Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/AamKKecGtsamRu5tPrCvb4wPCCg.roa
File: AamKKecGtsamRu5tPrCvb4wPCCg.roa (raw, json)
Hash identifier: R/0dKm7RYIaO6gMOFzcg/w47GHlEc3dvGlaSi8cjRio=
Subject key identifier: 01:A9:8A:29:E7:06:B6:C6:A6:46:EE:6D:3E:B0:AF:6F:8C:0F:08:28
Certificate issuer: /CN=25a553794223e6b4c632779b51371dc4e7d70705
Certificate serial: 0194236979EEE38354F0B053F7125916EAEA
Authority key identifier: 25:A5:53:79:42:23:E6:B4:C6:32:77:9B:51:37:1D:C4:E7:D7:07:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JaVTeUIj5rTGMnebUTcdxOfXBwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/AamKKecGtsamRu5tPrCvb4wPCCg.roa
Signing time: Wed 01 Jan 2025 19:48:22 +0000
ROA not before: Wed 01 Jan 2025 19:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3064
IP address blocks: 84.40.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/JaVTeUIj5rTGMnebUTcdxOfXBwU.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/JaVTeUIj5rTGMnebUTcdxOfXBwU.mft
rsync://rpki.ripe.net/repository/DEFAULT/JaVTeUIj5rTGMnebUTcdxOfXBwU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:79:ee:e3:83:54:f0:b0:53:f7:12:59:16:ea:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25a553794223e6b4c632779b51371dc4e7d70705
Validity
Not Before: Jan 1 19:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01a98a29e706b6c6a646ee6d3eb0af6f8c0f0828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:82:1c:2d:5d:50:4a:88:c3:d8:15:a7:1f:63:
04:b9:6d:8b:a9:3e:c3:4c:ce:23:39:e3:af:c7:cb:
78:8c:8c:ca:b2:9b:af:2d:8c:15:c5:d1:b6:98:39:
a7:ee:7f:b4:4e:36:7c:3f:af:04:71:49:ff:b4:81:
d8:e2:20:49:58:7b:3f:3c:97:d9:65:fe:b2:a4:2e:
72:ed:4c:28:d0:21:cd:fc:b2:47:9e:39:5b:61:c6:
06:7e:e1:9f:eb:4b:b8:18:5a:5e:c9:1c:02:25:a6:
57:a6:f9:63:32:24:21:08:ee:7a:2f:b3:51:e1:8b:
da:66:b3:7e:55:f9:b8:bf:07:53:e6:f0:7a:29:a2:
e5:37:7a:35:30:f4:12:3e:95:09:1a:30:91:55:68:
29:77:d8:31:a4:1e:ba:31:2f:f3:71:55:92:1e:af:
78:99:9f:67:1d:eb:a3:2c:e1:e6:d8:a9:39:f6:9e:
91:f2:f5:7b:fd:77:20:22:3e:a4:dd:19:31:36:ab:
af:cc:f5:9d:51:f6:ee:6a:82:36:8e:6e:a4:82:61:
7f:22:27:32:30:ea:9a:50:76:93:16:b7:67:a4:41:
49:d8:1c:0e:fa:48:72:ee:15:55:59:10:e8:c6:40:
43:35:08:60:0c:85:6a:b6:3a:5f:52:32:68:ba:7b:
00:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A9:8A:29:E7:06:B6:C6:A6:46:EE:6D:3E:B0:AF:6F:8C:0F:08:28
X509v3 Authority Key Identifier:
keyid:25:A5:53:79:42:23:E6:B4:C6:32:77:9B:51:37:1D:C4:E7:D7:07:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaVTeUIj5rTGMnebUTcdxOfXBwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/AamKKecGtsamRu5tPrCvb4wPCCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/JaVTeUIj5rTGMnebUTcdxOfXBwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.40.16.0/20
Signature Algorithm: sha256WithRSAEncryption
71:ff:d1:a6:2a:c4:eb:dc:7a:85:67:57:99:44:99:0b:1e:d4:
db:08:88:51:c9:7c:1b:bd:61:3b:07:15:0a:8b:ae:34:30:65:
d4:27:0e:37:07:9d:9c:c2:61:f7:0a:f6:d9:6b:ba:d0:b1:59:
8e:71:67:a6:8e:4f:21:2b:7b:27:69:d0:7e:ab:6f:e9:81:d5:
66:b5:9d:8c:f2:ec:9c:fe:66:d1:e8:c3:17:11:2e:78:94:17:
73:65:45:fe:46:d8:f8:9e:c3:44:ec:1e:bb:08:28:ee:4a:20:
c5:f5:6a:2d:df:04:36:b8:2b:e6:cd:8c:6f:41:66:46:77:99:
b4:01:4d:9d:43:f5:b5:1c:b2:46:d7:3e:c2:90:ab:d7:9f:16:
34:9b:3c:8a:f0:47:c1:79:43:f7:e5:0c:03:95:33:f3:94:4f:
c2:dd:ab:c5:9c:27:f2:63:4c:81:7a:b8:26:34:1e:32:1a:37:
c4:db:27:60:87:93:d1:d7:e2:88:c6:65:14:80:7a:93:06:4b:
bc:de:92:46:c0:7b:83:9a:cf:3b:30:d1:99:5f:91:4b:32:7e:
ae:87:6c:2e:53:ff:52:c9:41:96:cc:95:7f:17:3e:a8:b4:ca:
6f:ab:de:1f:41:9b:da:2d:fd:c3:6b:e2:78:30:9f:18:7d:fe:
54:8e:0f:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaXnu44NU8LBT9xJZFurqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTU1Mzc5NDIyM2U2YjRjNjMyNzc5YjUxMzcxZGM0ZTdk
NzA3MDUwHhcNMjUwMTAxMTk0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWE5OGEyOWU3MDZiNmM2YTY0NmVlNmQzZWIwYWY2ZjhjMGYwODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYIcLV1QSojD2BWnH2MEuW2LqT7D
TM4jOeOvx8t4jIzKspuvLYwVxdG2mDmn7n+0TjZ8P68EcUn/tIHY4iBJWHs/PJfZ
Zf6ypC5y7Uwo0CHN/LJHnjlbYcYGfuGf60u4GFpeyRwCJaZXpvljMiQhCO56L7NR
4YvaZrN+Vfm4vwdT5vB6KaLlN3o1MPQSPpUJGjCRVWgpd9gxpB66MS/zcVWSHq94
mZ9nHeujLOHm2Kk59p6R8vV7/XcgIj6k3RkxNquvzPWdUfbuaoI2jm6kgmF/Iicy
MOqaUHaTFrdnpEFJ2BwO+khy7hVVWRDoxkBDNQhgDIVqtjpfUjJounsAMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAGpiinnBrbGpkbubT6wr2+MDwgoMB8GA1UdIwQY
MBaAFCWlU3lCI+a0xjJ3m1E3HcTn1wcFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFWVGVVSWo1clRHTW5lYlVUY2R4T2ZYQndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8xZjk2Y2MtNWVhNi00OWUzLThmNWYt
MzBlOTI5ZWQxMDYzLzEvQWFtS0tlY0d0c2FtUnU1dFByQ3ZiNHdQQ0NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8xZjk2Y2MtNWVhNi00OWUzLThmNWYtMzBlOTI5ZWQxMDYz
LzEvSmFWVGVVSWo1clRHTW5lYlVUY2R4T2ZYQndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEVCgQMA0G
CSqGSIb3DQEBCwUAA4IBAQBx/9GmKsTr3HqFZ1eZRJkLHtTbCIhRyXwbvWE7BxUK
i640MGXUJw43B52cwmH3CvbZa7rQsVmOcWemjk8hK3snadB+q2/pgdVmtZ2M8uyc
/mbR6MMXES54lBdzZUX+Rtj4nsNE7B67CCjuSiDF9Wot3wQ2uCvmzYxvQWZGd5m0
AU2dQ/W1HLJG1z7CkKvXnxY0mzyK8EfBeUP35QwDlTPzlE/C3avFnCfyY0yBergm
NB4yGjfE2ydgh5PR1+KIxmUUgHqTBku83pJGwHuDms87MNGZX5FLMn6uh2wuU/9S
yUGWzJV/Fz6otMpvq94fQZvaLf3Da+J4MJ8Yff5Ujg8Y
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:41 2025 by rpki-client