Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/QST0bJ0YLaSclHECVs38-p_JQSw.roa
File: QST0bJ0YLaSclHECVs38-p_JQSw.roa (raw, json)
Hash identifier: xEKP44u33VtAVgqv5aNjsHHiOfGJPwlWvZFQhYO53tY=
Subject key identifier: 41:24:F4:6C:9D:18:2D:A4:9C:94:71:02:56:CD:FC:FA:9F:C9:41:2C
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 019164E25E84CCC9B9E44DB8271F105F7502
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/QST0bJ0YLaSclHECVs38-p_JQSw.roa
Signing time: Sun 18 Aug 2024 09:47:22 +0000
ROA not before: Sun 18 Aug 2024 09:47:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51431
IP address blocks: 5.160.47.0/24 maxlen: 24
5.160.197.0/24 maxlen: 24
77.237.66.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:64:e2:5e:84:cc:c9:b9:e4:4d:b8:27:1f:10:5f:75:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Aug 18 09:47:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4124f46c9d182da49c94710256cdfcfa9fc9412c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c5:cb:63:00:17:b6:2e:e7:93:dd:f9:1f:bd:
11:bc:92:93:6a:78:02:f2:01:5a:bc:0c:4b:b9:0b:
fd:e0:c2:ad:c6:3e:08:e2:31:af:56:a9:05:d9:07:
37:6e:e5:27:b3:fa:1b:15:d5:9c:c1:01:97:3a:0e:
5d:13:2c:b6:81:d3:c4:27:5d:bc:ea:43:2e:58:27:
b7:6b:63:8d:ae:75:54:96:5f:fe:6c:9e:b5:a8:94:
da:c6:48:ce:8d:0d:e6:ad:16:20:24:9b:57:c2:58:
01:58:12:f3:84:26:f6:0c:aa:c8:a4:8c:18:6c:e0:
9d:21:0d:2c:7e:62:32:3c:93:a8:1e:0b:54:b0:1d:
cc:97:00:47:6d:61:f6:e6:93:ae:97:d0:93:6e:40:
bc:39:b7:5a:50:1d:49:42:be:90:1b:75:7e:b9:88:
da:e3:55:62:83:c2:3b:94:f6:01:6e:4b:60:d7:e1:
8b:7f:72:9c:2e:a4:16:8c:21:96:83:51:0b:ba:23:
c0:17:4b:0f:e7:28:84:08:fe:88:ca:87:f3:da:29:
b1:7b:0d:b3:ad:42:21:df:11:86:ae:cc:14:4d:cd:
56:48:6e:1e:04:f0:ad:b6:eb:d3:ba:2b:8a:72:06:
8e:9c:c5:a0:5e:a6:04:47:f6:df:79:64:e0:b3:e6:
b1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:24:F4:6C:9D:18:2D:A4:9C:94:71:02:56:CD:FC:FA:9F:C9:41:2C
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/QST0bJ0YLaSclHECVs38-p_JQSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.47.0/24
5.160.197.0/24
77.237.66.0/23
Signature Algorithm: sha256WithRSAEncryption
05:5a:71:4c:10:e9:66:66:d5:b8:3f:37:88:6d:88:94:1d:67:
55:80:81:0c:c4:61:91:85:7c:3f:42:61:de:a5:00:f8:1a:cf:
7a:aa:65:21:5b:b6:2b:e4:4b:ca:21:06:20:60:c4:ef:07:d0:
1e:96:64:12:13:b1:fb:62:87:7c:a5:af:40:64:b3:ba:43:60:
81:87:5e:b3:8d:6c:54:e3:62:c9:fa:98:8f:09:5d:68:a6:d8:
b4:f0:ef:77:4e:e1:89:a0:4b:01:da:c3:d5:56:9b:ed:bf:04:
78:6a:78:89:b0:00:c6:b1:b3:5a:f2:76:90:14:41:38:bd:c9:
a5:35:69:cc:e1:ee:4c:03:24:66:3e:ef:fe:93:81:a5:d7:bb:
c7:e0:41:6e:07:01:c6:9b:a2:7d:9e:b0:e4:ea:46:56:a5:cf:
f0:9c:cf:2f:a0:f3:c6:cf:3a:75:0d:a2:0c:ef:08:c0:4e:b1:
d5:6e:ed:0b:b3:97:09:d1:b6:a9:86:d1:56:90:4d:35:b0:c3:
6d:f3:89:2e:07:2a:5c:be:91:9a:bf:a3:77:ad:f0:4b:f2:7e:
35:f2:c4:5c:f3:68:25:ae:c5:a7:93:a9:e7:d3:03:a0:aa:bb:
22:03:26:a3:07:24:5e:06:d3:9c:78:fb:48:5f:97:d6:85:7f:
a7:d5:f2:2a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFk4l6EzMm55E24Jx8QX3UCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjQwODE4MDk0NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTI0ZjQ2YzlkMTgyZGE0OWM5NDcxMDI1NmNkZmNmYTlmYzk0MTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsXLYwAXti7nk935H70RvJKTangC
8gFavAxLuQv94MKtxj4I4jGvVqkF2Qc3buUns/obFdWcwQGXOg5dEyy2gdPEJ128
6kMuWCe3a2ONrnVUll/+bJ61qJTaxkjOjQ3mrRYgJJtXwlgBWBLzhCb2DKrIpIwY
bOCdIQ0sfmIyPJOoHgtUsB3MlwBHbWH25pOul9CTbkC8ObdaUB1JQr6QG3V+uYja
41Vig8I7lPYBbktg1+GLf3KcLqQWjCGWg1ELuiPAF0sP5yiECP6Iyofz2imxew2z
rUIh3xGGrswUTc1WSG4eBPCttuvTuiuKcgaOnMWgXqYER/bfeWTgs+axtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEEk9GydGC2knJRxAlbN/PqfyUEsMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvUVNUMGJKMFlMYVNjbEhFQ1ZzMzgtcF9KUVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABaAvAwQA
BaDFAwQBTe1CMA0GCSqGSIb3DQEBCwUAA4IBAQAFWnFMEOlmZtW4PzeIbYiUHWdV
gIEMxGGRhXw/QmHepQD4Gs96qmUhW7Yr5EvKIQYgYMTvB9AelmQSE7H7Yod8pa9A
ZLO6Q2CBh16zjWxU42LJ+piPCV1opti08O93TuGJoEsB2sPVVpvtvwR4aniJsADG
sbNa8naQFEE4vcmlNWnM4e5MAyRmPu/+k4Gl17vH4EFuBwHGm6J9nrDk6kZWpc/w
nM8voPPGzzp1DaIM7wjATrHVbu0Ls5cJ0baphtFWkE01sMNt84kuBypcvpGav6N3
rfBL8n418sRc82glrsWnk6nn0wOgqrsiAyajByReBtOcePtIX5fWhX+n1fIq
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:05:22 2024 by rpki-client on console-fra.rpki-client.org