Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/0cBZWdxrxmToAHKCETVLabu1eyk.roa
File: 0cBZWdxrxmToAHKCETVLabu1eyk.roa (raw, json)
Hash identifier: 7HyBX8/ICLw78CfGrUV8FozZ7wr1YMUNQBBEE0+RYMs=
Subject key identifier: D1:C0:59:59:DC:6B:C6:64:E8:00:72:82:11:35:4B:69:BB:B5:7B:29
Certificate issuer: /CN=e7fed4e778209c3cae93d4b76d350704462c3aab
Certificate serial: 018CC8708C9FB2BBCC1D4899027F68E838AA
Authority key identifier: E7:FE:D4:E7:78:20:9C:3C:AE:93:D4:B7:6D:35:07:04:46:2C:3A:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_7U53ggnDyuk9S3bTUHBEYsOqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/0cBZWdxrxmToAHKCETVLabu1eyk.roa
Signing time: Tue 02 Jan 2024 04:31:08 +0000
ROA not before: Tue 02 Jan 2024 04:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39501
IP address blocks: 89.33.18.0/23 maxlen: 23
89.46.94.0/23 maxlen: 23
89.39.186.0/23 maxlen: 23
89.33.128.0/23 maxlen: 23
89.40.78.0/23 maxlen: 23
89.40.90.0/23 maxlen: 23
89.40.38.0/23 maxlen: 23
89.38.242.0/23 maxlen: 23
45.140.28.0/22 maxlen: 22
89.45.126.0/23 maxlen: 23
89.46.44.0/23 maxlen: 23
89.32.196.0/23 maxlen: 23
89.46.60.0/23 maxlen: 23
185.46.0.0/22 maxlen: 22
188.159.96.0/19 maxlen: 19
188.159.128.0/19 maxlen: 19
188.159.128.0/18 maxlen: 18
188.159.64.0/19 maxlen: 19
89.44.190.0/23 maxlen: 23
89.44.202.0/23 maxlen: 23
89.38.24.0/23 maxlen: 23
89.45.68.0/23 maxlen: 23
89.45.80.0/23 maxlen: 23
89.38.102.0/23 maxlen: 23
188.159.192.0/19 maxlen: 19
89.165.64.0/18 maxlen: 18
89.165.80.0/21 maxlen: 21
188.158.160.0/21 maxlen: 21
188.158.160.0/20 maxlen: 20
188.158.160.0/19 maxlen: 19
89.165.105.0/24 maxlen: 24
89.37.102.0/23 maxlen: 23
89.165.16.0/21 maxlen: 21
89.43.204.0/23 maxlen: 23
89.37.30.0/23 maxlen: 23
188.158.96.0/21 maxlen: 21
188.158.96.0/20 maxlen: 20
188.158.96.0/19 maxlen: 19
89.37.42.0/23 maxlen: 23
89.165.56.0/21 maxlen: 21
188.158.128.0/18 maxlen: 18
188.158.128.0/19 maxlen: 19
89.44.112.0/23 maxlen: 23
89.44.118.0/23 maxlen: 23
188.159.0.0/18 maxlen: 18
188.159.0.0/19 maxlen: 19
89.37.198.0/23 maxlen: 23
89.37.218.0/23 maxlen: 23
89.44.146.0/23 maxlen: 23
188.159.32.0/19 maxlen: 19
188.158.192.0/19 maxlen: 19
86.104.232.0/21 maxlen: 21
188.158.224.0/19 maxlen: 19
89.43.70.0/23 maxlen: 23
89.43.88.0/21 maxlen: 21
89.43.36.0/23 maxlen: 23
188.158.32.0/19 maxlen: 19
188.158.32.0/20 maxlen: 20
89.36.226.0/23 maxlen: 23
188.158.64.0/19 maxlen: 19
89.36.252.0/23 maxlen: 23
89.43.182.0/23 maxlen: 23
89.165.0.0/18 maxlen: 18
89.43.188.0/23 maxlen: 23
89.165.0.0/17 maxlen: 17
89.165.8.0/21 maxlen: 21
89.43.96.0/21 maxlen: 21
188.158.0.0/19 maxlen: 19
188.158.0.0/18 maxlen: 18
89.36.194.0/23 maxlen: 23
188.158.0.0/16 maxlen: 16
188.158.16.0/20 maxlen: 20
89.35.156.0/23 maxlen: 23
85.204.30.0/23 maxlen: 23
89.35.176.0/23 maxlen: 23
89.35.194.0/23 maxlen: 23
89.42.32.0/23 maxlen: 23
89.42.56.0/23 maxlen: 23
89.35.132.0/23 maxlen: 23
89.42.68.0/23 maxlen: 23
89.36.16.0/23 maxlen: 23
89.42.228.0/23 maxlen: 23
94.177.72.0/21 maxlen: 21
89.42.150.0/23 maxlen: 23
85.204.76.0/23 maxlen: 23
85.204.104.0/23 maxlen: 23
89.34.200.0/23 maxlen: 23
94.176.32.0/21 maxlen: 21
89.34.176.0/23 maxlen: 23
89.41.240.0/21 maxlen: 21
89.35.58.0/23 maxlen: 23
89.33.234.0/23 maxlen: 23
89.33.240.0/23 maxlen: 23
89.34.20.0/23 maxlen: 23
89.40.110.0/23 maxlen: 23
89.40.106.0/23 maxlen: 23
89.40.128.0/23 maxlen: 23
89.33.204.0/23 maxlen: 23
89.41.16.0/21 maxlen: 21
89.34.88.0/23 maxlen: 23
89.34.94.0/23 maxlen: 23
89.41.32.0/23 maxlen: 23
89.41.58.0/23 maxlen: 23
89.41.8.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/5_7U53ggnDyuk9S3bTUHBEYsOqs.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/5_7U53ggnDyuk9S3bTUHBEYsOqs.mft
rsync://rpki.ripe.net/repository/DEFAULT/5_7U53ggnDyuk9S3bTUHBEYsOqs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:8c:9f:b2:bb:cc:1d:48:99:02:7f:68:e8:38:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7fed4e778209c3cae93d4b76d350704462c3aab
Validity
Not Before: Jan 2 04:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1c05959dc6bc664e800728211354b69bbb57b29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a7:06:53:26:c1:96:90:f1:77:23:74:b1:4a:
c8:55:b6:1f:9b:8a:2c:6b:3d:4e:f3:9d:c9:52:e6:
d6:12:5c:97:fb:8f:1e:d1:6a:9d:a8:11:57:f6:80:
db:aa:eb:54:5b:6b:2f:28:d7:c7:24:54:aa:db:ee:
af:78:d2:8d:4a:cc:97:52:5f:34:97:ed:83:b8:1a:
92:51:a7:4f:28:10:96:a5:c7:81:00:09:72:9e:53:
27:10:65:43:30:b1:83:3a:7c:22:a0:ba:15:22:8b:
74:91:e4:0b:82:a4:71:be:90:e5:3c:53:b1:bc:5c:
18:1e:8d:a3:a3:46:22:af:fa:f2:eb:72:d1:24:1c:
3f:1c:56:10:c6:50:e8:0f:ae:c3:b8:70:9d:db:40:
ab:91:56:ec:21:c5:f6:1b:1b:5c:8e:08:b3:db:77:
72:59:3d:2a:fe:82:98:13:30:cd:b9:b6:d2:76:ff:
95:5b:6c:e5:ca:9f:00:a7:42:0e:c8:9b:ae:a3:9c:
38:05:44:5f:b3:2b:71:f0:d6:0a:29:20:0c:db:0a:
0f:53:e6:e2:d9:e8:3e:54:cc:c1:17:2c:10:30:2c:
f9:67:7a:c7:07:51:ee:c4:35:48:68:6d:9d:ac:74:
80:4a:9d:7b:19:7c:9d:85:3f:e6:26:91:22:d7:42:
3e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C0:59:59:DC:6B:C6:64:E8:00:72:82:11:35:4B:69:BB:B5:7B:29
X509v3 Authority Key Identifier:
keyid:E7:FE:D4:E7:78:20:9C:3C:AE:93:D4:B7:6D:35:07:04:46:2C:3A:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_7U53ggnDyuk9S3bTUHBEYsOqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/0cBZWdxrxmToAHKCETVLabu1eyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/5_7U53ggnDyuk9S3bTUHBEYsOqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.28.0/22
85.204.30.0/23
85.204.76.0/23
85.204.104.0/23
86.104.232.0/21
89.32.196.0/23
89.33.18.0/23
89.33.128.0/23
89.33.204.0/23
89.33.234.0/23
89.33.240.0/23
89.34.20.0/23
89.34.88.0/23
89.34.94.0/23
89.34.176.0/23
89.34.200.0/23
89.35.58.0/23
89.35.132.0/23
89.35.156.0/23
89.35.176.0/23
89.35.194.0/23
89.36.16.0/23
89.36.194.0/23
89.36.226.0/23
89.36.252.0/23
89.37.30.0/23
89.37.42.0/23
89.37.102.0/23
89.37.198.0/23
89.37.218.0/23
89.38.24.0/23
89.38.102.0/23
89.38.242.0/23
89.39.186.0/23
89.40.38.0/23
89.40.78.0/23
89.40.90.0/23
89.40.106.0/23
89.40.110.0/23
89.40.128.0/23
89.41.8.0-89.41.23.255
89.41.32.0/23
89.41.58.0/23
89.41.240.0/21
89.42.32.0/23
89.42.56.0/23
89.42.68.0/23
89.42.150.0/23
89.42.228.0/23
89.43.36.0/23
89.43.70.0/23
89.43.88.0-89.43.103.255
89.43.182.0/23
89.43.188.0/23
89.43.204.0/23
89.44.112.0/23
89.44.118.0/23
89.44.146.0/23
89.44.190.0/23
89.44.202.0/23
89.45.68.0/23
89.45.80.0/23
89.45.126.0/23
89.46.44.0/23
89.46.60.0/23
89.46.94.0/23
89.165.0.0/17
94.176.32.0/21
94.177.72.0/21
185.46.0.0/22
188.158.0.0-188.159.223.255
Signature Algorithm: sha256WithRSAEncryption
5d:37:99:65:cd:91:5d:8f:9b:b5:b9:7b:46:de:4f:4a:77:06:
86:1d:b4:a5:fb:74:f4:50:13:e6:16:6d:7d:8d:7e:f5:2a:bc:
15:aa:63:9e:64:eb:67:f0:42:da:24:93:ed:81:3e:e7:88:26:
18:5b:a3:66:56:12:08:07:64:2b:c9:4f:24:3a:fd:54:1d:8e:
1b:d3:41:cc:b5:9e:df:41:bd:ec:4d:b8:79:cb:26:71:33:a3:
bc:d7:b2:b9:29:e9:24:79:b8:1f:d1:cc:1b:f6:66:a5:44:4e:
cf:2a:1a:72:8a:39:ad:0d:a8:f2:d9:30:84:cb:be:b8:a8:df:
e6:3f:60:fe:00:77:b7:e8:40:e0:75:4d:79:15:b8:7b:6c:ca:
6b:d0:65:ed:f0:bc:95:08:56:17:70:d3:65:c7:52:a2:5a:36:
a9:74:c2:3b:b7:76:c8:22:1e:3e:bf:cd:c4:75:13:f8:ff:6f:
b2:95:c2:bb:9b:35:f6:d0:86:1b:b3:ec:03:b4:91:81:ef:19:
c8:fa:e2:01:d9:b9:de:ef:c8:cc:23:ca:16:5b:d2:c9:db:7b:
d9:cf:5d:e2:a7:96:60:a8:b8:c2:cd:dd:aa:55:30:eb:d9:54:
50:15:92:26:32:eb:9c:07:15:8a:fe:ad:6a:54:83:8d:23:89:
79:45:4e:b9
-----BEGIN CERTIFICATE-----
MIIGwjCCBaqgAwIBAgISAYzIcIyfsrvMHUiZAn9o6DiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZmVkNGU3NzgyMDljM2NhZTkzZDRiNzZkMzUwNzA0NDYy
YzNhYWIwHhcNMjQwMTAyMDQzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWMwNTk1OWRjNmJjNjY0ZTgwMDcyODIxMTM1NGI2OWJiYjU3YjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0acGUybBlpDxdyN0sUrIVbYfm4os
az1O853JUubWElyX+48e0WqdqBFX9oDbqutUW2svKNfHJFSq2+6veNKNSsyXUl80
l+2DuBqSUadPKBCWpceBAAlynlMnEGVDMLGDOnwioLoVIot0keQLgqRxvpDlPFOx
vFwYHo2jo0Yir/ry63LRJBw/HFYQxlDoD67DuHCd20CrkVbsIcX2Gxtcjgiz23dy
WT0q/oKYEzDNubbSdv+VW2zlyp8Ap0IOyJuuo5w4BURfsytx8NYKKSAM2woPU+bi
2eg+VMzBFywQMCz5Z3rHB1HuxDVIaG2drHSASp17GXydhT/mJpEi10I+sQIDAQAB
o4IDzjCCA8owHQYDVR0OBBYEFNHAWVnca8Zk6AByghE1S2m7tXspMB8GA1UdIwQY
MBaAFOf+1Od4IJw8rpPUt201BwRGLDqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV83VTUzZ2duRHl1azlTM2JUVUhCRVlzT3FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8yMmEzYzctNmZlNS00OWUxLTkzNWQt
OGJiODAxNTJhYjM0LzEvMGNCWldkeHJ4bVRvQUhLQ0VUVkxhYnUxZXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8yMmEzYzctNmZlNS00OWUxLTkzNWQtOGJiODAxNTJhYjM0
LzEvNV83VTUzZ2duRHl1azlTM2JUVUhCRVlzT3FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB4gYIKwYBBQUHAQcBAf8EggHRMIIBzTCCAckEAgABMIIB
wQMEAi2MHAMEAVXMHgMEAVXMTAMEAVXMaAMEA1Zo6AMEAVkgxAMEAVkhEgMEAVkh
gAMEAVkhzAMEAVkh6gMEAVkh8AMEAVkiFAMEAVkiWAMEAVkiXgMEAVkisAMEAVki
yAMEAVkjOgMEAVkjhAMEAVkjnAMEAVkjsAMEAVkjwgMEAVkkEAMEAVkkwgMEAVkk
4gMEAVkk/AMEAVklHgMEAVklKgMEAVklZgMEAVklxgMEAVkl2gMEAVkmGAMEAVkm
ZgMEAVkm8gMEAVknugMEAVkoJgMEAVkoTgMEAVkoWgMEAVkoagMEAVkobgMEAVko
gDAMAwQDWSkIAwQDWSkQAwQBWSkgAwQBWSk6AwQDWSnwAwQBWSogAwQBWSo4AwQB
WSpEAwQBWSqWAwQBWSrkAwQBWSskAwQBWStGMAwDBANZK1gDBANZK2ADBAFZK7YD
BAFZK7wDBAFZK8wDBAFZLHADBAFZLHYDBAFZLJIDBAFZLL4DBAFZLMoDBAFZLUQD
BAFZLVADBAFZLX4DBAFZLiwDBAFZLjwDBAFZLl4DBAdZpQADBANesCADBANesUgD
BAK5LgAwCwMDAbyeAwQFvJ/AMA0GCSqGSIb3DQEBCwUAA4IBAQBdN5llzZFdj5u1
uXtG3k9KdwaGHbSl+3T0UBPmFm19jX71KrwVqmOeZOtn8ELaJJPtgT7niCYYW6Nm
VhIIB2QryU8kOv1UHY4b00HMtZ7fQb3sTbh5yyZxM6O817K5Kekkebgf0cwb9mal
RE7PKhpyijmtDajy2TCEy764qN/mP2D+AHe36EDgdU15Fbh7bMpr0GXt8LyVCFYX
cNNlx1KiWjapdMI7t3bIIh4+v83EdRP4/2+ylcK7mzX20IYbs+wDtJGB7xnI+uIB
2bne78jMI8oWW9LJ23vZz13ip5ZgqLjCzd2qVTDr2VRQFZImMuucBxWK/q1qVION
I4l5RU65
-----END CERTIFICATE-----
Generated at Wed May 29 07:44:42 2024 by rpki-client on console-fra.rpki-client.org