33:1e:c0:7d:e2:92:46:
b9:0d:c4:d9:1c:76:77:3a:42:4d:5e:33:e3:a1:36:9e:d2:13:
00:0e:ce:e2:92:9d:cc:bd:87:84:78:f5:11:86:f9:0f:d1:d4:
f8:fa:20:29:00:c5:b8:72:0c:70:8f:d3:1b:54:31:7e:d2:88:
67:4c:a4:52:1c:71:a0:29:97:1d:4c:e2:33:24:cf:06:ec:d8:
66:5d:09:4b:51:99:53:3e:05:ba:12:71:41:80:e8:ab:f0:29:
6c:76:80:78:48:71:57:40:db:01:06:d0:13:22:53:a2:5f:11:
ea:dd:4b:3d:8e:7d:aa:b1:e7:ac:30:d8:ab:e2:ad:3b:33:6d:
23:c5:1a:94
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYzEk3USfKcxmRkwT5+KUHSoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1OWI1YjZhM2Q4MmJkMDBlZDMxYzZjZWIzYWVhN2FkNTkx
ZWU1MzcwHhcNMjQwMTAxMTAzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzg0NDEyZDI3ZDBjM2JkMDRlMGJjZDk3MjM1ZDhmODNmMDJmMWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPLh8BLsL4u0Pwm7rAzTcTRHtiMT
DU7uWurIF8gpu4ygav01IT5G/tavSpH6TPkGaGFWeOn0vSPj36Qy45qbvPfV3HaS
3CQvfQ1ObKh3/CzQjeDBTSapsKaC2dtVynfuVa2Ih3v6BrsWrvzq3nB68HmRKrng
etrL7o8Z1sET56bfOEoF5n9ImUFtmUepPtQ0RXzQwFz6A+myFeYnaDIEGWYPLW/h
5WJsPxh0LEoTfK8gf8nu11jjZ8Wc+PWMEhw0z/CUhm/2qGLQrg6dwxA5Gez5ANAK
q1P4nddMDCNYkNZH8CwEl5otKs59EnxpK4dLlgAPR8jOG2LXTleoBO1uuwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFOyEQS0n0MO9BOC82XI12Pg/AvHwMB8GA1UdIwQY
MBaAFIWbW2o9gr0A7THGzrOup61ZHuU3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFp0YmFqMkN2UUR0TWNiT3M2Nm5yVmtlNVRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny84ZWRiODItY2UyYi00NGUxLTkyY2Qt
MmZjOWU2YjZmYzk2LzEvN0lSQkxTZlF3NzBFNEx6WmNqWFktRDhDOGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny84ZWRiODItY2UyYi00NGUxLTkyY2QtMmZjOWU2YjZmYzk2
LzEvaFp0YmFqMkN2UUR0TWNiT3M2Nm5yVmtlNVRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBYBAIAATBSAwQGPsVAAwQH
ToEAAwQGUtSAAwQHVRoAAwQHVRsAAwMAVckDBAdftoADAwFtWAMEBpWawAMEArkD
oAMEBtREwAMEBdW9oAMEBtXVwAMEBNkP4DANBAIAAjAHAwUAKgIniDANBgkqhkiG
9w0BAQsFAAOCAQEADLiNsKKlU9+b8d9vJq2qBDSCtb75EVW98+VUWSeYqg70S5Bd
OZZeY57G46FWWOkwiJDNSBlDLTCjy8xBs8RPI0FR+JeFMfPi39tkqbOfUsEN4b+4
s1fSM56AWYPGastQv1nMPPuPoq5AwvkBXp0u8EZAHpe0XR8zHsB94pJGuQ3E2Rx2
dzpCTV4z46E2ntITAA7O4pKdzL2HhHj1EYb5D9HU+PogKQDFuHIMcI/TG1QxftKI
Z0ykUhxxoCmXHUziMyTPBuzYZl0JS1GZUz4FuhJxQYDoq/ApbHaAeEhxV0DbAQbQ
EyJTol8R6t1LPY59qrHnrDDYq+KtOzNtI8UalA==
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:02:41 2024 by rpki-client on console-fra.rpki-client.org