Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/3CMB0mE1xTb-XY0wsKNGKjk0bFk.roa
File: 3CMB0mE1xTb-XY0wsKNGKjk0bFk.roa (raw, json)
Hash identifier: lQQ7mzHc9z9XCmBgSmyDJlA6JGPYMp41l5No4NnlwB0=
Subject key identifier: DC:23:01:D2:61:35:C5:36:FE:5D:8D:30:B0:A3:46:2A:39:34:6C:59
Certificate issuer: /CN=cf40fdd82a0fdf3b70be18221eeba60d801ed7bf
Certificate serial: 0194B122AA179CC9AB2F82188A8534865859
Authority key identifier: CF:40:FD:D8:2A:0F:DF:3B:70:BE:18:22:1E:EB:A6:0D:80:1E:D7:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0D92CoP3ztwvhgiHuumDYAe178.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/3CMB0mE1xTb-XY0wsKNGKjk0bFk.roa
Signing time: Wed 29 Jan 2025 08:17:06 +0000
ROA not before: Wed 29 Jan 2025 08:17:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8280
IP address blocks: 46.227.56.0/21 maxlen: 24
46.227.56.0/24 maxlen: 32
46.227.57.0/24 maxlen: 32
46.227.58.0/24 maxlen: 32
46.227.59.0/24 maxlen: 32
46.227.60.0/24 maxlen: 32
46.227.61.0/24 maxlen: 32
46.227.62.0/24 maxlen: 32
46.227.63.0/24 maxlen: 32
78.108.32.0/20 maxlen: 24
78.108.32.0/24 maxlen: 32
78.108.33.0/24 maxlen: 32
78.108.34.0/24 maxlen: 32
78.108.35.0/24 maxlen: 32
78.108.36.0/24 maxlen: 32
78.108.37.0/24 maxlen: 32
78.108.38.0/24 maxlen: 32
78.108.39.0/24 maxlen: 32
78.108.40.0/24 maxlen: 32
78.108.41.0/24 maxlen: 32
78.108.42.0/24 maxlen: 32
78.108.43.0/24 maxlen: 32
78.108.44.0/24 maxlen: 32
78.108.45.0/24 maxlen: 32
78.108.46.0/24 maxlen: 32
78.108.47.0/24 maxlen: 32
185.51.132.0/22 maxlen: 24
185.51.132.0/24 maxlen: 32
185.51.133.0/24 maxlen: 32
185.51.135.0/24 maxlen: 32
2001:1548::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/z0D92CoP3ztwvhgiHuumDYAe178.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/z0D92CoP3ztwvhgiHuumDYAe178.mft
rsync://rpki.ripe.net/repository/DEFAULT/z0D92CoP3ztwvhgiHuumDYAe178.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b1:22:aa:17:9c:c9:ab:2f:82:18:8a:85:34:86:58:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf40fdd82a0fdf3b70be18221eeba60d801ed7bf
Validity
Not Before: Jan 29 08:17:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc2301d26135c536fe5d8d30b0a3462a39346c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:56:41:94:2a:c1:89:2e:9f:91:a6:5f:8c:4e:
af:64:4c:a0:23:ba:23:02:f6:07:34:2e:c0:0d:b8:
6c:74:33:98:70:9b:00:60:ce:36:6a:42:39:bc:5b:
75:50:6e:25:34:76:4b:b9:6a:5b:27:d3:2f:53:c0:
3e:e6:40:e8:b0:2b:31:1f:02:f9:e7:cc:db:92:37:
5f:ee:d0:03:c7:d5:95:75:e1:33:ce:7a:4f:eb:56:
d0:7f:aa:b6:96:ad:06:44:2d:14:06:71:5f:9f:bb:
ee:29:b7:76:50:43:dc:d6:88:89:4d:ee:82:4b:78:
a7:49:47:cb:b1:1c:e7:05:78:71:46:94:b9:70:31:
8b:df:34:ae:aa:67:7b:4e:0a:8e:3d:c6:1a:9f:1f:
19:6c:e2:74:8b:72:f2:70:11:50:ca:8d:b7:bf:ac:
04:a3:c7:57:f1:7e:f4:e0:15:a0:a5:5c:17:ee:b6:
7d:01:60:e8:de:35:8e:8b:c3:dd:21:a2:e7:0c:cc:
bf:60:01:6b:db:dd:ab:bf:7c:cc:36:39:b7:77:be:
2f:7d:cc:b3:70:4c:b3:76:b2:37:59:bb:1c:9f:27:
7d:cf:10:8d:5e:96:ad:86:dc:2e:c3:1f:de:cd:8d:
dc:16:cb:45:ee:6b:f9:b5:a2:76:3b:2c:a0:54:3a:
2c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:23:01:D2:61:35:C5:36:FE:5D:8D:30:B0:A3:46:2A:39:34:6C:59
X509v3 Authority Key Identifier:
keyid:CF:40:FD:D8:2A:0F:DF:3B:70:BE:18:22:1E:EB:A6:0D:80:1E:D7:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0D92CoP3ztwvhgiHuumDYAe178.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/3CMB0mE1xTb-XY0wsKNGKjk0bFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/z0D92CoP3ztwvhgiHuumDYAe178.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.56.0/21
78.108.32.0/20
185.51.132.0/22
IPv6:
2001:1548::/29
Signature Algorithm: sha256WithRSAEncryption
7b:27:90:0b:93:69:c2:a7:25:3c:11:53:21:00:9a:dc:06:f6:
65:71:f8:b7:26:ed:7b:b2:02:21:cc:8d:01:13:7e:c8:e3:d7:
35:51:14:65:c2:ca:a9:8d:03:9c:57:64:20:a4:8a:c3:53:92:
0c:cc:9c:d4:d7:60:3a:bf:86:cd:e1:af:77:33:21:31:84:46:
3f:4e:b9:4b:14:59:43:17:80:7a:5a:25:e5:12:9c:33:ed:1b:
01:fb:60:a1:2d:08:51:91:02:53:5d:58:78:e7:73:4f:a9:b4:
d2:bb:80:4c:79:9f:39:b7:d4:ec:a6:5a:b5:a8:83:42:59:4c:
7b:6e:96:70:76:dd:d2:31:de:a5:ae:ea:03:39:ff:39:e1:71:
d2:31:70:6d:e1:eb:8b:17:01:34:ab:ea:97:ba:21:3b:bc:ca:
2a:0f:a6:a2:c2:df:aa:37:df:80:70:ba:c4:af:58:5d:f5:9c:
31:ed:12:c9:d8:90:8a:e2:e4:f2:99:43:03:1a:0c:ce:f8:33:
6d:46:d5:f9:30:9a:52:da:2d:f5:fb:07:cc:6c:f5:0a:01:b5:
5d:b9:b0:d5:e7:e4:c1:76:05:21:62:e2:65:9f:dd:32:2e:5d:
52:13:1a:3c:ff:f5:28:0f:ea:ea:b0:c0:22:97:98:5f:e0:21:
80:ce:dd:e7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZSxIqoXnMmrL4IYioU0hlhZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNDBmZGQ4MmEwZmRmM2I3MGJlMTgyMjFlZWJhNjBkODAx
ZWQ3YmYwHhcNMjUwMTI5MDgxNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzIzMDFkMjYxMzVjNTM2ZmU1ZDhkMzBiMGEzNDYyYTM5MzQ2YzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFZBlCrBiS6fkaZfjE6vZEygI7oj
AvYHNC7ADbhsdDOYcJsAYM42akI5vFt1UG4lNHZLuWpbJ9MvU8A+5kDosCsxHwL5
58zbkjdf7tADx9WVdeEzznpP61bQf6q2lq0GRC0UBnFfn7vuKbd2UEPc1oiJTe6C
S3inSUfLsRznBXhxRpS5cDGL3zSuqmd7TgqOPcYanx8ZbOJ0i3LycBFQyo23v6wE
o8dX8X704BWgpVwX7rZ9AWDo3jWOi8PdIaLnDMy/YAFr292rv3zMNjm3d74vfcyz
cEyzdrI3Wbscnyd9zxCNXpathtwuwx/ezY3cFstF7mv5taJ2OyygVDoszQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNwjAdJhNcU2/l2NMLCjRio5NGxZMB8GA1UdIwQY
MBaAFM9A/dgqD987cL4YIh7rpg2AHte/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejBEOTJDb1AzenR3dmhnaUh1dW1EWUFlMTc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83OTI3MzctNmEwMi00MjRiLTgyY2It
YTI5Y2U3ZGExMGZkLzEvM0NNQjBtRTF4VGItWFkwd3NLTkdLamswYkZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS83OTI3MzctNmEwMi00MjRiLTgyY2ItYTI5Y2U3ZGExMGZk
LzEvejBEOTJDb1AzenR3dmhnaUh1dW1EWUFlMTc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLuM4AwQE
TmwgAwQCuTOEMA0EAgACMAcDBQMgARVIMA0GCSqGSIb3DQEBCwUAA4IBAQB7J5AL
k2nCpyU8EVMhAJrcBvZlcfi3Ju17sgIhzI0BE37I49c1URRlwsqpjQOcV2QgpIrD
U5IMzJzU12A6v4bN4a93MyExhEY/TrlLFFlDF4B6WiXlEpwz7RsB+2ChLQhRkQJT
XVh453NPqbTSu4BMeZ85t9Tsplq1qINCWUx7bpZwdt3SMd6lruoDOf854XHSMXBt
4euLFwE0q+qXuiE7vMoqD6aiwt+qN9+AcLrEr1hd9Zwx7RLJ2JCK4uTymUMDGgzO
+DNtRtX5MJpS2i31+wfMbPUKAbVdubDV5+TBdgUhYuJln90yLl1SExo8//UoD+rq
sMAil5hf4CGAzt3n
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:31:05 2025 by rpki-client