Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/mHPI6ziQlfw_LqOAsA9ciBy0btU.roa
File: mHPI6ziQlfw_LqOAsA9ciBy0btU.roa (raw, json)
Hash identifier: rGOCR6nuyMuqjGzrjZryVLVUqTtjVCBQMkXUQ60z0BA=
Subject key identifier: 98:73:C8:EB:38:90:95:FC:3F:2E:A3:80:B0:0F:5C:88:1C:B4:6E:D5
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 018DE536C5F72655602B443E12B7FF3D081D
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/mHPI6ziQlfw_LqOAsA9ciBy0btU.roa
Signing time: Mon 26 Feb 2024 11:39:48 +0000
ROA not before: Mon 26 Feb 2024 11:39:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63023
IP address blocks: 80.66.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Dec 2024 22:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e5:36:c5:f7:26:55:60:2b:44:3e:12:b7:ff:3d:08:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Feb 26 11:39:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9873c8eb389095fc3f2ea380b00f5c881cb46ed5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f0:34:9d:74:09:fd:fc:41:32:58:c9:a3:ed:
5d:33:38:78:25:36:7d:10:24:4e:67:79:aa:16:1e:
94:53:04:15:79:ca:e2:74:cf:92:90:f9:be:e1:cb:
8f:04:70:76:56:6e:e3:59:2d:d9:52:35:b0:34:c6:
19:65:24:e1:b9:9a:b0:85:6d:95:f1:10:4a:c2:21:
c9:66:29:27:86:07:16:64:2e:94:84:27:2e:76:66:
81:6c:3d:e6:8f:4d:5b:07:e7:27:de:0b:e0:11:01:
08:02:de:8e:0e:b3:60:c5:1c:f0:bf:e2:fe:6d:12:
e4:36:10:6c:ac:38:65:55:8a:a6:78:fe:30:b6:02:
3e:18:c0:d3:01:fa:f0:b1:32:6e:7c:f3:1f:0b:c8:
bb:06:80:bc:d8:95:32:d2:cc:75:f2:29:53:13:db:
2b:db:f3:ed:6e:c3:db:bd:d2:fc:d7:9d:61:e2:3c:
62:49:11:e4:b8:86:05:64:c4:5b:db:4d:a0:a5:47:
d8:eb:fd:2e:40:52:8b:83:47:5f:31:d6:16:58:2b:
77:80:77:a4:40:4d:f7:96:a9:db:de:a1:92:b1:6f:
d0:7b:2c:e9:77:89:b7:7e:27:b0:59:49:69:8e:0f:
d6:29:a2:ae:55:5d:fc:24:64:e1:b1:60:5e:8c:3f:
8c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:73:C8:EB:38:90:95:FC:3F:2E:A3:80:B0:0F:5C:88:1C:B4:6E:D5
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/mHPI6ziQlfw_LqOAsA9ciBy0btU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.84.0/24
Signature Algorithm: sha256WithRSAEncryption
18:b9:e6:f4:db:9d:f3:c9:62:aa:4d:a8:99:a7:50:d8:45:2a:
97:e5:ed:41:c2:2f:10:36:0c:9b:94:c2:4b:b7:10:56:1d:35:
84:fe:02:bc:62:47:36:b9:59:f0:bd:56:89:27:33:c9:06:e5:
3d:c7:5c:5c:04:bd:dc:2a:01:9b:24:1d:bc:2e:59:52:54:17:
8c:97:69:2e:4d:98:73:79:e3:c2:ab:e0:6e:f2:01:65:b3:c7:
a5:4b:17:1a:03:99:ed:26:80:0c:79:7e:e2:5e:37:27:da:63:
f1:96:d0:1f:6d:3e:9d:16:ba:69:8d:b0:3a:08:66:e9:ed:25:
b0:ce:73:e5:31:7c:aa:77:e0:b4:37:de:67:a4:52:80:04:89:
47:3b:63:b9:12:05:4e:2c:63:02:2c:36:18:66:ef:f8:09:88:
e8:4b:7f:e2:51:27:f0:66:6e:fe:1e:7d:64:6c:af:fd:42:74:
77:8e:3d:ff:4c:eb:41:7a:a4:b4:3a:49:15:e0:5e:ed:9b:de:
a8:54:c3:ba:6f:44:1a:13:e5:dc:bf:ed:40:3f:a7:16:38:6d:
2e:a8:7a:d5:c7:5e:66:60:b4:94:41:62:de:57:88:c2:42:e1:
d2:6e:43:6c:25:80:a2:75:06:35:bc:d5:05:69:56:70:bf:91:
32:5c:9d:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3lNsX3JlVgK0Q+Erf/PQgdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjQwMjI2MTEzOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODczYzhlYjM4OTA5NWZjM2YyZWEzODBiMDBmNWM4ODFjYjQ2ZWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfA0nXQJ/fxBMljJo+1dMzh4JTZ9
ECROZ3mqFh6UUwQVecridM+SkPm+4cuPBHB2Vm7jWS3ZUjWwNMYZZSThuZqwhW2V
8RBKwiHJZiknhgcWZC6UhCcudmaBbD3mj01bB+cn3gvgEQEIAt6ODrNgxRzwv+L+
bRLkNhBsrDhlVYqmeP4wtgI+GMDTAfrwsTJufPMfC8i7BoC82JUy0sx18ilTE9sr
2/PtbsPbvdL8151h4jxiSRHkuIYFZMRb202gpUfY6/0uQFKLg0dfMdYWWCt3gHek
QE33lqnb3qGSsW/Qeyzpd4m3fiewWUlpjg/WKaKuVV38JGThsWBejD+MbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJhzyOs4kJX8Py6jgLAPXIgctG7VMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvbUhQSTZ6aVFsZndfTHFPQXNBOWNpQnkwYnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEJUMA0G
CSqGSIb3DQEBCwUAA4IBAQAYueb0253zyWKqTaiZp1DYRSqX5e1Bwi8QNgyblMJL
txBWHTWE/gK8Ykc2uVnwvVaJJzPJBuU9x1xcBL3cKgGbJB28LllSVBeMl2kuTZhz
eePCq+Bu8gFls8elSxcaA5ntJoAMeX7iXjcn2mPxltAfbT6dFrppjbA6CGbp7SWw
znPlMXyqd+C0N95npFKABIlHO2O5EgVOLGMCLDYYZu/4CYjoS3/iUSfwZm7+Hn1k
bK/9QnR3jj3/TOtBeqS0OkkV4F7tm96oVMO6b0QaE+Xcv+1AP6cWOG0uqHrVx15m
YLSUQWLeV4jCQuHSbkNsJYCidQY1vNUFaVZwv5EyXJ1R
-----END CERTIFICATE-----
Generated at Tue Dec 10 04:29:15 2024 by rpki-client on console-ams.rpki-client.org