Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/g3Dr2s6u4fG-JfVzbUaHwl6mFbE.roa
File: g3Dr2s6u4fG-JfVzbUaHwl6mFbE.roa (raw, json)
Hash identifier: 7krFnhvS4MKtEHiyR9hzOGZU/pzFbZtiUqRySJYKp3g=
Subject key identifier: 83:70:EB:DA:CE:AE:E1:F1:BE:25:F5:73:6D:46:87:C2:5E:A6:15:B1
Certificate issuer: /CN=82b2e0d00dd771a9e4d60bbf4be52114ea77db03
Certificate serial: 018E5EC00086694E1D1A93C506F81B5CDF90
Authority key identifier: 82:B2:E0:D0:0D:D7:71:A9:E4:D6:0B:BF:4B:E5:21:14:EA:77:DB:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/g3Dr2s6u4fG-JfVzbUaHwl6mFbE.roa
Signing time: Thu 21 Mar 2024 02:03:45 +0000
ROA not before: Thu 21 Mar 2024 02:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207551
IP address blocks: 117.55.199.0/24 maxlen: 24
194.164.87.0/24 maxlen: 24
202.181.153.0/24 maxlen: 24
212.6.53.0/24 maxlen: 24
2a10:2080::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.mft
rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5e:c0:00:86:69:4e:1d:1a:93:c5:06:f8:1b:5c:df:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b2e0d00dd771a9e4d60bbf4be52114ea77db03
Validity
Not Before: Mar 21 02:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8370ebdaceaee1f1be25f5736d4687c25ea615b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2a:00:06:fb:1d:04:bb:07:37:f7:c8:ee:65:
11:70:86:b9:15:26:6e:61:57:b9:c1:31:4d:41:d3:
f5:1f:93:ce:21:6b:a3:89:9c:2e:7d:b1:6c:29:a9:
5c:0f:0f:03:5e:b5:ba:81:4b:1b:00:f5:75:96:ae:
82:41:8d:e2:b0:ca:0a:89:b3:8b:53:70:1e:82:f8:
01:6a:63:d6:16:3a:ce:b8:c0:7e:23:fc:ee:48:b6:
59:f7:22:47:08:28:44:63:cc:3c:d9:c3:bb:b7:38:
96:3e:50:42:e5:94:fe:4d:6d:7e:ba:ca:59:de:4b:
75:74:a4:cf:a1:02:74:72:7c:44:0f:cb:d6:a3:64:
86:dd:16:eb:bc:63:a6:b4:a9:b1:8e:b1:f1:ef:5a:
99:e9:a3:e1:81:b1:bf:3d:94:73:e2:6a:8c:6d:0e:
d1:0d:08:d1:cb:d9:42:52:72:93:0f:ec:7a:aa:c4:
03:75:26:be:1d:1d:a9:a9:73:00:4f:46:e1:56:fa:
37:5f:c4:f4:d9:62:b8:1e:9d:ec:84:9f:e6:c9:9c:
09:0e:05:72:a6:a8:e6:91:96:ee:2d:6b:20:e3:8b:
48:1f:f2:6b:47:56:c4:86:96:68:e8:cf:37:4c:23:
8f:ce:50:33:44:31:13:cb:51:87:91:de:e3:64:3f:
ad:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:70:EB:DA:CE:AE:E1:F1:BE:25:F5:73:6D:46:87:C2:5E:A6:15:B1
X509v3 Authority Key Identifier:
keyid:82:B2:E0:D0:0D:D7:71:A9:E4:D6:0B:BF:4B:E5:21:14:EA:77:DB:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/g3Dr2s6u4fG-JfVzbUaHwl6mFbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
117.55.199.0/24
194.164.87.0/24
202.181.153.0/24
212.6.53.0/24
IPv6:
2a10:2080::/29
Signature Algorithm: sha256WithRSAEncryption
2a:e7:8e:76:14:70:1a:71:0d:1f:13:54:d8:68:a2:31:0a:23:
4e:c1:43:05:90:bd:34:86:47:fd:95:e1:aa:09:b9:aa:6e:0a:
08:59:04:a8:7d:c6:7a:04:d0:0c:88:24:0f:66:f5:71:0a:75:
09:5f:00:57:05:a9:67:c8:57:20:47:0f:7e:4d:19:27:20:1f:
ca:30:76:ed:9c:93:3d:f8:92:60:b6:20:f4:88:f9:1a:44:5d:
91:fb:24:cc:78:97:94:98:43:74:e2:6d:23:4f:6d:a0:9b:00:
29:25:f9:f3:2c:a7:88:f2:f6:ab:16:39:34:d1:2b:12:06:92:
16:2e:b5:6b:d9:6e:1b:ab:2c:23:db:52:d6:5b:a9:6b:32:24:
5c:d1:7c:b8:49:90:60:59:6e:09:66:b4:ae:a8:2f:72:57:4e:
db:ba:7f:58:92:c9:af:14:fc:da:74:2f:4e:cc:ed:10:0c:ea:
57:a1:b1:12:9f:59:77:62:99:21:93:2c:5c:09:45:0a:c4:e3:
74:30:33:80:47:90:ec:a2:dd:44:57:f7:53:ed:32:62:45:b0:
56:e0:e9:77:e8:a5:26:d8:3a:14:98:6e:f7:41:fa:c6:9b:0c:
74:46:ef:45:1b:ea:21:b7:9d:f4:8c:b1:b3:c0:88:5e:31:f2:
b0:f1:2a:88
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY5ewACGaU4dGpPFBvgbXN+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjJlMGQwMGRkNzcxYTllNGQ2MGJiZjRiZTUyMTE0ZWE3
N2RiMDMwHhcNMjQwMzIxMDIwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzcwZWJkYWNlYWVlMWYxYmUyNWY1NzM2ZDQ2ODdjMjVlYTYxNWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyoABvsdBLsHN/fI7mURcIa5FSZu
YVe5wTFNQdP1H5POIWujiZwufbFsKalcDw8DXrW6gUsbAPV1lq6CQY3isMoKibOL
U3AegvgBamPWFjrOuMB+I/zuSLZZ9yJHCChEY8w82cO7tziWPlBC5ZT+TW1+uspZ
3kt1dKTPoQJ0cnxED8vWo2SG3RbrvGOmtKmxjrHx71qZ6aPhgbG/PZRz4mqMbQ7R
DQjRy9lCUnKTD+x6qsQDdSa+HR2pqXMAT0bhVvo3X8T02WK4Hp3shJ/myZwJDgVy
pqjmkZbuLWsg44tIH/JrR1bEhpZo6M83TCOPzlAzRDETy1GHkd7jZD+tGQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFINw69rOruHxviX1c21Gh8JephWxMB8GA1UdIwQY
MBaAFIKy4NAN13Gp5NYLv0vlIRTqd9sDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8zNzk0YjEtY2E3Zi00YTU3LThiN2It
MDZkM2M0ZTYzYzIwLzEvZzNEcjJzNnU0ZkctSmZWemJVYUh3bDZtRmJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8zNzk0YjEtY2E3Zi00YTU3LThiN2ItMDZkM2M0ZTYzYzIw
LzEvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAdTfHAwQA
wqRXAwQAyrWZAwQA1AY1MA0EAgACMAcDBQMqECCAMA0GCSqGSIb3DQEBCwUAA4IB
AQAq5452FHAacQ0fE1TYaKIxCiNOwUMFkL00hkf9leGqCbmqbgoIWQSofcZ6BNAM
iCQPZvVxCnUJXwBXBalnyFcgRw9+TRknIB/KMHbtnJM9+JJgtiD0iPkaRF2R+yTM
eJeUmEN04m0jT22gmwApJfnzLKeI8varFjk00SsSBpIWLrVr2W4bqywj21LWW6lr
MiRc0Xy4SZBgWW4JZrSuqC9yV07bun9YksmvFPzadC9OzO0QDOpXobESn1l3Ypkh
kyxcCUUKxON0MDOAR5Dsot1EV/dT7TJiRbBW4Ol36KUm2DoUmG73QfrGmwx0Ru9F
G+oht530jLGzwIheMfKw8SqI
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:55:02 2024 by rpki-client on console-fra.rpki-client.org