Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/12d691-37a4-4b15-a7ea-bd37da0e447c/1/qVpcIxgcCVOENtlEklJ5Z7tL4CU.roa
File: qVpcIxgcCVOENtlEklJ5Z7tL4CU.roa (raw, json)
Hash identifier: 97xnnWWQ/qH3NkmZ3NHsWn1q+HXCq0ObJ4RNp4BrFVI=
Subject key identifier: A9:5A:5C:23:18:1C:09:53:84:36:D9:44:92:52:79:67:BB:4B:E0:25
Certificate issuer: /CN=fb79c26f31575345159c840ed278a878a9256615
Certificate serial: 01933B457E430F1889788464AEAB43AE010C
Authority key identifier: FB:79:C2:6F:31:57:53:45:15:9C:84:0E:D2:78:A8:78:A9:25:66:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3nCbzFXU0UVnIQO0nioeKklZhU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/12d691-37a4-4b15-a7ea-bd37da0e447c/1/qVpcIxgcCVOENtlEklJ5Z7tL4CU.roa
Signing time: Sun 17 Nov 2024 17:57:10 +0000
ROA not before: Sun 17 Nov 2024 17:57:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51430
IP address blocks: 31.3.152.0/22 maxlen: 22
31.3.156.0/24 maxlen: 24
31.3.157.0/24 maxlen: 24
31.3.158.0/23 maxlen: 23
37.46.112.0/24 maxlen: 24
37.46.113.0/24 maxlen: 24
37.46.114.0/24 maxlen: 24
37.46.115.0/24 maxlen: 24
37.46.116.0/24 maxlen: 24
37.46.117.0/24 maxlen: 24
37.46.118.0/23 maxlen: 23
37.46.118.0/24 maxlen: 24
37.46.119.0/24 maxlen: 24
37.46.120.0/24 maxlen: 24
37.46.121.0/24 maxlen: 24
37.46.122.0/24 maxlen: 24
37.46.123.0/24 maxlen: 24
37.46.124.0/22 maxlen: 22
79.142.64.0/22 maxlen: 24
79.142.68.0/24 maxlen: 24
79.142.69.0/24 maxlen: 24
79.142.70.0/24 maxlen: 24
79.142.71.0/24 maxlen: 24
79.142.72.0/24 maxlen: 24
79.142.73.0/24 maxlen: 24
79.142.74.0/23 maxlen: 23
79.142.76.0/23 maxlen: 23
79.142.78.0/24 maxlen: 24
79.142.79.0/24 maxlen: 24
91.214.44.0/24 maxlen: 24
91.214.47.0/24 maxlen: 24
128.127.104.0/23 maxlen: 23
128.127.106.0/23 maxlen: 23
128.127.108.0/24 maxlen: 24
128.127.109.0/24 maxlen: 24
128.127.110.0/23 maxlen: 23
185.2.28.0/24 maxlen: 24
185.2.29.0/24 maxlen: 24
185.2.30.0/24 maxlen: 24
185.2.31.0/24 maxlen: 24
185.7.32.0/24 maxlen: 24
185.7.33.0/24 maxlen: 24
185.7.34.0/24 maxlen: 24
185.7.35.0/24 maxlen: 24
185.10.56.0/22 maxlen: 22
213.5.64.0/21 maxlen: 21
2a00:7140::/32 maxlen: 32
2a00:7142::/32 maxlen: 32
2a00:7143::/32 maxlen: 32
2a00:7143:101::/48 maxlen: 48
2a00:7144::/32 maxlen: 32
2a00:7145::/48 maxlen: 48
2a00:7145:b1::/48 maxlen: 48
2a00:7145:c1::/48 maxlen: 48
2a00:7145:c2::/48 maxlen: 48
2a00:7146::/48 maxlen: 48
2a00:7147:22::/48 maxlen: 48
2a00:7147:a9::/48 maxlen: 48
2a00:7147:b1::/48 maxlen: 48
2a00:7147:e1::/48 maxlen: 48
2a00:7147:e2::/48 maxlen: 48
2a00:7147:e3::/48 maxlen: 48
2a00:7147:e4::/48 maxlen: 48
2a00:7147:e5::/48 maxlen: 48
2a00:7147:e6::/48 maxlen: 48
2a00:7147:e7::/48 maxlen: 48
2a00:7147:e8::/48 maxlen: 48
2a00:7147:e9::/48 maxlen: 48
2a00:7147:e10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/12d691-37a4-4b15-a7ea-bd37da0e447c/1/1-3nCbzFXU0UVnIQO0nioeKklZhU.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/12d691-37a4-4b15-a7ea-bd37da0e447c/1/1-3nCbzFXU0UVnIQO0nioeKklZhU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-3nCbzFXU0UVnIQO0nioeKklZhU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3b:45:7e:43:0f:18:89:78:84:64:ae:ab:43:ae:01:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb79c26f31575345159c840ed278a878a9256615
Validity
Not Before: Nov 17 17:57:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a95a5c23181c09538436d94492527967bb4be025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ab:6b:ef:de:08:e8:48:f3:98:ed:39:48:f9:
29:27:4e:23:fd:ea:a4:39:30:ee:92:cd:72:37:54:
aa:a0:4b:21:99:dc:5f:48:0b:e4:ae:c4:40:f7:ea:
45:a9:38:9b:02:6d:31:9f:15:20:69:a0:9f:03:6e:
b7:58:9a:ab:f9:d3:1a:2b:cf:6e:76:56:20:42:3b:
aa:28:a6:11:6c:84:69:e9:0d:12:e8:e7:6b:15:1d:
71:c6:80:84:86:86:cd:fe:2e:59:e2:fd:ef:3f:49:
3c:3b:cc:0e:ff:b4:4f:3d:41:a1:e0:35:6a:08:6d:
40:c8:f9:28:22:e9:50:e9:35:62:36:23:56:e2:ed:
dd:eb:ca:c6:c0:21:2e:50:68:15:af:6a:3e:18:9b:
a7:b2:f0:15:ff:00:8c:fc:46:82:a5:67:1b:5b:46:
31:40:fa:09:f7:7e:1d:88:a3:ad:3a:e8:87:c6:2e:
89:65:ea:f6:fc:36:34:82:42:df:1b:1b:ae:a8:73:
c6:b2:5c:df:f6:91:3e:62:ee:57:d2:01:7a:bb:d9:
a2:65:bd:95:ce:15:56:37:e0:fa:c8:76:b8:9b:93:
24:e7:2f:c2:78:c3:c2:3c:92:a9:70:a5:82:58:a9:
56:f7:cc:17:8d:43:3c:11:68:82:52:d5:4f:10:2c:
9b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:5A:5C:23:18:1C:09:53:84:36:D9:44:92:52:79:67:BB:4B:E0:25
X509v3 Authority Key Identifier:
keyid:FB:79:C2:6F:31:57:53:45:15:9C:84:0E:D2:78:A8:78:A9:25:66:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3nCbzFXU0UVnIQO0nioeKklZhU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/12d691-37a4-4b15-a7ea-bd37da0e447c/1/qVpcIxgcCVOENtlEklJ5Z7tL4CU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/12d691-37a4-4b15-a7ea-bd37da0e447c/1/1-3nCbzFXU0UVnIQO0nioeKklZhU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.152.0/21
37.46.112.0/20
79.142.64.0/20
91.214.44.0/24
91.214.47.0/24
128.127.104.0/21
185.2.28.0/22
185.7.32.0/22
185.10.56.0/22
213.5.64.0/21
IPv6:
2a00:7140::/32
2a00:7142::-2a00:7145:0:ffff:ffff:ffff:ffff:ffff
2a00:7145:b1::/48
2a00:7145:c1::-2a00:7145:c2:ffff:ffff:ffff:ffff:ffff
2a00:7146::/48
2a00:7147:22::/48
2a00:7147:a9::/48
2a00:7147:b1::/48
2a00:7147:e1::-2a00:7147:e9:ffff:ffff:ffff:ffff:ffff
2a00:7147:e10::/48
Signature Algorithm: sha256WithRSAEncryption
7c:95:be:7b:e3:96:8b:44:69:46:b2:af:de:5d:59:1d:e6:20:
ff:45:ff:c4:39:48:5d:70:0b:10:d9:70:ab:5a:7a:a4:56:7c:
f6:45:52:3d:8f:02:a6:86:c0:00:3d:42:79:96:2e:94:35:e5:
5d:84:bd:ee:de:d7:f6:60:e4:08:38:51:93:9d:f8:bf:21:2f:
87:96:e7:be:da:ad:0a:09:a2:78:6e:9e:44:4e:86:00:e0:5f:
f0:98:d6:dc:6d:af:81:d8:d8:e6:36:85:02:75:0c:be:d2:17:
df:7d:77:ac:06:60:a2:d9:a7:20:f5:32:e0:36:0b:58:e3:96:
a6:43:a9:27:92:a7:ef:ff:f3:ca:65:74:7a:d1:fb:92:c1:0b:
dd:96:75:83:a8:bf:69:f8:6a:df:fb:5d:95:11:bb:13:fd:18:
a5:94:96:2c:60:b7:fe:a9:c9:71:e7:f3:fe:b0:15:08:76:05:
f6:cd:5a:1a:64:c2:31:eb:2a:00:b2:fa:16:3a:0c:28:61:19:
01:d6:1b:2b:09:e5:50:70:8a:b0:9c:26:82:53:8f:f4:de:0c:
f8:ad:ea:d6:4f:92:62:92:da:af:19:c6:22:c9:9d:da:9e:f6:
ae:d3:96:99:32:6f:a6:3c:94:a5:93:92:6a:97:40:7b:91:e1:
5b:cf:47:fd
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgISAZM7RX5DDxiJeIRkrqtDrgEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNzljMjZmMzE1NzUzNDUxNTljODQwZWQyNzhhODc4YTky
NTY2MTUwHhcNMjQxMTE3MTc1NzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTVhNWMyMzE4MWMwOTUzODQzNmQ5NDQ5MjUyNzk2N2JiNGJlMDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6tr794I6EjzmO05SPkpJ04j/eqk
OTDuks1yN1SqoEshmdxfSAvkrsRA9+pFqTibAm0xnxUgaaCfA263WJqr+dMaK89u
dlYgQjuqKKYRbIRp6Q0S6OdrFR1xxoCEhobN/i5Z4v3vP0k8O8wO/7RPPUGh4DVq
CG1AyPkoIulQ6TViNiNW4u3d68rGwCEuUGgVr2o+GJunsvAV/wCM/EaCpWcbW0Yx
QPoJ934diKOtOuiHxi6JZer2/DY0gkLfGxuuqHPGslzf9pE+Yu5X0gF6u9miZb2V
zhVWN+D6yHa4m5Mk5y/CeMPCPJKpcKWCWKlW98wXjUM8EWiCUtVPECybqQIDAQAB
o4ICwzCCAr8wHQYDVR0OBBYEFKlaXCMYHAlThDbZRJJSeWe7S+AlMB8GA1UdIwQY
MBaAFPt5wm8xV1NFFZyEDtJ4qHipJWYVMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0zbkNiekZYVTBVVm5JUU8wbmlvZUtrbFpoVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAvMTJkNjkxLTM3YTQtNGIxNS1hN2Vh
LWJkMzdkYTBlNDQ3Yy8xL3FWcGNJeGdjQ1ZPRU50bEVrbEo1Wjd0TDRDVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODAvMTJkNjkxLTM3YTQtNGIxNS1hN2VhLWJkMzdkYTBlNDQ3
Yy8xLzEtM25DYnpGWFUwVVZuSVFPMG5pb2VLa2xaaFUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgdYGCCsGAQUFBwEHAQH/BIHGMIHDMEIEAgABMDwDBAMf
A5gDBAQlLnADBARPjkADBABb1iwDBABb1i8DBAOAf2gDBAK5AhwDBAK5ByADBAK5
CjgDBAPVBUAwfQQCAAIwdwMFACoAcUAwEAMFASoAcUIDBwAqAHFFAAADBwAqAHFF
ALEwEgMHACoAcUUAwQMHACoAcUUAwgMHACoAcUYAAAMHACoAcUcAIgMHACoAcUcA
qQMHACoAcUcAsTASAwcAKgBxRwDhAwcBKgBxRwDoAwcAKgBxRw4QMA0GCSqGSIb3
DQEBCwUAA4IBAQB8lb5745aLRGlGsq/eXVkd5iD/Rf/EOUhdcAsQ2XCrWnqkVnz2
RVI9jwKmhsAAPUJ5li6UNeVdhL3u3tf2YOQIOFGTnfi/IS+Hlue+2q0KCaJ4bp5E
ToYA4F/wmNbcba+B2NjmNoUCdQy+0hfffXesBmCi2acg9TLgNgtY45amQ6knkqfv
//PKZXR60fuSwQvdlnWDqL9p+Grf+12VEbsT/RillJYsYLf+qclx5/P+sBUIdgX2
zVoaZMIx6yoAsvoWOgwoYRkB1hsrCeVQcIqwnCaCU4/03gz4rerWT5JiktqvGcYi
yZ3anvau05aZMm+mPJSlk5Jql0B7keFbz0f9
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:09:12 2024 by rpki-client on console-ams.rpki-client.org