Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/AWtAT2YarIL3VnE4Ymn4ZYP_BoE.roa
File: AWtAT2YarIL3VnE4Ymn4ZYP_BoE.roa (raw, json)
Hash identifier: ZWcR9LDwh9BjnAli3B3QdX3JTXYYDe0esrfLyt2tL74=
Subject key identifier: 01:6B:40:4F:66:1A:AC:82:F7:56:71:38:62:69:F8:65:83:FF:06:81
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A3CF5F4045A9C5F55511B175430C3
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/AWtAT2YarIL3VnE4Ymn4ZYP_BoE.roa
Signing time: Wed 01 Jan 2025 19:49:12 +0000
ROA not before: Wed 01 Jan 2025 19:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199218
IP address blocks: 163.5.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:3c:f5:f4:04:5a:9c:5f:55:51:1b:17:54:30:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=016b404f661aac82f75671386269f86583ff0681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e3:d1:0d:86:2b:4e:af:a0:57:b5:47:4d:b2:
3a:7a:d2:de:8b:01:f5:14:10:f4:47:e8:96:8e:41:
a4:f2:ce:6f:d6:b7:45:08:6b:e8:d9:c1:5f:00:08:
9c:8b:98:1a:1b:f0:eb:de:e5:8f:60:fa:43:6c:2f:
98:b8:c9:58:d8:55:b6:c6:33:69:65:f3:28:24:79:
0e:4c:cb:0f:af:7f:f2:34:18:7a:ce:8a:0a:a5:c8:
30:ba:bf:16:e6:61:bd:3e:4a:a0:07:8d:c6:b5:41:
c0:08:6a:cb:cb:61:75:a6:3a:f8:2d:9a:6d:c1:ac:
90:76:bb:9a:cb:55:bb:25:fe:47:b1:78:9f:3f:e6:
44:03:fc:d1:79:0e:85:f0:c5:2f:fb:9e:95:bd:1e:
17:e8:bc:6e:15:0a:27:1c:19:9b:9f:33:06:98:d9:
10:3f:17:34:e5:fe:e4:b9:0b:3e:70:ef:e2:f8:77:
be:91:64:e9:e3:cd:86:e9:9b:3a:96:4c:61:51:e4:
d7:42:1e:ef:1a:f6:cc:34:1a:05:1f:37:22:7f:d9:
45:e7:0d:b7:5a:95:09:00:e5:68:a2:83:f6:5e:a9:
08:0a:21:22:1a:e4:d3:f9:57:18:16:00:1f:b9:07:
ba:18:fa:e1:49:9d:f5:9e:5f:5a:ed:54:5a:64:d4:
12:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:6B:40:4F:66:1A:AC:82:F7:56:71:38:62:69:F8:65:83:FF:06:81
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/AWtAT2YarIL3VnE4Ymn4ZYP_BoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.171.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:7c:e8:7c:fd:12:ef:85:64:b0:0d:9b:aa:4d:18:ee:5f:a3:
8f:db:6b:de:0c:d6:a1:62:85:8a:16:04:6e:45:7d:16:23:ad:
3a:ee:64:4d:c4:0e:5d:b5:0c:93:47:11:31:a2:18:45:6a:14:
92:70:4f:b4:65:13:33:90:e4:af:09:10:44:4d:d2:ad:1d:c4:
57:ad:ea:7a:93:01:b8:d2:93:b0:d0:66:3c:39:50:7c:d4:14:
e6:1a:a1:9c:39:af:e4:be:bd:84:21:7c:c2:6f:1e:70:90:16:
49:f7:55:e8:7a:9d:8c:d6:c5:68:81:9f:a3:16:a0:33:2a:3c:
de:a8:11:20:83:6f:ad:a7:5a:10:b4:65:1c:02:81:3c:5a:ff:
84:85:c7:67:d6:bf:2c:32:36:de:08:de:df:9c:83:d0:03:1a:
6e:35:a7:24:59:91:c0:af:85:f1:84:ba:b6:de:28:bc:47:cc:
04:95:d6:07:f8:90:25:f7:19:8b:27:7c:47:5d:bc:3c:a1:ac:
12:63:db:c3:38:09:d8:70:1b:7f:f4:24:49:5b:68:5f:dd:14:
dd:c6:f5:15:d0:76:e7:5c:10:47:8a:7d:84:46:f1:61:8c:c8:
7b:1a:c6:6b:b2:01:1e:35:a8:32:72:fd:98:f4:e6:bb:bc:3a:
d7:7a:b6:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjajz19ARanF9VURsXVDDDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTZiNDA0ZjY2MWFhYzgyZjc1NjcxMzg2MjY5Zjg2NTgzZmYwNjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApePRDYYrTq+gV7VHTbI6etLeiwH1
FBD0R+iWjkGk8s5v1rdFCGvo2cFfAAici5gaG/Dr3uWPYPpDbC+YuMlY2FW2xjNp
ZfMoJHkOTMsPr3/yNBh6zooKpcgwur8W5mG9PkqgB43GtUHACGrLy2F1pjr4LZpt
wayQdruay1W7Jf5HsXifP+ZEA/zReQ6F8MUv+56VvR4X6LxuFQonHBmbnzMGmNkQ
Pxc05f7kuQs+cO/i+He+kWTp482G6Zs6lkxhUeTXQh7vGvbMNBoFHzcif9lF5w23
WpUJAOVoooP2XqkICiEiGuTT+VcYFgAfuQe6GPrhSZ31nl9a7VRaZNQS0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAFrQE9mGqyC91ZxOGJp+GWD/waBMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQVd0QVQyWWFySUwzVm5FNFltbjRaWVBfQm9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWrMA0G
CSqGSIb3DQEBCwUAA4IBAQClfOh8/RLvhWSwDZuqTRjuX6OP22veDNahYoWKFgRu
RX0WI6067mRNxA5dtQyTRxExohhFahSScE+0ZRMzkOSvCRBETdKtHcRXrep6kwG4
0pOw0GY8OVB81BTmGqGcOa/kvr2EIXzCbx5wkBZJ91Xoep2M1sVogZ+jFqAzKjze
qBEgg2+tp1oQtGUcAoE8Wv+Ehcdn1r8sMjbeCN7fnIPQAxpuNackWZHAr4XxhLq2
3ii8R8wEldYH+JAl9xmLJ3xHXbw8oawSY9vDOAnYcBt/9CRJW2hf3RTdxvUV0Hbn
XBBHin2ERvFhjMh7GsZrsgEeNagycv2Y9Oa7vDrXera2
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:49:43 2025 by rpki-client