Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/3jF5JkqZzpwDg2CUyKrMHDx4QqM.roa
File: 3jF5JkqZzpwDg2CUyKrMHDx4QqM.roa (raw, json)
Hash identifier: Ct22y3Kn4dpY61h6fsUyGmJkOxPrtpccRirSLUmpVtY=
Subject key identifier: DE:31:79:26:4A:99:CE:9C:03:83:60:94:C8:AA:CC:1C:3C:78:42:A3
Certificate issuer: /CN=3ba1782b6afba7c6bcf070b93fed4cc84af41352
Certificate serial: 01942143E18A5A018478224B49D7BBF7A6CD
Authority key identifier: 3B:A1:78:2B:6A:FB:A7:C6:BC:F0:70:B9:3F:ED:4C:C8:4A:F4:13:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6F4K2r7p8a88HC5P-1MyEr0E1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/3jF5JkqZzpwDg2CUyKrMHDx4QqM.roa
Signing time: Wed 01 Jan 2025 09:48:04 +0000
ROA not before: Wed 01 Jan 2025 09:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34879
IP address blocks: 37.220.160.0/24 maxlen: 24
37.220.161.0/24 maxlen: 24
37.220.162.0/23 maxlen: 24
37.220.165.0/24 maxlen: 24
37.220.166.0/24 maxlen: 24
37.220.167.0/24 maxlen: 24
46.235.184.0/23 maxlen: 24
46.235.186.0/24 maxlen: 24
46.235.187.0/24 maxlen: 24
46.235.188.0/23 maxlen: 23
46.235.188.0/24 maxlen: 24
46.235.189.0/24 maxlen: 24
46.235.190.0/23 maxlen: 23
78.41.104.0/23 maxlen: 24
78.41.106.0/24 maxlen: 24
78.41.107.0/24 maxlen: 24
78.41.108.0/24 maxlen: 24
78.41.109.0/24 maxlen: 24
78.41.110.0/23 maxlen: 24
93.93.88.0/23 maxlen: 24
93.93.90.0/24 maxlen: 24
93.93.91.0/24 maxlen: 24
93.93.92.0/23 maxlen: 24
93.93.94.0/24 maxlen: 24
93.93.95.0/24 maxlen: 24
185.17.168.0/24 maxlen: 24
185.17.169.0/24 maxlen: 24
185.17.170.0/23 maxlen: 24
2a03:e040::/48 maxlen: 48
2a03:e040:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/O6F4K2r7p8a88HC5P-1MyEr0E1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/O6F4K2r7p8a88HC5P-1MyEr0E1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/O6F4K2r7p8a88HC5P-1MyEr0E1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e1:8a:5a:01:84:78:22:4b:49:d7:bb:f7:a6:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba1782b6afba7c6bcf070b93fed4cc84af41352
Validity
Not Before: Jan 1 09:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de3179264a99ce9c03836094c8aacc1c3c7842a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:60:75:06:8c:33:fe:16:eb:ed:8e:db:84:b6:
0d:1c:9c:8c:5e:1c:9e:4c:52:4e:d6:b6:03:48:4b:
3e:4b:4e:35:80:13:e6:5b:60:fc:1d:e9:e5:7c:c6:
39:ec:b6:89:89:36:29:ef:7d:22:bb:84:1c:29:ca:
bf:a0:12:45:04:cd:4b:74:33:eb:fe:f2:86:5c:a4:
20:19:03:3c:61:10:97:ba:25:4a:c1:f9:1d:82:00:
94:ab:fb:3a:40:64:3d:4c:bc:a8:6c:94:d4:5b:44:
1c:82:4e:7a:08:59:2b:2d:48:f0:7c:c8:c3:c2:2a:
96:be:19:46:08:4f:bc:8d:da:c5:d5:a4:da:54:d7:
7a:82:8c:62:b3:30:6e:98:98:50:18:28:76:8a:08:
73:29:95:2b:2f:01:9c:3e:f0:82:e8:71:12:4b:2a:
87:0b:d1:79:a4:b8:4f:ec:b4:21:ef:da:87:c4:ff:
af:21:0f:2c:2e:40:48:d5:64:59:ed:4e:b6:44:8a:
a7:65:5f:d4:73:2e:d6:dd:f1:dd:75:1f:2c:fe:6c:
1a:78:f5:2c:0a:c2:77:7c:89:52:02:56:81:95:10:
fc:da:25:12:be:61:4d:5a:d2:92:5a:27:3b:77:1d:
21:a9:85:0b:0d:ec:84:0b:7e:c7:1e:fe:4d:d2:e6:
20:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:31:79:26:4A:99:CE:9C:03:83:60:94:C8:AA:CC:1C:3C:78:42:A3
X509v3 Authority Key Identifier:
keyid:3B:A1:78:2B:6A:FB:A7:C6:BC:F0:70:B9:3F:ED:4C:C8:4A:F4:13:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6F4K2r7p8a88HC5P-1MyEr0E1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/3jF5JkqZzpwDg2CUyKrMHDx4QqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/O6F4K2r7p8a88HC5P-1MyEr0E1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.160.0/22
37.220.165.0-37.220.167.255
46.235.184.0/21
78.41.104.0/21
93.93.88.0/21
185.17.168.0/22
IPv6:
2a03:e040::/48
2a03:e040:10::/48
Signature Algorithm: sha256WithRSAEncryption
1f:32:a6:cb:7b:1f:3d:26:b3:29:e5:67:96:09:e8:59:2e:65:
b9:46:20:77:c2:95:66:75:f8:54:cd:c9:e2:9f:bf:61:18:fe:
04:c7:01:fa:f0:58:d9:93:fe:32:f2:ea:f7:34:ef:72:97:d2:
17:81:f7:1e:8a:22:81:0a:29:fc:39:2f:59:6f:d0:5b:66:19:
9b:8b:ca:26:c4:09:cd:62:d1:31:57:5a:9c:8f:5c:48:5c:37:
e5:99:8d:cb:34:5e:94:48:a5:e4:00:ed:86:15:f0:13:f4:06:
16:6f:e3:72:1d:27:c7:46:6c:7f:0e:54:8d:ed:e6:1e:1e:f0:
dd:78:90:39:33:bf:af:ec:30:3f:f6:27:3a:ea:5e:e9:5e:b3:
e0:f9:d5:b6:90:aa:cf:f1:d2:f9:38:62:83:07:8c:c3:78:84:
40:af:9a:2f:13:42:94:a4:58:a3:79:41:45:b1:09:9b:57:86:
e3:5b:d9:05:24:53:9c:22:72:68:40:6e:11:2e:be:13:69:f6:
38:9c:97:c3:07:04:54:bd:96:3b:d8:40:70:d1:b6:77:d7:6a:
e9:6a:5c:77:88:15:a9:07:e6:5f:22:1a:41:c5:3d:1d:d0:c8:
8f:89:cd:da:ca:31:88:af:fe:c3:8a:5d:ca:0c:85:58:79:b7:
9b:5c:6a:96
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZQhQ+GKWgGEeCJLSde796bNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTE3ODJiNmFmYmE3YzZiY2YwNzBiOTNmZWQ0Y2M4NGFm
NDEzNTIwHhcNMjUwMTAxMDk0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTMxNzkyNjRhOTljZTljMDM4MzYwOTRjOGFhY2MxYzNjNzg0MmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2B1Bowz/hbr7Y7bhLYNHJyMXhye
TFJO1rYDSEs+S041gBPmW2D8HenlfMY57LaJiTYp730iu4QcKcq/oBJFBM1LdDPr
/vKGXKQgGQM8YRCXuiVKwfkdggCUq/s6QGQ9TLyobJTUW0Qcgk56CFkrLUjwfMjD
wiqWvhlGCE+8jdrF1aTaVNd6goxiszBumJhQGCh2ighzKZUrLwGcPvCC6HESSyqH
C9F5pLhP7LQh79qHxP+vIQ8sLkBI1WRZ7U62RIqnZV/Ucy7W3fHddR8s/mwaePUs
CsJ3fIlSAlaBlRD82iUSvmFNWtKSWic7dx0hqYULDeyEC37HHv5N0uYg/wIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFN4xeSZKmc6cA4NglMiqzBw8eEKjMB8GA1UdIwQY
MBaAFDuheCtq+6fGvPBwuT/tTMhK9BNSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZGNEsycjdwOGE4OEhDNVAtMU15RXIwRTFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9hZDdhYzMtYjhhZC00MmIwLWFkMmEt
YWU5NjdkNzM5ZGQzLzEvM2pGNUprcVp6cHdEZzJDVXlLck1IRHg0UXFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9hZDdhYzMtYjhhZC00MmIwLWFkMmEtYWU5NjdkNzM5ZGQz
LzEvTzZGNEsycjdwOGE4OEhDNVAtMU15RXIwRTFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAyBAIAATAsAwQCJdygMAwD
BAAl3KUDBAMl3KADBAMu67gDBANOKWgDBANdXVgDBAK5EagwGAQCAAIwEgMHACoD
4EAAAAMHACoD4EAAEDANBgkqhkiG9w0BAQsFAAOCAQEAHzKmy3sfPSazKeVnlgno
WS5luUYgd8KVZnX4VM3J4p+/YRj+BMcB+vBY2ZP+MvLq9zTvcpfSF4H3HooigQop
/DkvWW/QW2YZm4vKJsQJzWLRMVdanI9cSFw35ZmNyzRelEil5ADthhXwE/QGFm/j
ch0nx0Zsfw5Uje3mHh7w3XiQOTO/r+wwP/YnOupe6V6z4PnVtpCqz/HS+ThigweM
w3iEQK+aLxNClKRYo3lBRbEJm1eG41vZBSRTnCJyaEBuES6+E2n2OJyXwwcEVL2W
O9hAcNG2d9dq6Wpcd4gVqQfmXyIaQcU9HdDIj4nN2soxiK/+w4pdygyFWHm3m1xq
lg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 10:41:27 2025 by rpki-client