Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/c983aa-b61e-4ed8-8e81-bc1e55c69755/1/w5pXk-zMDjFo7rYudSF_ATInnUI.roa
File: w5pXk-zMDjFo7rYudSF_ATInnUI.roa (raw, json)
Hash identifier: 33j8kQlj8EM4Xb9f4KytIpk1E+D5CzmOoXGUrxjI1vU=
Subject key identifier: C3:9A:57:93:EC:CC:0E:31:68:EE:B6:2E:75:21:7F:01:32:27:9D:42
Certificate issuer: /CN=0a23e2f0b064087fd84f048b1fa9997023d599e1
Certificate serial: 019421B206A3BD1114125A840ED50867FB70
Authority key identifier: 0A:23:E2:F0:B0:64:08:7F:D8:4F:04:8B:1F:A9:99:70:23:D5:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CiPi8LBkCH_YTwSLH6mZcCPVmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/c983aa-b61e-4ed8-8e81-bc1e55c69755/1/w5pXk-zMDjFo7rYudSF_ATInnUI.roa
Signing time: Wed 01 Jan 2025 11:48:22 +0000
ROA not before: Wed 01 Jan 2025 11:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208272
IP address blocks: 2a0b:7980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/c983aa-b61e-4ed8-8e81-bc1e55c69755/1/CiPi8LBkCH_YTwSLH6mZcCPVmeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/c983aa-b61e-4ed8-8e81-bc1e55c69755/1/CiPi8LBkCH_YTwSLH6mZcCPVmeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CiPi8LBkCH_YTwSLH6mZcCPVmeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:06:a3:bd:11:14:12:5a:84:0e:d5:08:67:fb:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a23e2f0b064087fd84f048b1fa9997023d599e1
Validity
Not Before: Jan 1 11:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c39a5793eccc0e3168eeb62e75217f0132279d42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ae:cb:f3:05:d8:d6:46:f6:11:02:64:f2:43:
9c:99:68:c0:46:6a:7a:66:b5:2e:66:a2:a7:99:19:
25:7f:97:ac:54:21:24:96:4e:d8:68:a0:7f:59:c3:
e4:5e:48:a0:63:8c:b5:42:af:24:ec:44:a6:59:dc:
d9:9d:28:fd:43:2f:c4:e8:21:eb:10:61:34:7e:2e:
3c:19:bd:c1:e1:d3:d0:aa:4b:ed:76:6d:eb:7d:0e:
fb:3e:62:5f:82:af:d0:f7:0f:7d:ab:d5:89:bc:9c:
93:23:f8:66:54:9c:39:99:5a:19:3f:24:63:68:6e:
41:51:d9:a0:e5:de:92:67:f4:41:c2:c4:16:1e:6a:
4d:87:9c:db:57:9d:0c:b0:46:71:3f:05:07:25:a6:
69:9b:06:92:5d:95:c8:8f:8a:3a:de:24:cd:c7:64:
0a:8a:7c:13:39:2c:32:5e:be:c9:a5:30:2b:0c:c8:
d0:3a:9a:c8:d0:cb:e4:50:ee:49:5a:dd:3d:92:22:
d1:64:49:38:28:f1:f7:01:3f:00:4b:b5:c3:21:47:
58:b2:ef:71:da:4c:51:0e:e4:86:18:ec:e6:d3:19:
49:a3:18:8f:20:4e:b5:48:d8:a6:2c:27:c8:15:dc:
83:07:55:3f:66:4e:e1:06:69:64:66:9a:c3:44:0c:
05:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:9A:57:93:EC:CC:0E:31:68:EE:B6:2E:75:21:7F:01:32:27:9D:42
X509v3 Authority Key Identifier:
keyid:0A:23:E2:F0:B0:64:08:7F:D8:4F:04:8B:1F:A9:99:70:23:D5:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CiPi8LBkCH_YTwSLH6mZcCPVmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/c983aa-b61e-4ed8-8e81-bc1e55c69755/1/w5pXk-zMDjFo7rYudSF_ATInnUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/c983aa-b61e-4ed8-8e81-bc1e55c69755/1/CiPi8LBkCH_YTwSLH6mZcCPVmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:7980::/29
Signature Algorithm: sha256WithRSAEncryption
3e:a3:d4:fb:41:c7:8f:9e:ba:93:16:9d:6e:f6:fd:3b:73:41:
1d:2e:b2:f5:13:66:2a:65:1e:33:3a:44:95:b5:3d:05:b4:84:
03:92:12:8c:7d:72:89:6d:58:28:b4:1f:0a:14:00:19:7f:e7:
f6:cd:90:2d:f8:2f:3c:ee:06:d1:55:92:77:b3:8c:e2:3d:6f:
b1:60:1c:d7:7e:2d:82:f3:0a:65:57:79:a3:2a:cb:b0:e8:65:
a6:0a:52:2c:af:14:7a:3b:d1:e6:d2:a6:d3:7c:7b:fc:fb:d6:
82:72:a8:e7:28:ba:0b:35:38:e7:f4:1a:35:d5:a4:b2:71:50:
c7:68:6b:69:d3:1c:80:02:da:75:46:09:f0:83:d3:5d:cb:c9:
56:af:15:ae:ca:94:c2:70:73:dd:24:55:f1:37:e1:70:cd:19:
68:ad:28:d6:6e:23:eb:ce:3d:ab:9c:a7:34:60:35:84:03:8a:
04:c5:41:10:a8:64:3b:f4:9d:b2:59:df:da:3f:8e:28:a2:83:
7c:2d:4f:c8:96:7b:4d:cc:6b:84:0b:09:ec:3b:c0:ff:70:91:
3d:8e:39:f5:ff:66:05:79:7d:98:08:8a:2e:d1:ec:2b:d0:42:
a6:fb:7a:6e:04:63:9c:25:71:39:bb:be:6a:5f:79:6a:54:71:
27:43:c7:42
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhsgajvREUElqEDtUIZ/twMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMjNlMmYwYjA2NDA4N2ZkODRmMDQ4YjFmYTk5OTcwMjNk
NTk5ZTEwHhcNMjUwMTAxMTE0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzlhNTc5M2VjY2MwZTMxNjhlZWI2MmU3NTIxN2YwMTMyMjc5ZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuK7L8wXY1kb2EQJk8kOcmWjARmp6
ZrUuZqKnmRklf5esVCEklk7YaKB/WcPkXkigY4y1Qq8k7ESmWdzZnSj9Qy/E6CHr
EGE0fi48Gb3B4dPQqkvtdm3rfQ77PmJfgq/Q9w99q9WJvJyTI/hmVJw5mVoZPyRj
aG5BUdmg5d6SZ/RBwsQWHmpNh5zbV50MsEZxPwUHJaZpmwaSXZXIj4o63iTNx2QK
inwTOSwyXr7JpTArDMjQOprI0MvkUO5JWt09kiLRZEk4KPH3AT8AS7XDIUdYsu9x
2kxRDuSGGOzm0xlJoxiPIE61SNimLCfIFdyDB1U/Zk7hBmlkZprDRAwFhQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMOaV5PszA4xaO62LnUhfwEyJ51CMB8GA1UdIwQY
MBaAFAoj4vCwZAh/2E8Eix+pmXAj1ZnhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2lQaThMQmtDSF9ZVHdTTEg2bVpjQ1BWbWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9jOTgzYWEtYjYxZS00ZWQ4LThlODEt
YmMxZTU1YzY5NzU1LzEvdzVwWGstek1EakZvN3JZdWRTRl9BVElublVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9jOTgzYWEtYjYxZS00ZWQ4LThlODEtYmMxZTU1YzY5NzU1
LzEvQ2lQaThMQmtDSF9ZVHdTTEg2bVpjQ1BWbWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgt5gDAN
BgkqhkiG9w0BAQsFAAOCAQEAPqPU+0HHj566kxadbvb9O3NBHS6y9RNmKmUeMzpE
lbU9BbSEA5ISjH1yiW1YKLQfChQAGX/n9s2QLfgvPO4G0VWSd7OM4j1vsWAc134t
gvMKZVd5oyrLsOhlpgpSLK8UejvR5tKm03x7/PvWgnKo5yi6CzU45/QaNdWksnFQ
x2hradMcgALadUYJ8IPTXcvJVq8VrsqUwnBz3SRV8TfhcM0ZaK0o1m4j6849q5yn
NGA1hAOKBMVBEKhkO/Sdslnf2j+OKKKDfC1PyJZ7TcxrhAsJ7DvA/3CRPY459f9m
BXl9mAiKLtHsK9BCpvt6bgRjnCVxObu+al95alRxJ0PHQg==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:15 2025 by rpki-client