Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/GRMT4YzUD721_HXV7R0Cm0DYeDc.roa
File: GRMT4YzUD721_HXV7R0Cm0DYeDc.roa (raw, json)
Hash identifier: HTgP63VsembF9gZ8a2HF28H27f9lfeAkaOA2D7ANKxk=
Subject key identifier: 19:13:13:E1:8C:D4:0F:BD:B5:FC:75:D5:ED:1D:02:9B:40:D8:78:37
Certificate issuer: /CN=640b1f8772c6ef484e2cd2d66263f2ef98fa3968
Certificate serial: 018CC726B9AFA7D74425726FB8B99FAC8031
Authority key identifier: 64:0B:1F:87:72:C6:EF:48:4E:2C:D2:D6:62:63:F2:EF:98:FA:39:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZAsfh3LG70hOLNLWYmPy75j6OWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/GRMT4YzUD721_HXV7R0Cm0DYeDc.roa
Signing time: Mon 01 Jan 2024 22:30:53 +0000
ROA not before: Mon 01 Jan 2024 22:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197876
IP address blocks: 77.73.80.0/21 maxlen: 24
2a03:ab80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZAsfh3LG70hOLNLWYmPy75j6OWg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:b9:af:a7:d7:44:25:72:6f:b8:b9:9f:ac:80:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=640b1f8772c6ef484e2cd2d66263f2ef98fa3968
Validity
Not Before: Jan 1 22:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=191313e18cd40fbdb5fc75d5ed1d029b40d87837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:60:91:08:5d:28:55:4e:5b:98:bc:c2:af:ce:
8e:38:93:52:1c:10:ef:34:1d:0d:ef:2c:86:f3:5f:
2d:36:bc:ad:5a:8a:0a:bd:da:8e:5c:dd:e4:25:3c:
62:53:20:14:06:23:f2:50:32:23:9c:35:bf:fd:a8:
26:51:0d:9e:2b:19:cc:3f:15:fc:65:48:37:96:fe:
53:7d:64:00:d0:41:1e:a4:6c:0b:6a:3b:03:01:6a:
b8:1a:fa:37:56:41:04:6e:3f:3b:dc:e1:4f:0c:63:
49:a5:7e:ea:2c:b2:7a:ed:a6:b1:1d:6e:96:71:56:
2b:aa:24:f0:8e:4d:2c:c1:63:48:f8:ae:c4:25:24:
85:66:d5:d3:c1:41:6a:ff:4e:9f:b4:a5:d9:fe:5f:
e4:f9:f6:a1:1c:4d:19:ce:63:64:fe:de:06:b7:7a:
0a:af:6a:b2:58:e5:ac:3a:d9:69:14:e6:da:02:68:
28:1f:10:a6:ca:fa:6b:cb:f4:ba:83:ab:41:fb:09:
73:5d:42:5c:cd:ab:7d:aa:02:c4:c7:d2:9a:c8:bc:
29:e8:8d:a6:68:30:2a:5e:23:8e:82:0d:89:c4:33:
29:63:0d:09:e6:b9:3d:da:40:a4:60:81:6a:2a:a4:
e4:ef:29:f5:6b:4f:32:9c:25:23:55:44:eb:0f:0a:
ef:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:13:13:E1:8C:D4:0F:BD:B5:FC:75:D5:ED:1D:02:9B:40:D8:78:37
X509v3 Authority Key Identifier:
keyid:64:0B:1F:87:72:C6:EF:48:4E:2C:D2:D6:62:63:F2:EF:98:FA:39:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZAsfh3LG70hOLNLWYmPy75j6OWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/GRMT4YzUD721_HXV7R0Cm0DYeDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.80.0/21
IPv6:
2a03:ab80::/32
Signature Algorithm: sha256WithRSAEncryption
6b:25:fa:fe:21:9a:fe:9b:d3:3d:c0:c7:2a:5a:67:7e:6a:13:
65:db:7d:c0:c2:ec:09:86:d4:3f:d4:29:7f:69:41:2e:5b:20:
1e:02:74:de:c0:7c:66:aa:35:71:b6:89:c3:75:19:c6:8f:33:
79:1b:8d:b5:b0:7d:67:cc:8d:13:5e:0e:2b:4d:22:e8:44:f5:
3c:ed:1e:0d:5f:1e:d4:70:bb:b7:59:24:96:c7:df:88:c6:11:
97:59:55:66:0c:5d:02:f5:4c:6a:d6:e1:1d:52:d3:1c:07:c7:
73:0c:39:a4:f8:19:66:42:9a:b9:a4:f4:7c:29:d8:09:15:d4:
0a:b6:ce:47:91:f6:c6:51:e1:9c:2c:e9:1d:0a:b7:c4:a9:d7:
92:d5:18:86:02:ca:64:29:5d:da:a0:15:85:8b:a0:4f:bd:3b:
b1:79:5e:43:59:6c:ee:92:03:55:31:70:96:63:fa:f8:5f:6f:
56:b7:28:38:ab:6a:b1:ab:c9:99:f6:e7:31:b7:25:6b:be:aa:
37:61:b0:76:fe:8c:a3:59:61:9c:ba:a7:93:e2:ae:ad:60:9a:
3c:54:ad:d8:cf:2f:3a:43:c9:03:7e:b8:38:35:04:4f:5f:a0:
43:9b:db:c2:3c:c3:5b:ba:49:fe:4d:93:67:ba:6f:60:21:64:
12:d4:78:09
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJrmvp9dEJXJvuLmfrIAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MGIxZjg3NzJjNmVmNDg0ZTJjZDJkNjYyNjNmMmVmOThm
YTM5NjgwHhcNMjQwMTAxMjIzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTEzMTNlMThjZDQwZmJkYjVmYzc1ZDVlZDFkMDI5YjQwZDg3ODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGCRCF0oVU5bmLzCr86OOJNSHBDv
NB0N7yyG818tNrytWooKvdqOXN3kJTxiUyAUBiPyUDIjnDW//agmUQ2eKxnMPxX8
ZUg3lv5TfWQA0EEepGwLajsDAWq4Gvo3VkEEbj873OFPDGNJpX7qLLJ67aaxHW6W
cVYrqiTwjk0swWNI+K7EJSSFZtXTwUFq/06ftKXZ/l/k+fahHE0ZzmNk/t4Gt3oK
r2qyWOWsOtlpFObaAmgoHxCmyvpry/S6g6tB+wlzXUJczat9qgLEx9KayLwp6I2m
aDAqXiOOgg2JxDMpYw0J5rk92kCkYIFqKqTk7yn1a08ynCUjVUTrDwrvSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBkTE+GM1A+9tfx11e0dAptA2Hg3MB8GA1UdIwQY
MBaAFGQLH4dyxu9ITizS1mJj8u+Y+jloMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkFzZmgzTEc3MGhPTE5MV1ltUHk3NWo2T1dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9hYWQ2MjYtZGFjZS00NGQ4LTgxOGQt
Mzg3YWZhMGE1MzRmLzEvR1JNVDRZelVENzIxX0hYVjdSMENtMERZZURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9hYWQ2MjYtZGFjZS00NGQ4LTgxOGQtMzg3YWZhMGE1MzRm
LzEvWkFzZmgzTEc3MGhPTE5MV1ltUHk3NWo2T1dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDTUlQMA0E
AgACMAcDBQAqA6uAMA0GCSqGSIb3DQEBCwUAA4IBAQBrJfr+IZr+m9M9wMcqWmd+
ahNl233AwuwJhtQ/1Cl/aUEuWyAeAnTewHxmqjVxtonDdRnGjzN5G421sH1nzI0T
Xg4rTSLoRPU87R4NXx7UcLu3WSSWx9+IxhGXWVVmDF0C9Uxq1uEdUtMcB8dzDDmk
+BlmQpq5pPR8KdgJFdQKts5HkfbGUeGcLOkdCrfEqdeS1RiGAspkKV3aoBWFi6BP
vTuxeV5DWWzukgNVMXCWY/r4X29Wtyg4q2qxq8mZ9ucxtyVrvqo3YbB2/oyjWWGc
uqeT4q6tYJo8VK3Yzy86Q8kDfrg4NQRPX6BDm9vCPMNbukn+TZNnum9gIWQS1HgJ
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:23:45 2024 by rpki-client on console-fra.rpki-client.org