Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/13a432-9db6-431f-a24c-1f323637cc48/1/aziKSjcmtjl7ZRQR41_A0vxpLio.roa
File: aziKSjcmtjl7ZRQR41_A0vxpLio.roa (raw, json)
Hash identifier: wLgqqaoEM11h+IUGz/tIVa/YuL2NopeoenmAEMfpDUc=
Subject key identifier: 6B:38:8A:4A:37:26:B6:39:7B:65:14:11:E3:5F:C0:D2:FC:69:2E:2A
Certificate issuer: /CN=aff454ecfc9682862a7b5dbe4f3b9b0efc4c57dc
Certificate serial: 019424B309D5BE65DEDE0DD410FE143768B7
Authority key identifier: AF:F4:54:EC:FC:96:82:86:2A:7B:5D:BE:4F:3B:9B:0E:FC:4C:57:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_RU7PyWgoYqe12-TzubDvxMV9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/13a432-9db6-431f-a24c-1f323637cc48/1/aziKSjcmtjl7ZRQR41_A0vxpLio.roa
Signing time: Thu 02 Jan 2025 01:48:20 +0000
ROA not before: Thu 02 Jan 2025 01:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215612
IP address blocks: 95.128.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/13a432-9db6-431f-a24c-1f323637cc48/1/r_RU7PyWgoYqe12-TzubDvxMV9w.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/13a432-9db6-431f-a24c-1f323637cc48/1/r_RU7PyWgoYqe12-TzubDvxMV9w.mft
rsync://rpki.ripe.net/repository/DEFAULT/r_RU7PyWgoYqe12-TzubDvxMV9w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 09:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:09:d5:be:65:de:de:0d:d4:10:fe:14:37:68:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aff454ecfc9682862a7b5dbe4f3b9b0efc4c57dc
Validity
Not Before: Jan 2 01:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b388a4a3726b6397b651411e35fc0d2fc692e2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:64:a4:09:89:29:a2:7c:54:de:66:b8:d9:f5:
63:50:ad:fb:b4:11:71:2a:6b:e8:8b:51:d7:4a:3b:
ed:97:77:32:b0:b0:06:07:e6:9f:53:6c:97:c7:d8:
22:e1:c7:1b:83:ea:66:4e:b2:26:a8:6b:46:0e:69:
8f:02:5f:f9:82:e9:06:69:35:b8:68:f2:64:af:82:
73:77:77:16:27:bc:f4:1b:68:eb:e8:7a:02:6e:dd:
e6:fe:76:a2:8e:78:41:24:ec:5e:3a:c6:d7:65:34:
ae:ca:5b:22:fc:e7:9b:10:f4:31:ba:07:c7:f4:71:
71:d9:63:d1:04:5d:7f:29:f9:8c:15:0d:55:ee:84:
cc:ae:c5:e4:c7:b4:84:39:ff:20:a8:c2:7b:bc:69:
58:64:08:37:73:e0:53:32:16:63:41:24:9f:20:60:
aa:bb:8b:4e:67:b6:c5:5d:21:1c:b6:87:5b:1b:5f:
8a:18:bb:bb:43:76:23:a0:24:56:c5:ec:3d:18:d9:
51:96:d1:02:b7:c9:f3:10:fc:36:f9:2b:e8:9c:be:
25:ef:67:e8:41:08:43:4d:5e:1c:86:a0:3a:a6:5f:
e8:9f:ff:ad:c6:54:2f:62:25:7e:3b:83:e8:66:2b:
20:9b:82:7b:a0:a6:af:92:c4:59:5c:fe:3d:72:88:
7f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:38:8A:4A:37:26:B6:39:7B:65:14:11:E3:5F:C0:D2:FC:69:2E:2A
X509v3 Authority Key Identifier:
keyid:AF:F4:54:EC:FC:96:82:86:2A:7B:5D:BE:4F:3B:9B:0E:FC:4C:57:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_RU7PyWgoYqe12-TzubDvxMV9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/13a432-9db6-431f-a24c-1f323637cc48/1/aziKSjcmtjl7ZRQR41_A0vxpLio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/13a432-9db6-431f-a24c-1f323637cc48/1/r_RU7PyWgoYqe12-TzubDvxMV9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.192.0/24
Signature Algorithm: sha256WithRSAEncryption
08:b0:78:5e:70:9e:0f:88:c6:dd:b9:f8:3a:95:82:15:94:fe:
5c:dd:2c:45:87:ec:b6:aa:88:05:f3:b1:17:e5:c5:9d:1a:37:
ee:7b:7d:a3:ed:3e:c4:96:af:c8:08:3a:a5:bc:c2:40:3d:9e:
51:c7:40:e5:53:39:d5:98:79:c0:c0:52:0c:df:0a:1a:74:bd:
ef:73:96:aa:34:ff:8a:d3:dc:ea:fa:03:96:b9:71:28:48:17:
39:6b:0b:f0:d9:4c:f1:04:bc:fd:7c:14:6b:03:ff:46:fd:41:
2c:aa:08:63:03:03:4a:46:42:bc:cb:9c:cf:7d:f1:95:1b:e0:
ee:f8:9f:35:52:43:c1:6b:d1:0d:f9:15:a7:de:63:3b:1f:d5:
35:04:f6:26:b2:21:1f:29:f1:2e:cf:7c:a5:89:3a:48:87:a5:
3c:a3:00:ba:20:26:56:15:16:3a:a0:4b:ed:fb:f6:32:1f:f6:
f8:5f:cb:a6:80:b1:dc:4a:46:0c:f3:71:34:be:de:de:ca:a1:
d3:a1:75:83:7a:6f:11:12:20:93:bc:cb:e6:83:13:d9:6c:7d:
83:33:35:d6:b8:f2:a5:25:21:29:85:9e:26:d9:85:fc:bc:19:
71:fc:75:3d:8b:4f:86:2a:04:72:3c:d3:3a:18:df:77:72:2d:
19:0b:26:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkswnVvmXe3g3UEP4UN2i3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZjQ1NGVjZmM5NjgyODYyYTdiNWRiZTRmM2I5YjBlZmM0
YzU3ZGMwHhcNMjUwMTAyMDE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjM4OGE0YTM3MjZiNjM5N2I2NTE0MTFlMzVmYzBkMmZjNjkyZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmSkCYkponxU3ma42fVjUK37tBFx
Kmvoi1HXSjvtl3cysLAGB+afU2yXx9gi4ccbg+pmTrImqGtGDmmPAl/5gukGaTW4
aPJkr4Jzd3cWJ7z0G2jr6HoCbt3m/naijnhBJOxeOsbXZTSuylsi/OebEPQxugfH
9HFx2WPRBF1/KfmMFQ1V7oTMrsXkx7SEOf8gqMJ7vGlYZAg3c+BTMhZjQSSfIGCq
u4tOZ7bFXSEctodbG1+KGLu7Q3YjoCRWxew9GNlRltECt8nzEPw2+SvonL4l72fo
QQhDTV4chqA6pl/on/+txlQvYiV+O4PoZisgm4J7oKavksRZXP49coh/5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGs4iko3JrY5e2UUEeNfwNL8aS4qMB8GA1UdIwQY
MBaAFK/0VOz8loKGKntdvk87mw78TFfcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9SVTdQeVdnb1lxZTEyLVR6dWJEdnhNVjl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8xM2E0MzItOWRiNi00MzFmLWEyNGMt
MWYzMjM2MzdjYzQ4LzEvYXppS1NqY210amw3WlJRUjQxX0EwdnhwTGlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8xM2E0MzItOWRiNi00MzFmLWEyNGMtMWYzMjM2MzdjYzQ4
LzEvcl9SVTdQeVdnb1lxZTEyLVR6dWJEdnhNVjl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4DAMA0G
CSqGSIb3DQEBCwUAA4IBAQAIsHhecJ4PiMbdufg6lYIVlP5c3SxFh+y2qogF87EX
5cWdGjfue32j7T7Elq/ICDqlvMJAPZ5Rx0DlUznVmHnAwFIM3woadL3vc5aqNP+K
09zq+gOWuXEoSBc5awvw2UzxBLz9fBRrA/9G/UEsqghjAwNKRkK8y5zPffGVG+Du
+J81UkPBa9EN+RWn3mM7H9U1BPYmsiEfKfEuz3yliTpIh6U8owC6ICZWFRY6oEvt
+/YyH/b4X8umgLHcSkYM83E0vt7eyqHToXWDem8REiCTvMvmgxPZbH2DMzXWuPKl
JSEphZ4m2YX8vBlx/HU9i0+GKgRyPNM6GN93ci0ZCyYN
-----END CERTIFICATE-----
Generated at Sun Mar 9 18:52:43 2025 by rpki-client