Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/ajcWC80aw0TwveNSBhYzckXuOpE.roa
File: ajcWC80aw0TwveNSBhYzckXuOpE.roa (raw, json)
Hash identifier: DYNTKTFplgvUSdtya7BioPKPru/N1XFQmWfXfGYCjSw=
Subject key identifier: 6A:37:16:0B:CD:1A:C3:44:F0:BD:E3:52:06:16:33:72:45:EE:3A:91
Certificate issuer: /CN=c25cb7132c19f7d51f002ed4ad811aecf5b20f57
Certificate serial: 018CC86F0383B8A4BEF534BA13565050C0C8
Authority key identifier: C2:5C:B7:13:2C:19:F7:D5:1F:00:2E:D4:AD:81:1A:EC:F5:B2:0F:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wly3EywZ99UfAC7UrYEa7PWyD1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/ajcWC80aw0TwveNSBhYzckXuOpE.roa
Signing time: Tue 02 Jan 2024 04:29:27 +0000
ROA not before: Tue 02 Jan 2024 04:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3245
IP address blocks: 193.68.0.0/19 maxlen: 19
193.68.128.0/17 maxlen: 17
192.92.129.0/24 maxlen: 24
185.143.80.0/22 maxlen: 22
193.68.96.0/19 maxlen: 19
2a02:6a80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/wly3EywZ99UfAC7UrYEa7PWyD1c.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/wly3EywZ99UfAC7UrYEa7PWyD1c.mft
rsync://rpki.ripe.net/repository/DEFAULT/wly3EywZ99UfAC7UrYEa7PWyD1c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:03:83:b8:a4:be:f5:34:ba:13:56:50:50:c0:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c25cb7132c19f7d51f002ed4ad811aecf5b20f57
Validity
Not Before: Jan 2 04:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a37160bcd1ac344f0bde3520616337245ee3a91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e9:db:ff:93:6b:e2:ed:58:10:28:5b:e1:e4:
3e:39:73:f0:bd:04:17:d6:a2:92:e7:0f:60:ea:f2:
51:dd:25:bf:29:79:e6:b5:21:5e:d8:bb:70:72:b0:
37:17:7d:75:81:1a:3e:35:ed:21:8d:d2:79:fd:87:
66:3b:0e:31:43:33:79:1b:5d:9a:5a:ef:8c:be:03:
4c:fb:36:9c:e8:b0:e5:37:14:be:70:c5:9f:e0:40:
e1:7a:b6:0b:8f:f4:cf:2a:4e:76:f7:24:02:93:02:
d9:af:88:ef:7c:5f:0a:73:f0:d9:50:61:3b:68:2e:
70:a7:f0:3f:11:67:ec:16:70:f3:6c:3a:d2:38:48:
6e:4c:09:c6:c0:f4:19:74:d2:ab:d3:c6:7f:87:39:
e6:e9:1a:c7:fa:e9:cf:86:16:0d:82:89:2e:8a:15:
14:09:f1:c5:66:55:45:d6:40:0f:95:ce:ac:f3:1f:
e8:b0:a2:25:29:0c:07:fa:31:cf:5d:0d:8b:5c:38:
f7:a7:21:4b:df:89:74:cc:32:2f:80:4a:3c:d7:5c:
23:10:ef:b0:2a:52:bf:0e:99:55:96:4d:0f:22:6f:
cb:f0:f3:0a:91:1c:bd:7e:0b:ab:fb:9c:8f:5b:5e:
55:93:aa:54:b2:b3:87:ea:0b:f2:c5:00:65:1d:09:
bf:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:37:16:0B:CD:1A:C3:44:F0:BD:E3:52:06:16:33:72:45:EE:3A:91
X509v3 Authority Key Identifier:
keyid:C2:5C:B7:13:2C:19:F7:D5:1F:00:2E:D4:AD:81:1A:EC:F5:B2:0F:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wly3EywZ99UfAC7UrYEa7PWyD1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/ajcWC80aw0TwveNSBhYzckXuOpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b27203-9d48-49a5-af25-49d40a13cbc2/1/wly3EywZ99UfAC7UrYEa7PWyD1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.80.0/22
192.92.129.0/24
193.68.0.0/19
193.68.96.0-193.68.255.255
IPv6:
2a02:6a80::/32
Signature Algorithm: sha256WithRSAEncryption
b1:2b:5a:e6:4f:d6:61:32:e3:2b:8b:3e:ec:5b:77:e4:d0:89:
ce:0f:50:76:69:05:ab:9a:30:bf:48:fe:0b:a3:a8:94:03:09:
ef:40:c9:28:9c:38:60:bb:0a:92:c1:17:38:ac:7c:91:0b:8b:
98:fa:d1:6a:bb:b1:42:9d:2d:9f:86:26:fa:1b:53:f1:12:7c:
73:8b:a1:7d:e3:b8:44:09:31:43:36:67:40:3a:1a:a2:6c:79:
85:01:24:b9:a2:20:d0:e7:47:a8:86:35:78:c0:e7:17:64:30:
db:ab:49:cc:99:92:9a:38:05:23:7c:3f:68:72:d8:2d:3e:18:
e2:9d:0e:df:d5:6c:c8:40:d3:c5:82:8a:ec:79:9c:b9:07:85:
39:a7:de:7c:0f:b6:f5:6b:6c:01:7c:ae:33:a2:fe:3c:8b:62:
89:42:8f:b1:f1:38:08:35:2a:05:03:59:d4:99:7a:89:73:10:
8f:1e:0d:ac:3f:18:31:3d:d2:9d:19:cb:33:3a:13:cb:7d:48:
85:e5:b1:85:73:43:7f:8c:0d:83:7f:dc:95:bb:4a:bd:e2:11:
fb:f2:18:90:ad:7f:2c:14:08:14:82:bd:f7:02:5a:0c:dc:d5:
37:31:de:a9:7c:01:12:fe:b6:dd:1c:80:34:4a:69:6c:91:da:
f8:42:a7:9d
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzIbwODuKS+9TS6E1ZQUMDIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNWNiNzEzMmMxOWY3ZDUxZjAwMmVkNGFkODExYWVjZjVi
MjBmNTcwHhcNMjQwMTAyMDQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTM3MTYwYmNkMWFjMzQ0ZjBiZGUzNTIwNjE2MzM3MjQ1ZWUzYTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyunb/5Nr4u1YEChb4eQ+OXPwvQQX
1qKS5w9g6vJR3SW/KXnmtSFe2LtwcrA3F311gRo+Ne0hjdJ5/YdmOw4xQzN5G12a
Wu+MvgNM+zac6LDlNxS+cMWf4EDherYLj/TPKk529yQCkwLZr4jvfF8Kc/DZUGE7
aC5wp/A/EWfsFnDzbDrSOEhuTAnGwPQZdNKr08Z/hznm6RrH+unPhhYNgokuihUU
CfHFZlVF1kAPlc6s8x/osKIlKQwH+jHPXQ2LXDj3pyFL34l0zDIvgEo811wjEO+w
KlK/DplVlk0PIm/L8PMKkRy9fgur+5yPW15Vk6pUsrOH6gvyxQBlHQm/rwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFGo3FgvNGsNE8L3jUgYWM3JF7jqRMB8GA1UdIwQY
MBaAFMJctxMsGffVHwAu1K2BGuz1sg9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2x5M0V5d1o5OVVmQUM3VXJZRWE3UFd5RDFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9iMjcyMDMtOWQ0OC00OWE1LWFmMjUt
NDlkNDBhMTNjYmMyLzEvYWpjV0M4MGF3MFR3dmVOU0JoWXpja1h1T3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9iMjcyMDMtOWQ0OC00OWE1LWFmMjUtNDlkNDBhMTNjYmMy
LzEvd2x5M0V5d1o5OVVmQUM3VXJZRWE3UFd5RDFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAlBAIAATAfAwQCuY9QAwQA
wFyBAwQFwUQAMAsDBAXBRGADAwDBRDANBAIAAjAHAwUAKgJqgDANBgkqhkiG9w0B
AQsFAAOCAQEAsSta5k/WYTLjK4s+7Ft35NCJzg9QdmkFq5owv0j+C6OolAMJ70DJ
KJw4YLsKksEXOKx8kQuLmPrRaruxQp0tn4Ym+htT8RJ8c4uhfeO4RAkxQzZnQDoa
omx5hQEkuaIg0OdHqIY1eMDnF2Qw26tJzJmSmjgFI3w/aHLYLT4Y4p0O39VsyEDT
xYKK7HmcuQeFOafefA+29WtsAXyuM6L+PItiiUKPsfE4CDUqBQNZ1Jl6iXMQjx4N
rD8YMT3SnRnLMzoTy31IheWxhXNDf4wNg3/clbtKveIR+/IYkK1/LBQIFIK99wJa
DNzVNzHeqXwBEv623RyANEppbJHa+EKnnQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:42:50 2024 by rpki-client on console-ams.rpki-client.org