Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/e1d8f8-dbdd-47a3-8c68-4edaf77a0e5d/1/PFlSQV1an5GavMYCQUbsG7839hI.roa
File: PFlSQV1an5GavMYCQUbsG7839hI.roa (raw, json)
Hash identifier: 16ABzLAWQHfZdYK5ccAqatrOO0tq5VXnWBFfNVSu0Ws=
Subject key identifier: 3C:59:52:41:5D:5A:9F:91:9A:BC:C6:02:41:46:EC:1B:BF:37:F6:12
Certificate issuer: /CN=1055ba8d49a2dd1e91c3aaccbcf144f04593f1b3
Certificate serial: 018E582071A1005674F670AD497546755F9B
Authority key identifier: 10:55:BA:8D:49:A2:DD:1E:91:C3:AA:CC:BC:F1:44:F0:45:93:F1:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFW6jUmi3R6Rw6rMvPFE8EWT8bM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/e1d8f8-dbdd-47a3-8c68-4edaf77a0e5d/1/PFlSQV1an5GavMYCQUbsG7839hI.roa
Signing time: Tue 19 Mar 2024 19:11:44 +0000
ROA not before: Tue 19 Mar 2024 19:11:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51114
IP address blocks: 178.250.80.0/21 maxlen: 24
2a03:b400::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/e1d8f8-dbdd-47a3-8c68-4edaf77a0e5d/1/EFW6jUmi3R6Rw6rMvPFE8EWT8bM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/e1d8f8-dbdd-47a3-8c68-4edaf77a0e5d/1/EFW6jUmi3R6Rw6rMvPFE8EWT8bM.mft
rsync://rpki.ripe.net/repository/DEFAULT/EFW6jUmi3R6Rw6rMvPFE8EWT8bM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 07:02:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:58:20:71:a1:00:56:74:f6:70:ad:49:75:46:75:5f:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1055ba8d49a2dd1e91c3aaccbcf144f04593f1b3
Validity
Not Before: Mar 19 19:11:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c5952415d5a9f919abcc6024146ec1bbf37f612
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e9:e1:74:ee:4c:ec:7f:56:44:02:3b:bd:8a:
4e:7e:a3:cb:c4:d7:96:38:b1:c9:c8:4e:26:9f:f3:
2a:db:b6:c3:8a:b8:c1:25:f8:ae:36:7a:3f:c8:a0:
ef:75:02:2f:40:3c:53:3a:aa:16:1c:5c:1b:ec:8e:
be:fd:77:8e:9d:c3:7a:dd:b0:c8:fe:94:1a:82:35:
57:1a:d8:8f:d8:41:c2:20:aa:12:24:a5:5f:e0:ca:
22:4b:7e:60:ec:01:69:85:50:72:2c:8b:13:9e:9d:
b5:1b:5d:d1:e5:ff:99:e0:96:2f:0d:04:d2:93:2c:
44:d6:27:eb:d0:0a:e2:bf:85:f1:f8:68:b9:18:68:
1b:85:7c:57:a4:84:e3:d9:1b:4f:36:5e:65:08:ee:
16:07:f2:84:5b:15:be:06:3b:7e:4b:7d:ea:1d:c0:
4d:01:f9:a4:0f:db:4d:b5:7a:94:8b:07:dd:b5:ca:
f4:5d:c5:9f:6c:ff:01:bc:03:11:9b:0f:db:c8:23:
4c:27:a9:5e:03:39:87:bf:59:04:50:b8:1b:02:7a:
e9:48:cd:77:b4:d9:cd:90:08:7e:8c:92:c0:01:13:
ab:db:3b:ce:3c:bc:8f:1d:70:bb:84:4c:8f:11:52:
39:f6:56:d9:a1:63:08:f5:69:6e:25:7b:a5:85:b7:
b4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:59:52:41:5D:5A:9F:91:9A:BC:C6:02:41:46:EC:1B:BF:37:F6:12
X509v3 Authority Key Identifier:
keyid:10:55:BA:8D:49:A2:DD:1E:91:C3:AA:CC:BC:F1:44:F0:45:93:F1:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFW6jUmi3R6Rw6rMvPFE8EWT8bM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e1d8f8-dbdd-47a3-8c68-4edaf77a0e5d/1/PFlSQV1an5GavMYCQUbsG7839hI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e1d8f8-dbdd-47a3-8c68-4edaf77a0e5d/1/EFW6jUmi3R6Rw6rMvPFE8EWT8bM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.250.80.0/21
IPv6:
2a03:b400::/32
Signature Algorithm: sha256WithRSAEncryption
3e:d2:84:f4:5c:23:f6:83:7a:45:da:a9:5e:fe:3c:8a:c9:a4:
16:8e:0f:4b:0b:17:a8:79:60:83:98:dd:bb:19:c4:15:70:41:
11:52:65:fe:7f:f9:95:11:a4:41:e7:6e:e1:68:f8:e4:af:05:
19:15:ef:f4:c6:10:68:4b:38:b0:45:74:a1:57:d8:6c:1d:07:
40:ce:15:23:d3:b7:6c:ef:0d:e2:39:c2:d3:c1:66:d3:f9:89:
48:6c:3b:73:5a:74:a0:4a:dd:50:b2:04:59:08:88:45:41:4f:
a0:f1:3b:2e:90:11:37:74:ea:b2:b3:27:cf:75:a2:fa:3e:fc:
ed:c9:fa:62:8d:02:8b:a8:6b:a5:bd:f8:f2:6d:e2:11:9e:fb:
18:01:db:bf:4d:d7:17:d0:7e:fe:f0:ea:8c:99:be:cc:72:86:
64:19:b8:09:8c:b0:e5:58:fe:e1:d8:5f:3e:44:02:05:85:40:
06:70:1b:37:10:8d:f1:5f:eb:da:a8:e9:19:75:a5:8b:81:65:
af:3b:74:53:68:73:15:a8:e3:e3:4d:9d:62:02:99:f5:07:f6:
16:e5:e0:41:05:da:60:59:46:10:ae:0f:49:bf:4e:59:e0:40:
c1:c4:e2:c9:e9:13:46:61:50:61:d2:d7:ab:62:af:f0:8a:00:
d9:31:41:99
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY5YIHGhAFZ09nCtSXVGdV+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTViYThkNDlhMmRkMWU5MWMzYWFjY2JjZjE0NGYwNDU5
M2YxYjMwHhcNMjQwMzE5MTkxMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzU5NTI0MTVkNWE5ZjkxOWFiY2M2MDI0MTQ2ZWMxYmJmMzdmNjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6unhdO5M7H9WRAI7vYpOfqPLxNeW
OLHJyE4mn/Mq27bDirjBJfiuNno/yKDvdQIvQDxTOqoWHFwb7I6+/XeOncN63bDI
/pQagjVXGtiP2EHCIKoSJKVf4MoiS35g7AFphVByLIsTnp21G13R5f+Z4JYvDQTS
kyxE1ifr0Ariv4Xx+Gi5GGgbhXxXpITj2RtPNl5lCO4WB/KEWxW+Bjt+S33qHcBN
AfmkD9tNtXqUiwfdtcr0XcWfbP8BvAMRmw/byCNMJ6leAzmHv1kEULgbAnrpSM13
tNnNkAh+jJLAAROr2zvOPLyPHXC7hEyPEVI59lbZoWMI9WluJXulhbe0XQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDxZUkFdWp+RmrzGAkFG7Bu/N/YSMB8GA1UdIwQY
MBaAFBBVuo1Jot0ekcOqzLzxRPBFk/GzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZXNmpVbWkzUjZSdzZyTXZQRkU4RVdUOGJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lMWQ4ZjgtZGJkZC00N2EzLThjNjgt
NGVkYWY3N2EwZTVkLzEvUEZsU1FWMWFuNUdhdk1ZQ1FVYnNHNzgzOWhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lMWQ4ZjgtZGJkZC00N2EzLThjNjgtNGVkYWY3N2EwZTVk
LzEvRUZXNmpVbWkzUjZSdzZyTXZQRkU4RVdUOGJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDsvpQMA0E
AgACMAcDBQAqA7QAMA0GCSqGSIb3DQEBCwUAA4IBAQA+0oT0XCP2g3pF2qle/jyK
yaQWjg9LCxeoeWCDmN27GcQVcEERUmX+f/mVEaRB527haPjkrwUZFe/0xhBoSziw
RXShV9hsHQdAzhUj07ds7w3iOcLTwWbT+YlIbDtzWnSgSt1QsgRZCIhFQU+g8Tsu
kBE3dOqysyfPdaL6PvztyfpijQKLqGulvfjybeIRnvsYAdu/TdcX0H7+8OqMmb7M
coZkGbgJjLDlWP7h2F8+RAIFhUAGcBs3EI3xX+vaqOkZdaWLgWWvO3RTaHMVqOPj
TZ1iApn1B/YW5eBBBdpgWUYQrg9Jv05Z4EDBxOLJ6RNGYVBh0terYq/wigDZMUGZ
-----END CERTIFICATE-----
Generated at Thu May 23 12:34:08 2024 by rpki-client on console-fra.rpki-client.org