Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/3pYvxrURdbDRsgYov_DBxZNOc4c.roa
File: 3pYvxrURdbDRsgYov_DBxZNOc4c.roa (raw, json)
Hash identifier: 71GnozLpgck45lDfx3MW/WMIdqpk7wZ9uNxMQsnZds8=
Subject key identifier: DE:96:2F:C6:B5:11:75:B0:D1:B2:06:28:BF:F0:C1:C5:93:4E:73:87
Certificate issuer: /CN=59dda75f8110743d250c3068a356ce6acf1c4fe2
Certificate serial: 018CC5DC40252F67649D2025EC25750F0D94
Authority key identifier: 59:DD:A7:5F:81:10:74:3D:25:0C:30:68:A3:56:CE:6A:CF:1C:4F:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd2nX4EQdD0lDDBoo1bOas8cT-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/3pYvxrURdbDRsgYov_DBxZNOc4c.roa
Signing time: Mon 01 Jan 2024 16:29:54 +0000
ROA not before: Mon 01 Jan 2024 16:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41897
IP address blocks: 94.248.184.0/21 maxlen: 21
46.40.56.0/22 maxlen: 22
46.40.63.0/24 maxlen: 24
46.40.60.0/23 maxlen: 23
46.40.62.0/24 maxlen: 24
46.40.0.0/18 maxlen: 18
46.40.1.0/24 maxlen: 24
46.40.8.0/22 maxlen: 22
46.40.6.0/24 maxlen: 24
94.248.233.0/24 maxlen: 24
94.248.232.0/24 maxlen: 24
46.40.16.0/21 maxlen: 21
94.248.232.0/22 maxlen: 22
94.248.232.0/21 maxlen: 21
46.40.15.0/24 maxlen: 24
46.40.12.0/23 maxlen: 23
94.248.238.0/24 maxlen: 24
94.248.239.0/24 maxlen: 24
94.248.237.0/24 maxlen: 24
94.248.235.0/24 maxlen: 24
94.248.236.0/24 maxlen: 24
94.248.234.0/24 maxlen: 24
46.40.26.0/24 maxlen: 24
46.40.27.0/24 maxlen: 24
46.40.31.0/24 maxlen: 24
46.40.30.0/24 maxlen: 24
46.40.30.0/23 maxlen: 23
46.40.29.0/24 maxlen: 24
46.40.37.0/24 maxlen: 24
46.40.35.0/24 maxlen: 24
46.40.33.0/24 maxlen: 24
46.40.34.0/24 maxlen: 24
46.40.32.0/24 maxlen: 24
91.147.244.0/22 maxlen: 22
46.40.40.0/21 maxlen: 21
46.40.48.0/21 maxlen: 21
89.147.84.0/22 maxlen: 22
89.147.82.0/24 maxlen: 24
89.147.80.0/20 maxlen: 20
89.147.83.0/24 maxlen: 24
89.147.80.0/22 maxlen: 22
89.147.80.0/24 maxlen: 24
89.147.81.0/24 maxlen: 24
89.147.89.0/24 maxlen: 24
89.147.88.0/24 maxlen: 24
195.192.244.0/22 maxlen: 22
95.85.173.0/24 maxlen: 24
95.85.176.0/22 maxlen: 22
95.85.184.0/23 maxlen: 23
95.85.186.0/23 maxlen: 23
95.85.128.0/22 maxlen: 22
95.85.128.0/18 maxlen: 18
95.85.136.0/22 maxlen: 22
95.85.135.0/24 maxlen: 24
95.85.144.0/21 maxlen: 21
95.85.152.0/24 maxlen: 24
95.85.152.0/23 maxlen: 23
81.24.240.0/21 maxlen: 21
95.85.156.0/22 maxlen: 22
95.85.154.0/24 maxlen: 24
95.85.155.0/24 maxlen: 24
81.24.247.0/24 maxlen: 24
95.85.153.0/24 maxlen: 24
95.85.154.0/23 maxlen: 23
95.85.172.0/24 maxlen: 24
185.10.204.0/22 maxlen: 22
185.10.204.0/24 maxlen: 24
217.17.97.0/24 maxlen: 24
217.17.98.0/24 maxlen: 24
217.17.96.0/24 maxlen: 24
217.17.96.0/20 maxlen: 24
217.17.100.0/24 maxlen: 24
217.17.111.0/24 maxlen: 24
217.17.110.0/24 maxlen: 24
217.17.107.0/24 maxlen: 24
217.17.108.0/24 maxlen: 24
185.37.170.0/24 maxlen: 24
185.37.169.0/24 maxlen: 24
185.37.168.0/22 maxlen: 22
80.245.96.0/22 maxlen: 22
45.158.16.0/22 maxlen: 22
46.251.8.0/22 maxlen: 22
91.102.224.0/21 maxlen: 21
91.102.229.0/24 maxlen: 24
185.231.128.0/22 maxlen: 22
185.169.248.0/22 maxlen: 22
185.169.248.0/24 maxlen: 24
185.169.250.0/23 maxlen: 23
185.169.249.0/24 maxlen: 24
185.156.152.0/22 maxlen: 22
185.141.198.0/24 maxlen: 24
185.141.199.0/24 maxlen: 24
185.141.196.0/22 maxlen: 22
185.141.196.0/23 maxlen: 23
85.222.178.0/24 maxlen: 24
85.222.179.0/24 maxlen: 24
85.222.177.0/24 maxlen: 24
85.222.176.0/20 maxlen: 20
85.222.176.0/21 maxlen: 21
85.222.176.0/24 maxlen: 24
85.222.180.0/22 maxlen: 22
185.6.190.0/24 maxlen: 24
185.6.191.0/24 maxlen: 24
185.6.189.0/24 maxlen: 24
185.6.188.0/24 maxlen: 24
185.6.188.0/22 maxlen: 22
178.20.200.0/24 maxlen: 24
178.20.202.0/23 maxlen: 23
178.20.201.0/24 maxlen: 24
2a0f:7bc0::/29 maxlen: 29
2a04:f040::/29 maxlen: 29
2a00:ad07:3000::/36 maxlen: 36
2a0c:6300::/30 maxlen: 30
2a00:ad00::/29 maxlen: 29
2a00:ad03::/32 maxlen: 32
2a00:ad00:2010::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/Wd2nX4EQdD0lDDBoo1bOas8cT-I.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/Wd2nX4EQdD0lDDBoo1bOas8cT-I.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wd2nX4EQdD0lDDBoo1bOas8cT-I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 13:57:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:40:25:2f:67:64:9d:20:25:ec:25:75:0f:0d:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dda75f8110743d250c3068a356ce6acf1c4fe2
Validity
Not Before: Jan 1 16:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de962fc6b51175b0d1b20628bff0c1c5934e7387
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:42:39:a3:f2:2f:3a:bb:c0:59:72:7a:ca:46:
4f:1b:7e:02:3f:30:ca:b4:dd:e1:f8:15:3c:b8:e1:
d1:35:7d:8d:7f:c9:d8:78:b1:c9:75:75:32:42:05:
36:b1:9d:29:12:9d:44:f8:1e:be:a5:31:f6:a1:88:
56:26:9f:3e:52:00:ae:1f:18:01:c2:b4:11:cd:7e:
ff:2a:d6:e0:0b:10:7b:33:57:d4:e8:45:d1:d4:8a:
63:d9:59:55:56:4b:ae:10:bd:6f:9c:a1:12:13:04:
8c:ec:46:35:0b:88:4a:fb:b2:c6:8d:ee:a8:8f:8d:
ed:d9:88:a7:0e:17:b0:99:77:29:18:35:67:cb:f8:
30:d7:74:98:8b:46:a2:63:7c:0e:6c:ec:ab:cc:f9:
22:47:c5:89:39:75:94:90:71:b2:ba:31:ba:99:21:
31:66:68:8b:10:11:0c:39:db:88:19:43:b6:38:d6:
f7:7d:4d:13:26:6c:dc:9b:3b:bd:93:56:c9:45:9c:
64:60:7e:3e:fb:6b:66:b2:4f:84:ab:b6:0e:3d:19:
46:7a:79:c2:18:a4:ad:53:f1:62:47:06:e9:5c:b1:
14:7a:c9:4e:3b:f5:55:70:2c:37:94:63:4e:f4:bb:
9f:e1:0b:7e:bd:ec:f1:ae:b0:32:63:3e:87:a4:7b:
56:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:96:2F:C6:B5:11:75:B0:D1:B2:06:28:BF:F0:C1:C5:93:4E:73:87
X509v3 Authority Key Identifier:
keyid:59:DD:A7:5F:81:10:74:3D:25:0C:30:68:A3:56:CE:6A:CF:1C:4F:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd2nX4EQdD0lDDBoo1bOas8cT-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/3pYvxrURdbDRsgYov_DBxZNOc4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/Wd2nX4EQdD0lDDBoo1bOas8cT-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.16.0/22
46.40.0.0/18
46.251.8.0/22
80.245.96.0/22
81.24.240.0/21
85.222.176.0/20
89.147.80.0/20
91.102.224.0/21
91.147.244.0/22
94.248.184.0/21
94.248.232.0/21
95.85.128.0/18
178.20.200.0/22
185.6.188.0/22
185.10.204.0/22
185.37.168.0/22
185.141.196.0/22
185.156.152.0/22
185.169.248.0/22
185.231.128.0/22
195.192.244.0/22
217.17.96.0/20
IPv6:
2a00:ad00::/29
2a04:f040::/29
2a0c:6300::/30
2a0f:7bc0::/29
Signature Algorithm: sha256WithRSAEncryption
4d:f1:03:48:42:51:c5:b7:42:33:93:07:6e:2b:a7:63:38:ce:
83:50:d1:75:bd:30:b3:cb:22:aa:1a:45:c2:10:90:f9:ee:59:
33:22:08:d1:fb:74:92:bd:4f:cf:88:75:3c:95:fe:54:b7:32:
58:26:57:e7:44:27:30:77:e9:d5:ae:0d:71:df:c0:62:11:20:
9f:4d:55:fa:71:56:43:d8:4d:77:46:d2:0d:d4:91:72:e0:b2:
12:03:10:7a:8a:09:80:21:41:dd:d4:3d:5a:16:0c:dc:5a:56:
98:93:ed:14:01:74:f2:30:e6:ff:13:4a:7a:57:db:25:58:d9:
32:11:46:fd:50:ef:8b:78:ee:5f:98:0c:ae:ae:1b:2d:cf:72:
69:a3:97:ec:84:e9:af:a0:3b:1d:cc:bb:d9:ec:46:a3:7a:b2:
63:8d:34:a4:5d:7b:84:e1:5a:bb:a1:4f:25:b0:a9:46:8e:83:
fb:df:a9:da:52:00:88:09:0b:6b:da:9a:bd:39:7d:6c:1e:37:
7d:31:10:8f:a0:50:9b:28:70:9e:92:a9:c4:6d:72:06:27:5d:
24:7b:07:19:ae:f9:c5:73:a4:b0:c4:16:f9:99:72:11:c5:f2:
54:8f:03:fd:fb:fd:76:18:22:c2:14:5c:a8:40:ba:52:38:3d:
af:e4:53:60
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYzF3EAlL2dknSAl7CV1Dw2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGRhNzVmODExMDc0M2QyNTBjMzA2OGEzNTZjZTZhY2Yx
YzRmZTIwHhcNMjQwMTAxMTYyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTk2MmZjNmI1MTE3NWIwZDFiMjA2MjhiZmYwYzFjNTkzNGU3Mzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0I5o/IvOrvAWXJ6ykZPG34CPzDK
tN3h+BU8uOHRNX2Nf8nYeLHJdXUyQgU2sZ0pEp1E+B6+pTH2oYhWJp8+UgCuHxgB
wrQRzX7/KtbgCxB7M1fU6EXR1Ipj2VlVVkuuEL1vnKESEwSM7EY1C4hK+7LGje6o
j43t2YinDhewmXcpGDVny/gw13SYi0aiY3wObOyrzPkiR8WJOXWUkHGyujG6mSEx
ZmiLEBEMOduIGUO2ONb3fU0TJmzcmzu9k1bJRZxkYH4++2tmsk+Eq7YOPRlGennC
GKStU/FiRwbpXLEUeslOO/VVcCw3lGNO9Luf4Qt+vezxrrAyYz6HpHtWyQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFN6WL8a1EXWw0bIGKL/wwcWTTnOHMB8GA1UdIwQY
MBaAFFndp1+BEHQ9JQwwaKNWzmrPHE/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2Qyblg0RVFkRDBsRERCb28xYk9hczhjVC1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lYmYzZjctZTNhYi00ZjhjLTg2ZTgt
NzA4N2UzZmUyYTVkLzEvM3BZdnhyVVJkYkRSc2dZb3ZfREJ4Wk5PYzRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lYmYzZjctZTNhYi00ZjhjLTg2ZTgtNzA4N2UzZmUyYTVk
LzEvV2Qyblg0RVFkRDBsRERCb28xYk9hczhjVC1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBiwQCAAEwgYQDBAIt
nhADBAYuKAADBAIu+wgDBAJQ9WADBANRGPADBARV3rADBARZk1ADBANbZuADBAJb
k/QDBANe+LgDBANe+OgDBAZfVYADBAKyFMgDBAK5BrwDBAK5CswDBAK5JagDBAK5
jcQDBAK5nJgDBAK5qfgDBAK554ADBALDwPQDBATZEWAwIgQCAAIwHAMFAyoArQAD
BQMqBPBAAwUCKgxjAAMFAyoPe8AwDQYJKoZIhvcNAQELBQADggEBAE3xA0hCUcW3
QjOTB24rp2M4zoNQ0XW9MLPLIqoaRcIQkPnuWTMiCNH7dJK9T8+IdTyV/lS3Mlgm
V+dEJzB36dWuDXHfwGIRIJ9NVfpxVkPYTXdG0g3UkXLgshIDEHqKCYAhQd3UPVoW
DNxaVpiT7RQBdPIw5v8TSnpX2yVY2TIRRv1Q74t47l+YDK6uGy3Pcmmjl+yE6a+g
Ox3Mu9nsRqN6smONNKRde4ThWruhTyWwqUaOg/vfqdpSAIgJC2vamr05fWweN30x
EI+gUJsocJ6SqcRtcgYnXSR7Bxmu+cVzpLDEFvmZchHF8lSPA/37/XYYIsIUXKhA
ulI4Pa/kU2A=
-----END CERTIFICATE-----
Generated at Fri Jun 21 19:10:33 2024 by rpki-client on console-fra.rpki-client.org