Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/cV0-I41V0XEqCpcaYWS2v32N7RY.roa
File: cV0-I41V0XEqCpcaYWS2v32N7RY.roa (raw, json)
Hash identifier: L+rFqR8T9Z02SPRrgNTkml2qgrOjWQfcIa5Dj5/aJJc=
Subject key identifier: 71:5D:3E:23:8D:55:D1:71:2A:0A:97:1A:61:64:B6:BF:7D:8D:ED:16
Certificate issuer: /CN=1501c845f13dd4ad6e9dae470d5ff69c5cca3771
Certificate serial: 018CC49303640E31F721BCC12B1768816AC1
Authority key identifier: 15:01:C8:45:F1:3D:D4:AD:6E:9D:AE:47:0D:5F:F6:9C:5C:CA:37:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FQHIRfE91K1una5HDV_2nFzKN3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/cV0-I41V0XEqCpcaYWS2v32N7RY.roa
Signing time: Mon 01 Jan 2024 10:30:18 +0000
ROA not before: Mon 01 Jan 2024 10:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201058
IP address blocks: 82.213.70.0/24 maxlen: 24
82.213.70.0/23 maxlen: 23
82.213.71.0/24 maxlen: 24
82.213.80.0/22 maxlen: 22
82.213.80.0/24 maxlen: 24
82.213.81.0/24 maxlen: 24
82.213.82.0/24 maxlen: 24
82.213.83.0/24 maxlen: 24
82.213.97.0/24 maxlen: 24
82.213.96.0/22 maxlen: 22
82.213.98.0/24 maxlen: 24
82.213.96.0/24 maxlen: 24
82.213.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/FQHIRfE91K1una5HDV_2nFzKN3E.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/FQHIRfE91K1una5HDV_2nFzKN3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/FQHIRfE91K1una5HDV_2nFzKN3E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:03:64:0e:31:f7:21:bc:c1:2b:17:68:81:6a:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1501c845f13dd4ad6e9dae470d5ff69c5cca3771
Validity
Not Before: Jan 1 10:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=715d3e238d55d1712a0a971a6164b6bf7d8ded16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:85:7e:24:ff:67:cf:73:37:1d:0c:dc:cb:3d:
eb:00:f6:43:00:96:40:ca:80:9b:81:e4:29:8f:8e:
90:15:e7:0d:0f:ab:29:c0:e4:55:73:96:3b:f8:37:
3b:27:0c:96:80:8c:33:55:c0:91:31:68:db:53:61:
60:aa:7e:bd:30:a0:57:2e:2e:12:d3:c9:c0:ea:dd:
55:45:88:b2:8d:c6:85:76:a2:5a:f5:52:a8:a8:1a:
ed:da:d3:4c:0e:29:ed:25:b1:4b:21:af:0f:ef:30:
71:ed:26:64:61:e7:fe:71:b1:12:d5:b3:b3:7a:ab:
1b:0c:b7:4b:97:d7:70:8f:f8:57:e1:27:9c:f0:d7:
23:0f:da:c0:95:d2:15:fe:b8:78:b2:36:a6:b6:d5:
61:96:74:be:2b:3c:1c:63:ba:9c:a4:09:b8:92:b8:
29:1d:1e:8e:2a:9b:ea:69:49:f3:e4:f3:3e:d4:d2:
53:8c:15:6b:e1:90:a3:5e:f2:82:9c:6e:48:24:a0:
50:fa:58:1b:83:8a:fb:f7:c3:86:d9:24:2b:6e:4a:
69:7c:bb:c3:2f:be:c2:bc:a1:96:71:30:5d:88:ac:
9e:e2:3a:7e:51:51:b3:c9:e2:a4:2f:1a:60:f3:e0:
b5:6d:52:a3:1d:ab:4e:7e:8b:b6:58:48:70:1a:24:
9d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:5D:3E:23:8D:55:D1:71:2A:0A:97:1A:61:64:B6:BF:7D:8D:ED:16
X509v3 Authority Key Identifier:
keyid:15:01:C8:45:F1:3D:D4:AD:6E:9D:AE:47:0D:5F:F6:9C:5C:CA:37:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FQHIRfE91K1una5HDV_2nFzKN3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/cV0-I41V0XEqCpcaYWS2v32N7RY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/FQHIRfE91K1una5HDV_2nFzKN3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.213.70.0/23
82.213.80.0/22
82.213.96.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:ba:dd:5e:e3:5c:5a:0e:fd:72:c9:b2:02:ed:d2:ca:fd:cc:
da:50:eb:5d:8a:72:79:f4:7e:a0:35:66:4a:c4:a7:0d:61:39:
1a:5d:4a:51:ad:1d:ed:39:f5:2e:89:b4:79:36:d9:6f:77:63:
8d:65:d5:c6:dc:84:a3:46:23:73:e8:e2:45:a4:81:93:e1:73:
bc:ac:04:02:96:7d:ae:ff:71:27:cd:6f:39:45:b9:c8:d0:c5:
b8:76:ba:36:dc:8b:14:09:14:ac:3d:1d:8a:89:c1:4a:5c:92:
43:e8:87:00:22:8c:d4:d2:19:c5:e3:5c:c0:aa:44:3b:94:f4:
46:fa:72:4a:d5:ab:db:bf:30:a5:3b:bb:b9:a5:29:5c:ee:7b:
f6:06:22:9b:c0:9f:9e:05:ca:85:33:ec:4d:d6:c8:57:43:99:
4a:09:b0:de:2f:b0:15:79:00:1c:11:a2:5b:b0:42:5c:ed:a0:
b1:a0:9e:19:9b:20:dd:73:85:a6:2c:06:ae:46:7f:d8:61:91:
4f:e4:87:5d:f4:05:93:3d:d2:11:79:4b:8f:a1:b8:5f:43:9a:
c9:a9:67:a4:10:90:06:0a:9d:a0:6b:ab:f8:36:b6:44:a0:ad:
12:ad:5f:38:d9:dd:4c:80:c8:2c:a1:67:21:f2:e3:9d:5d:ed:
22:aa:1b:c0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEkwNkDjH3IbzBKxdogWrBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MDFjODQ1ZjEzZGQ0YWQ2ZTlkYWU0NzBkNWZmNjljNWNj
YTM3NzEwHhcNMjQwMTAxMTAzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTVkM2UyMzhkNTVkMTcxMmEwYTk3MWE2MTY0YjZiZjdkOGRlZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYV+JP9nz3M3HQzcyz3rAPZDAJZA
yoCbgeQpj46QFecND6spwORVc5Y7+Dc7JwyWgIwzVcCRMWjbU2Fgqn69MKBXLi4S
08nA6t1VRYiyjcaFdqJa9VKoqBrt2tNMDintJbFLIa8P7zBx7SZkYef+cbES1bOz
eqsbDLdLl9dwj/hX4Sec8NcjD9rAldIV/rh4sjamttVhlnS+KzwcY7qcpAm4krgp
HR6OKpvqaUnz5PM+1NJTjBVr4ZCjXvKCnG5IJKBQ+lgbg4r798OG2SQrbkppfLvD
L77CvKGWcTBdiKye4jp+UVGzyeKkLxpg8+C1bVKjHatOfou2WEhwGiSd5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHFdPiONVdFxKgqXGmFktr99je0WMB8GA1UdIwQY
MBaAFBUByEXxPdStbp2uRw1f9pxcyjdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlFISVJmRTkxSzF1bmE1SERWXzJuRnpLTjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wMzc2YTEtNDlkNi00YTRkLThjMmEt
ZWQ3OTE1NDM2YjI3LzEvY1YwLUk0MVYwWEVxQ3BjYVlXUzJ2MzJON1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wMzc2YTEtNDlkNi00YTRkLThjMmEtZWQ3OTE1NDM2YjI3
LzEvRlFISVJmRTkxSzF1bmE1SERWXzJuRnpLTjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUtVGAwQC
UtVQAwQCUtVgMA0GCSqGSIb3DQEBCwUAA4IBAQCtut1e41xaDv1yybIC7dLK/cza
UOtdinJ59H6gNWZKxKcNYTkaXUpRrR3tOfUuibR5Ntlvd2ONZdXG3ISjRiNz6OJF
pIGT4XO8rAQCln2u/3EnzW85RbnI0MW4dro23IsUCRSsPR2KicFKXJJD6IcAIozU
0hnF41zAqkQ7lPRG+nJK1avbvzClO7u5pSlc7nv2BiKbwJ+eBcqFM+xN1shXQ5lK
CbDeL7AVeQAcEaJbsEJc7aCxoJ4ZmyDdc4WmLAauRn/YYZFP5Idd9AWTPdIReUuP
obhfQ5rJqWekEJAGCp2ga6v4NrZEoK0SrV842d1MgMgsoWch8uOdXe0iqhvA
-----END CERTIFICATE-----
Generated at Thu May 9 02:48:48 2024 by rpki-client on console-fra.rpki-client.org