Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/dgs0vnL-bpGllISxQ2yvfCblR9o.roa
File: dgs0vnL-bpGllISxQ2yvfCblR9o.roa (raw, json)
Hash identifier: aPDzjBOaCwyR/T4JoMEBhbkwPHUggin7oTpeir5gVYk=
Subject key identifier: 76:0B:34:BE:72:FE:6E:91:A5:94:84:B1:43:6C:AF:7C:26:E5:47:DA
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 018CC86F5857ECB7BAC9D94725A57F6D1658
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/dgs0vnL-bpGllISxQ2yvfCblR9o.roa
Signing time: Tue 02 Jan 2024 04:29:49 +0000
ROA not before: Tue 02 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212461
IP address blocks: 194.113.235.0/24 maxlen: 24
87.251.85.0/24 maxlen: 24
87.251.84.0/24 maxlen: 24
80.66.65.0/24 maxlen: 24
80.66.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:58:57:ec:b7:ba:c9:d9:47:25:a5:7f:6d:16:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Jan 2 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=760b34be72fe6e91a59484b1436caf7c26e547da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1d:fc:3a:66:51:d4:26:39:c8:60:a3:66:30:
f5:2e:ab:67:2e:2c:97:28:6b:db:3e:4b:e0:26:9b:
79:4c:a7:b9:6f:cd:d4:30:3e:24:b7:41:82:04:3d:
ac:a6:d6:67:98:8c:ee:fe:f6:a0:96:dd:c8:65:59:
52:09:99:19:66:76:c2:d1:92:c4:e7:23:df:d7:2f:
a5:cd:5e:ae:1f:75:12:4e:06:a6:22:41:55:8c:2a:
cd:e6:60:c4:66:99:38:c2:ee:3d:22:cc:c4:13:53:
aa:ef:5b:83:80:eb:e4:1c:01:be:58:48:8e:2c:e6:
06:be:a8:89:5c:e2:9e:23:14:ad:ea:5c:0a:de:cb:
87:25:8c:5f:ba:fc:a4:5e:04:99:8c:7d:0b:ae:89:
22:32:a7:3d:be:8f:13:f1:d9:31:1f:54:9b:64:8d:
93:64:c7:7c:8c:9d:85:04:5d:fb:74:e4:e7:1e:93:
b8:ee:eb:b8:ec:92:6d:71:fe:0d:29:f8:0d:25:0e:
c7:b9:a5:8f:c3:7a:77:42:9c:a7:e6:cf:5b:51:fe:
f1:84:29:54:5a:ea:d8:f9:d5:98:d1:95:f4:48:6c:
a8:5d:6f:92:6f:0a:5b:7b:55:17:a4:fa:2d:5c:fc:
71:9c:8b:63:be:81:9c:9f:a8:03:0c:b1:56:b2:56:
25:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:0B:34:BE:72:FE:6E:91:A5:94:84:B1:43:6C:AF:7C:26:E5:47:DA
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/dgs0vnL-bpGllISxQ2yvfCblR9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.65.0/24
80.66.78.0/24
87.251.84.0/23
194.113.235.0/24
Signature Algorithm: sha256WithRSAEncryption
26:94:1c:de:24:0f:09:cc:4b:84:f1:54:21:ae:d4:d8:1f:2c:
67:b4:b1:81:33:53:f0:6a:43:1b:09:3f:b1:94:ff:1a:82:a0:
93:0d:93:82:bf:ba:d2:5b:d5:aa:1d:ae:6a:08:e4:b8:ff:cf:
ae:b8:1f:5c:5e:6b:06:d0:4c:eb:3d:6c:08:30:91:51:81:82:
68:83:70:a3:fe:a2:ab:09:ae:9d:73:3d:a1:fb:2e:14:df:af:
d3:cf:32:73:00:42:9d:ef:33:d8:c1:72:5f:ef:e3:00:0c:24:
64:ef:c6:95:7b:1c:b6:97:3a:ee:11:fa:75:4f:73:f4:34:a3:
db:de:39:02:6d:c4:76:80:61:39:0d:85:f9:f4:88:59:e0:d4:
a6:0d:fc:49:17:ec:f6:5e:2f:c5:ab:f5:9a:92:7f:12:9c:97:
45:39:f4:fc:7b:12:45:1d:3e:9b:34:a0:09:58:8a:9e:1c:11:
e8:0e:18:8d:c5:cf:e4:b6:f5:b9:40:54:e6:a4:ea:6e:c4:4c:
b2:ff:df:b2:44:af:fc:34:4a:c9:c3:34:8c:66:a6:08:34:75:
ea:69:52:d9:3b:c4:72:0b:f3:76:04:53:f8:d6:98:a2:37:22:
ad:4f:22:ea:25:cb:50:57:b8:2e:cd:4c:6c:07:26:d6:a5:8a:
75:a0:11:8a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIb1hX7Le6ydlHJaV/bRZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjQwMTAyMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjBiMzRiZTcyZmU2ZTkxYTU5NDg0YjE0MzZjYWY3YzI2ZTU0N2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzx38OmZR1CY5yGCjZjD1LqtnLiyX
KGvbPkvgJpt5TKe5b83UMD4kt0GCBD2sptZnmIzu/vaglt3IZVlSCZkZZnbC0ZLE
5yPf1y+lzV6uH3USTgamIkFVjCrN5mDEZpk4wu49IszEE1Oq71uDgOvkHAG+WEiO
LOYGvqiJXOKeIxSt6lwK3suHJYxfuvykXgSZjH0LrokiMqc9vo8T8dkxH1SbZI2T
ZMd8jJ2FBF37dOTnHpO47uu47JJtcf4NKfgNJQ7HuaWPw3p3Qpyn5s9bUf7xhClU
WurY+dWY0ZX0SGyoXW+Sbwpbe1UXpPotXPxxnItjvoGcn6gDDLFWslYliwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHYLNL5y/m6RpZSEsUNsr3wm5UfaMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvZGdzMHZuTC1icEdsbElTeFEyeXZmQ2JsUjlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUEJBAwQA
UEJOAwQBV/tUAwQAwnHrMA0GCSqGSIb3DQEBCwUAA4IBAQAmlBzeJA8JzEuE8VQh
rtTYHyxntLGBM1PwakMbCT+xlP8agqCTDZOCv7rSW9WqHa5qCOS4/8+uuB9cXmsG
0EzrPWwIMJFRgYJog3Cj/qKrCa6dcz2h+y4U36/TzzJzAEKd7zPYwXJf7+MADCRk
78aVexy2lzruEfp1T3P0NKPb3jkCbcR2gGE5DYX59IhZ4NSmDfxJF+z2Xi/Fq/Wa
kn8SnJdFOfT8exJFHT6bNKAJWIqeHBHoDhiNxc/ktvW5QFTmpOpuxEyy/9+yRK/8
NErJwzSMZqYINHXqaVLZO8RyC/N2BFP41piiNyKtTyLqJctQV7guzUxsBybWpYp1
oBGK
-----END CERTIFICATE-----
Generated at Sat May 18 17:38:07 2024 by rpki-client on console-fra.rpki-client.org