Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/2UR7n5W2YH2DkF5Xpufws-QOw2M.roa
File: 2UR7n5W2YH2DkF5Xpufws-QOw2M.roa (raw, json)
Hash identifier: T79yZiReAyVWYO9VqL1KX+dHjDEhEzPut3+iTxpGaMk=
Subject key identifier: D9:44:7B:9F:95:B6:60:7D:83:90:5E:57:A6:E7:F0:B3:E4:0E:C3:63
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 018DE4EE715E4CE32024B18431DECBFED53F
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/2UR7n5W2YH2DkF5Xpufws-QOw2M.roa
Signing time: Mon 26 Feb 2024 10:20:48 +0000
ROA not before: Mon 26 Feb 2024 10:20:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211849
IP address blocks: 80.66.75.0/24 maxlen: 24
80.66.77.0/24 maxlen: 24
87.251.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e4:ee:71:5e:4c:e3:20:24:b1:84:31:de:cb:fe:d5:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Feb 26 10:20:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9447b9f95b6607d83905e57a6e7f0b3e40ec363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:6c:f0:df:cc:84:db:38:b3:91:94:5d:d1:2e:
72:fa:98:26:1d:8c:aa:3c:1f:2c:e6:73:a0:6d:c5:
01:32:42:54:cf:c8:da:ce:97:ff:d1:73:b2:0e:29:
e9:72:78:fd:e9:d2:3f:ed:e2:60:03:58:55:2c:b1:
60:f0:67:03:51:c4:0d:d2:de:b3:a9:bb:dd:44:66:
6c:65:ed:81:65:22:11:79:6f:4f:78:31:ab:21:07:
9a:72:5a:7d:10:4d:1e:04:ba:41:35:65:3a:f3:f2:
97:31:a9:73:4a:bc:45:b9:a4:38:75:a9:89:dd:9b:
82:9c:22:8b:03:15:6c:8e:ab:e8:ac:1a:02:1b:34:
d2:72:92:d5:65:c8:90:ff:ae:bc:4c:f2:9d:36:65:
bf:88:b8:fa:4a:3e:48:a3:d8:13:dc:ed:c3:2e:46:
65:d1:e5:25:cd:41:ed:98:e1:38:e4:4b:1b:72:2f:
5d:c5:21:99:1e:2b:fc:0b:df:48:50:d3:ab:c9:92:
a3:88:83:13:85:18:d9:af:62:17:ba:85:c2:dd:80:
b0:45:44:cf:ec:09:3d:78:d0:30:54:8d:0d:27:a3:
d8:98:63:c7:e5:44:77:fd:a2:95:0f:1c:6e:15:60:
41:e5:01:ce:ad:50:8f:83:52:54:af:ff:72:e0:01:
fd:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:44:7B:9F:95:B6:60:7D:83:90:5E:57:A6:E7:F0:B3:E4:0E:C3:63
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/2UR7n5W2YH2DkF5Xpufws-QOw2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.75.0/24
80.66.77.0/24
87.251.79.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:6c:bb:15:2d:ac:2a:25:ae:da:c9:4c:81:75:2d:4d:e1:73:
23:e6:00:6b:f6:35:b9:da:74:02:1b:cf:0e:a6:a4:92:3e:43:
98:7d:bf:ac:bb:5e:24:b1:ba:e4:aa:18:e2:37:28:62:95:1c:
5f:aa:8a:46:b2:ad:6a:8b:88:8c:d0:16:34:bd:09:a5:e1:b1:
f6:42:4a:ba:c8:20:90:63:54:85:7a:1b:d8:b9:2f:83:b1:f0:
48:74:c2:df:ff:46:ce:4a:12:38:cb:f8:58:8c:24:b2:de:ef:
07:6d:b5:13:63:1c:4b:f8:95:5c:96:03:6c:1d:8b:80:31:ac:
55:0e:05:99:9d:13:7a:72:a1:6d:a7:2a:4e:27:0a:d6:59:09:
4c:e9:2f:99:41:6b:97:51:55:f3:8e:0f:a3:d6:f1:62:c2:55:
c3:a4:50:57:f9:e7:0b:7a:4c:01:17:38:d4:0c:cd:83:64:c8:
e3:a5:d7:8b:3b:95:fc:8b:80:83:fa:01:45:e3:ef:bd:65:ec:
3e:22:04:c1:dd:47:13:6a:e5:9a:50:25:38:f8:8e:8c:40:6c:
b7:aa:21:2c:78:29:6d:21:fb:f2:81:87:5a:eb:13:8e:aa:91:
f2:9e:a1:4b:d3:ea:e5:fa:8a:f7:b6:a7:45:fc:96:ac:21:8f:
fc:0c:b3:fc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3k7nFeTOMgJLGEMd7L/tU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjQwMjI2MTAyMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTQ0N2I5Zjk1YjY2MDdkODM5MDVlNTdhNmU3ZjBiM2U0MGVjMzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Wzw38yE2zizkZRd0S5y+pgmHYyq
PB8s5nOgbcUBMkJUz8jazpf/0XOyDinpcnj96dI/7eJgA1hVLLFg8GcDUcQN0t6z
qbvdRGZsZe2BZSIReW9PeDGrIQeaclp9EE0eBLpBNWU68/KXMalzSrxFuaQ4damJ
3ZuCnCKLAxVsjqvorBoCGzTScpLVZciQ/668TPKdNmW/iLj6Sj5Io9gT3O3DLkZl
0eUlzUHtmOE45Esbci9dxSGZHiv8C99IUNOryZKjiIMThRjZr2IXuoXC3YCwRUTP
7Ak9eNAwVI0NJ6PYmGPH5UR3/aKVDxxuFWBB5QHOrVCPg1JUr/9y4AH9EwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNlEe5+VtmB9g5BeV6bn8LPkDsNjMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvMlVSN241VzJZSDJEa0Y1WHB1ZndzLVFPdzJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUEJLAwQA
UEJNAwQAV/tPMA0GCSqGSIb3DQEBCwUAA4IBAQB+bLsVLawqJa7ayUyBdS1N4XMj
5gBr9jW52nQCG88OpqSSPkOYfb+su14ksbrkqhjiNyhilRxfqopGsq1qi4iM0BY0
vQml4bH2Qkq6yCCQY1SFehvYuS+DsfBIdMLf/0bOShI4y/hYjCSy3u8HbbUTYxxL
+JVclgNsHYuAMaxVDgWZnRN6cqFtpypOJwrWWQlM6S+ZQWuXUVXzjg+j1vFiwlXD
pFBX+ecLekwBFzjUDM2DZMjjpdeLO5X8i4CD+gFF4++9Zew+IgTB3UcTauWaUCU4
+I6MQGy3qiEseCltIfvygYda6xOOqpHynqFL0+rl+or3tqdF/JasIY/8DLP8
-----END CERTIFICATE-----
Generated at Sat May 18 18:22:21 2024 by rpki-client on console-ams.rpki-client.org