Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/aPENAwPWD9_6y24HMW9xEd5C_Ks.roa
File: aPENAwPWD9_6y24HMW9xEd5C_Ks.roa (raw, json)
Hash identifier: o45OJu1Z+D6ZpzE4mC3JFl7eVOetvW4JHfD6F7fpBWE=
Subject key identifier: 68:F1:0D:03:03:D6:0F:DF:FA:CB:6E:07:31:6F:71:11:DE:42:FC:AB
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 019424B2A07BF8A6D1C14CF6A67770D014D8
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/aPENAwPWD9_6y24HMW9xEd5C_Ks.roa
Signing time: Thu 02 Jan 2025 01:47:53 +0000
ROA not before: Thu 02 Jan 2025 01:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31404
IP address blocks: 217.179.128.0/18 maxlen: 24
217.180.64.0/18 maxlen: 24
217.181.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:a0:7b:f8:a6:d1:c1:4c:f6:a6:77:70:d0:14:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Jan 2 01:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68f10d0303d60fdffacb6e07316f7111de42fcab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0d:80:4a:6c:fa:66:4e:2f:01:04:d5:b7:4b:
1b:55:74:f1:8e:13:06:0b:22:ed:91:a8:96:d3:47:
8f:09:8f:90:ca:1d:a4:a3:d7:05:17:f8:14:4c:e3:
7b:57:55:ba:17:f8:ff:6a:a4:24:0e:7d:5d:b1:c4:
e0:1e:b3:27:4f:40:09:e3:68:aa:16:95:b8:79:b7:
f3:fe:aa:4b:38:38:9a:c5:36:c2:46:74:51:04:43:
ea:f1:6e:41:cb:ce:ff:84:87:68:7b:5e:b8:26:2d:
36:01:62:19:69:1a:73:89:b2:34:9a:61:8e:f5:be:
56:a3:94:c2:dd:4c:e8:63:c0:ed:e3:86:48:1a:71:
63:e3:4b:8c:77:c5:0e:88:90:4f:b6:2e:d0:bb:49:
af:25:5e:c2:ec:ee:ed:23:f9:5a:2c:0b:d0:05:94:
ce:54:91:8a:50:5b:ac:c8:5b:2b:76:1c:58:04:79:
ac:3f:a6:33:05:34:bd:70:6b:d6:7a:c4:3e:0c:fc:
8b:25:de:1e:46:e5:89:46:c2:b5:03:52:6f:7a:02:
66:39:b4:0f:2c:48:0d:3e:73:4c:6c:24:c3:a2:8a:
fc:40:a4:14:5e:93:9c:cb:5f:0f:68:0c:ad:d2:3f:
83:7c:ae:90:80:64:c3:32:bf:c3:68:e4:e1:f1:b0:
75:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F1:0D:03:03:D6:0F:DF:FA:CB:6E:07:31:6F:71:11:DE:42:FC:AB
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/aPENAwPWD9_6y24HMW9xEd5C_Ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.179.128.0/18
217.180.64.0/18
217.181.96.0/19
Signature Algorithm: sha256WithRSAEncryption
ac:0c:fe:89:ed:e9:2a:6e:cf:e0:04:19:5a:8b:19:b3:9e:4e:
7c:9d:3b:38:47:4b:e2:99:27:f0:9e:91:9e:d0:94:b4:22:f3:
c7:19:44:f3:a3:15:08:e1:e4:0a:71:60:6a:ca:6f:5d:a5:51:
2c:d6:8c:b6:42:04:4a:24:88:2c:d6:25:e4:4b:03:d6:7d:27:
96:ef:6b:6a:f6:32:48:56:05:4a:0c:88:d4:1e:13:39:ff:f0:
4e:c9:de:43:4d:36:8a:11:35:23:bf:82:68:69:b8:1a:0f:a9:
dd:76:10:51:83:9c:54:f4:f1:27:90:87:ee:4d:a7:b6:a4:5a:
79:64:b6:8b:34:62:f0:56:53:43:da:f9:6e:fc:b8:c7:04:a8:
d5:e1:f3:cc:9b:21:d0:c4:f5:f0:26:6c:97:0a:3e:99:2a:de:
ff:5e:bc:26:6d:b4:b2:d2:9d:14:04:77:74:0c:10:14:15:17:
6b:29:0c:83:8a:47:5d:f8:9b:3e:23:ca:38:37:08:e4:cc:07:
fc:8e:bd:c8:2e:3f:05:9a:44:58:04:e0:83:a5:85:3d:3b:74:
f6:1f:15:9e:36:b0:79:54:38:c1:ad:cb:a4:26:75:44:6a:37:
2b:7a:35:7b:b6:04:98:c7:2e:5b:43:ec:4d:c5:37:3a:01:37:
d8:09:d7:ca
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQksqB7+KbRwUz2pndw0BTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMTAyMDE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGYxMGQwMzAzZDYwZmRmZmFjYjZlMDczMTZmNzExMWRlNDJmY2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuA2ASmz6Zk4vAQTVt0sbVXTxjhMG
CyLtkaiW00ePCY+Qyh2ko9cFF/gUTON7V1W6F/j/aqQkDn1dscTgHrMnT0AJ42iq
FpW4ebfz/qpLODiaxTbCRnRRBEPq8W5By87/hIdoe164Ji02AWIZaRpzibI0mmGO
9b5Wo5TC3UzoY8Dt44ZIGnFj40uMd8UOiJBPti7Qu0mvJV7C7O7tI/laLAvQBZTO
VJGKUFusyFsrdhxYBHmsP6YzBTS9cGvWesQ+DPyLJd4eRuWJRsK1A1JvegJmObQP
LEgNPnNMbCTDoor8QKQUXpOcy18PaAyt0j+DfK6QgGTDMr/DaOTh8bB1UQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGjxDQMD1g/f+stuBzFvcRHeQvyrMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvYVBFTkF3UFdEOV82eTI0SE1XOXhFZDVDX0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQG2bOAAwQG
2bRAAwQF2bVgMA0GCSqGSIb3DQEBCwUAA4IBAQCsDP6J7ekqbs/gBBlaixmznk58
nTs4R0vimSfwnpGe0JS0IvPHGUTzoxUI4eQKcWBqym9dpVEs1oy2QgRKJIgs1iXk
SwPWfSeW72tq9jJIVgVKDIjUHhM5//BOyd5DTTaKETUjv4JoabgaD6nddhBRg5xU
9PEnkIfuTae2pFp5ZLaLNGLwVlND2vlu/LjHBKjV4fPMmyHQxPXwJmyXCj6ZKt7/
XrwmbbSy0p0UBHd0DBAUFRdrKQyDikdd+Js+I8o4NwjkzAf8jr3ILj8FmkRYBOCD
pYU9O3T2HxWeNrB5VDjBrcukJnVEajcrejV7tgSYxy5bQ+xNxTc6ATfYCdfK
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:00:03 2025 by rpki-client