Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/0e8bad-121c-4a56-96cd-aacfc0dbed12/1/QgTrsogIJDxKIyS_wTRZmTMvh1U.roa
File: QgTrsogIJDxKIyS_wTRZmTMvh1U.roa (raw, json)
Hash identifier: qM70doLjM4ociPl/J5exq6emq3M4rVGJj8prFp8hQdM=
Subject key identifier: 42:04:EB:B2:88:08:24:3C:4A:23:24:BF:C1:34:59:99:33:2F:87:55
Certificate issuer: /CN=e6cc65c27c23298b0c5a0e0bc74ba51034a704c8
Certificate serial: 018CC9BC8656B61729E3C57BA3415A3B95C8
Authority key identifier: E6:CC:65:C2:7C:23:29:8B:0C:5A:0E:0B:C7:4B:A5:10:34:A7:04:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5sxlwnwjKYsMWg4Lx0ulEDSnBMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/0e8bad-121c-4a56-96cd-aacfc0dbed12/1/QgTrsogIJDxKIyS_wTRZmTMvh1U.roa
Signing time: Tue 02 Jan 2024 10:33:44 +0000
ROA not before: Tue 02 Jan 2024 10:33:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31010
IP address blocks: 91.212.85.0/24 maxlen: 24
2001:678:598::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/0e8bad-121c-4a56-96cd-aacfc0dbed12/1/5sxlwnwjKYsMWg4Lx0ulEDSnBMg.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/0e8bad-121c-4a56-96cd-aacfc0dbed12/1/5sxlwnwjKYsMWg4Lx0ulEDSnBMg.mft
rsync://rpki.ripe.net/repository/DEFAULT/5sxlwnwjKYsMWg4Lx0ulEDSnBMg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:86:56:b6:17:29:e3:c5:7b:a3:41:5a:3b:95:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6cc65c27c23298b0c5a0e0bc74ba51034a704c8
Validity
Not Before: Jan 2 10:33:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4204ebb28808243c4a2324bfc1345999332f8755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fc:77:b6:bd:62:d3:7f:1b:aa:a8:1b:f8:00:
fb:48:78:3e:a4:91:41:1c:1a:45:bc:ab:20:2b:cc:
39:68:c9:a4:08:e9:a4:75:36:c6:58:f0:98:90:0c:
ae:79:e8:29:3f:d7:bb:ce:0a:22:be:d5:e2:ec:ac:
fd:72:65:e3:56:65:5a:53:a7:06:65:8e:ce:f9:ee:
d1:5a:d8:33:ae:98:e9:60:65:12:9c:94:e7:22:c8:
54:e3:93:7d:ad:1e:16:8d:ff:8d:cd:be:d4:6c:89:
f0:bd:be:fa:37:35:6c:03:5c:07:aa:e0:35:12:4d:
fd:ab:ce:2c:89:b3:c1:aa:88:18:a7:db:5a:b1:5d:
f4:4e:64:c3:61:d9:79:9a:bf:80:71:3f:18:c0:9b:
58:57:b0:74:35:1f:ca:05:16:a2:ac:61:62:7d:fa:
83:e8:a1:a0:62:56:ab:54:1b:9c:e5:25:fa:52:76:
74:a3:1d:74:13:6d:d7:33:12:ca:26:31:ea:c2:59:
7f:ee:2f:c7:46:7c:2a:d0:2f:8d:92:55:64:3d:2a:
61:19:be:a3:30:57:4a:9c:3a:af:8b:6b:4f:2d:af:
94:88:ac:3e:96:21:00:4d:10:65:dc:be:c3:21:1f:
2f:d1:49:41:2e:36:0b:21:39:7e:e2:90:ec:32:b2:
8a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:04:EB:B2:88:08:24:3C:4A:23:24:BF:C1:34:59:99:33:2F:87:55
X509v3 Authority Key Identifier:
keyid:E6:CC:65:C2:7C:23:29:8B:0C:5A:0E:0B:C7:4B:A5:10:34:A7:04:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5sxlwnwjKYsMWg4Lx0ulEDSnBMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0e8bad-121c-4a56-96cd-aacfc0dbed12/1/QgTrsogIJDxKIyS_wTRZmTMvh1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0e8bad-121c-4a56-96cd-aacfc0dbed12/1/5sxlwnwjKYsMWg4Lx0ulEDSnBMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.85.0/24
IPv6:
2001:678:598::/48
Signature Algorithm: sha256WithRSAEncryption
72:0d:fa:fc:94:7a:82:60:7a:41:2b:8f:ad:97:bf:aa:ac:77:
e4:3c:7e:2f:58:94:07:29:fe:f9:2b:af:8a:e9:76:8e:76:f0:
9c:62:68:5b:63:f7:9d:29:bc:be:2f:f3:38:d8:ab:df:4c:c0:
88:7c:ab:a9:98:70:3b:22:a7:7b:b0:06:bd:ca:3c:63:7a:40:
71:f2:ec:72:f4:9d:e3:66:54:86:44:60:d6:fc:d0:b9:c2:17:
98:65:e3:5f:e3:93:ee:f9:d7:3f:ed:db:7a:3a:b3:3a:a0:47:
34:6a:6e:cd:c8:7d:fb:c1:0c:e9:3a:9c:9e:fd:da:1d:4f:cb:
f0:18:00:39:b6:0d:90:9c:3c:2a:eb:3e:4d:b3:79:c7:9a:27:
62:85:b9:14:3d:6d:85:49:ee:b1:cf:be:13:93:4a:99:17:21:
87:93:76:81:28:28:9f:37:b4:48:44:30:90:04:15:33:da:72:
d9:43:6f:c8:ed:07:13:4f:db:d1:b5:c8:5a:b8:a5:ae:44:46:
78:7b:42:e4:c9:26:ac:84:24:40:34:2f:fc:9a:69:e3:15:c2:
93:13:6a:bb:02:73:50:0d:25:50:70:e1:60:fe:24:89:6c:82:
74:2e:f9:40:49:64:80:5a:df:01:07:d8:41:c1:59:19:67:0e:
0e:fa:80:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJvIZWthcp48V7o0FaO5XIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2Y2M2NWMyN2MyMzI5OGIwYzVhMGUwYmM3NGJhNTEwMzRh
NzA0YzgwHhcNMjQwMTAyMTAzMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjA0ZWJiMjg4MDgyNDNjNGEyMzI0YmZjMTM0NTk5OTMzMmY4NzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPx3tr1i038bqqgb+AD7SHg+pJFB
HBpFvKsgK8w5aMmkCOmkdTbGWPCYkAyueegpP9e7zgoivtXi7Kz9cmXjVmVaU6cG
ZY7O+e7RWtgzrpjpYGUSnJTnIshU45N9rR4Wjf+Nzb7UbInwvb76NzVsA1wHquA1
Ek39q84sibPBqogYp9tasV30TmTDYdl5mr+AcT8YwJtYV7B0NR/KBRairGFiffqD
6KGgYlarVBuc5SX6UnZ0ox10E23XMxLKJjHqwll/7i/HRnwq0C+NklVkPSphGb6j
MFdKnDqvi2tPLa+UiKw+liEATRBl3L7DIR8v0UlBLjYLITl+4pDsMrKKwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEIE67KICCQ8SiMkv8E0WZkzL4dVMB8GA1UdIwQY
MBaAFObMZcJ8IymLDFoOC8dLpRA0pwTIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXN4bHdud2pLWXNNV2c0THgwdWxFRFNuQk1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wZThiYWQtMTIxYy00YTU2LTk2Y2Qt
YWFjZmMwZGJlZDEyLzEvUWdUcnNvZ0lKRHhLSXlTX3dUUlptVE12aDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wZThiYWQtMTIxYy00YTU2LTk2Y2QtYWFjZmMwZGJlZDEy
LzEvNXN4bHdud2pLWXNNV2c0THgwdWxFRFNuQk1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9RVMA8E
AgACMAkDBwAgAQZ4BZgwDQYJKoZIhvcNAQELBQADggEBAHIN+vyUeoJgekErj62X
v6qsd+Q8fi9YlAcp/vkrr4rpdo528JxiaFtj950pvL4v8zjYq99MwIh8q6mYcDsi
p3uwBr3KPGN6QHHy7HL0neNmVIZEYNb80LnCF5hl41/jk+751z/t23o6szqgRzRq
bs3IffvBDOk6nJ792h1Py/AYADm2DZCcPCrrPk2zeceaJ2KFuRQ9bYVJ7rHPvhOT
SpkXIYeTdoEoKJ83tEhEMJAEFTPactlDb8jtBxNP29G1yFq4pa5ERnh7QuTJJqyE
JEA0L/yaaeMVwpMTarsCc1ANJVBw4WD+JIlsgnQu+UBJZIBa3wEH2EHBWRlnDg76
gPE=
-----END CERTIFICATE-----
Generated at Sun May 19 14:19:48 2024 by rpki-client on console-fra.rpki-client.org