Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/12d691-37a4-4b15-a7ea-bd37da0e447c/1/XoslUFFXy_cdjmNztNKtAd7CuvI.roa
File: XoslUFFXy_cdjmNztNKtAd7CuvI.roa (raw, json)
Hash identifier: 8VOQo1VX3nSJSoQLm5wCfPHfWwSX5uK0uGEoLKzzhzs=
Subject key identifier: 5E:8B:25:50:51:57:CB:F7:1D:8E:63:73:B4:D2:AD:01:DE:C2:BA:F2
Certificate issuer: /CN=fb79c26f31575345159c840ed278a878a9256615
Certificate serial: 018CC3B6B114D42385A88B25C894A8B80AB1
Authority key identifier: FB:79:C2:6F:31:57:53:45:15:9C:84:0E:D2:78:A8:78:A9:25:66:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3nCbzFXU0UVnIQO0nioeKklZhU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/12d691-37a4-4b15-a7ea-bd37da0e447c/1/XoslUFFXy_cdjmNztNKtAd7CuvI.roa
Signing time: Mon 01 Jan 2024 06:29:39 +0000
ROA not before: Mon 01 Jan 2024 06:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51430
IP address blocks: 128.127.104.0/23 maxlen: 23
128.127.108.0/24 maxlen: 24
128.127.110.0/23 maxlen: 23
128.127.109.0/24 maxlen: 24
128.127.106.0/23 maxlen: 23
37.46.112.0/24 maxlen: 24
37.46.117.0/24 maxlen: 24
37.46.118.0/23 maxlen: 23
37.46.118.0/24 maxlen: 24
37.46.114.0/24 maxlen: 24
37.46.113.0/24 maxlen: 24
37.46.116.0/24 maxlen: 24
37.46.115.0/24 maxlen: 24
37.46.124.0/22 maxlen: 22
37.46.121.0/24 maxlen: 24
37.46.120.0/24 maxlen: 24
37.46.123.0/24 maxlen: 24
37.46.122.0/24 maxlen: 24
37.46.119.0/24 maxlen: 24
91.214.44.0/24 maxlen: 24
91.214.47.0/24 maxlen: 24
213.5.64.0/21 maxlen: 21
185.2.31.0/24 maxlen: 24
185.2.29.0/24 maxlen: 24
185.2.28.0/24 maxlen: 24
185.2.30.0/24 maxlen: 24
79.142.79.0/24 maxlen: 24
31.3.152.0/22 maxlen: 22
31.3.158.0/23 maxlen: 23
31.3.157.0/24 maxlen: 24
31.3.156.0/24 maxlen: 24
185.7.35.0/24 maxlen: 24
185.7.34.0/24 maxlen: 24
185.7.32.0/24 maxlen: 24
185.7.33.0/24 maxlen: 24
185.10.56.0/22 maxlen: 22
79.142.64.0/22 maxlen: 24
79.142.71.0/24 maxlen: 24
79.142.69.0/24 maxlen: 24
79.142.68.0/24 maxlen: 24
79.142.70.0/24 maxlen: 24
79.142.78.0/24 maxlen: 24
79.142.76.0/23 maxlen: 23
79.142.72.0/24 maxlen: 24
79.142.74.0/23 maxlen: 23
79.142.73.0/24 maxlen: 24
2a00:7143:101::/48 maxlen: 48
2a00:7145:c1::/48 maxlen: 48
2a00:7147:e3::/48 maxlen: 48
2a00:7147:e6::/48 maxlen: 48
2a00:7143::/32 maxlen: 32
2a00:7145:b1::/48 maxlen: 48
2a00:7145:c2::/48 maxlen: 48
2a00:7147:e9::/48 maxlen: 48
2a00:7147:22::/48 maxlen: 48
2a00:7147:e2::/48 maxlen: 48
2a00:7147:e5::/48 maxlen: 48
2a00:7140::/32 maxlen: 32
2a00:7146::/48 maxlen: 48
2a00:7145::/48 maxlen: 48
2a00:7147:e8::/48 maxlen: 48
2a00:7142::/32 maxlen: 32
2a00:7147:e1::/48 maxlen: 48
2a00:7147:e10::/48 maxlen: 48
2a00:7147:e4::/48 maxlen: 48
2a00:7144::/32 maxlen: 32
2a00:7147:e7::/48 maxlen: 48
2a00:7147:b1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/12d691-37a4-4b15-a7ea-bd37da0e447c/1/1-3nCbzFXU0UVnIQO0nioeKklZhU.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/12d691-37a4-4b15-a7ea-bd37da0e447c/1/1-3nCbzFXU0UVnIQO0nioeKklZhU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-3nCbzFXU0UVnIQO0nioeKklZhU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:b1:14:d4:23:85:a8:8b:25:c8:94:a8:b8:0a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb79c26f31575345159c840ed278a878a9256615
Validity
Not Before: Jan 1 06:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e8b25505157cbf71d8e6373b4d2ad01dec2baf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:09:ac:1a:81:8f:66:48:73:83:f9:5c:a6:af:
f8:70:b7:0d:88:1a:c8:7b:ce:ea:84:18:48:49:b4:
48:f8:36:60:1e:66:bf:88:bc:85:9a:45:7c:f0:21:
de:51:7e:72:19:a3:61:df:64:7f:34:e0:13:68:91:
21:d7:3c:75:00:3b:28:f7:06:5c:b2:93:6b:95:78:
10:02:7b:f7:a2:da:96:45:00:32:7e:81:60:93:b9:
7a:9a:b8:66:ef:c2:a5:09:6f:95:8a:eb:9c:56:01:
6a:96:90:76:b0:a9:2a:24:7a:7a:f9:b4:d0:b9:23:
79:a2:04:9e:ea:a1:f1:e6:64:88:42:52:c8:64:13:
67:55:aa:18:3a:07:fd:4c:1f:62:40:ea:1a:22:f6:
c8:74:92:2e:fd:0e:22:cc:96:79:ff:06:68:9e:35:
f6:0e:a8:c8:de:cf:8d:7d:f7:c6:be:aa:a2:b3:a7:
79:2d:85:47:63:e5:48:f4:96:f0:3b:c7:d4:6c:64:
4f:3c:1a:0e:df:35:cc:1e:44:90:f0:e8:79:2f:be:
50:3e:f9:0b:2a:e5:0e:ab:e8:7c:62:9d:99:f8:d2:
0a:93:ac:85:3b:0a:30:3f:27:88:1f:21:8e:92:7c:
2b:ed:42:4a:27:5c:a6:fa:a7:2c:a9:f5:ed:9a:8e:
1d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:8B:25:50:51:57:CB:F7:1D:8E:63:73:B4:D2:AD:01:DE:C2:BA:F2
X509v3 Authority Key Identifier:
keyid:FB:79:C2:6F:31:57:53:45:15:9C:84:0E:D2:78:A8:78:A9:25:66:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3nCbzFXU0UVnIQO0nioeKklZhU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/12d691-37a4-4b15-a7ea-bd37da0e447c/1/XoslUFFXy_cdjmNztNKtAd7CuvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/12d691-37a4-4b15-a7ea-bd37da0e447c/1/1-3nCbzFXU0UVnIQO0nioeKklZhU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.152.0/21
37.46.112.0/20
79.142.64.0/20
91.214.44.0/24
91.214.47.0/24
128.127.104.0/21
185.2.28.0/22
185.7.32.0/22
185.10.56.0/22
213.5.64.0/21
IPv6:
2a00:7140::/32
2a00:7142::-2a00:7145:0:ffff:ffff:ffff:ffff:ffff
2a00:7145:b1::/48
2a00:7145:c1::-2a00:7145:c2:ffff:ffff:ffff:ffff:ffff
2a00:7146::/48
2a00:7147:22::/48
2a00:7147:b1::/48
2a00:7147:e1::-2a00:7147:e9:ffff:ffff:ffff:ffff:ffff
2a00:7147:e10::/48
Signature Algorithm: sha256WithRSAEncryption
06:ae:b2:2b:8d:09:e4:8b:11:f1:ae:b4:22:e1:65:ba:98:fb:
55:06:bd:4a:30:22:18:87:2c:50:1b:f6:fe:7c:08:06:a8:a2:
5b:1e:27:5e:3d:4f:e8:5f:fc:65:0f:07:1a:02:7e:c6:f0:45:
45:1e:b7:92:d8:77:71:1b:fd:5a:78:b7:f1:9c:fb:1f:76:a8:
5b:21:40:c0:62:84:44:13:2f:ad:df:8a:ad:6e:af:e9:c7:7d:
43:2b:c5:16:6d:9c:90:02:d8:94:6a:d4:20:ad:61:fa:bd:07:
d0:8f:4e:7a:19:ed:b1:bb:72:46:7b:fe:d2:cb:f4:d9:36:c0:
75:12:a0:f4:75:a6:9d:17:0e:d6:b8:09:bf:1d:84:b3:f2:8d:
2b:46:22:d3:b2:c4:aa:8c:55:5c:3f:19:84:05:80:cf:98:4f:
91:0b:bf:19:cd:b2:df:d1:d1:96:14:33:4f:df:dd:32:8b:fe:
50:3e:ad:70:90:f2:75:a3:55:51:9f:f2:7e:c7:80:d7:43:fd:
7f:f3:91:0c:73:86:85:34:a0:bb:92:26:1c:07:d0:e0:70:bf:
a8:30:7d:b4:e6:86:7b:35:de:99:57:ab:5e:3b:1b:e0:39:77:
16:82:1b:1d:d6:5f:e8:4b:29:e3:16:72:a8:07:a0:28:c5:1e:
82:71:15:f9
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYzDtrEU1COFqIslyJSouAqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNzljMjZmMzE1NzUzNDUxNTljODQwZWQyNzhhODc4YTky
NTY2MTUwHhcNMjQwMTAxMDYyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZThiMjU1MDUxNTdjYmY3MWQ4ZTYzNzNiNGQyYWQwMWRlYzJiYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQmsGoGPZkhzg/lcpq/4cLcNiBrI
e87qhBhISbRI+DZgHma/iLyFmkV88CHeUX5yGaNh32R/NOATaJEh1zx1ADso9wZc
spNrlXgQAnv3otqWRQAyfoFgk7l6mrhm78KlCW+ViuucVgFqlpB2sKkqJHp6+bTQ
uSN5ogSe6qHx5mSIQlLIZBNnVaoYOgf9TB9iQOoaIvbIdJIu/Q4izJZ5/wZonjX2
DqjI3s+NfffGvqqis6d5LYVHY+VI9JbwO8fUbGRPPBoO3zXMHkSQ8Oh5L75QPvkL
KuUOq+h8Yp2Z+NIKk6yFOwowPyeIHyGOknwr7UJKJ1ym+qcsqfXtmo4d+wIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFF6LJVBRV8v3HY5jc7TSrQHewrryMB8GA1UdIwQY
MBaAFPt5wm8xV1NFFZyEDtJ4qHipJWYVMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0zbkNiekZYVTBVVm5JUU8wbmlvZUtrbFpoVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAvMTJkNjkxLTM3YTQtNGIxNS1hN2Vh
LWJkMzdkYTBlNDQ3Yy8xL1hvc2xVRkZYeV9jZGptTnp0Tkt0QWQ3Q3V2SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODAvMTJkNjkxLTM3YTQtNGIxNS1hN2VhLWJkMzdkYTBlNDQ3
Yy8xLzEtM25DYnpGWFUwVVZuSVFPMG5pb2VLa2xaaFUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgc0GCCsGAQUFBwEHAQH/BIG9MIG6MEIEAgABMDwDBAMf
A5gDBAQlLnADBARPjkADBABb1iwDBABb1i8DBAOAf2gDBAK5AhwDBAK5ByADBAK5
CjgDBAPVBUAwdAQCAAIwbgMFACoAcUAwEAMFASoAcUIDBwAqAHFFAAADBwAqAHFF
ALEwEgMHACoAcUUAwQMHACoAcUUAwgMHACoAcUYAAAMHACoAcUcAIgMHACoAcUcA
sTASAwcAKgBxRwDhAwcBKgBxRwDoAwcAKgBxRw4QMA0GCSqGSIb3DQEBCwUAA4IB
AQAGrrIrjQnkixHxrrQi4WW6mPtVBr1KMCIYhyxQG/b+fAgGqKJbHidePU/oX/xl
DwcaAn7G8EVFHreS2HdxG/1aeLfxnPsfdqhbIUDAYoREEy+t34qtbq/px31DK8UW
bZyQAtiUatQgrWH6vQfQj056Ge2xu3JGe/7Sy/TZNsB1EqD0daadFw7WuAm/HYSz
8o0rRiLTssSqjFVcPxmEBYDPmE+RC78ZzbLf0dGWFDNP390yi/5QPq1wkPJ1o1VR
n/J+x4DXQ/1/85EMc4aFNKC7kiYcB9DgcL+oMH205oZ7Nd6ZV6teOxvgOXcWghsd
1l/oSynjFnKoB6AoxR6CcRX5
-----END CERTIFICATE-----
Generated at Fri May 17 23:58:56 2024 by rpki-client on console-fra.rpki-client.org