Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/cBaGAIQyJhcS_INf-H9Dex1s5j4.roa
File: cBaGAIQyJhcS_INf-H9Dex1s5j4.roa (raw, json)
Hash identifier: Fv/3/qbN1IDEUT8Gw8Vj5qMsApGLEiNAS1PWUtRRUGw=
Subject key identifier: 70:16:86:00:84:32:26:17:12:FC:83:5F:F8:7F:43:7B:1D:6C:E6:3E
Certificate issuer: /CN=3ba1782b6afba7c6bcf070b93fed4cc84af41352
Certificate serial: 018CC3B708C5E856BE1B83C61429F2E19C22
Authority key identifier: 3B:A1:78:2B:6A:FB:A7:C6:BC:F0:70:B9:3F:ED:4C:C8:4A:F4:13:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6F4K2r7p8a88HC5P-1MyEr0E1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/cBaGAIQyJhcS_INf-H9Dex1s5j4.roa
Signing time: Mon 01 Jan 2024 06:30:01 +0000
ROA not before: Mon 01 Jan 2024 06:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34879
IP address blocks: 78.41.104.0/23 maxlen: 24
78.41.106.0/24 maxlen: 24
78.41.110.0/23 maxlen: 24
78.41.109.0/24 maxlen: 24
78.41.108.0/24 maxlen: 24
78.41.107.0/24 maxlen: 24
46.235.186.0/24 maxlen: 24
46.235.184.0/23 maxlen: 24
46.235.189.0/24 maxlen: 24
46.235.188.0/24 maxlen: 24
46.235.188.0/23 maxlen: 23
46.235.187.0/24 maxlen: 24
46.235.190.0/23 maxlen: 23
37.220.162.0/23 maxlen: 24
37.220.161.0/24 maxlen: 24
37.220.160.0/24 maxlen: 24
37.220.166.0/24 maxlen: 24
37.220.165.0/24 maxlen: 24
37.220.167.0/24 maxlen: 24
93.93.91.0/24 maxlen: 24
93.93.90.0/24 maxlen: 24
93.93.88.0/23 maxlen: 24
93.93.94.0/24 maxlen: 24
93.93.92.0/23 maxlen: 24
93.93.95.0/24 maxlen: 24
185.17.169.0/24 maxlen: 24
185.17.168.0/24 maxlen: 24
185.17.170.0/23 maxlen: 24
2a03:e040:10::/48 maxlen: 48
2a03:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/O6F4K2r7p8a88HC5P-1MyEr0E1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/O6F4K2r7p8a88HC5P-1MyEr0E1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/O6F4K2r7p8a88HC5P-1MyEr0E1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:08:c5:e8:56:be:1b:83:c6:14:29:f2:e1:9c:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba1782b6afba7c6bcf070b93fed4cc84af41352
Validity
Not Before: Jan 1 06:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=701686008432261712fc835ff87f437b1d6ce63e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e8:05:e3:52:bd:45:c1:40:47:35:ff:77:e7:
97:4a:87:a9:47:44:6b:bd:bb:b8:97:d8:2d:39:f4:
bc:99:81:29:d6:9e:41:f3:7d:84:3d:4c:45:69:c7:
b7:52:58:03:72:a5:4b:60:d0:a4:1c:0e:7e:dd:7e:
aa:ea:1e:3d:77:6d:40:c7:ef:91:9a:73:38:d6:79:
84:e3:bb:ec:16:96:46:fd:0e:ba:09:42:63:86:8b:
3f:64:fc:b6:ed:b8:80:db:cb:de:9b:5c:a6:f0:f3:
a0:d2:de:2a:91:65:62:d6:fd:6e:94:b7:e6:82:11:
b1:9d:ab:58:f5:9b:15:ab:54:9c:8b:63:9c:be:75:
86:9d:92:13:fe:42:87:5e:27:29:ac:05:ed:50:27:
32:c4:ba:de:ce:a4:63:5a:c6:e5:47:73:c0:04:ca:
32:86:8e:a9:d3:8c:f1:5f:fb:89:11:e3:6c:ea:a1:
7f:a6:f7:20:73:e3:4d:8d:f9:a1:68:7f:39:4f:ae:
01:ba:10:c2:5d:b0:d0:18:af:e3:3e:d7:38:91:0a:
c4:4e:e2:eb:fc:ba:02:07:52:fe:84:9b:31:a1:23:
25:3c:ad:b2:a3:f0:83:0b:f0:0b:49:f0:c1:8c:dd:
a0:59:a1:37:09:81:ee:2d:5f:73:df:21:c9:5c:18:
d4:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:16:86:00:84:32:26:17:12:FC:83:5F:F8:7F:43:7B:1D:6C:E6:3E
X509v3 Authority Key Identifier:
keyid:3B:A1:78:2B:6A:FB:A7:C6:BC:F0:70:B9:3F:ED:4C:C8:4A:F4:13:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6F4K2r7p8a88HC5P-1MyEr0E1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/cBaGAIQyJhcS_INf-H9Dex1s5j4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/ad7ac3-b8ad-42b0-ad2a-ae967d739dd3/1/O6F4K2r7p8a88HC5P-1MyEr0E1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.160.0/22
37.220.165.0-37.220.167.255
46.235.184.0/21
78.41.104.0/21
93.93.88.0/21
185.17.168.0/22
IPv6:
2a03:e040::/48
2a03:e040:10::/48
Signature Algorithm: sha256WithRSAEncryption
ab:0a:7d:79:28:7d:63:e9:bb:7c:b5:c7:bc:11:26:ff:1d:42:
20:45:ca:9e:a8:ae:b1:15:e9:8b:71:a7:06:8b:bc:69:fc:b1:
33:82:7e:67:a9:c4:48:ee:a6:6c:cc:bf:68:89:24:b7:67:e8:
06:cc:9b:19:5d:38:52:39:97:e2:f8:20:c2:b6:0d:54:e0:77:
b5:b5:a0:f5:63:24:3d:1f:4a:0f:51:2d:fc:ed:e9:1c:54:1a:
ed:66:d1:46:24:94:7a:56:5a:98:25:b9:25:38:4d:a3:b9:e3:
d0:a2:2f:a6:c2:2a:5a:a9:fb:79:ae:6c:19:da:1e:d1:dd:42:
45:14:12:48:57:93:e0:c9:4f:d2:8e:d0:b7:a5:d3:35:2a:3e:
9f:c0:e7:0c:6a:96:eb:75:be:cb:64:c9:0e:1e:99:fe:99:63:
98:4f:53:55:bc:4d:ea:62:33:c0:72:ed:e6:37:8a:05:c2:bd:
95:62:26:58:38:f3:c3:78:cf:fe:64:20:43:50:aa:79:34:7b:
8d:ec:b5:4d:e2:cc:ad:cd:4c:79:7f:3f:76:79:44:f4:53:5f:
20:d6:8b:c4:1b:fa:59:b9:6a:a3:4b:96:96:9e:90:b3:cf:a0:
44:98:ef:f8:6c:6d:a0:0a:c5:fb:42:aa:4e:e0:50:bd:ff:7b:
cd:a2:01:5f
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYzDtwjF6Fa+G4PGFCny4ZwiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTE3ODJiNmFmYmE3YzZiY2YwNzBiOTNmZWQ0Y2M4NGFm
NDEzNTIwHhcNMjQwMTAxMDYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDE2ODYwMDg0MzIyNjE3MTJmYzgzNWZmODdmNDM3YjFkNmNlNjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiegF41K9RcFARzX/d+eXSoepR0Rr
vbu4l9gtOfS8mYEp1p5B832EPUxFace3UlgDcqVLYNCkHA5+3X6q6h49d21Ax++R
mnM41nmE47vsFpZG/Q66CUJjhos/ZPy27biA28vem1ym8POg0t4qkWVi1v1ulLfm
ghGxnatY9ZsVq1Sci2OcvnWGnZIT/kKHXicprAXtUCcyxLrezqRjWsblR3PABMoy
ho6p04zxX/uJEeNs6qF/pvcgc+NNjfmhaH85T64BuhDCXbDQGK/jPtc4kQrETuLr
/LoCB1L+hJsxoSMlPK2yo/CDC/ALSfDBjN2gWaE3CYHuLV9z3yHJXBjU0QIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFHAWhgCEMiYXEvyDX/h/Q3sdbOY+MB8GA1UdIwQY
MBaAFDuheCtq+6fGvPBwuT/tTMhK9BNSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZGNEsycjdwOGE4OEhDNVAtMU15RXIwRTFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9hZDdhYzMtYjhhZC00MmIwLWFkMmEt
YWU5NjdkNzM5ZGQzLzEvY0JhR0FJUXlKaGNTX0lOZi1IOURleDFzNWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9hZDdhYzMtYjhhZC00MmIwLWFkMmEtYWU5NjdkNzM5ZGQz
LzEvTzZGNEsycjdwOGE4OEhDNVAtMU15RXIwRTFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAyBAIAATAsAwQCJdygMAwD
BAAl3KUDBAMl3KADBAMu67gDBANOKWgDBANdXVgDBAK5EagwGAQCAAIwEgMHACoD
4EAAAAMHACoD4EAAEDANBgkqhkiG9w0BAQsFAAOCAQEAqwp9eSh9Y+m7fLXHvBEm
/x1CIEXKnqiusRXpi3GnBou8afyxM4J+Z6nESO6mbMy/aIkkt2foBsybGV04UjmX
4vggwrYNVOB3tbWg9WMkPR9KD1Et/O3pHFQa7WbRRiSUelZamCW5JThNo7nj0KIv
psIqWqn7ea5sGdoe0d1CRRQSSFeT4MlP0o7Qt6XTNSo+n8DnDGqW63W+y2TJDh6Z
/pljmE9TVbxN6mIzwHLt5jeKBcK9lWImWDjzw3jP/mQgQ1CqeTR7jey1TeLMrc1M
eX8/dnlE9FNfINaLxBv6Wblqo0uWlp6Qs8+gRJjv+GxtoArF+0KqTuBQvf97zaIB
Xw==
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:45:03 2024 by rpki-client on console-ams.rpki-client.org