Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/QLW7fcBWz56R4Jiojz-6wuelmT4.roa
File: QLW7fcBWz56R4Jiojz-6wuelmT4.roa (raw, json)
Hash identifier: 8RPrHKvAZHy98tzO67g7NjQJTnQnw/C9b8AZOgc6go8=
Subject key identifier: 40:B5:BB:7D:C0:56:CF:9E:91:E0:98:A8:8F:3F:BA:C2:E7:A5:99:3E
Certificate issuer: /CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Certificate serial: 01916A29B16A42017F416249493FBF2E7022
Authority key identifier: E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/QLW7fcBWz56R4Jiojz-6wuelmT4.roa
Signing time: Mon 19 Aug 2024 10:23:22 +0000
ROA not before: Mon 19 Aug 2024 10:23:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39603
IP address blocks: 5.173.0.0/17 maxlen: 17
5.173.128.0/18 maxlen: 18
5.173.192.0/19 maxlen: 19
31.174.0.0/15 maxlen: 15
46.112.0.0/16 maxlen: 16
46.113.0.0/16 maxlen: 16
89.108.192.0/18 maxlen: 18
89.108.200.0/21 maxlen: 21
89.108.208.0/21 maxlen: 21
94.254.128.0/17 maxlen: 17
94.254.128.0/19 maxlen: 19
94.254.128.0/20 maxlen: 20
94.254.144.0/20 maxlen: 20
94.254.160.0/19 maxlen: 19
94.254.160.0/20 maxlen: 20
94.254.192.0/19 maxlen: 19
94.254.192.0/20 maxlen: 20
94.254.208.0/20 maxlen: 20
94.254.224.0/19 maxlen: 19
94.254.224.0/20 maxlen: 20
109.243.0.0/16 maxlen: 16
109.243.128.0/17 maxlen: 17
164.126.0.0/15 maxlen: 15
2a00:1981::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6a:29:b1:6a:42:01:7f:41:62:49:49:3f:bf:2e:70:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Validity
Not Before: Aug 19 10:23:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40b5bb7dc056cf9e91e098a88f3fbac2e7a5993e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:70:bc:eb:02:e7:ab:c0:20:0a:6c:af:f8:9a:
8f:86:c3:5f:bf:2b:a8:83:c6:d6:94:7c:73:7d:9b:
2b:3a:e4:d2:44:64:8a:2b:e4:3a:e0:44:9c:3c:d2:
e6:02:3b:37:54:a8:05:25:d7:3a:d4:74:3c:c4:15:
2e:cc:13:96:66:8e:36:7a:e5:f9:83:c6:52:4c:eb:
2c:fb:00:31:83:26:12:d2:87:cb:76:e7:b8:b5:cf:
e3:08:43:61:19:64:34:46:b0:38:70:bd:b2:cc:40:
54:bb:83:e6:d6:67:6d:18:f9:db:06:a7:3d:58:26:
4e:35:40:e8:83:2f:ff:d5:e7:64:ae:fd:88:45:47:
03:86:18:d8:06:c4:4c:16:00:26:3b:76:9e:97:ca:
c3:c0:48:b3:fd:01:b6:ef:62:1d:d3:44:37:69:b2:
77:d2:6a:8d:6c:a1:b8:be:9c:23:e8:b0:cc:63:21:
47:5c:f6:45:8a:f8:3e:3d:9d:d9:4e:86:f7:46:a2:
d7:65:06:eb:e8:a4:4a:a4:d6:a8:1f:41:76:94:e7:
a6:50:c7:55:d6:21:b3:5c:66:a7:2d:07:be:f1:bc:
71:16:6f:9c:84:9c:60:23:81:53:04:67:3b:cf:80:
b5:a5:f8:ec:4f:6a:4a:06:61:af:5b:68:f0:34:cd:
67:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B5:BB:7D:C0:56:CF:9E:91:E0:98:A8:8F:3F:BA:C2:E7:A5:99:3E
X509v3 Authority Key Identifier:
keyid:E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/QLW7fcBWz56R4Jiojz-6wuelmT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.173.0.0-5.173.223.255
31.174.0.0/15
46.112.0.0/15
89.108.192.0/18
94.254.128.0/17
109.243.0.0/16
164.126.0.0/15
IPv6:
2a00:1981::/32
Signature Algorithm: sha256WithRSAEncryption
4e:d7:d3:ae:30:b3:fa:73:b3:27:2b:45:02:50:a0:79:a6:2d:
fe:75:20:4b:bb:b0:fd:41:b7:76:fd:c0:ac:bf:7b:01:be:3c:
64:5c:6a:7d:bb:4b:0c:2e:39:a2:55:e7:c1:0e:38:f7:ae:18:
76:2f:fa:06:c5:74:a5:b1:5f:56:7c:d5:af:d1:c1:e0:2f:83:
b9:37:e3:22:dd:39:b4:e8:65:77:44:41:6e:05:e3:9c:5b:6f:
d3:39:3d:bd:f3:e5:45:91:7c:e9:16:bd:51:7c:fb:31:94:a8:
d6:aa:3d:a3:f2:58:01:b9:de:53:a0:d5:4b:12:e3:a3:e2:1d:
9e:3f:96:0b:6a:46:d5:29:c1:df:53:d5:6e:a1:fc:c4:2e:06:
71:b2:4c:69:7b:d0:84:13:1b:28:18:a1:f2:ad:96:af:2d:44:
9b:67:74:df:94:21:16:2b:20:18:c4:51:ac:2e:c8:bb:9a:d5:
3f:53:2f:97:0a:fc:56:5d:5a:7b:13:81:66:ca:31:fa:48:32:
32:02:29:5a:1c:2d:42:90:79:35:51:31:e1:03:3f:9c:6a:05:
cf:e7:c3:3d:3b:9c:5f:4a:45:32:53:c2:73:0b:8e:38:0b:84:
53:6c:93:14:57:a4:b3:85:7a:d2:4e:e5:c7:fc:17:83:e4:49:
4e:cc:c6:40
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZFqKbFqQgF/QWJJST+/LnAiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MWMwN2M5NTE0ODhmMDRjYjNiMGZkMzM4YWY4NGQ3N2U0
NmJmNTIwHhcNMjQwODE5MTAyMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGI1YmI3ZGMwNTZjZjllOTFlMDk4YTg4ZjNmYmFjMmU3YTU5OTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3C86wLnq8AgCmyv+JqPhsNfvyuo
g8bWlHxzfZsrOuTSRGSKK+Q64EScPNLmAjs3VKgFJdc61HQ8xBUuzBOWZo42euX5
g8ZSTOss+wAxgyYS0ofLdue4tc/jCENhGWQ0RrA4cL2yzEBUu4Pm1mdtGPnbBqc9
WCZONUDogy//1edkrv2IRUcDhhjYBsRMFgAmO3ael8rDwEiz/QG272Id00Q3abJ3
0mqNbKG4vpwj6LDMYyFHXPZFivg+PZ3ZTob3RqLXZQbr6KRKpNaoH0F2lOemUMdV
1iGzXGanLQe+8bxxFm+chJxgI4FTBGc7z4C1pfjsT2pKBmGvW2jwNM1noQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFEC1u33AVs+ekeCYqI8/usLnpZk+MB8GA1UdIwQY
MBaAFOYcB8lRSI8EyzsP0zivhNd+Rr9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWh3SHlWRklqd1RMT3dfVE9LLUUxMzVHdjFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yZGJhNWMtOWE5MC00MDUyLWExZWIt
NmE4NDc3Y2I2YzJhLzEvUUxXN2ZjQld6NTZSNEppb2p6LTZ3dWVsbVQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yZGJhNWMtOWE5MC00MDUyLWExZWItNmE4NDc3Y2I2YzJh
LzEvNWh3SHlWRklqd1RMT3dfVE9LLUUxMzVHdjFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAzBAIAATAtMAsDAwAFrQME
BQWtwAMDAR+uAwMBLnADBAZZbMADBAde/oADAwBt8wMDAaR+MA0EAgACMAcDBQAq
ABmBMA0GCSqGSIb3DQEBCwUAA4IBAQBO19OuMLP6c7MnK0UCUKB5pi3+dSBLu7D9
Qbd2/cCsv3sBvjxkXGp9u0sMLjmiVefBDjj3rhh2L/oGxXSlsV9WfNWv0cHgL4O5
N+Mi3Tm06GV3REFuBeOcW2/TOT298+VFkXzpFr1RfPsxlKjWqj2j8lgBud5ToNVL
EuOj4h2eP5YLakbVKcHfU9VuofzELgZxskxpe9CEExsoGKHyrZavLUSbZ3TflCEW
KyAYxFGsLsi7mtU/Uy+XCvxWXVp7E4FmyjH6SDIyAilaHC1CkHk1UTHhAz+cagXP
58M9O5xfSkUyU8JzC444C4RTbJMUV6SzhXrSTuXH/BeD5ElOzMZA
-----END CERTIFICATE-----
Generated at Sat Nov 23 19:17:44 2024 by rpki-client on console-fra.rpki-client.org