Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/rosT--7crCE1YsW23WvYonqP808.roa
File: rosT--7crCE1YsW23WvYonqP808.roa (raw, json)
Hash identifier: hd43a0As+iahJDWQ339Y9JkW2ZHILzJbhn/nM63knNc=
Subject key identifier: AE:8B:13:FB:EE:DC:AC:21:35:62:C5:B6:DD:6B:D8:A2:7A:8F:F3:4F
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 018CC492DF37914593E20B901D6C9FDECDBC
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/rosT--7crCE1YsW23WvYonqP808.roa
Signing time: Mon 01 Jan 2024 10:30:08 +0000
ROA not before: Mon 01 Jan 2024 10:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60539
IP address blocks: 5.160.77.0/24 maxlen: 24
77.104.92.0/24 maxlen: 24
5.160.110.0/24 maxlen: 24
5.160.111.0/24 maxlen: 24
5.160.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:df:37:91:45:93:e2:0b:90:1d:6c:9f:de:cd:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 10:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae8b13fbeedcac213562c5b6dd6bd8a27a8ff34f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ae:54:17:0c:36:71:e7:e2:45:73:86:da:73:
ef:39:e8:1c:c3:46:67:38:8b:b0:b0:53:85:ff:6e:
a5:de:ca:47:68:cb:aa:c6:95:77:90:58:01:3c:08:
08:ca:ca:ee:f2:0f:f4:40:1c:3a:be:49:eb:88:1e:
00:70:ac:24:d6:9c:c6:85:63:dc:3d:33:46:3b:0e:
7f:11:2a:2d:34:dd:47:9d:24:71:c6:d9:49:03:a9:
dc:69:f2:7d:94:09:60:55:24:c2:9c:fc:cd:ae:11:
d8:a7:7c:0d:07:e9:d5:20:2a:e1:cf:43:22:06:9f:
99:c6:0c:46:1a:d0:db:0d:4d:10:fa:38:9c:e3:f2:
2c:7f:18:20:e6:fd:e2:12:fe:00:d4:0d:bb:eb:5e:
93:fd:92:78:76:11:aa:bb:38:fe:97:20:a6:d0:dd:
57:ae:ac:6b:51:5f:2b:93:af:8f:09:5a:7d:3b:a6:
73:18:47:c9:8d:b7:46:3c:f9:b8:77:fb:85:dd:5f:
4d:44:05:30:0a:cf:1c:cf:91:a2:33:8a:1a:f1:08:
81:02:e6:f8:46:3a:42:da:14:af:d8:fd:b2:3e:e1:
14:f8:a6:d3:1a:a9:05:02:af:8d:c4:c4:bb:c0:a5:
14:6f:74:dd:d6:70:aa:73:0b:ad:a4:82:e2:67:78:
a3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:8B:13:FB:EE:DC:AC:21:35:62:C5:B6:DD:6B:D8:A2:7A:8F:F3:4F
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/rosT--7crCE1YsW23WvYonqP808.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.77.0/24
5.160.110.0/23
5.160.131.0/24
77.104.92.0/24
Signature Algorithm: sha256WithRSAEncryption
79:ff:32:5a:13:6d:0c:02:fd:c1:3b:f1:43:ae:fe:40:9f:22:
77:68:a4:45:ed:aa:6e:80:66:aa:57:6b:29:4b:35:52:3f:2c:
16:68:03:5d:f1:7f:94:26:59:4c:bd:15:b7:5f:f6:74:19:e0:
3b:39:1b:32:6f:2b:8e:ca:93:dd:e6:cf:2c:82:ba:c6:c1:3d:
73:17:ee:e2:2b:8f:38:e4:db:16:95:98:9b:7d:a8:90:75:78:
68:64:4e:65:63:51:e2:41:a5:bc:8d:3c:67:dc:71:11:df:e1:
6d:bb:2d:1d:50:65:78:a5:0b:9f:c6:ff:b3:d4:1b:63:46:9b:
bc:89:34:de:e4:2d:7a:00:60:4a:5f:e0:99:f3:ad:b0:02:cb:
6c:cd:d0:1e:0a:7d:0c:f5:f2:5b:07:ea:57:e7:6c:45:c1:cd:
89:ed:11:4a:1e:49:68:3d:f4:9c:55:99:64:63:44:ee:58:c1:
47:b7:19:85:13:26:aa:25:9e:6b:5c:c7:77:5f:69:e4:ca:28:
e0:de:b7:2b:16:db:f2:fb:43:48:a2:46:7e:53:b6:6b:56:1a:
13:54:4d:d4:3e:f9:23:b8:db:9e:8b:d4:9e:a4:2a:ff:62:8f:
f7:57:00:52:ae:53:af:3d:b7:85:f1:dd:2e:9f:09:6d:07:64:
16:36:04:25
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkt83kUWT4guQHWyf3s28MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjQwMTAxMTAzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZThiMTNmYmVlZGNhYzIxMzU2MmM1YjZkZDZiZDhhMjdhOGZmMzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxK5UFww2cefiRXOG2nPvOegcw0Zn
OIuwsFOF/26l3spHaMuqxpV3kFgBPAgIysru8g/0QBw6vknriB4AcKwk1pzGhWPc
PTNGOw5/ESotNN1HnSRxxtlJA6ncafJ9lAlgVSTCnPzNrhHYp3wNB+nVICrhz0Mi
Bp+ZxgxGGtDbDU0Q+jic4/Isfxgg5v3iEv4A1A27616T/ZJ4dhGquzj+lyCm0N1X
rqxrUV8rk6+PCVp9O6ZzGEfJjbdGPPm4d/uF3V9NRAUwCs8cz5GiM4oa8QiBAub4
RjpC2hSv2P2yPuEU+KbTGqkFAq+NxMS7wKUUb3Td1nCqcwutpILiZ3ijkQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK6LE/vu3KwhNWLFtt1r2KJ6j/NPMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvcm9zVC0tN2NyQ0UxWXNXMjNXdllvbnFQODA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABaBNAwQB
BaBuAwQABaCDAwQATWhcMA0GCSqGSIb3DQEBCwUAA4IBAQB5/zJaE20MAv3BO/FD
rv5AnyJ3aKRF7apugGaqV2spSzVSPywWaANd8X+UJllMvRW3X/Z0GeA7ORsybyuO
ypPd5s8sgrrGwT1zF+7iK4845NsWlZibfaiQdXhoZE5lY1HiQaW8jTxn3HER3+Ft
uy0dUGV4pQufxv+z1BtjRpu8iTTe5C16AGBKX+CZ862wAstszdAeCn0M9fJbB+pX
52xFwc2J7RFKHkloPfScVZlkY0TuWMFHtxmFEyaqJZ5rXMd3X2nkyijg3rcrFtvy
+0NIokZ+U7ZrVhoTVE3UPvkjuNuei9SepCr/Yo/3VwBSrlOvPbeF8d0unwltB2QW
NgQl
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:05:22 2024 by rpki-client on console-fra.rpki-client.org