Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/3Te0416m3uG0lW4baaFMSkrelKw.roa
File: 3Te0416m3uG0lW4baaFMSkrelKw.roa (raw, json)
Hash identifier: ArxAIL/crbssQshUvHJ+xitC16EiNxifq5EDjmahFfc=
Subject key identifier: DD:37:B4:E3:5E:A6:DE:E1:B4:95:6E:1B:69:A1:4C:4A:4A:DE:94:AC
Certificate issuer: /CN=bd7d8178cec5cd376548a9049117f469c0a7431c
Certificate serial: 0192D1C75E91D38F9DFBFC7414C040949495
Authority key identifier: BD:7D:81:78:CE:C5:CD:37:65:48:A9:04:91:17:F4:69:C0:A7:43:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vX2BeM7FzTdlSKkEkRf0acCnQxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/3Te0416m3uG0lW4baaFMSkrelKw.roa
Signing time: Mon 28 Oct 2024 06:19:16 +0000
ROA not before: Mon 28 Oct 2024 06:19:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43937
IP address blocks: 78.24.48.0/24 maxlen: 24
78.24.49.0/24 maxlen: 24
78.24.50.0/24 maxlen: 24
78.24.51.0/24 maxlen: 24
78.24.52.0/24 maxlen: 24
78.24.53.0/24 maxlen: 24
78.24.54.0/24 maxlen: 24
78.24.55.0/24 maxlen: 24
82.116.128.0/24 maxlen: 24
82.116.129.0/24 maxlen: 24
82.116.130.0/24 maxlen: 24
82.116.131.0/24 maxlen: 24
82.116.132.0/24 maxlen: 24
82.116.133.0/24 maxlen: 24
82.116.134.0/24 maxlen: 24
82.116.135.0/24 maxlen: 24
82.116.136.0/24 maxlen: 24
82.116.137.0/24 maxlen: 24
82.116.138.0/24 maxlen: 24
82.116.139.0/24 maxlen: 24
82.116.140.0/24 maxlen: 24
82.116.141.0/24 maxlen: 24
82.116.142.0/24 maxlen: 24
82.116.143.0/24 maxlen: 24
82.116.144.0/24 maxlen: 24
82.116.145.0/24 maxlen: 24
82.116.146.0/24 maxlen: 24
82.116.147.0/24 maxlen: 24
82.116.148.0/24 maxlen: 24
82.116.149.0/24 maxlen: 24
82.116.150.0/24 maxlen: 24
82.116.151.0/24 maxlen: 24
82.116.152.0/24 maxlen: 24
82.116.153.0/24 maxlen: 24
82.116.154.0/24 maxlen: 24
82.116.155.0/24 maxlen: 24
82.116.156.0/24 maxlen: 24
82.116.157.0/24 maxlen: 24
82.116.158.0/24 maxlen: 24
82.116.159.0/24 maxlen: 24
94.190.144.0/24 maxlen: 24
94.190.145.0/24 maxlen: 24
94.190.146.0/24 maxlen: 24
94.190.147.0/24 maxlen: 24
94.190.148.0/24 maxlen: 24
94.190.149.0/24 maxlen: 24
94.190.150.0/24 maxlen: 24
94.190.151.0/24 maxlen: 24
94.190.152.0/24 maxlen: 24
94.190.153.0/24 maxlen: 24
94.190.154.0/24 maxlen: 24
94.190.155.0/24 maxlen: 24
94.190.156.0/24 maxlen: 24
94.190.157.0/24 maxlen: 24
94.190.158.0/24 maxlen: 24
94.190.159.0/24 maxlen: 24
103.245.116.0/24 maxlen: 24
103.245.117.0/24 maxlen: 24
103.245.118.0/24 maxlen: 24
103.245.119.0/24 maxlen: 24
178.255.8.0/24 maxlen: 24
178.255.9.0/24 maxlen: 24
178.255.10.0/24 maxlen: 24
178.255.11.0/24 maxlen: 24
178.255.12.0/24 maxlen: 24
178.255.13.0/24 maxlen: 24
178.255.14.0/24 maxlen: 24
178.255.15.0/24 maxlen: 24
185.6.176.0/24 maxlen: 24
185.6.177.0/24 maxlen: 24
185.6.178.0/24 maxlen: 24
185.6.179.0/24 maxlen: 24
185.249.222.0/24 maxlen: 24
185.249.223.0/24 maxlen: 24
213.187.224.0/24 maxlen: 24
213.187.225.0/24 maxlen: 24
213.187.226.0/24 maxlen: 24
213.187.227.0/24 maxlen: 24
213.187.228.0/22 maxlen: 24
213.187.228.0/24 maxlen: 24
213.187.229.0/24 maxlen: 24
213.187.230.0/24 maxlen: 24
213.187.231.0/24 maxlen: 24
213.187.232.0/24 maxlen: 24
213.187.233.0/24 maxlen: 24
213.187.235.0/24 maxlen: 24
213.187.236.0/24 maxlen: 24
213.187.237.0/24 maxlen: 24
213.187.238.0/24 maxlen: 24
213.187.239.0/24 maxlen: 24
213.187.248.0/21 maxlen: 21
213.187.248.0/24 maxlen: 24
213.187.249.0/24 maxlen: 24
213.187.250.0/24 maxlen: 24
213.187.251.0/24 maxlen: 24
213.187.252.0/23 maxlen: 23
213.187.252.0/24 maxlen: 24
213.187.253.0/24 maxlen: 24
213.187.254.0/24 maxlen: 24
213.187.255.0/24 maxlen: 24
2a02:7980::/32 maxlen: 32
2a02:7980:105::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/vX2BeM7FzTdlSKkEkRf0acCnQxw.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/vX2BeM7FzTdlSKkEkRf0acCnQxw.mft
rsync://rpki.ripe.net/repository/DEFAULT/vX2BeM7FzTdlSKkEkRf0acCnQxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d1:c7:5e:91:d3:8f:9d:fb:fc:74:14:c0:40:94:94:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd7d8178cec5cd376548a9049117f469c0a7431c
Validity
Not Before: Oct 28 06:19:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd37b4e35ea6dee1b4956e1b69a14c4a4ade94ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ec:ac:00:46:2d:16:8f:e5:bb:1c:d5:93:7a:
97:9e:fe:2b:d0:4e:5e:0a:ba:d6:4e:d7:05:25:42:
e3:2b:51:2d:ae:44:1c:ed:a3:16:f5:ab:31:77:98:
3e:2d:ff:24:67:da:a9:bc:f0:28:39:69:47:17:be:
05:82:f6:99:23:06:dc:69:ea:2b:fe:28:03:1a:70:
09:ba:fd:36:90:e4:fc:35:81:9b:3f:ec:a4:cc:32:
c2:1e:e2:73:0f:9f:8f:45:50:f3:64:64:69:ea:67:
cf:9b:43:90:9b:a6:10:b0:0d:c6:ab:44:1a:5e:0a:
37:27:a3:c6:5c:36:25:7f:5e:b7:7f:fe:44:1b:bd:
a0:57:4c:00:8e:cb:e1:f1:51:d2:df:a6:7a:5f:70:
e1:48:99:04:3a:a2:c5:11:0d:43:1b:2f:37:d1:f0:
06:8a:79:31:00:22:a5:83:97:41:8f:3e:0f:3a:2f:
0a:20:52:d5:25:91:66:0d:9f:b3:bb:e7:ff:b0:f9:
88:cc:67:9b:a6:4b:a9:0e:0b:39:8c:85:41:11:b1:
03:e3:9a:88:d0:7e:6d:bc:eb:9e:39:06:f5:da:7e:
aa:8a:3d:b0:38:93:6c:09:66:56:cb:bf:ee:cd:9d:
ef:4d:4d:d6:6d:1c:38:e6:dd:f2:b1:bf:97:6d:93:
59:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:37:B4:E3:5E:A6:DE:E1:B4:95:6E:1B:69:A1:4C:4A:4A:DE:94:AC
X509v3 Authority Key Identifier:
keyid:BD:7D:81:78:CE:C5:CD:37:65:48:A9:04:91:17:F4:69:C0:A7:43:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vX2BeM7FzTdlSKkEkRf0acCnQxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/3Te0416m3uG0lW4baaFMSkrelKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/vX2BeM7FzTdlSKkEkRf0acCnQxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.48.0/21
82.116.128.0/19
94.190.144.0/20
103.245.116.0/22
178.255.8.0/21
185.6.176.0/22
185.249.222.0/23
213.187.224.0-213.187.233.255
213.187.235.0-213.187.239.255
213.187.248.0/21
IPv6:
2a02:7980::/32
Signature Algorithm: sha256WithRSAEncryption
12:14:e1:09:87:c9:69:d6:0a:a8:f9:8c:d7:f3:b9:51:c1:a8:
67:49:8f:51:45:da:d8:ee:ab:75:5c:bd:07:82:2e:27:77:3e:
9d:7b:f2:49:d9:78:68:e5:e7:aa:02:45:be:ae:cd:54:54:29:
c0:2c:14:5a:23:db:c5:de:42:99:f6:a2:89:a9:eb:78:4a:72:
30:a2:38:34:aa:8f:ba:b7:07:d2:5f:b6:86:92:bd:6b:70:78:
01:bf:63:9c:91:53:f0:d1:be:6e:33:77:4e:91:a7:0c:cb:c2:
2c:d7:5a:9c:50:3d:24:44:af:54:96:19:8b:47:ad:43:5f:39:
52:cb:42:6c:bb:4e:52:c3:b6:fd:35:18:c6:1a:34:3c:cd:0d:
77:98:2b:83:3c:6e:dc:bd:c1:c3:2e:91:bd:07:f8:df:a3:c7:
59:e3:4b:df:a9:56:38:01:a0:b6:3e:b7:dd:fc:e6:77:8d:fc:
35:d4:b0:f1:d7:3c:13:97:e0:86:a0:3b:23:a3:2c:e8:1b:15:
6d:69:cb:42:57:6c:85:17:57:8c:85:a7:04:3d:1e:6a:f5:2e:
d6:cc:23:33:64:77:d8:76:d2:57:61:d8:9c:9c:8f:02:7d:d0:
d6:eb:0b:60:17:a4:90:68:e1:76:0c:e9:03:07:1d:63:eb:2f:
dd:56:94:a1
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZLRx16R04+d+/x0FMBAlJSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkN2Q4MTc4Y2VjNWNkMzc2NTQ4YTkwNDkxMTdmNDY5YzBh
NzQzMWMwHhcNMjQxMDI4MDYxOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDM3YjRlMzVlYTZkZWUxYjQ5NTZlMWI2OWExNGM0YTRhZGU5NGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5OysAEYtFo/luxzVk3qXnv4r0E5e
CrrWTtcFJULjK1EtrkQc7aMW9asxd5g+Lf8kZ9qpvPAoOWlHF74FgvaZIwbcaeor
/igDGnAJuv02kOT8NYGbP+ykzDLCHuJzD5+PRVDzZGRp6mfPm0OQm6YQsA3Gq0Qa
Xgo3J6PGXDYlf163f/5EG72gV0wAjsvh8VHS36Z6X3DhSJkEOqLFEQ1DGy830fAG
inkxACKlg5dBjz4POi8KIFLVJZFmDZ+zu+f/sPmIzGebpkupDgs5jIVBEbED45qI
0H5tvOueOQb12n6qij2wOJNsCWZWy7/uzZ3vTU3WbRw45t3ysb+XbZNZ8QIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFN03tONept7htJVuG2mhTEpK3pSsMB8GA1UdIwQY
MBaAFL19gXjOxc03ZUipBJEX9GnAp0McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlgyQmVNN0Z6VGRsU0trRWtSZjBhY0NuUXh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mMzE3YjMtMDY2OC00ZTA0LTliNmQt
NjE1YWNhNTFlMmY2LzEvM1RlMDQxNm0zdUcwbFc0YmFhRk1Ta3JlbEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mMzE3YjMtMDY2OC00ZTA0LTliNmQtNjE1YWNhNTFlMmY2
LzEvdlgyQmVNN0Z6VGRsU0trRWtSZjBhY0NuUXh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwQDThgwAwQF
UnSAAwQEXr6QAwQCZ/V0AwQDsv8IAwQCuQawAwQBufneMAwDBAXVu+ADBAHVu+gw
DAMEANW76wMEBNW74AMEA9W7+DANBAIAAjAHAwUAKgJ5gDANBgkqhkiG9w0BAQsF
AAOCAQEAEhThCYfJadYKqPmM1/O5UcGoZ0mPUUXa2O6rdVy9B4IuJ3c+nXvySdl4
aOXnqgJFvq7NVFQpwCwUWiPbxd5CmfaiianreEpyMKI4NKqPurcH0l+2hpK9a3B4
Ab9jnJFT8NG+bjN3TpGnDMvCLNdanFA9JESvVJYZi0etQ185UstCbLtOUsO2/TUY
xho0PM0Nd5grgzxu3L3Bwy6RvQf436PHWeNL36lWOAGgtj633fzmd438NdSw8dc8
E5fghqA7I6Ms6BsVbWnLQldshRdXjIWnBD0eavUu1swjM2R32HbSV2HYnJyPAn3Q
1usLYBekkGjhdgzpAwcdY+sv3VaUoQ==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:41:23 2024 by rpki-client on console-fra.rpki-client.org