Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/3BGSsazfJf8DV-j0E3wTBcOWujk.roa
File: 3BGSsazfJf8DV-j0E3wTBcOWujk.roa (raw, json)
Hash identifier: PB1pHmSm/Egpw9UdFofIpc3WMt/5B941IfxXaR4CROY=
Subject key identifier: DC:11:92:B1:AC:DF:25:FF:03:57:E8:F4:13:7C:13:05:C3:96:BA:39
Certificate issuer: /CN=505127723ea0cfd0724713b291734caa353e20ea
Certificate serial: 019423D715E76D6B556C64255B09906CB085
Authority key identifier: 50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/3BGSsazfJf8DV-j0E3wTBcOWujk.roa
Signing time: Wed 01 Jan 2025 21:48:05 +0000
ROA not before: Wed 01 Jan 2025 21:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46261
IP address blocks: 59.152.124.0/22 maxlen: 24
61.14.224.0/22 maxlen: 24
79.110.176.0/21 maxlen: 24
79.110.181.0/24 maxlen: 24
85.8.148.0/22 maxlen: 24
85.202.172.0/22 maxlen: 24
85.202.173.0/24 maxlen: 24
91.132.84.0/22 maxlen: 24
103.203.40.0/22 maxlen: 24
103.205.84.0/22 maxlen: 24
103.207.160.0/22 maxlen: 24
103.207.163.0/24 maxlen: 24
121.46.124.0/22 maxlen: 24
160.238.96.0/22 maxlen: 24
185.105.10.0/24 maxlen: 24
185.118.132.0/22 maxlen: 24
185.118.135.0/24 maxlen: 24
185.145.44.0/22 maxlen: 24
185.147.156.0/22 maxlen: 24
185.147.158.0/24 maxlen: 24
185.157.232.0/22 maxlen: 24
185.158.136.0/22 maxlen: 24
185.176.88.0/22 maxlen: 24
185.176.90.0/24 maxlen: 24
185.190.56.0/22 maxlen: 24
185.196.24.0/23 maxlen: 24
185.196.26.0/23 maxlen: 24
185.202.44.0/23 maxlen: 24
185.202.46.0/23 maxlen: 24
185.206.20.0/23 maxlen: 24
185.206.20.0/24 maxlen: 24
185.206.22.0/23 maxlen: 24
185.209.128.0/23 maxlen: 24
185.209.128.0/24 maxlen: 24
185.209.130.0/23 maxlen: 24
185.213.16.0/23 maxlen: 24
185.213.18.0/23 maxlen: 24
185.214.140.0/22 maxlen: 24
185.214.142.0/23 maxlen: 24
185.214.240.0/23 maxlen: 24
185.214.240.0/24 maxlen: 24
185.214.242.0/23 maxlen: 24
185.219.20.0/22 maxlen: 24
185.219.23.0/24 maxlen: 24
185.225.12.0/23 maxlen: 24
185.225.14.0/23 maxlen: 24
185.227.252.0/23 maxlen: 24
185.227.252.0/24 maxlen: 24
185.227.254.0/23 maxlen: 24
185.227.254.0/24 maxlen: 24
185.228.44.0/22 maxlen: 24
185.235.120.0/22 maxlen: 24
185.235.122.0/24 maxlen: 24
185.235.123.0/24 maxlen: 24
185.238.115.0/24 maxlen: 24
185.242.185.0/24 maxlen: 24
193.31.112.0/22 maxlen: 24
193.31.114.0/24 maxlen: 24
193.163.35.0/24 maxlen: 24
193.176.116.0/22 maxlen: 24
193.187.180.0/22 maxlen: 24
194.50.192.0/22 maxlen: 24
195.216.148.0/22 maxlen: 24
195.245.74.0/23 maxlen: 24
217.18.56.0/22 maxlen: 24
2a07:4580::/29 maxlen: 29
2a07:4580:b0d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 21:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:15:e7:6d:6b:55:6c:64:25:5b:09:90:6c:b0:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505127723ea0cfd0724713b291734caa353e20ea
Validity
Not Before: Jan 1 21:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc1192b1acdf25ff0357e8f4137c1305c396ba39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:46:64:1f:35:1b:b0:d8:3a:09:c9:fc:e1:e5:
50:fd:b4:6c:a7:99:6d:b1:33:11:02:7d:16:e2:c2:
67:0f:7e:eb:67:15:13:fb:d4:68:ca:67:36:95:22:
70:da:4d:cb:3b:3e:0f:61:fc:e6:5f:3a:47:a0:a9:
a0:99:41:50:99:69:81:e0:17:e5:5f:67:6d:06:a8:
e2:80:5f:48:5f:65:63:62:d0:bd:41:7b:4d:aa:d9:
a1:5c:49:90:a9:04:8e:f6:3a:2b:da:f2:b5:28:01:
df:fb:3e:25:f2:38:48:36:4e:57:b7:10:8e:07:a3:
9d:3e:66:3e:2c:83:77:08:26:09:f0:36:02:61:9c:
c2:cf:42:fd:40:7d:57:06:58:ff:07:02:fe:7d:63:
1a:78:71:35:aa:6f:7e:1a:b1:92:b3:33:58:33:04:
ff:84:8e:c8:59:c5:f9:81:9a:79:6a:66:e0:14:15:
78:4d:a9:40:4e:86:f5:ba:2c:06:6b:94:93:77:d0:
19:a1:4a:9d:5b:bb:23:a3:19:16:48:9f:05:26:c7:
cc:0a:23:09:bf:04:2e:b8:01:75:0c:30:3c:a0:fd:
a6:23:10:38:d9:3b:a7:f4:20:fc:06:5f:8c:5c:d7:
8f:ed:95:4b:bb:7c:ec:58:fd:4c:64:c4:76:a4:5e:
11:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:11:92:B1:AC:DF:25:FF:03:57:E8:F4:13:7C:13:05:C3:96:BA:39
X509v3 Authority Key Identifier:
keyid:50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/3BGSsazfJf8DV-j0E3wTBcOWujk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
59.152.124.0/22
61.14.224.0/22
79.110.176.0/21
85.8.148.0/22
85.202.172.0/22
91.132.84.0/22
103.203.40.0/22
103.205.84.0/22
103.207.160.0/22
121.46.124.0/22
160.238.96.0/22
185.105.10.0/24
185.118.132.0/22
185.145.44.0/22
185.147.156.0/22
185.157.232.0/22
185.158.136.0/22
185.176.88.0/22
185.190.56.0/22
185.196.24.0/22
185.202.44.0/22
185.206.20.0/22
185.209.128.0/22
185.213.16.0/22
185.214.140.0/22
185.214.240.0/22
185.219.20.0/22
185.225.12.0/22
185.227.252.0/22
185.228.44.0/22
185.235.120.0/22
185.238.115.0/24
185.242.185.0/24
193.31.112.0/22
193.163.35.0/24
193.176.116.0/22
193.187.180.0/22
194.50.192.0/22
195.216.148.0/22
195.245.74.0/23
217.18.56.0/22
IPv6:
2a07:4580::/29
Signature Algorithm: sha256WithRSAEncryption
34:78:ac:68:23:df:6c:c0:cf:44:85:99:27:b1:47:9f:b9:e9:
51:0f:30:3c:d7:f0:11:e7:0e:10:74:fb:b1:f0:46:e6:24:ad:
c7:a4:11:d2:3b:8b:6b:42:c4:f6:87:43:08:26:30:e4:30:7a:
f5:0a:43:83:c2:d6:7b:80:e3:f5:c7:97:58:a2:e7:a8:19:21:
30:87:c8:21:a2:c1:23:3d:ed:41:2e:55:58:84:2a:92:1a:30:
71:01:35:ac:21:39:17:f8:16:5f:f6:5b:ca:8e:b4:eb:6f:e0:
1a:17:13:0e:f8:ea:18:90:e8:61:b0:b4:90:b8:e8:6b:9f:79:
78:46:86:b0:c3:fb:18:6e:af:c6:29:35:c8:76:57:82:ed:41:
75:14:b7:f3:06:63:16:2a:93:e1:dc:a2:b4:c4:25:27:60:3c:
63:9e:17:d9:ef:bc:6f:00:bb:83:78:27:7b:c8:62:74:83:56:
4a:26:36:d7:6b:92:42:92:98:74:55:e9:5a:07:ca:69:c4:82:
18:84:62:7b:1d:96:ee:1f:7d:5e:ea:f3:ed:b5:81:39:42:0d:
dd:6d:ec:9e:21:b0:7a:95:14:db:61:33:88:af:b9:78:42:4c:
f4:2e:b6:2c:83:3a:16:28:39:2e:e6:ed:45:69:f6:b0:37:21:
a9:43:83:60
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgISAZQj1xXnbWtVbGQlWwmQbLCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTEyNzcyM2VhMGNmZDA3MjQ3MTNiMjkxNzM0Y2FhMzUz
ZTIwZWEwHhcNMjUwMTAxMjE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzExOTJiMWFjZGYyNWZmMDM1N2U4ZjQxMzdjMTMwNWMzOTZiYTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUZkHzUbsNg6Ccn84eVQ/bRsp5lt
sTMRAn0W4sJnD37rZxUT+9Roymc2lSJw2k3LOz4PYfzmXzpHoKmgmUFQmWmB4Bfl
X2dtBqjigF9IX2VjYtC9QXtNqtmhXEmQqQSO9jor2vK1KAHf+z4l8jhINk5XtxCO
B6OdPmY+LIN3CCYJ8DYCYZzCz0L9QH1XBlj/BwL+fWMaeHE1qm9+GrGSszNYMwT/
hI7IWcX5gZp5ambgFBV4TalATob1uiwGa5STd9AZoUqdW7sjoxkWSJ8FJsfMCiMJ
vwQuuAF1DDA8oP2mIxA42Tun9CD8Bl+MXNeP7ZVLu3zsWP1MZMR2pF4RQQIDAQAB
o4IDEDCCAwwwHQYDVR0OBBYEFNwRkrGs3yX/A1fo9BN8EwXDlro5MB8GA1UdIwQY
MBaAFFBRJ3I+oM/QckcTspFzTKo1PiDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYt
NTU2MDhiNjk0NDU2LzEvM0JHU3NhemZKZjhEVi1qMEUzd1RCY09XdWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYtNTU2MDhiNjk0NDU2
LzEvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJAYIKwYBBQUHAQcBAf8EggETMIIBDzCB/QQCAAEwgfYD
BAI7mHwDBAI9DuADBANPbrADBAJVCJQDBAJVyqwDBAJbhFQDBAJnyygDBAJnzVQD
BAJnz6ADBAJ5LnwDBAKg7mADBAC5aQoDBAK5doQDBAK5kSwDBAK5k5wDBAK5negD
BAK5nogDBAK5sFgDBAK5vjgDBAK5xBgDBAK5yiwDBAK5zhQDBAK50YADBAK51RAD
BAK51owDBAK51vADBAK52xQDBAK54QwDBAK54/wDBAK55CwDBAK563gDBAC57nMD
BAC58rkDBALBH3ADBADBoyMDBALBsHQDBALBu7QDBALCMsADBALD2JQDBAHD9UoD
BALZEjgwDQQCAAIwBwMFAyoHRYAwDQYJKoZIhvcNAQELBQADggEBADR4rGgj32zA
z0SFmSexR5+56VEPMDzX8BHnDhB0+7HwRuYkrcekEdI7i2tCxPaHQwgmMOQwevUK
Q4PC1nuA4/XHl1ii56gZITCHyCGiwSM97UEuVViEKpIaMHEBNawhORf4Fl/2W8qO
tOtv4BoXEw746hiQ6GGwtJC46GufeXhGhrDD+xhur8YpNch2V4LtQXUUt/MGYxYq
k+HcorTEJSdgPGOeF9nvvG8Au4N4J3vIYnSDVkomNtdrkkKSmHRV6VoHymnEghiE
Ynsdlu4ffV7q8+21gTlCDd1t7J4hsHqVFNthM4ivuXhCTPQutiyDOhYoOS7m7UVp
9rA3IalDg2A=
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:26:51 2025 by rpki-client