Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/2d953c-96bc-407b-ad6a-3cfd6c3fdca4/1/AMYGfvxAWSGgHnKu_QntycSpGmI.roa
File: AMYGfvxAWSGgHnKu_QntycSpGmI.roa (raw, json)
Hash identifier: QcPElnjpeBVJZHljf/0lA1BJWaDX6zX8ch7k4Gzc5Ng=
Subject key identifier: 00:C6:06:7E:FC:40:59:21:A0:1E:72:AE:FD:09:ED:C9:C4:A9:1A:62
Certificate issuer: /CN=c0ea1ddba4cbd3cb57ec860d85ff4ff9301afce5
Certificate serial: 019423691650770B9240AE6C5DDBA72D5D55
Authority key identifier: C0:EA:1D:DB:A4:CB:D3:CB:57:EC:86:0D:85:FF:4F:F9:30:1A:FC:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOod26TL08tX7IYNhf9P-TAa_OU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/2d953c-96bc-407b-ad6a-3cfd6c3fdca4/1/AMYGfvxAWSGgHnKu_QntycSpGmI.roa
Signing time: Wed 01 Jan 2025 19:47:57 +0000
ROA not before: Wed 01 Jan 2025 19:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3292
IP address blocks: 193.105.30.0/23 maxlen: 23
194.99.114.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/2d953c-96bc-407b-ad6a-3cfd6c3fdca4/1/wOod26TL08tX7IYNhf9P-TAa_OU.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/2d953c-96bc-407b-ad6a-3cfd6c3fdca4/1/wOod26TL08tX7IYNhf9P-TAa_OU.mft
rsync://rpki.ripe.net/repository/DEFAULT/wOod26TL08tX7IYNhf9P-TAa_OU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:16:50:77:0b:92:40:ae:6c:5d:db:a7:2d:5d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0ea1ddba4cbd3cb57ec860d85ff4ff9301afce5
Validity
Not Before: Jan 1 19:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00c6067efc405921a01e72aefd09edc9c4a91a62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1b:c7:94:29:b3:a3:cd:90:8c:91:37:ed:ff:
f2:15:c3:a3:69:c8:0b:b2:3c:db:fa:67:b3:77:62:
bf:07:27:a4:2f:65:9c:7b:c5:10:39:1a:c5:2b:0d:
51:63:8f:ed:b8:8a:e0:8e:ad:e5:89:aa:fa:37:50:
2d:3a:2f:8d:ef:29:dd:59:95:d2:45:01:c0:d9:49:
7c:7c:28:82:2e:0d:ff:6d:2b:34:24:08:a5:14:c9:
ff:f9:03:65:c3:14:ab:f6:96:f1:4c:ca:f1:a6:db:
47:b1:56:3c:11:56:8b:79:ac:26:36:2e:70:ac:a5:
24:84:ba:72:d2:67:60:1d:7f:6d:be:ad:3a:bd:d4:
40:e1:86:07:65:d2:97:54:90:bf:4d:3e:61:f8:f6:
89:c4:72:b6:17:28:f9:39:a0:49:ce:e2:31:d4:ad:
5c:2e:5f:ea:6e:01:d8:2a:25:d8:0c:7f:07:de:c9:
f4:c0:de:c8:ea:22:11:c0:92:c1:c0:82:aa:8d:6a:
94:a6:4c:53:d8:5a:99:83:af:7a:5e:73:07:ab:9c:
05:0d:de:71:33:b9:ff:4b:f3:ea:c6:59:ea:0c:e7:
bd:f4:71:03:d8:83:9b:eb:64:4c:d4:18:c2:f8:89:
0d:16:ec:7c:0a:f4:ed:9e:d0:9c:be:24:f6:09:15:
e0:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C6:06:7E:FC:40:59:21:A0:1E:72:AE:FD:09:ED:C9:C4:A9:1A:62
X509v3 Authority Key Identifier:
keyid:C0:EA:1D:DB:A4:CB:D3:CB:57:EC:86:0D:85:FF:4F:F9:30:1A:FC:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOod26TL08tX7IYNhf9P-TAa_OU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/2d953c-96bc-407b-ad6a-3cfd6c3fdca4/1/AMYGfvxAWSGgHnKu_QntycSpGmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/2d953c-96bc-407b-ad6a-3cfd6c3fdca4/1/wOod26TL08tX7IYNhf9P-TAa_OU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.30.0/23
194.99.114.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:9a:e3:2c:11:73:25:e4:48:3b:ee:b8:f8:e4:b5:ce:ec:2f:
32:9a:38:83:4d:3c:76:46:88:73:ab:6a:55:cb:d9:d0:da:b2:
f0:ab:1e:89:20:79:31:58:18:9e:46:63:85:4f:c4:97:8e:cb:
12:0c:37:74:1e:59:3f:4a:00:ec:44:5a:43:76:cd:77:ee:6c:
57:07:8c:c6:b8:c9:fd:3f:74:7d:12:df:99:dc:5c:b4:e8:3b:
a3:c9:66:88:14:ea:68:ad:37:d8:37:56:06:c0:de:d7:05:6a:
df:be:de:95:16:46:ea:70:dd:d2:a4:de:e8:f3:77:17:14:41:
db:97:aa:46:d7:84:5a:b5:2c:99:76:aa:48:ab:a7:7c:fb:5b:
ea:f0:bb:4b:68:2e:ef:c8:ae:2a:50:4f:5e:84:a5:14:ba:50:
1b:73:7c:c2:0e:84:08:e5:a0:25:26:1c:c5:78:00:a4:27:2f:
0c:b1:42:97:18:ef:23:0f:7f:2a:3b:ac:1e:cf:b0:10:46:9f:
1c:f8:a6:83:fe:dd:5a:0a:89:80:a0:a5:ef:22:55:96:0d:b7:
8f:07:d6:aa:39:b1:61:7e:a4:ec:4a:58:47:04:c3:91:b8:b6:
28:9e:1b:fc:75:51:62:1e:31:7a:dc:61:98:28:d6:2d:85:76:
88:ef:7c:d8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjaRZQdwuSQK5sXdunLV1VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZWExZGRiYTRjYmQzY2I1N2VjODYwZDg1ZmY0ZmY5MzAx
YWZjZTUwHhcNMjUwMTAxMTk0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGM2MDY3ZWZjNDA1OTIxYTAxZTcyYWVmZDA5ZWRjOWM0YTkxYTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBvHlCmzo82QjJE37f/yFcOjacgL
sjzb+mezd2K/ByekL2Wce8UQORrFKw1RY4/tuIrgjq3liar6N1AtOi+N7yndWZXS
RQHA2Ul8fCiCLg3/bSs0JAilFMn/+QNlwxSr9pbxTMrxpttHsVY8EVaLeawmNi5w
rKUkhLpy0mdgHX9tvq06vdRA4YYHZdKXVJC/TT5h+PaJxHK2Fyj5OaBJzuIx1K1c
Ll/qbgHYKiXYDH8H3sn0wN7I6iIRwJLBwIKqjWqUpkxT2FqZg696XnMHq5wFDd5x
M7n/S/PqxlnqDOe99HED2IOb62RM1BjC+IkNFux8CvTtntCcviT2CRXgUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFADGBn78QFkhoB5yrv0J7cnEqRpiMB8GA1UdIwQY
MBaAFMDqHduky9PLV+yGDYX/T/kwGvzlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09vZDI2VEwwOHRYN0lZTmhmOVAtVEFhX09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8yZDk1M2MtOTZiYy00MDdiLWFkNmEt
M2NmZDZjM2ZkY2E0LzEvQU1ZR2Z2eEFXU0dnSG5LdV9RbnR5Y1NwR21JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8yZDk1M2MtOTZiYy00MDdiLWFkNmEtM2NmZDZjM2ZkY2E0
LzEvd09vZDI2VEwwOHRYN0lZTmhmOVAtVEFhX09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwWkeAwQB
wmNyMA0GCSqGSIb3DQEBCwUAA4IBAQA9muMsEXMl5Eg77rj45LXO7C8ymjiDTTx2
Rohzq2pVy9nQ2rLwqx6JIHkxWBieRmOFT8SXjssSDDd0Hlk/SgDsRFpDds137mxX
B4zGuMn9P3R9Et+Z3Fy06DujyWaIFOporTfYN1YGwN7XBWrfvt6VFkbqcN3SpN7o
83cXFEHbl6pG14RatSyZdqpIq6d8+1vq8LtLaC7vyK4qUE9ehKUUulAbc3zCDoQI
5aAlJhzFeACkJy8MsUKXGO8jD38qO6wez7AQRp8c+KaD/t1aComAoKXvIlWWDbeP
B9aqObFhfqTsSlhHBMORuLYonhv8dVFiHjF63GGYKNYthXaI73zY
-----END CERTIFICATE-----
Generated at Thu Apr 17 15:39:06 2025 by rpki-client