Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e5dbf8-b41d-4acd-96ac-8f59cf016466/1/AWD2RNceraq_I0Aq5_m9rbMclOA.roa
File: AWD2RNceraq_I0Aq5_m9rbMclOA.roa (raw, json)
Hash identifier: gwGseNRLtM+JebbZlVzjG6c9+y+iTY0DmW1mnNTweAc=
Subject key identifier: 01:60:F6:44:D7:1E:AD:AA:BF:23:40:2A:E7:F9:BD:AD:B3:1C:94:E0
Certificate issuer: /CN=6aae7bc8d33163cc4b6dda171a387ff98022a0f6
Certificate serial: 018CC94E4A988462D0BE5D271599D1A35393
Authority key identifier: 6A:AE:7B:C8:D3:31:63:CC:4B:6D:DA:17:1A:38:7F:F9:80:22:A0:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aq57yNMxY8xLbdoXGjh_-YAioPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e5dbf8-b41d-4acd-96ac-8f59cf016466/1/AWD2RNceraq_I0Aq5_m9rbMclOA.roa
Signing time: Tue 02 Jan 2024 08:33:20 +0000
ROA not before: Tue 02 Jan 2024 08:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202803
IP address blocks: 193.138.4.0/23 maxlen: 24
193.138.120.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/e5dbf8-b41d-4acd-96ac-8f59cf016466/1/aq57yNMxY8xLbdoXGjh_-YAioPY.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/e5dbf8-b41d-4acd-96ac-8f59cf016466/1/aq57yNMxY8xLbdoXGjh_-YAioPY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aq57yNMxY8xLbdoXGjh_-YAioPY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:4a:98:84:62:d0:be:5d:27:15:99:d1:a3:53:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6aae7bc8d33163cc4b6dda171a387ff98022a0f6
Validity
Not Before: Jan 2 08:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0160f644d71eadaabf23402ae7f9bdadb31c94e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c3:73:b9:fc:38:14:af:8c:95:27:6b:8f:18:
f1:47:9e:a0:23:e6:ac:7c:5a:6e:d9:7e:df:86:8e:
13:bc:0c:b9:9a:ff:76:65:72:e4:a9:1b:78:ec:6d:
63:20:86:47:7f:85:27:38:31:f4:0c:a6:24:3a:5b:
93:42:78:ba:5d:ce:3e:19:e3:b4:0e:af:01:3f:e0:
b9:39:f2:65:b5:df:bf:a6:f5:be:9b:e3:23:d6:c1:
56:93:48:ba:dc:19:44:db:a1:10:cb:93:d4:63:dd:
7f:d4:97:9c:4f:5b:2c:81:6a:06:2b:36:c5:ec:cc:
3e:cd:a6:88:04:70:86:0a:33:60:3e:74:be:a7:4c:
a6:60:fd:58:5a:0e:90:70:8e:10:a3:eb:94:92:cb:
ef:19:46:93:f9:e2:eb:e2:08:4a:37:c5:b2:dd:fe:
bc:55:5b:5d:11:9c:61:2c:57:a3:24:64:eb:34:61:
06:58:26:07:43:b5:67:2c:32:dd:83:92:51:b1:6d:
c9:47:91:75:1e:ad:77:7a:47:ea:5f:1a:8e:e6:8d:
18:32:06:bc:55:a9:6a:26:f5:63:66:38:dc:f9:48:
e8:62:b9:ac:d2:fb:67:94:1e:ca:04:ab:80:4a:34:
bf:08:e2:a0:85:f1:01:1b:c1:53:bc:14:27:31:41:
59:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:60:F6:44:D7:1E:AD:AA:BF:23:40:2A:E7:F9:BD:AD:B3:1C:94:E0
X509v3 Authority Key Identifier:
keyid:6A:AE:7B:C8:D3:31:63:CC:4B:6D:DA:17:1A:38:7F:F9:80:22:A0:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aq57yNMxY8xLbdoXGjh_-YAioPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e5dbf8-b41d-4acd-96ac-8f59cf016466/1/AWD2RNceraq_I0Aq5_m9rbMclOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e5dbf8-b41d-4acd-96ac-8f59cf016466/1/aq57yNMxY8xLbdoXGjh_-YAioPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.138.4.0/23
193.138.120.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:66:00:27:0c:d1:eb:2b:cd:da:4c:12:d0:54:8f:dd:e4:15:
30:99:26:17:7a:f8:89:1a:bb:f3:63:32:65:8f:02:f3:0a:5c:
7b:4d:fb:47:f6:78:54:d7:8f:27:d2:90:e1:15:98:fe:3a:42:
3e:26:a7:c8:22:e9:64:c8:55:2c:d8:f2:8d:ac:71:ee:70:34:
dd:66:85:cd:55:0b:aa:31:18:e8:94:24:d7:9d:0a:cb:c6:e5:
83:f2:8c:12:e8:4f:30:f4:c5:d2:23:38:3d:2d:03:48:cb:7c:
8d:61:47:6d:8d:1d:d4:6c:e4:4f:bf:0e:28:11:e7:7f:9d:7a:
ae:6a:4e:f8:0b:ac:f2:d8:8a:26:60:92:04:6a:a4:c9:b1:44:
25:60:11:bb:60:9e:26:89:e5:eb:fe:53:93:46:5f:f9:86:48:
ff:37:32:67:f5:2f:44:f6:bf:82:9a:61:a4:18:6f:b5:7f:1c:
7b:26:8a:4b:b0:9b:ce:cf:fe:d6:8f:76:93:1e:f1:9f:7a:b5:
40:79:a9:14:18:dc:e4:ab:84:ff:9f:4e:6c:e8:cc:05:fa:05:
60:18:10:63:47:58:54:c6:3d:d2:bc:8d:3b:2b:68:6b:bd:1f:
f0:43:c9:04:2c:13:10:be:27:64:6c:f2:3e:1f:b8:e6:45:0b:
7b:09:4b:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTkqYhGLQvl0nFZnRo1OTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYWU3YmM4ZDMzMTYzY2M0YjZkZGExNzFhMzg3ZmY5ODAy
MmEwZjYwHhcNMjQwMTAyMDgzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTYwZjY0NGQ3MWVhZGFhYmYyMzQwMmFlN2Y5YmRhZGIzMWM5NGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcNzufw4FK+MlSdrjxjxR56gI+as
fFpu2X7fho4TvAy5mv92ZXLkqRt47G1jIIZHf4UnODH0DKYkOluTQni6Xc4+GeO0
Dq8BP+C5OfJltd+/pvW+m+Mj1sFWk0i63BlE26EQy5PUY91/1JecT1ssgWoGKzbF
7Mw+zaaIBHCGCjNgPnS+p0ymYP1YWg6QcI4Qo+uUksvvGUaT+eLr4ghKN8Wy3f68
VVtdEZxhLFejJGTrNGEGWCYHQ7VnLDLdg5JRsW3JR5F1Hq13ekfqXxqO5o0YMga8
ValqJvVjZjjc+UjoYrms0vtnlB7KBKuASjS/COKghfEBG8FTvBQnMUFZAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAFg9kTXHq2qvyNAKuf5va2zHJTgMB8GA1UdIwQY
MBaAFGque8jTMWPMS23aFxo4f/mAIqD2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXE1N3lOTXhZOHhMYmRvWEdqaF8tWUFpb1BZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lNWRiZjgtYjQxZC00YWNkLTk2YWMt
OGY1OWNmMDE2NDY2LzEvQVdEMlJOY2VyYXFfSTBBcTVfbTlyYk1jbE9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lNWRiZjgtYjQxZC00YWNkLTk2YWMtOGY1OWNmMDE2NDY2
LzEvYXE1N3lOTXhZOHhMYmRvWEdqaF8tWUFpb1BZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwYoEAwQB
wYp4MA0GCSqGSIb3DQEBCwUAA4IBAQBLZgAnDNHrK83aTBLQVI/d5BUwmSYXeviJ
GrvzYzJljwLzClx7TftH9nhU148n0pDhFZj+OkI+JqfIIulkyFUs2PKNrHHucDTd
ZoXNVQuqMRjolCTXnQrLxuWD8owS6E8w9MXSIzg9LQNIy3yNYUdtjR3UbORPvw4o
Eed/nXquak74C6zy2IomYJIEaqTJsUQlYBG7YJ4mieXr/lOTRl/5hkj/NzJn9S9E
9r+CmmGkGG+1fxx7JopLsJvOz/7Wj3aTHvGferVAeakUGNzkq4T/n05s6MwF+gVg
GBBjR1hUxj3SvI07K2hrvR/wQ8kELBMQvidkbPI+H7jmRQt7CUvv
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:37:56 2024 by rpki-client on console-fra.rpki-client.org