Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/awm_v1iQmCWCv4tPtpoTKU4uPCU.roa
File: awm_v1iQmCWCv4tPtpoTKU4uPCU.roa (raw, json)
Hash identifier: x+eiEL+9g/kKLxu8mW8KpA5IN4sq7kn4Kf/NPE5f93g=
Subject key identifier: 6B:09:BF:BF:58:90:98:25:82:BF:8B:4F:B6:9A:13:29:4E:2E:3C:25
Certificate issuer: /CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
Certificate serial: 01941F8C86F767072D8B3AA10ADFE65B18EB
Authority key identifier: 2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/awm_v1iQmCWCv4tPtpoTKU4uPCU.roa
Signing time: Wed 01 Jan 2025 01:48:10 +0000
ROA not before: Wed 01 Jan 2025 01:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42375
IP address blocks: 2a06:7840::/29 maxlen: 29
2a0b:2a80::/29 maxlen: 29
2a0d:4440::/29 maxlen: 29
2a0f:f02::/32 maxlen: 32
2a0f:f03::/32 maxlen: 32
2a0f:f04::/30 maxlen: 30
2a0f:59c0::/29 maxlen: 29
2a0f:a380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.mft
rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 06:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:86:f7:67:07:2d:8b:3a:a1:0a:df:e6:5b:18:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
Validity
Not Before: Jan 1 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b09bfbf5890982582bf8b4fb69a13294e2e3c25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:25:16:38:a5:7e:93:a4:60:0c:0f:34:64:4c:
52:1c:02:aa:9a:7e:7d:86:dc:ac:4a:88:99:bc:99:
0c:10:76:98:24:16:5b:af:16:88:57:52:23:28:88:
3a:b5:29:00:80:5f:06:21:f6:3e:6f:25:53:56:dd:
4f:84:5c:89:a0:f6:b3:b3:4c:df:1e:c5:87:c2:5b:
43:3c:62:82:cd:7b:b6:20:27:c9:34:65:33:93:45:
c7:24:cb:6b:0a:6c:7a:53:6d:29:4b:99:66:3b:52:
75:ee:3c:b8:6f:bc:1a:2f:fe:c3:1e:7a:58:62:5a:
52:75:17:26:2f:be:af:d9:b4:5f:81:01:06:8d:aa:
d3:cd:11:75:8b:3f:d3:36:a6:d9:b6:44:52:69:e4:
20:10:48:bc:36:bd:95:b3:8d:67:ff:a5:51:28:9a:
c3:b7:ed:42:75:6a:a1:a8:36:64:18:cc:41:f2:f9:
01:8c:44:88:39:08:07:6a:c4:58:c1:36:70:4c:c1:
81:09:41:fd:a9:56:9b:f5:6b:b3:89:b5:23:e3:1b:
2a:03:1f:77:c0:fd:3a:e0:62:48:ca:02:31:05:95:
ce:68:f3:ee:6a:d9:0a:8e:73:9e:11:c8:19:d3:98:
8f:e5:26:87:78:8b:b2:ad:f7:c9:c4:11:67:cf:61:
11:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:09:BF:BF:58:90:98:25:82:BF:8B:4F:B6:9A:13:29:4E:2E:3C:25
X509v3 Authority Key Identifier:
keyid:2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/awm_v1iQmCWCv4tPtpoTKU4uPCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:7840::/29
2a0b:2a80::/29
2a0d:4440::/29
2a0f:f02::-2a0f:f07:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:59c0::/29
2a0f:a380::/29
Signature Algorithm: sha256WithRSAEncryption
84:8b:c0:b5:07:d4:70:b6:ac:1b:de:1b:ec:e5:9e:6f:36:66:
45:3c:b3:db:63:a6:cd:5b:29:ae:c7:04:09:42:c4:85:82:f4:
de:b3:a4:e8:3e:a2:0c:b4:1e:a7:0f:fa:c7:da:85:b1:5b:6c:
50:68:c3:83:d6:1e:b7:9b:f4:b8:98:24:79:e2:33:88:fb:70:
e2:3b:26:89:26:c2:e7:27:8e:81:56:a9:9b:e1:51:12:c5:c7:
8d:92:e4:25:18:ed:b6:cf:5f:fd:05:8b:a1:3d:38:5f:64:9e:
3b:ca:26:f8:a8:4e:c4:d4:60:a9:5b:93:a8:f9:20:b2:14:32:
c7:da:ee:b6:8b:4b:e8:c2:e8:ce:93:8a:e7:4c:f9:f3:df:50:
94:d8:fe:ef:db:85:18:d1:73:de:a2:b9:6f:bb:b7:74:e0:ea:
d4:5c:ec:11:35:30:17:02:cf:e4:e6:9e:21:6a:1b:a6:87:3d:
a7:ae:44:fb:66:87:7d:f5:21:18:60:52:aa:48:ec:32:32:2a:
53:db:9a:89:a1:94:62:54:30:b9:35:23:f4:5b:ee:4c:88:c9:
5d:bc:88:3c:78:08:64:4a:c5:a8:62:fe:c8:40:fe:10:06:85:
4d:9a:5c:54:e9:88:4f:4b:d8:bc:d5:1e:58:17:d2:de:e7:a3:
28:ce:c0:3b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQfjIb3ZwctizqhCt/mWxjrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMTE2NGE5YjUwMTNkNjJmMDUxMzQ0ZjZkZjkxZjEzYmM3
ZWNiMGYwHhcNMjUwMTAxMDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjA5YmZiZjU4OTA5ODI1ODJiZjhiNGZiNjlhMTMyOTRlMmUzYzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSUWOKV+k6RgDA80ZExSHAKqmn59
htysSoiZvJkMEHaYJBZbrxaIV1IjKIg6tSkAgF8GIfY+byVTVt1PhFyJoPazs0zf
HsWHwltDPGKCzXu2ICfJNGUzk0XHJMtrCmx6U20pS5lmO1J17jy4b7waL/7DHnpY
YlpSdRcmL76v2bRfgQEGjarTzRF1iz/TNqbZtkRSaeQgEEi8Nr2Vs41n/6VRKJrD
t+1CdWqhqDZkGMxB8vkBjESIOQgHasRYwTZwTMGBCUH9qVab9WuzibUj4xsqAx93
wP064GJIygIxBZXOaPPuatkKjnOeEcgZ05iP5SaHeIuyrffJxBFnz2ERDQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFGsJv79YkJglgr+LT7aaEylOLjwlMB8GA1UdIwQY
MBaAFC4RZKm1AT1i8FE0T235HxO8fssPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGhGa3FiVUJQV0x3VVRSUGJma2ZFN3gteXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9mYjQ2OTYtNjc4Zi00ZDQ1LWEwOTEt
ZmQ3ZjE3YmIxYTVjLzEvYXdtX3YxaVFtQ1dDdjR0UHRwb1RLVTR1UENVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9mYjQ2OTYtNjc4Zi00ZDQ1LWEwOTEtZmQ3ZjE3YmIxYTVj
LzEvTGhGa3FiVUJQV0x3VVRSUGJma2ZFN3gteXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzA5BAIAAjAzAwUDKgZ4QAMF
AyoLKoADBQMqDURAMA4DBQEqDw8CAwUDKg8PAAMFAyoPWcADBQMqD6OAMA0GCSqG
SIb3DQEBCwUAA4IBAQCEi8C1B9Rwtqwb3hvs5Z5vNmZFPLPbY6bNWymuxwQJQsSF
gvTes6ToPqIMtB6nD/rH2oWxW2xQaMOD1h63m/S4mCR54jOI+3DiOyaJJsLnJ46B
Vqmb4VESxceNkuQlGO22z1/9BYuhPThfZJ47yib4qE7E1GCpW5Oo+SCyFDLH2u62
i0vowujOk4rnTPnz31CU2P7v24UY0XPeorlvu7d04OrUXOwRNTAXAs/k5p4hahum
hz2nrkT7Zod99SEYYFKqSOwyMipT25qJoZRiVDC5NSP0W+5MiMldvIg8eAhkSsWo
Yv7IQP4QBoVNmlxU6YhPS9i81R5YF9Le56MozsA7
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:09:11 2025 by rpki-client