Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/808471-7daa-4cd2-a860-069da9c84785/1/grz505nrdjgW5a8HdyTkSk9fgY0.roa
File: grz505nrdjgW5a8HdyTkSk9fgY0.roa (raw, json)
Hash identifier: QxRCzWcA6nXty7Egh7oq0WwGL6Ksn57uL6+XYj8lc6s=
Subject key identifier: 82:BC:F9:D3:99:EB:76:38:16:E5:AF:07:77:24:E4:4A:4F:5F:81:8D
Certificate issuer: /CN=20d617bdb5d768e395e49b41cd81217bd3163ab3
Certificate serial: 018CC5DBF5E82616E7BAB5BD7459FD24C38C
Authority key identifier: 20:D6:17:BD:B5:D7:68:E3:95:E4:9B:41:CD:81:21:7B:D3:16:3A:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/INYXvbXXaOOV5JtBzYEhe9MWOrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/808471-7daa-4cd2-a860-069da9c84785/1/grz505nrdjgW5a8HdyTkSk9fgY0.roa
Signing time: Mon 01 Jan 2024 16:29:35 +0000
ROA not before: Mon 01 Jan 2024 16:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30870
IP address blocks: 171.25.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/808471-7daa-4cd2-a860-069da9c84785/1/INYXvbXXaOOV5JtBzYEhe9MWOrM.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/808471-7daa-4cd2-a860-069da9c84785/1/INYXvbXXaOOV5JtBzYEhe9MWOrM.mft
rsync://rpki.ripe.net/repository/DEFAULT/INYXvbXXaOOV5JtBzYEhe9MWOrM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 01:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:f5:e8:26:16:e7:ba:b5:bd:74:59:fd:24:c3:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20d617bdb5d768e395e49b41cd81217bd3163ab3
Validity
Not Before: Jan 1 16:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82bcf9d399eb763816e5af077724e44a4f5f818d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:61:2a:d4:30:1a:bd:50:cd:b4:91:a6:8d:e5:
9b:96:e7:8f:54:53:af:5a:db:b1:9a:2e:ff:67:4b:
0d:58:bb:38:d1:da:dd:24:d4:7e:ad:9d:d2:de:f7:
7f:02:91:a9:fd:7e:22:98:51:9e:f5:fb:c7:cd:d9:
9a:e2:49:0c:04:0e:5c:bf:fb:73:16:be:a2:6d:f8:
b7:ca:6d:b5:46:8c:00:5c:9b:50:87:07:80:f3:23:
d5:f4:d5:9c:60:1f:b1:8a:33:00:08:85:ab:72:ea:
df:99:be:00:27:ec:6b:42:0b:cb:43:0d:17:53:98:
ea:78:7a:f6:2a:81:dd:88:f5:6e:2a:67:1d:7f:1a:
97:ab:be:55:ba:0d:ec:cf:6d:ea:cf:98:d1:c5:ad:
4c:56:83:a4:c3:dc:1e:5d:45:01:89:25:58:e8:0e:
84:88:15:4b:40:25:6b:01:e4:2a:bd:3e:31:f9:54:
0a:e5:54:97:b0:36:db:fd:63:c6:1c:47:d9:c5:62:
f1:73:67:d9:17:4e:43:3c:a3:e5:ea:bc:74:c1:2d:
73:58:3c:bb:1e:4b:20:2f:83:af:44:a2:76:f9:97:
85:3b:ac:72:aa:c7:f7:67:ea:5a:7d:bd:38:b1:98:
ab:5b:76:a0:fd:a1:13:3b:da:8c:4a:42:8f:59:a7:
39:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:BC:F9:D3:99:EB:76:38:16:E5:AF:07:77:24:E4:4A:4F:5F:81:8D
X509v3 Authority Key Identifier:
keyid:20:D6:17:BD:B5:D7:68:E3:95:E4:9B:41:CD:81:21:7B:D3:16:3A:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/INYXvbXXaOOV5JtBzYEhe9MWOrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/808471-7daa-4cd2-a860-069da9c84785/1/grz505nrdjgW5a8HdyTkSk9fgY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/808471-7daa-4cd2-a860-069da9c84785/1/INYXvbXXaOOV5JtBzYEhe9MWOrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.179.0/24
Signature Algorithm: sha256WithRSAEncryption
77:a8:04:87:0a:5b:90:1b:0e:84:7a:08:3d:f4:f0:86:7a:eb:
3b:ef:39:72:72:e4:8b:fa:01:3c:2a:46:79:e2:64:de:6a:15:
fc:6d:dd:5a:a9:7c:48:87:b6:13:f5:fc:ad:b0:c6:f6:a0:80:
03:c2:af:32:7a:c5:db:60:96:aa:cd:ba:26:9f:2b:2f:b8:a4:
46:70:48:a0:fc:d4:d1:0b:d8:37:2e:5e:7b:9c:8a:e1:fa:dc:
a2:cf:58:5c:14:25:1b:29:be:88:ff:8a:46:3f:03:d8:05:23:
67:85:99:a9:13:d1:43:0f:8a:38:78:d0:87:69:b8:3a:8a:9d:
8f:80:94:c4:76:ce:c5:5d:ff:0d:4f:c7:66:ac:49:1f:45:08:
75:33:21:f0:bd:40:49:58:e2:72:3a:8f:64:f4:fe:c0:a1:a3:
18:33:00:dd:13:7b:5c:4d:19:27:76:93:6f:64:ae:0e:df:44:
95:84:3f:df:94:86:ce:80:da:18:bb:43:6b:09:6c:8d:f4:85:
ec:58:d4:f5:98:84:34:50:b9:0a:15:5f:9c:95:eb:c2:8f:59:
f3:42:b6:b8:3f:7b:4e:4c:ce:7b:d9:3e:34:30:83:7d:89:b3:
17:d6:24:82:3e:15:df:6a:22:89:65:36:21:55:84:5a:3c:e9:
44:70:2c:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF2/XoJhbnurW9dFn9JMOMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZDYxN2JkYjVkNzY4ZTM5NWU0OWI0MWNkODEyMTdiZDMx
NjNhYjMwHhcNMjQwMTAxMTYyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmJjZjlkMzk5ZWI3NjM4MTZlNWFmMDc3NzI0ZTQ0YTRmNWY4MThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGEq1DAavVDNtJGmjeWbluePVFOv
Wtuxmi7/Z0sNWLs40drdJNR+rZ3S3vd/ApGp/X4imFGe9fvHzdma4kkMBA5cv/tz
Fr6ibfi3ym21RowAXJtQhweA8yPV9NWcYB+xijMACIWrcurfmb4AJ+xrQgvLQw0X
U5jqeHr2KoHdiPVuKmcdfxqXq75Vug3sz23qz5jRxa1MVoOkw9weXUUBiSVY6A6E
iBVLQCVrAeQqvT4x+VQK5VSXsDbb/WPGHEfZxWLxc2fZF05DPKPl6rx0wS1zWDy7
HksgL4OvRKJ2+ZeFO6xyqsf3Z+pafb04sZirW3ag/aETO9qMSkKPWac5ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIK8+dOZ63Y4FuWvB3ck5EpPX4GNMB8GA1UdIwQY
MBaAFCDWF72112jjleSbQc2BIXvTFjqzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU5ZWHZiWFhhT09WNUp0QnpZRWhlOU1XT3JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy84MDg0NzEtN2RhYS00Y2QyLWE4NjAt
MDY5ZGE5Yzg0Nzg1LzEvZ3J6NTA1bnJkamdXNWE4SGR5VGtTazlmZ1kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy84MDg0NzEtN2RhYS00Y2QyLWE4NjAtMDY5ZGE5Yzg0Nzg1
LzEvSU5ZWHZiWFhhT09WNUp0QnpZRWhlOU1XT3JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqxmzMA0G
CSqGSIb3DQEBCwUAA4IBAQB3qASHCluQGw6Eegg99PCGeus77zlycuSL+gE8KkZ5
4mTeahX8bd1aqXxIh7YT9fytsMb2oIADwq8yesXbYJaqzbomnysvuKRGcEig/NTR
C9g3Ll57nIrh+tyiz1hcFCUbKb6I/4pGPwPYBSNnhZmpE9FDD4o4eNCHabg6ip2P
gJTEds7FXf8NT8dmrEkfRQh1MyHwvUBJWOJyOo9k9P7AoaMYMwDdE3tcTRkndpNv
ZK4O30SVhD/flIbOgNoYu0NrCWyN9IXsWNT1mIQ0ULkKFV+clevCj1nzQra4P3tO
TM572T40MIN9ibMX1iSCPhXfaiKJZTYhVYRaPOlEcCzQ
-----END CERTIFICATE-----
Generated at Sat May 25 07:45:38 2024 by rpki-client on console-ams.rpki-client.org