Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/VSftAl8CS2FVSqGw4I2Tc74L344.roa
File: VSftAl8CS2FVSqGw4I2Tc74L344.roa (raw, json)
Hash identifier: teF8p1/matweefE/W+rPPeuf5hbvgnstY2MupD+Nr44=
Subject key identifier: 55:27:ED:02:5F:02:4B:61:55:4A:A1:B0:E0:8D:93:73:BE:0B:DF:8E
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 018CC86F528631B83939E61FA7990D62DE7C
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/VSftAl8CS2FVSqGw4I2Tc74L344.roa
Signing time: Tue 02 Jan 2024 04:29:47 +0000
ROA not before: Tue 02 Jan 2024 04:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 87.251.72.0/24 maxlen: 24
80.66.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:52:86:31:b8:39:39:e6:1f:a7:99:0d:62:de:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Jan 2 04:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5527ed025f024b61554aa1b0e08d9373be0bdf8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ca:24:24:4b:b4:a4:ea:4f:08:ee:9d:55:29:
00:a3:c1:a5:82:d8:28:f8:93:8d:19:16:68:31:ab:
39:6c:3f:f5:a2:f8:b3:81:7c:9c:2b:81:27:0c:a3:
0c:54:ca:63:b0:f2:7b:38:66:d2:f7:31:f5:7f:9e:
e8:07:3b:ca:a4:4c:e4:05:98:2d:ee:5c:fe:87:f0:
a2:c4:5f:3f:83:1d:c8:48:dc:06:2d:30:2f:4c:90:
3b:b3:08:f5:88:25:91:1c:c4:3b:07:ff:2a:f8:d8:
5f:83:90:a4:81:03:b2:43:5b:b9:20:4b:87:cc:e7:
3c:91:25:1b:87:6e:63:fd:b7:7f:3b:0d:42:aa:42:
17:23:4f:18:b8:c2:fc:5e:99:00:9f:64:e9:9e:59:
b6:7f:09:aa:20:9e:7b:08:11:4d:08:9c:24:19:03:
17:48:1a:14:26:da:1f:54:7c:7e:ef:9d:17:ad:0d:
e1:4b:0d:b2:d6:09:21:95:f5:1a:c2:3d:94:19:e8:
b8:f0:b5:e2:75:d3:b6:2b:dc:28:9c:06:c4:9c:30:
8f:be:f3:e3:44:b5:9b:7f:09:bf:2b:a2:e3:f7:bf:
ba:0e:d7:76:9c:43:02:a0:88:41:e7:00:9a:35:34:
b0:d3:78:10:01:43:c7:0e:9d:3f:15:9f:28:df:2f:
db:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:27:ED:02:5F:02:4B:61:55:4A:A1:B0:E0:8D:93:73:BE:0B:DF:8E
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/VSftAl8CS2FVSqGw4I2Tc74L344.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.69.0/24
87.251.72.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:72:dc:1e:b7:6d:e2:9f:99:3c:de:c2:18:d4:a9:71:2c:4f:
97:2e:30:55:15:41:06:19:41:58:53:f5:64:10:7d:3b:4d:2c:
70:c5:9b:3a:e4:90:f0:cb:2d:27:8c:ac:9c:c1:d8:16:57:62:
25:67:4e:16:80:2a:22:a6:1e:46:b6:f8:d1:68:b8:c8:1f:1f:
13:e0:ce:da:45:31:c6:a0:ba:0d:73:07:c0:65:6f:e1:01:ea:
56:2d:dd:41:c2:2f:c1:f9:d6:24:de:36:c0:9a:ad:40:70:97:
7b:01:5c:cd:35:27:bd:c4:cb:7a:b6:d6:c6:d1:4a:21:79:ae:
df:5a:9c:4e:a5:bb:0f:65:73:f9:17:f2:f7:a4:16:9c:70:4a:
22:71:7b:b0:96:7a:af:98:dd:4a:12:d3:9b:06:7c:32:e5:55:
94:15:47:82:89:43:00:d2:1d:8f:90:7f:03:6b:d8:46:2f:5b:
25:7c:31:8b:e6:04:c8:78:3f:a9:31:72:1b:0c:6f:6c:43:d6:
ad:1a:60:31:a2:38:55:54:7d:92:91:44:f4:f4:ab:53:e9:25:
47:42:53:74:b5:ca:75:cc:2c:4d:b5:f1:94:e4:f6:4f:13:d2:
a1:03:55:89:b9:db:23:b2:4b:35:76:fd:cf:a1:1f:cc:3e:06:
e8:a7:10:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIb1KGMbg5OeYfp5kNYt58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjQwMTAyMDQyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTI3ZWQwMjVmMDI0YjYxNTU0YWExYjBlMDhkOTM3M2JlMGJkZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMokJEu0pOpPCO6dVSkAo8Glgtgo
+JONGRZoMas5bD/1ovizgXycK4EnDKMMVMpjsPJ7OGbS9zH1f57oBzvKpEzkBZgt
7lz+h/CixF8/gx3ISNwGLTAvTJA7swj1iCWRHMQ7B/8q+Nhfg5CkgQOyQ1u5IEuH
zOc8kSUbh25j/bd/Ow1CqkIXI08YuML8XpkAn2Tpnlm2fwmqIJ57CBFNCJwkGQMX
SBoUJtofVHx+750XrQ3hSw2y1gkhlfUawj2UGei48LXiddO2K9wonAbEnDCPvvPj
RLWbfwm/K6Lj97+6Dtd2nEMCoIhB5wCaNTSw03gQAUPHDp0/FZ8o3y/bUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFUn7QJfAkthVUqhsOCNk3O+C9+OMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvVlNmdEFsOENTMkZWU3FHdzRJMlRjNzRMMzQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUEJFAwQA
V/tIMA0GCSqGSIb3DQEBCwUAA4IBAQCOctwet23in5k83sIY1KlxLE+XLjBVFUEG
GUFYU/VkEH07TSxwxZs65JDwyy0njKycwdgWV2IlZ04WgCoiph5GtvjRaLjIHx8T
4M7aRTHGoLoNcwfAZW/hAepWLd1Bwi/B+dYk3jbAmq1AcJd7AVzNNSe9xMt6ttbG
0Uohea7fWpxOpbsPZXP5F/L3pBaccEoicXuwlnqvmN1KEtObBnwy5VWUFUeCiUMA
0h2PkH8Da9hGL1slfDGL5gTIeD+pMXIbDG9sQ9atGmAxojhVVH2SkUT09KtT6SVH
QlN0tcp1zCxNtfGU5PZPE9KhA1WJudsjsks1dv3PoR/MPgbopxAh
-----END CERTIFICATE-----
Generated at Tue May 7 14:37:58 2024 by rpki-client on console-ams.rpki-client.org