Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/ek3EtDyVxedBXi4kaK3trrMaJmg.roa
File: ek3EtDyVxedBXi4kaK3trrMaJmg.roa (raw, json)
Hash identifier: /bg27e+bXjbGnL2ey015MY0hFpRmcorpPjjRaoCBolE=
Subject key identifier: 7A:4D:C4:B4:3C:95:C5:E7:41:5E:2E:24:68:AD:ED:AE:B3:1A:26:68
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 019424452B65E42FB5DAAF41B9C55976E247
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/ek3EtDyVxedBXi4kaK3trrMaJmg.roa
Signing time: Wed 01 Jan 2025 23:48:20 +0000
ROA not before: Wed 01 Jan 2025 23:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212461
IP address blocks: 80.66.65.0/24 maxlen: 24
80.66.78.0/24 maxlen: 24
87.251.84.0/24 maxlen: 24
87.251.85.0/24 maxlen: 24
194.113.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:2b:65:e4:2f:b5:da:af:41:b9:c5:59:76:e2:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Jan 1 23:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a4dc4b43c95c5e7415e2e2468adedaeb31a2668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:21:aa:6c:36:af:1c:b5:ba:9a:e2:f1:93:52:
e8:49:b4:bf:d7:f9:70:a7:4b:d8:c0:2a:8e:43:ab:
f6:d1:b6:ee:a3:45:ea:aa:3c:0d:a9:69:52:2f:75:
61:45:e1:c5:cc:56:ad:f1:2e:31:d5:08:4b:94:b3:
75:ca:f3:68:6b:f7:8f:09:95:56:cc:58:17:24:12:
4a:b3:8a:12:ae:5a:0e:11:5f:fb:63:c9:94:c1:7b:
93:d5:1f:03:1d:7c:23:4b:af:d2:cd:f7:94:02:4a:
4a:53:41:c5:de:00:3d:dc:ec:18:5d:44:ff:b5:cf:
97:2a:63:ed:5a:72:a3:14:da:42:8d:bf:37:82:a0:
47:7f:21:15:0b:5d:ad:3e:0b:25:d3:90:43:9f:5f:
57:8b:7c:e9:7e:73:5b:b9:4f:96:a1:6f:b4:51:c4:
44:9d:3f:18:ff:87:80:c3:d9:79:92:7a:0f:5c:ba:
a1:97:28:58:7f:ad:82:4a:21:ff:61:83:73:f7:97:
d1:ec:46:14:d8:54:2c:c7:00:68:c6:7c:92:23:7d:
9d:0c:7b:54:e2:2a:bf:36:0d:57:7c:da:97:d7:46:
9d:b2:18:18:36:a4:56:66:f7:73:59:fc:0b:02:77:
14:31:7b:00:49:6b:15:e4:04:f1:c4:db:26:b5:f2:
a1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:4D:C4:B4:3C:95:C5:E7:41:5E:2E:24:68:AD:ED:AE:B3:1A:26:68
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/ek3EtDyVxedBXi4kaK3trrMaJmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.65.0/24
80.66.78.0/24
87.251.84.0/23
194.113.235.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:1d:a1:41:3f:6a:9d:2d:de:b1:d3:36:ad:a1:55:72:c2:88:
e5:8e:c7:a7:e4:2c:8c:92:39:78:42:92:23:1f:5a:48:a7:46:
42:76:a0:97:27:0a:84:bc:1d:f4:69:5e:2e:64:16:be:4e:11:
f4:66:2b:43:b6:68:f0:00:c0:58:19:38:cb:e4:6c:35:82:9a:
6f:18:0d:95:85:a4:da:43:3a:c8:41:7e:e3:49:91:c6:4e:28:
31:e9:e7:06:b2:78:85:ff:07:85:e2:c7:10:11:4c:fc:33:2f:
c7:7a:c0:b5:ed:0e:ed:c4:e1:8d:46:c6:93:48:9e:6f:6c:1a:
ce:43:47:83:2c:cd:25:ee:bb:25:4c:66:5c:c2:41:2a:76:1f:
8c:e3:7f:39:1c:8e:d5:50:73:22:22:c5:d8:a9:4d:fc:1f:a8:
1a:3b:bf:4d:f3:eb:2b:a9:26:c0:6a:86:e2:9c:cf:bd:d7:23:
69:da:76:22:71:a3:21:71:c7:67:71:3e:7a:6d:38:c7:87:4b:
df:f8:f3:5b:fb:33:f4:85:a0:0f:b5:2d:32:f5:af:82:d2:08:
57:17:52:13:ef:ec:ce:f8:b5:f6:cd:bb:dd:33:f7:85:64:88:
0a:de:19:be:bf:61:00:21:e6:b6:61:24:32:be:7d:88:fd:59:
dd:db:d5:c1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQkRStl5C+12q9BucVZduJHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjUwMTAxMjM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTRkYzRiNDNjOTVjNWU3NDE1ZTJlMjQ2OGFkZWRhZWIzMWEyNjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiGqbDavHLW6muLxk1LoSbS/1/lw
p0vYwCqOQ6v20bbuo0XqqjwNqWlSL3VhReHFzFat8S4x1QhLlLN1yvNoa/ePCZVW
zFgXJBJKs4oSrloOEV/7Y8mUwXuT1R8DHXwjS6/SzfeUAkpKU0HF3gA93OwYXUT/
tc+XKmPtWnKjFNpCjb83gqBHfyEVC12tPgsl05BDn19Xi3zpfnNbuU+WoW+0UcRE
nT8Y/4eAw9l5knoPXLqhlyhYf62CSiH/YYNz95fR7EYU2FQsxwBoxnySI32dDHtU
4iq/Ng1XfNqX10adshgYNqRWZvdzWfwLAncUMXsASWsV5ATxxNsmtfKhPwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHpNxLQ8lcXnQV4uJGit7a6zGiZoMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvZWszRXREeVZ4ZWRCWGk0a2FLM3Ryck1hSm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUEJBAwQA
UEJOAwQBV/tUAwQAwnHrMA0GCSqGSIb3DQEBCwUAA4IBAQANHaFBP2qdLd6x0zat
oVVywojljsen5CyMkjl4QpIjH1pIp0ZCdqCXJwqEvB30aV4uZBa+ThH0ZitDtmjw
AMBYGTjL5Gw1gppvGA2VhaTaQzrIQX7jSZHGTigx6ecGsniF/weF4scQEUz8My/H
esC17Q7txOGNRsaTSJ5vbBrOQ0eDLM0l7rslTGZcwkEqdh+M4385HI7VUHMiIsXY
qU38H6gaO79N8+srqSbAaobinM+91yNp2nYicaMhccdncT56bTjHh0vf+PNb+zP0
haAPtS0y9a+C0ghXF1IT7+zO+LX2zbvdM/eFZIgK3hm+v2EAIea2YSQyvn2I/Vnd
29XB
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:06:14 2025 by rpki-client