Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/grO34-sNuSdYZ9HGbEUyM-DIa00.roa
File: grO34-sNuSdYZ9HGbEUyM-DIa00.roa (raw, json)
Hash identifier: JJRK8DYW6SJjWKDjcgxEy1LLF/pDzWgJbXqEqhaV3bM=
Subject key identifier: 82:B3:B7:E3:EB:0D:B9:27:58:67:D1:C6:6C:45:32:33:E0:C8:6B:4D
Certificate issuer: /CN=70847f8221897d6e952e86ea2c339abaacc131f5
Certificate serial: 018CC6B79588E3BD979AD4CFB9C705CC4655
Authority key identifier: 70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/grO34-sNuSdYZ9HGbEUyM-DIa00.roa
Signing time: Mon 01 Jan 2024 20:29:29 +0000
ROA not before: Mon 01 Jan 2024 20:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39010
IP address blocks: 185.38.28.0/22 maxlen: 24
185.95.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.mft
rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:95:88:e3:bd:97:9a:d4:cf:b9:c7:05:cc:46:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70847f8221897d6e952e86ea2c339abaacc131f5
Validity
Not Before: Jan 1 20:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82b3b7e3eb0db9275867d1c66c453233e0c86b4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:8f:ef:8f:59:7d:42:34:fb:d8:c8:32:f3:de:
42:3b:d7:b8:ef:3e:6e:06:e3:b5:5b:62:19:63:03:
bc:86:b0:7e:c3:20:28:db:be:16:08:d8:54:a8:1e:
56:c6:4b:ed:7b:8e:5b:71:96:6d:d2:59:a4:62:72:
19:1c:0e:46:e6:fb:31:76:dc:2a:38:57:c1:aa:73:
4f:91:bc:4f:5b:1c:eb:70:d2:b2:97:de:e9:59:99:
0d:de:44:49:6f:91:04:63:33:c7:03:19:8e:0e:b2:
6a:88:9a:ec:68:91:78:33:7a:02:38:78:fd:7a:6c:
85:9f:d8:0d:4d:cd:00:0c:cb:b4:cf:b0:9f:2f:0e:
5e:b2:11:37:3e:c5:fa:f3:b8:25:0b:53:82:5a:0b:
17:05:0c:85:7a:8c:99:bd:f2:24:ef:3a:7d:13:cc:
16:8c:88:20:83:a7:ec:7e:4c:4c:4a:7a:8b:57:e5:
80:ce:35:d3:01:9c:9e:39:0d:f5:8f:f1:34:a3:e9:
64:a6:08:71:17:ad:e1:7e:21:60:85:9a:be:1e:c4:
e2:3b:5e:d5:e0:3b:5b:cb:3c:4a:69:4c:c5:f9:38:
b4:38:f4:d9:d5:f5:6e:c7:66:f2:bb:a9:d1:6b:dd:
83:3e:44:11:f0:25:2a:32:51:57:a1:02:e2:a2:a7:
8e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B3:B7:E3:EB:0D:B9:27:58:67:D1:C6:6C:45:32:33:E0:C8:6B:4D
X509v3 Authority Key Identifier:
keyid:70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/grO34-sNuSdYZ9HGbEUyM-DIa00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.28.0/22
185.95.252.0/22
Signature Algorithm: sha256WithRSAEncryption
66:4b:cd:c3:62:b9:d8:36:e2:c2:44:1a:79:7f:13:91:de:12:
2d:65:fc:7b:33:e8:7d:a5:d5:3f:11:d3:f9:e8:fb:25:ab:b3:
34:07:17:b3:f1:c0:20:38:74:4f:6f:2e:d0:2a:da:b1:74:b8:
45:ad:12:19:9d:6f:3e:c0:39:00:fc:c3:38:3d:a4:71:c4:03:
fa:a6:2b:c0:8d:c8:29:fd:2a:44:55:1d:a8:ee:25:90:73:3a:
1f:61:3f:15:3e:91:22:64:dc:da:67:84:fe:92:f7:d9:fd:15:
b1:b0:ec:cb:99:9c:20:30:dd:4f:63:e0:b0:2d:e6:2b:9e:16:
5f:ff:9f:8d:76:b8:0b:15:20:98:a2:c4:1f:3d:ac:09:ce:f4:
9a:e5:35:66:a6:e1:bd:fc:0c:b1:4e:32:22:9a:be:f7:61:84:
ae:77:d6:09:ce:d8:2e:9d:ba:4d:88:88:cf:01:a5:74:24:c3:
1b:cc:05:c0:70:1f:16:e2:28:22:14:3b:a4:aa:57:87:d5:59:
1c:81:70:a1:f4:c9:aa:de:f3:c0:ca:ed:95:fc:4b:b9:de:ae:
1c:f7:45:9a:85:2d:4d:9a:7d:16:ba:86:d3:67:52:7c:31:a7:
0b:af:d6:50:c5:3b:1f:88:21:1f:8e:3b:f9:e4:be:0a:72:a7:
f3:62:80:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGt5WI472XmtTPuccFzEZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwODQ3ZjgyMjE4OTdkNmU5NTJlODZlYTJjMzM5YWJhYWNj
MTMxZjUwHhcNMjQwMTAxMjAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmIzYjdlM2ViMGRiOTI3NTg2N2QxYzY2YzQ1MzIzM2UwYzg2YjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3o/vj1l9QjT72Mgy895CO9e47z5u
BuO1W2IZYwO8hrB+wyAo274WCNhUqB5Wxkvte45bcZZt0lmkYnIZHA5G5vsxdtwq
OFfBqnNPkbxPWxzrcNKyl97pWZkN3kRJb5EEYzPHAxmODrJqiJrsaJF4M3oCOHj9
emyFn9gNTc0ADMu0z7CfLw5eshE3PsX687glC1OCWgsXBQyFeoyZvfIk7zp9E8wW
jIggg6fsfkxMSnqLV+WAzjXTAZyeOQ31j/E0o+lkpghxF63hfiFghZq+HsTiO17V
4DtbyzxKaUzF+Ti0OPTZ1fVux2byu6nRa92DPkQR8CUqMlFXoQLioqeOKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIKzt+PrDbknWGfRxmxFMjPgyGtNMB8GA1UdIwQY
MBaAFHCEf4IhiX1ulS6G6iwzmrqswTH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0lSX2dpR0pmVzZWTG9icUxET2F1cXpCTWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83MDZjMDMtN2QzNS00OTEzLThhMTgt
NmU4Nzg0YTdhZDA5LzEvZ3JPMzQtc051U2RZWjlIR2JFVXlNLURJYTAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83MDZjMDMtN2QzNS00OTEzLThhMTgtNmU4Nzg0YTdhZDA5
LzEvY0lSX2dpR0pmVzZWTG9icUxET2F1cXpCTWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuSYcAwQC
uV/8MA0GCSqGSIb3DQEBCwUAA4IBAQBmS83DYrnYNuLCRBp5fxOR3hItZfx7M+h9
pdU/EdP56Pslq7M0Bxez8cAgOHRPby7QKtqxdLhFrRIZnW8+wDkA/MM4PaRxxAP6
pivAjcgp/SpEVR2o7iWQczofYT8VPpEiZNzaZ4T+kvfZ/RWxsOzLmZwgMN1PY+Cw
LeYrnhZf/5+NdrgLFSCYosQfPawJzvSa5TVmpuG9/AyxTjIimr73YYSud9YJztgu
nbpNiIjPAaV0JMMbzAXAcB8W4igiFDukqleH1VkcgXCh9Mmq3vPAyu2V/Eu53q4c
90WahS1Nmn0WuobTZ1J8MacLr9ZQxTsfiCEfjjv55L4KcqfzYoBx
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:40:57 2024 by rpki-client on console-ams.rpki-client.org