Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/16b7b4-bb21-4b3e-aeb4-b27ca291bd77/1/AefAG2_Y4F-NbTMPc17V1xtokAQ.roa
File: AefAG2_Y4F-NbTMPc17V1xtokAQ.roa (raw, json)
Hash identifier: NUr2AXr58fRu31g3QMgdwdbmJ4678ACINBng7Y+lPog=
Subject key identifier: 01:E7:C0:1B:6F:D8:E0:5F:8D:6D:33:0F:73:5E:D5:D7:1B:68:90:04
Certificate issuer: /CN=b817162877da9f4030bbcb9fe8ac143e6ab2871b
Certificate serial: 0194DF8338EE57DD890B1B0D780B7DC544D9
Authority key identifier: B8:17:16:28:77:DA:9F:40:30:BB:CB:9F:E8:AC:14:3E:6A:B2:87:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uBcWKHfan0Awu8uf6KwUPmqyhxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/16b7b4-bb21-4b3e-aeb4-b27ca291bd77/1/AefAG2_Y4F-NbTMPc17V1xtokAQ.roa
Signing time: Fri 07 Feb 2025 08:25:06 +0000
ROA not before: Fri 07 Feb 2025 08:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 10103
IP address blocks: 193.3.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/16b7b4-bb21-4b3e-aeb4-b27ca291bd77/1/uBcWKHfan0Awu8uf6KwUPmqyhxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/16b7b4-bb21-4b3e-aeb4-b27ca291bd77/1/uBcWKHfan0Awu8uf6KwUPmqyhxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/uBcWKHfan0Awu8uf6KwUPmqyhxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:df:83:38:ee:57:dd:89:0b:1b:0d:78:0b:7d:c5:44:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b817162877da9f4030bbcb9fe8ac143e6ab2871b
Validity
Not Before: Feb 7 08:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01e7c01b6fd8e05f8d6d330f735ed5d71b689004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2b:1b:88:65:b5:78:72:15:36:bd:bb:f1:59:
97:f6:19:55:31:b4:bd:53:9e:10:3d:4a:77:dd:60:
8e:c5:62:f6:dd:cc:9c:4b:12:e6:da:79:5d:a9:c3:
47:8e:fe:92:3d:4e:b1:aa:f6:23:91:c9:fd:c6:09:
27:2c:80:c5:08:33:fa:c7:ca:a8:2a:31:c9:23:a9:
a4:48:5c:97:d0:30:9b:79:8f:bb:b7:6f:2c:2e:1a:
95:d5:d3:02:3d:2b:00:12:0e:8e:de:43:0f:b8:b1:
ac:22:eb:c5:e9:63:08:a5:2b:1a:62:12:fb:c5:47:
ff:7a:62:c3:7c:eb:f0:f7:9d:9a:04:32:e0:f1:82:
98:5e:28:28:44:25:91:21:35:a4:f2:3f:5d:9c:b7:
44:bc:bc:b6:95:5e:34:a4:03:68:8a:d5:0e:69:1f:
69:e6:91:0b:ca:86:94:57:a1:cd:5d:be:c1:a6:79:
ea:01:a9:82:8f:3e:21:37:af:e7:a5:73:8b:fd:8a:
ad:19:c6:e4:a1:09:39:95:41:db:15:8c:08:85:4f:
a8:c2:71:d0:80:fe:e4:84:7c:39:b1:b1:84:bf:85:
3b:26:f7:0e:fc:3f:95:21:d1:e3:6e:2e:f4:79:11:
fa:80:4e:27:59:fe:54:b4:47:71:e4:4b:a8:d0:f6:
42:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:E7:C0:1B:6F:D8:E0:5F:8D:6D:33:0F:73:5E:D5:D7:1B:68:90:04
X509v3 Authority Key Identifier:
keyid:B8:17:16:28:77:DA:9F:40:30:BB:CB:9F:E8:AC:14:3E:6A:B2:87:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uBcWKHfan0Awu8uf6KwUPmqyhxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/16b7b4-bb21-4b3e-aeb4-b27ca291bd77/1/AefAG2_Y4F-NbTMPc17V1xtokAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/16b7b4-bb21-4b3e-aeb4-b27ca291bd77/1/uBcWKHfan0Awu8uf6KwUPmqyhxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.190.0/24
Signature Algorithm: sha256WithRSAEncryption
35:0e:fc:e2:bd:5e:04:78:2f:95:14:52:86:5b:28:46:fd:c1:
82:7f:39:e7:54:63:33:b0:2a:ae:98:4d:f1:7c:db:2e:20:8a:
bc:47:4e:a6:4a:ea:cf:09:2c:8b:fc:60:ea:e8:98:3a:a1:1a:
b7:78:5a:bf:84:aa:2d:4b:c8:59:d8:0b:73:8e:18:91:06:3f:
97:9d:fc:bb:45:f6:0d:93:2a:ea:4c:f3:69:bb:3d:a5:11:7e:
35:87:01:d7:d5:12:0d:37:a3:b1:66:f1:ef:5a:3a:e4:e3:a5:
b3:3f:88:39:41:d9:ac:bf:07:04:2c:ed:74:c5:7c:5a:82:29:
b4:fd:e3:a8:f5:46:83:da:72:d2:34:88:d1:7e:bf:35:98:d4:
67:17:c0:ce:b9:5b:db:e7:47:c2:28:26:a5:5a:a2:97:28:10:
2f:52:e0:8d:8f:c7:61:a0:50:c8:8f:55:aa:b9:f1:e9:5f:b1:
8a:91:fe:eb:3c:95:1d:b7:f5:96:38:cf:c6:8d:89:17:19:80:
e3:45:72:97:82:0e:98:ce:d7:c1:20:d9:fb:7c:02:dd:75:4b:
c8:8a:20:c5:9a:0b:84:ba:0d:8c:87:3a:92:c0:08:1a:d7:49:
c5:cb:24:65:8b:ee:cb:1a:12:9b:9e:02:91:1f:11:54:37:fc:
60:da:fe:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTfgzjuV92JCxsNeAt9xUTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MTcxNjI4NzdkYTlmNDAzMGJiY2I5ZmU4YWMxNDNlNmFi
Mjg3MWIwHhcNMjUwMjA3MDgyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWU3YzAxYjZmZDhlMDVmOGQ2ZDMzMGY3MzVlZDVkNzFiNjg5MDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSsbiGW1eHIVNr278VmX9hlVMbS9
U54QPUp33WCOxWL23cycSxLm2nldqcNHjv6SPU6xqvYjkcn9xgknLIDFCDP6x8qo
KjHJI6mkSFyX0DCbeY+7t28sLhqV1dMCPSsAEg6O3kMPuLGsIuvF6WMIpSsaYhL7
xUf/emLDfOvw952aBDLg8YKYXigoRCWRITWk8j9dnLdEvLy2lV40pANoitUOaR9p
5pELyoaUV6HNXb7BpnnqAamCjz4hN6/npXOL/YqtGcbkoQk5lUHbFYwIhU+ownHQ
gP7khHw5sbGEv4U7JvcO/D+VIdHjbi70eRH6gE4nWf5UtEdx5Euo0PZCDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAHnwBtv2OBfjW0zD3Ne1dcbaJAEMB8GA1UdIwQY
MBaAFLgXFih32p9AMLvLn+isFD5qsocbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUJjV0tIZmFuMEF3dTh1ZjZLd1VQbXF5aHhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8xNmI3YjQtYmIyMS00YjNlLWFlYjQt
YjI3Y2EyOTFiZDc3LzEvQWVmQUcyX1k0Ri1OYlRNUGMxN1YxeHRva0FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8xNmI3YjQtYmIyMS00YjNlLWFlYjQtYjI3Y2EyOTFiZDc3
LzEvdUJjV0tIZmFuMEF3dTh1ZjZLd1VQbXF5aHhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQO+MA0G
CSqGSIb3DQEBCwUAA4IBAQA1DvzivV4EeC+VFFKGWyhG/cGCfznnVGMzsCqumE3x
fNsuIIq8R06mSurPCSyL/GDq6Jg6oRq3eFq/hKotS8hZ2AtzjhiRBj+Xnfy7RfYN
kyrqTPNpuz2lEX41hwHX1RINN6OxZvHvWjrk46WzP4g5QdmsvwcELO10xXxagim0
/eOo9UaD2nLSNIjRfr81mNRnF8DOuVvb50fCKCalWqKXKBAvUuCNj8dhoFDIj1Wq
ufHpX7GKkf7rPJUdt/WWOM/GjYkXGYDjRXKXgg6YztfBINn7fALddUvIiiDFmguE
ug2MhzqSwAga10nFyyRli+7LGhKbngKRHxFUN/xg2v4J
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:35:55 2025 by rpki-client