Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/gnTXOsrpJeGjkjjVUUi_Op-cgmE.roa
File: gnTXOsrpJeGjkjjVUUi_Op-cgmE.roa (raw, json)
Hash identifier: t8M+t6YSWXWo8hM5Qv0UY5RmvAuxVjTuVB12Io3CWH0=
Subject key identifier: 82:74:D7:3A:CA:E9:25:E1:A3:92:38:D5:51:48:BF:3A:9F:9C:82:61
Certificate issuer: /CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Certificate serial: 018F3D110558190929E9359F205B2D34349E
Authority key identifier: 3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/gnTXOsrpJeGjkjjVUUi_Op-cgmE.roa
Signing time: Fri 03 May 2024 06:07:56 +0000
ROA not before: Fri 03 May 2024 06:07:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57358
IP address blocks: 82.98.73.0/24 maxlen: 32
2a02:2e0:3ec::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3d:11:05:58:19:09:29:e9:35:9f:20:5b:2d:34:34:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Validity
Not Before: May 3 06:07:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8274d73acae925e1a39238d55148bf3a9f9c8261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:37:ed:e3:47:84:3c:d4:05:d7:a3:89:71:d1:
e6:20:67:d1:15:71:27:76:45:e1:58:db:69:38:6c:
b7:70:70:10:1d:9a:9a:72:70:dd:d1:17:cc:c1:63:
39:ba:5d:74:8b:44:74:a7:1e:58:2b:8f:56:bb:d6:
6f:ea:b3:ee:48:f3:0b:8c:21:db:c0:3b:d4:86:de:
3c:ac:f3:5d:81:0d:f0:c1:d3:4f:85:ed:64:a6:fa:
76:b2:15:2d:50:86:61:85:51:8d:bc:cb:fc:4d:90:
89:a0:4e:26:d8:76:b3:c6:3f:d2:cd:e4:bc:fa:f7:
ea:f3:9e:37:26:0a:c4:1c:eb:70:9b:24:be:f4:ab:
1f:38:ae:bb:c4:f4:33:bd:42:db:be:ae:a1:ef:b9:
10:7a:24:da:29:7c:8a:f4:88:f4:59:7f:d5:72:76:
83:36:95:c6:e6:b8:9b:6f:27:40:cf:82:1d:49:47:
b4:8f:fd:f2:16:5a:b7:98:ea:eb:19:9b:96:0c:2f:
dc:72:a4:4e:a8:f6:fe:bd:49:12:1b:b6:88:b5:60:
3d:6d:f6:96:2e:4e:e7:fc:0c:71:81:d4:2d:a4:7e:
12:c0:0a:5a:d0:77:0d:79:42:60:4c:fc:a3:0b:24:
59:cd:3b:94:27:dd:e4:52:c8:7f:3c:89:17:e5:be:
40:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:74:D7:3A:CA:E9:25:E1:A3:92:38:D5:51:48:BF:3A:9F:9C:82:61
X509v3 Authority Key Identifier:
keyid:3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/gnTXOsrpJeGjkjjVUUi_Op-cgmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.98.73.0/24
IPv6:
2a02:2e0:3ec::/48
Signature Algorithm: sha256WithRSAEncryption
2c:98:9e:3d:e6:2d:db:c3:57:9c:4a:63:18:dd:48:53:61:30:
22:ab:25:80:14:90:bf:cc:02:75:99:bb:52:65:ad:78:bb:f9:
d0:a0:f1:d1:d9:19:d7:1f:cd:dc:90:1b:05:02:53:57:5a:3f:
8b:7e:47:4a:6b:af:90:16:94:4b:75:1b:ee:80:30:7b:4a:29:
a8:a4:e3:a5:1f:28:85:e8:45:67:70:75:fd:c5:40:f6:a6:93:
56:03:9b:82:cd:db:97:a3:f0:99:a8:8b:c2:55:cf:f1:6d:ca:
f2:bc:eb:b0:e8:d0:91:b3:b2:41:26:c1:78:8f:2b:35:1a:78:
b9:11:e8:6a:b5:bb:47:34:20:83:99:2e:1d:62:04:29:f7:60:
f1:b9:46:e3:a3:86:b6:4a:6e:1f:f2:83:af:1f:c5:97:cc:65:
76:00:f2:bb:cb:56:47:a5:71:9d:58:31:07:3d:53:67:fb:80:
50:66:00:9f:b2:ee:d9:cf:80:6d:45:54:9e:99:4d:ad:62:89:
ea:5b:68:9f:6a:e0:ff:ec:8a:f0:49:44:f3:f3:1b:dd:0c:65:
26:85:4f:93:ff:30:22:71:96:9b:6f:cc:d2:59:18:1f:8f:81:
8f:a3:3f:ae:c8:ef:0b:e6:5f:b7:3f:d3:ad:9d:5e:c8:57:eb:
7e:59:7f:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY89EQVYGQkp6TWfIFstNDSeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGJhMGE1MmM0MjEyOWFmMWQ0Zjc0M2ZlYjMzYmIxNDRk
NGJiNWMwHhcNMjQwNTAzMDYwNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjc0ZDczYWNhZTkyNWUxYTM5MjM4ZDU1MTQ4YmYzYTlmOWM4MjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8jft40eEPNQF16OJcdHmIGfRFXEn
dkXhWNtpOGy3cHAQHZqacnDd0RfMwWM5ul10i0R0px5YK49Wu9Zv6rPuSPMLjCHb
wDvUht48rPNdgQ3wwdNPhe1kpvp2shUtUIZhhVGNvMv8TZCJoE4m2Hazxj/SzeS8
+vfq8543JgrEHOtwmyS+9KsfOK67xPQzvULbvq6h77kQeiTaKXyK9Ij0WX/VcnaD
NpXG5ribbydAz4IdSUe0j/3yFlq3mOrrGZuWDC/ccqROqPb+vUkSG7aItWA9bfaW
Lk7n/AxxgdQtpH4SwApa0HcNeUJgTPyjCyRZzTuUJ93kUsh/PIkX5b5AzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIJ01zrK6SXho5I41VFIvzqfnIJhMB8GA1UdIwQY
MBaAFD2LoKUsQhKa8dT3Q/6zO7FE1LtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMt
YTU2ODM4NDRlNzkyLzEvZ25UWE9zcnBKZUdqa2pqVlVVaV9PcC1jZ21FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMtYTU2ODM4NDRlNzky
LzEvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAUmJJMA8E
AgACMAkDBwAqAgLgA+wwDQYJKoZIhvcNAQELBQADggEBACyYnj3mLdvDV5xKYxjd
SFNhMCKrJYAUkL/MAnWZu1JlrXi7+dCg8dHZGdcfzdyQGwUCU1daP4t+R0prr5AW
lEt1G+6AMHtKKaik46UfKIXoRWdwdf3FQPamk1YDm4LN25ej8Jmoi8JVz/FtyvK8
67Do0JGzskEmwXiPKzUaeLkR6Gq1u0c0IIOZLh1iBCn3YPG5RuOjhrZKbh/yg68f
xZfMZXYA8rvLVkelcZ1YMQc9U2f7gFBmAJ+y7tnPgG1FVJ6ZTa1iiepbaJ9q4P/s
ivBJRPPzG90MZSaFT5P/MCJxlptvzNJZGB+PgY+jP67I7wvmX7c/062dXshX635Z
f2c=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:12:50 2024 by rpki-client on console-fra.rpki-client.org