Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/PX0DpkBl9yg1gQzNf2fXaFsswv8.roa
File: PX0DpkBl9yg1gQzNf2fXaFsswv8.roa (raw, json)
Hash identifier: fegY3SzHduBrH8eO5Wo9IcX0cjRfR9p14sX7mhpiZ8U=
Subject key identifier: 3D:7D:03:A6:40:65:F7:28:35:81:0C:CD:7F:67:D7:68:5B:2C:C2:FF
Certificate issuer: /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial: 019426D8A051A27FFDC9079F70DB928934F9
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/PX0DpkBl9yg1gQzNf2fXaFsswv8.roa
Signing time: Thu 02 Jan 2025 11:48:38 +0000
ROA not before: Thu 02 Jan 2025 11:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51083
IP address blocks: 80.67.180.0/24 maxlen: 24
80.67.183.0/24 maxlen: 24
80.67.185.0/24 maxlen: 24
80.67.189.0/24 maxlen: 24
2001:912::/36 maxlen: 36
2001:912:1000::/36 maxlen: 36
2001:912:1000::/40 maxlen: 40
2001:912:1100::/40 maxlen: 40
2001:912:1a80::/44 maxlen: 44
2001:912:1ac0::/44 maxlen: 44
2001:912:2000::/36 maxlen: 36
2001:912:3000::/36 maxlen: 36
2001:912:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.mft
rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:a0:51:a2:7f:fd:c9:07:9f:70:db:92:89:34:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Validity
Not Before: Jan 2 11:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d7d03a64065f72835810ccd7f67d7685b2cc2ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:26:29:76:83:34:87:cf:02:83:13:db:0a:7d:
05:bb:2f:90:61:fc:77:19:9a:6f:22:bc:f6:af:f4:
28:a9:81:33:ad:75:50:d4:a5:e1:90:4f:73:6d:b2:
90:da:98:47:38:eb:3f:03:b1:d2:16:5c:4a:b8:99:
f0:84:b1:bf:61:69:a7:97:0f:4c:cf:5b:a9:c2:1f:
12:60:65:a6:a8:ee:5d:2f:70:1e:cc:62:53:5b:68:
5e:c4:bd:82:61:1c:66:b3:b7:23:07:3f:38:d6:7a:
98:1c:50:95:c0:a5:24:b2:ad:ad:05:63:18:01:4c:
8f:f1:13:6c:a1:f4:d3:bc:44:c7:c5:d7:0f:9a:9c:
a6:47:ad:b8:79:7f:9d:e9:f8:c1:29:ab:0e:21:69:
1e:12:8c:3d:ab:a7:a1:e8:29:f9:44:26:da:88:bc:
47:9a:85:3e:94:30:03:b4:9a:20:6c:68:e3:0f:25:
c3:bb:00:a4:e7:c6:90:2b:82:30:66:52:5e:e7:8d:
44:5d:38:29:71:d2:e3:0e:30:f5:3f:a0:94:05:6e:
07:9e:0e:18:62:5e:3b:b4:44:14:14:5e:95:0b:4a:
ec:0e:a2:73:0f:24:8b:ac:99:4e:f3:5a:dd:c2:15:
b6:9a:29:9f:06:b5:40:4a:46:6d:f6:f9:74:3f:97:
a4:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:7D:03:A6:40:65:F7:28:35:81:0C:CD:7F:67:D7:68:5B:2C:C2:FF
X509v3 Authority Key Identifier:
keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/PX0DpkBl9yg1gQzNf2fXaFsswv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.67.180.0/24
80.67.183.0/24
80.67.185.0/24
80.67.189.0/24
IPv6:
2001:912::-2001:912:4fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
20:17:a9:59:d9:64:40:50:ea:ad:73:24:e0:5c:09:75:99:34:
c9:0a:ad:1e:72:de:4f:90:09:c2:08:47:49:e0:d2:52:2e:e9:
b9:03:e8:b1:bc:b2:91:11:49:c7:42:c6:39:fa:07:e3:a7:70:
e5:6a:7c:6b:97:0c:2b:26:70:b7:94:d9:3d:3d:82:58:4d:d1:
8b:bf:97:1b:48:2c:e4:f6:3f:7b:19:8b:55:2c:13:4c:31:44:
32:4e:18:f3:0f:cb:97:06:15:20:c3:fd:4f:b9:c3:70:ee:0d:
46:0e:86:40:95:b8:2a:1c:94:1c:56:63:48:ac:6f:6d:2e:42:
d1:9d:06:da:1d:b2:cd:ed:fc:3b:87:12:07:56:5c:d3:34:ec:
3d:87:83:ed:92:62:ab:4b:fa:b0:15:8c:1f:aa:92:2f:ea:8e:
4d:9d:bf:dd:b0:e3:b8:c0:01:c6:40:15:50:85:b4:5a:79:2c:
e8:99:95:d8:da:b7:c3:8f:34:c2:ce:a9:32:5b:a3:df:88:cc:
94:24:75:c3:8d:58:47:a0:4e:cd:26:ae:ab:21:ee:c4:d5:2e:
1a:3b:aa:01:8f:05:63:c4:2d:0a:bf:8f:74:c7:f7:2f:92:37:
3c:48:2e:09:3a:99:12:9a:b6:c9:63:c9:94:b2:d3:2c:c8:ae:
18:c1:2b:30
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZQm2KBRon/9yQefcNuSiTT5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWQyZmJiNzIxM2ZiZjMyYWQ0YzA4N2Y4YjBiMjJjZWNl
ZjRmZWEwHhcNMjUwMTAyMTE0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDdkMDNhNjQwNjVmNzI4MzU4MTBjY2Q3ZjY3ZDc2ODViMmNjMmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSYpdoM0h88CgxPbCn0Fuy+QYfx3
GZpvIrz2r/QoqYEzrXVQ1KXhkE9zbbKQ2phHOOs/A7HSFlxKuJnwhLG/YWmnlw9M
z1upwh8SYGWmqO5dL3AezGJTW2hexL2CYRxms7cjBz841nqYHFCVwKUksq2tBWMY
AUyP8RNsofTTvETHxdcPmpymR624eX+d6fjBKasOIWkeEow9q6eh6Cn5RCbaiLxH
moU+lDADtJogbGjjDyXDuwCk58aQK4IwZlJe541EXTgpcdLjDjD1P6CUBW4Hng4Y
Yl47tEQUFF6VC0rsDqJzDySLrJlO81rdwhW2mimfBrVASkZt9vl0P5ektwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFD19A6ZAZfcoNYEMzX9n12hbLML/MB8GA1UdIwQY
MBaAFHLtL7tyE/vzKtTAh/iwsizs70/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTkt
YTY1MjMzYjNlOTc1LzEvUFgwRHBrQmw5eWcxZ1F6TmYyZlhhRnNzd3Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTktYTY1MjMzYjNlOTc1
LzEvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAeBAIAATAYAwQAUEO0AwQA
UEO3AwQAUEO5AwQAUEO9MBcEAgACMBEwDwMFASABCRIDBgQgAQkSQDANBgkqhkiG
9w0BAQsFAAOCAQEAIBepWdlkQFDqrXMk4FwJdZk0yQqtHnLeT5AJwghHSeDSUi7p
uQPosbyykRFJx0LGOfoH46dw5Wp8a5cMKyZwt5TZPT2CWE3Ri7+XG0gs5PY/exmL
VSwTTDFEMk4Y8w/LlwYVIMP9T7nDcO4NRg6GQJW4KhyUHFZjSKxvbS5C0Z0G2h2y
ze38O4cSB1Zc0zTsPYeD7ZJiq0v6sBWMH6qSL+qOTZ2/3bDjuMABxkAVUIW0Wnks
6JmV2Nq3w480ws6pMluj34jMlCR1w41YR6BOzSauqyHuxNUuGjuqAY8FY8QtCr+P
dMf3L5I3PEguCTqZEpq2yWPJlLLTLMiuGMErMA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:36:34 2025 by rpki-client