Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/1ufd_RPN0fsdBrS1IdDb7-xTsdI.roa
File: 1ufd_RPN0fsdBrS1IdDb7-xTsdI.roa (raw, json)
Hash identifier: MMVI8ouFTemmdvWHXbXbf9NTyqUK43bdSPFivtzEZWo=
Subject key identifier: D6:E7:DD:FD:13:CD:D1:FB:1D:06:B4:B5:21:D0:DB:EF:EC:53:B1:D2
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 01919E51BD47C250C5DEEE0C2CA5A93CE183
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/1ufd_RPN0fsdBrS1IdDb7-xTsdI.roa
Signing time: Thu 29 Aug 2024 13:27:22 +0000
ROA not before: Thu 29 Aug 2024 13:27:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5483
IP address blocks: 5.38.128.0/17 maxlen: 17
5.187.128.0/17 maxlen: 17
31.46.0.0/16 maxlen: 16
31.46.19.0/24 maxlen: 24
37.76.0.0/17 maxlen: 17
46.107.0.0/16 maxlen: 16
46.107.14.0/24 maxlen: 24
46.107.15.0/24 maxlen: 24
46.107.224.0/24 maxlen: 24
46.139.0.0/16 maxlen: 16
62.201.64.0/18 maxlen: 18
78.92.0.0/16 maxlen: 16
79.122.0.0/17 maxlen: 17
80.249.160.0/20 maxlen: 24
80.249.164.0/24 maxlen: 24
80.249.167.0/24 maxlen: 24
80.249.168.0/24 maxlen: 24
80.249.170.0/24 maxlen: 24
80.249.171.0/24 maxlen: 24
80.249.172.0/24 maxlen: 24
80.249.173.0/24 maxlen: 24
80.249.174.0/24 maxlen: 24
81.182.0.0/15 maxlen: 15
84.0.0.0/14 maxlen: 14
84.1.102.0/24 maxlen: 24
84.1.226.0/24 maxlen: 24
84.1.236.0/24 maxlen: 24
84.2.24.0/24 maxlen: 24
84.2.35.0/24 maxlen: 24
84.2.39.0/24 maxlen: 24
84.2.42.0/23 maxlen: 24
84.2.50.0/24 maxlen: 24
84.2.51.0/24 maxlen: 24
84.2.52.0/24 maxlen: 24
84.2.54.0/24 maxlen: 24
84.2.79.0/24 maxlen: 24
84.2.226.0/23 maxlen: 24
84.2.227.0/24 maxlen: 24
84.2.228.0/24 maxlen: 24
84.2.230.0/24 maxlen: 24
84.2.231.0/24 maxlen: 24
86.59.128.0/17 maxlen: 17
87.101.112.0/20 maxlen: 20
91.120.0.0/16 maxlen: 16
91.120.16.0/22 maxlen: 22
91.120.27.0/24 maxlen: 24
91.120.57.0/24 maxlen: 24
91.120.64.0/18 maxlen: 18
91.120.128.0/18 maxlen: 18
93.89.160.0/20 maxlen: 20
94.27.128.0/17 maxlen: 17
134.255.0.0/17 maxlen: 17
145.236.0.0/16 maxlen: 16
145.236.230.0/24 maxlen: 24
149.200.0.0/17 maxlen: 17
185.55.12.0/22 maxlen: 22
185.65.8.0/22 maxlen: 22
188.6.0.0/16 maxlen: 16
188.36.0.0/16 maxlen: 16
188.36.248.0/24 maxlen: 24
188.156.0.0/15 maxlen: 15
194.38.96.0/19 maxlen: 19
194.38.96.0/24 maxlen: 24
194.38.104.0/24 maxlen: 24
194.88.32.0/19 maxlen: 19
194.149.0.0/19 maxlen: 19
194.149.32.0/19 maxlen: 19
194.149.36.0/24 maxlen: 24
194.176.224.0/19 maxlen: 19
195.56.0.0/16 maxlen: 16
195.56.0.0/24 maxlen: 24
195.70.32.0/19 maxlen: 19
195.228.0.0/16 maxlen: 16
195.228.4.0/24 maxlen: 24
195.228.22.0/24 maxlen: 24
195.228.24.0/24 maxlen: 24
195.228.34.0/24 maxlen: 24
195.228.45.0/24 maxlen: 24
195.228.75.0/24 maxlen: 24
195.228.76.0/24 maxlen: 24
195.228.85.0/24 maxlen: 24
195.228.86.0/24 maxlen: 24
195.228.87.0/24 maxlen: 24
195.228.112.0/24 maxlen: 24
195.228.135.0/24 maxlen: 24
195.228.152.0/24 maxlen: 24
195.228.155.0/24 maxlen: 24
195.228.156.0/24 maxlen: 24
195.228.224.0/23 maxlen: 23
195.228.240.0/24 maxlen: 24
195.228.244.0/24 maxlen: 24
195.228.245.0/24 maxlen: 24
195.228.247.0/24 maxlen: 24
195.228.248.0/24 maxlen: 24
195.228.249.0/24 maxlen: 24
195.228.250.0/24 maxlen: 24
195.228.251.0/24 maxlen: 24
195.228.253.0/24 maxlen: 24
195.228.254.0/24 maxlen: 24
195.228.255.0/24 maxlen: 24
212.51.64.0/18 maxlen: 18
212.51.79.0/24 maxlen: 24
212.51.91.0/24 maxlen: 24
212.51.110.0/24 maxlen: 24
212.51.125.0/24 maxlen: 24
213.178.96.0/19 maxlen: 19
217.20.128.0/20 maxlen: 20
217.65.96.0/19 maxlen: 19
217.65.96.0/23 maxlen: 23
217.116.32.0/20 maxlen: 20
2001:4c48::/29 maxlen: 29
2001:4c48::/30 maxlen: 30
2001:4c48::/32 maxlen: 32
2001:4c48::/46 maxlen: 48
2001:4c4c::/30 maxlen: 30
2a00:10d0::/32 maxlen: 32
2a00:1110::/29 maxlen: 29
2a02:738::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9e:51:bd:47:c2:50:c5:de:ee:0c:2c:a5:a9:3c:e1:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Aug 29 13:27:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6e7ddfd13cdd1fb1d06b4b521d0dbefec53b1d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d4:59:ac:77:09:05:26:24:26:05:97:99:d1:
06:cf:69:be:f5:60:c0:24:fa:ab:7b:cd:fc:b0:ee:
18:a0:ed:8b:c0:ca:cf:0a:8c:a0:7b:bd:85:a8:20:
0e:61:05:94:8f:ca:d7:fe:e6:9a:8e:bf:c6:86:2a:
11:67:46:68:78:3b:f6:48:e8:69:a6:b6:99:23:c4:
5f:b6:a4:1a:29:a8:8f:a9:b4:f4:56:8e:90:4c:2a:
1f:03:52:f7:4d:81:71:6d:59:3c:18:6a:3f:44:31:
47:60:89:18:1c:d7:71:a0:dc:1e:36:59:79:c3:e1:
0b:16:42:0e:ae:86:2e:18:b2:5b:d9:fb:39:9d:2f:
5e:99:34:01:72:84:86:99:12:74:a1:15:85:76:a2:
6b:c1:2c:45:7b:d5:7c:ea:6a:b5:21:d9:28:07:6a:
4b:10:5a:13:e3:55:45:85:65:83:27:53:5f:78:84:
10:4b:2f:f8:18:e5:fe:0f:0e:b3:ca:57:16:69:2c:
89:8a:16:62:d9:aa:e6:f7:a7:db:60:27:36:8c:56:
d3:f1:45:ad:18:90:ac:a4:97:58:82:74:41:5f:fe:
d5:a1:e6:07:50:86:38:8b:a4:77:c4:44:a2:5b:e7:
64:ee:52:ba:43:53:2b:3a:0b:ee:e7:b3:6a:cd:47:
6e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:E7:DD:FD:13:CD:D1:FB:1D:06:B4:B5:21:D0:DB:EF:EC:53:B1:D2
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/1ufd_RPN0fsdBrS1IdDb7-xTsdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.38.128.0/17
5.187.128.0/17
31.46.0.0/16
37.76.0.0/17
46.107.0.0/16
46.139.0.0/16
62.201.64.0/18
78.92.0.0/16
79.122.0.0/17
80.249.160.0/20
81.182.0.0/15
84.0.0.0/14
86.59.128.0/17
87.101.112.0/20
91.120.0.0/16
93.89.160.0/20
94.27.128.0/17
134.255.0.0/17
145.236.0.0/16
149.200.0.0/17
185.55.12.0/22
185.65.8.0/22
188.6.0.0/16
188.36.0.0/16
188.156.0.0/15
194.38.96.0/19
194.88.32.0/19
194.149.0.0/18
194.176.224.0/19
195.56.0.0/16
195.70.32.0/19
195.228.0.0/16
212.51.64.0/18
213.178.96.0/19
217.20.128.0/20
217.65.96.0/19
217.116.32.0/20
IPv6:
2001:4c48::/29
2a00:10d0::/32
2a00:1110::/29
2a02:738::/32
Signature Algorithm: sha256WithRSAEncryption
0f:3d:ab:b7:6d:5b:13:8f:09:5b:9a:c0:ca:e8:48:1a:e3:a2:
92:67:04:c7:e6:d3:74:ae:b1:94:fc:58:2b:00:b7:a4:00:a1:
4a:86:d4:6d:06:ef:c5:e8:dd:fd:a3:59:51:71:30:7e:ce:39:
ec:99:3e:60:e7:33:f4:f8:a8:dc:25:c3:3d:c3:52:83:ee:a6:
6f:45:81:0e:c2:22:e9:fe:bb:c3:4a:ef:0a:7b:ec:83:d2:06:
1b:ae:80:8c:eb:75:47:05:db:5f:a8:60:86:fa:3d:6d:d5:1b:
32:7d:17:b4:96:8f:b0:16:89:e2:93:dc:c9:34:fb:5f:2f:3c:
e5:1e:6a:d7:4d:b5:4b:47:41:44:2b:07:0e:72:68:b4:19:85:
01:ac:b9:96:9e:1e:95:b1:1e:d3:18:d1:53:eb:ac:90:22:b7:
1c:80:fb:1d:19:2c:34:30:1e:b4:5b:19:42:23:49:69:d2:c0:
dc:8e:21:ca:b1:db:85:48:f6:3d:91:eb:43:cc:7c:dc:8f:48:
27:a4:e0:c4:f0:d0:c0:81:0c:b2:11:60:ed:a3:9c:f2:34:99:
7b:0a:0e:e3:80:78:d1:9a:aa:c5:2a:10:8b:25:95:65:5a:89:
a5:1d:5b:21:29:6f:89:b6:78:ba:62:99:ea:7e:30:12:64:c0:
af:10:8c:04
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgISAZGeUb1HwlDF3u4MLKWpPOGDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjQwODI5MTMyNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmU3ZGRmZDEzY2RkMWZiMWQwNmI0YjUyMWQwZGJlZmVjNTNiMWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNRZrHcJBSYkJgWXmdEGz2m+9WDA
JPqre838sO4YoO2LwMrPCoyge72FqCAOYQWUj8rX/uaajr/GhioRZ0ZoeDv2SOhp
praZI8RftqQaKaiPqbT0Vo6QTCofA1L3TYFxbVk8GGo/RDFHYIkYHNdxoNweNll5
w+ELFkIOroYuGLJb2fs5nS9emTQBcoSGmRJ0oRWFdqJrwSxFe9V86mq1IdkoB2pL
EFoT41VFhWWDJ1NfeIQQSy/4GOX+Dw6zylcWaSyJihZi2arm96fbYCc2jFbT8UWt
GJCspJdYgnRBX/7VoeYHUIY4i6R3xESiW+dk7lK6Q1MrOgvu57NqzUduLwIDAQAB
o4IC/zCCAvswHQYDVR0OBBYEFNbn3f0TzdH7HQa0tSHQ2+/sU7HSMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvMXVmZF9SUE4wZnNkQnJTMUlkRGI3LXhUc2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEwYIKwYBBQUHAQcBAf8EggECMIH/MIHYBAIAATCB0QME
BwUmgAMEBwW7gAMDAB8uAwQHJUwAAwMALmsDAwAuiwMEBj7JQAMDAE5cAwQHT3oA
AwQEUPmgAwMBUbYDAwJUAAMEB1Y7gAMEBFdlcAMDAFt4AwQEXVmgAwQHXhuAAwQH
hv8AAwMAkewDBAeVyAADBAK5NwwDBAK5QQgDAwC8BgMDALwkAwMBvJwDBAXCJmAD
BAXCWCADBAbClQADBAXCsOADAwDDOAMEBcNGIAMDAMPkAwQG1DNAAwQF1bJgAwQE
2RSAAwQF2UFgAwQE2XQgMCIEAgACMBwDBQMgAUxIAwUAKgAQ0AMFAyoAERADBQAq
Agc4MA0GCSqGSIb3DQEBCwUAA4IBAQAPPau3bVsTjwlbmsDK6Ega46KSZwTH5tN0
rrGU/FgrALekAKFKhtRtBu/F6N39o1lRcTB+zjnsmT5g5zP0+KjcJcM9w1KD7qZv
RYEOwiLp/rvDSu8Ke+yD0gYbroCM63VHBdtfqGCG+j1t1RsyfRe0lo+wFonik9zJ
NPtfLzzlHmrXTbVLR0FEKwcOcmi0GYUBrLmWnh6VsR7TGNFT66yQIrccgPsdGSw0
MB60WxlCI0lp0sDcjiHKsduFSPY9ketDzHzcj0gnpODE8NDAgQyyEWDto5zyNJl7
Cg7jgHjRmqrFKhCLJZVlWomlHVshKW+Jtni6YpnqfjASZMCvEIwE
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:13:30 2024 by rpki-client on console-ams.rpki-client.org