Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/1B0MjJvImsmwnBC54J1UxQN0O-8.roa
File: 1B0MjJvImsmwnBC54J1UxQN0O-8.roa (raw, json)
Hash identifier: EwXvEJhnIv7c1sS/pbpigr1iO1F/0Uk6hhVQTnNgrNs=
Subject key identifier: D4:1D:0C:8C:9B:C8:9A:C9:B0:9C:10:B9:E0:9D:54:C5:03:74:3B:EF
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 018CC86F59ACDF5E981E53EE71C5ECF53E0A
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/1B0MjJvImsmwnBC54J1UxQN0O-8.roa
Signing time: Tue 02 Jan 2024 04:29:49 +0000
ROA not before: Tue 02 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216127
IP address blocks: 193.37.71.0/24 maxlen: 24
80.66.87.0/24 maxlen: 24
87.251.87.0/24 maxlen: 24
87.251.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:59:ac:df:5e:98:1e:53:ee:71:c5:ec:f5:3e:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Jan 2 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d41d0c8c9bc89ac9b09c10b9e09d54c503743bef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b5:6a:52:61:95:d7:44:4a:39:10:4b:18:a3:
48:36:1c:88:a5:99:ce:23:b0:38:41:16:a9:93:e2:
a9:1f:34:d6:de:e7:b2:4c:43:06:30:05:0b:b7:c9:
41:0d:f6:01:35:06:42:22:d7:80:7b:c0:c4:c2:6f:
a8:b7:35:7c:a0:44:fc:91:ad:a1:b8:d4:04:83:24:
60:b7:5c:1f:df:27:a1:73:ac:a8:33:ff:6d:ae:9e:
1e:0d:db:34:d5:7a:63:b2:d2:35:02:88:a5:33:fe:
1f:b2:5f:df:7e:ff:ff:55:2c:8a:e2:8a:ac:94:c3:
38:6d:fe:be:f6:08:67:40:54:a8:a0:c9:c2:b3:1c:
08:f0:9e:45:97:a5:27:f2:9b:2c:61:96:64:27:c2:
ae:65:12:0d:03:7c:97:a1:37:32:5b:1e:f8:89:d2:
cc:08:28:fb:ca:5f:2b:53:39:bb:ce:a6:d5:06:7d:
8d:dc:ea:e3:b2:df:d7:ce:c0:f7:6a:99:63:e1:3e:
67:68:75:c8:a7:29:d0:10:00:db:77:39:2b:f4:4a:
ca:84:25:c1:01:58:e2:77:55:e7:27:85:4b:cd:68:
02:13:44:38:a0:ea:80:51:92:8a:03:1f:7c:50:6c:
ce:98:a1:ff:95:53:95:cc:92:2c:af:39:e0:8e:47:
5a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:1D:0C:8C:9B:C8:9A:C9:B0:9C:10:B9:E0:9D:54:C5:03:74:3B:EF
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/1B0MjJvImsmwnBC54J1UxQN0O-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.87.0/24
87.251.86.0/23
193.37.71.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:98:12:57:d3:00:fa:a1:d7:91:95:7a:2e:cd:ff:9a:74:51:
9a:8c:49:ae:5c:d8:16:10:b2:16:e6:5d:0b:41:8e:68:eb:fa:
05:c2:c9:7b:ea:d4:f3:59:cc:df:45:87:80:93:3b:00:55:02:
5b:38:7b:30:27:bb:be:5b:58:e4:bc:e2:cc:f5:93:88:40:3b:
7f:35:8c:87:a4:af:fd:d7:5f:af:5e:42:aa:76:7d:85:28:c6:
b0:06:22:e5:aa:04:17:dd:1f:f7:b1:08:b0:8d:37:2c:e6:68:
0a:ac:29:ff:18:2e:94:01:da:64:99:15:4c:4e:1d:d7:82:0c:
8c:82:fd:97:76:23:0f:64:39:c0:29:5c:cf:65:03:f2:e9:07:
47:a9:25:42:f6:e8:63:bc:f6:b7:fd:33:6d:22:e1:43:39:59:
19:9f:ca:b8:50:1f:7d:5d:96:96:3f:6a:31:58:54:60:53:f8:
dd:fc:fc:f7:90:60:2d:7b:4d:04:e0:c9:52:2a:46:80:08:b0:
49:82:3d:5b:f1:7b:a9:cb:41:9a:39:06:e6:cb:45:14:15:c9:
63:c8:d9:26:43:2b:93:a6:f9:e5:58:ad:6f:57:51:d2:a0:5a:
a9:91:3e:19:18:aa:f8:38:1c:31:c5:6c:52:25:e4:e7:08:17:
68:a4:8d:cc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIb1ms316YHlPuccXs9T4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjQwMTAyMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDFkMGM4YzliYzg5YWM5YjA5YzEwYjllMDlkNTRjNTAzNzQzYmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrVqUmGV10RKORBLGKNINhyIpZnO
I7A4QRapk+KpHzTW3ueyTEMGMAULt8lBDfYBNQZCIteAe8DEwm+otzV8oET8ka2h
uNQEgyRgt1wf3yehc6yoM/9trp4eDds01XpjstI1AoilM/4fsl/ffv//VSyK4oqs
lMM4bf6+9ghnQFSooMnCsxwI8J5Fl6Un8pssYZZkJ8KuZRINA3yXoTcyWx74idLM
CCj7yl8rUzm7zqbVBn2N3Orjst/XzsD3aplj4T5naHXIpynQEADbdzkr9ErKhCXB
AVjid1XnJ4VLzWgCE0Q4oOqAUZKKAx98UGzOmKH/lVOVzJIsrzngjkdatwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNQdDIybyJrJsJwQueCdVMUDdDvvMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvMUIwTWpKdkltc213bkJDNTRKMVV4UU4wTy04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUEJXAwQB
V/tWAwQAwSVHMA0GCSqGSIb3DQEBCwUAA4IBAQBtmBJX0wD6odeRlXouzf+adFGa
jEmuXNgWELIW5l0LQY5o6/oFwsl76tTzWczfRYeAkzsAVQJbOHswJ7u+W1jkvOLM
9ZOIQDt/NYyHpK/911+vXkKqdn2FKMawBiLlqgQX3R/3sQiwjTcs5mgKrCn/GC6U
AdpkmRVMTh3XggyMgv2XdiMPZDnAKVzPZQPy6QdHqSVC9uhjvPa3/TNtIuFDOVkZ
n8q4UB99XZaWP2oxWFRgU/jd/Pz3kGAte00E4MlSKkaACLBJgj1b8Xupy0GaOQbm
y0UUFcljyNkmQyuTpvnlWK1vV1HSoFqpkT4ZGKr4OBwxxWxSJeTnCBdopI3M
-----END CERTIFICATE-----
Generated at Sat May 18 17:38:07 2024 by rpki-client on console-fra.rpki-client.org