Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/24da6f-5053-414e-9370-16b9eafeb4ea/1/aayHPIzZH8kuE4buX9L9ekn6vNY.roa
File: aayHPIzZH8kuE4buX9L9ekn6vNY.roa (raw, json)
Hash identifier: l5K0Mav5diQmhRgoJ50XOjjqH5sf6SBC+nvBy0fzfF4=
Subject key identifier: 69:AC:87:3C:8C:D9:1F:C9:2E:13:86:EE:5F:D2:FD:7A:49:FA:BC:D6
Certificate issuer: /CN=00e6e65ed74f06c223a9a49c3ea6d3eeecb23850
Certificate serial: 01941FFABB0258E4C0ECC640CEEBD7F02804
Authority key identifier: 00:E6:E6:5E:D7:4F:06:C2:23:A9:A4:9C:3E:A6:D3:EE:EC:B2:38:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AObmXtdPBsIjqaScPqbT7uyyOFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/24da6f-5053-414e-9370-16b9eafeb4ea/1/aayHPIzZH8kuE4buX9L9ekn6vNY.roa
Signing time: Wed 01 Jan 2025 03:48:33 +0000
ROA not before: Wed 01 Jan 2025 03:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 680
IP address blocks: 192.108.32.0/24 maxlen: 24
193.25.32.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/24da6f-5053-414e-9370-16b9eafeb4ea/1/AObmXtdPBsIjqaScPqbT7uyyOFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/24da6f-5053-414e-9370-16b9eafeb4ea/1/AObmXtdPBsIjqaScPqbT7uyyOFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/AObmXtdPBsIjqaScPqbT7uyyOFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:bb:02:58:e4:c0:ec:c6:40:ce:eb:d7:f0:28:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e6e65ed74f06c223a9a49c3ea6d3eeecb23850
Validity
Not Before: Jan 1 03:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69ac873c8cd91fc92e1386ee5fd2fd7a49fabcd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2b:b9:31:82:96:f9:19:2e:ab:6f:51:7a:28:
7b:ba:58:97:b1:bf:23:b1:f0:7f:b3:fe:5b:9a:dc:
0b:2e:1d:85:e7:06:c4:f9:cb:ab:ae:6e:59:ef:8a:
81:6d:72:d3:0a:40:d2:2e:ff:9d:15:0e:16:d9:43:
84:04:33:94:66:14:76:31:ca:70:1d:5a:a7:cc:07:
2c:04:eb:87:bc:40:a7:22:02:db:2e:99:9c:20:87:
2b:75:f8:61:61:1d:03:1e:56:18:60:7b:61:ca:b6:
13:0f:3a:59:a7:8f:f3:9f:76:28:2a:3a:80:1d:96:
6c:b0:f5:00:ae:9a:bc:6b:94:a4:d3:ad:db:62:33:
50:ec:e4:d2:31:e6:88:f3:0d:11:48:c9:7e:75:f0:
6b:86:7f:3b:c3:c9:4b:9d:3a:74:33:5a:54:cd:14:
b5:39:42:be:65:c1:0a:dc:48:12:10:6a:98:1c:d1:
61:0b:75:33:79:f6:e2:3d:37:24:58:16:e1:07:db:
c3:04:3d:51:06:f7:eb:0e:a0:98:eb:b9:e3:01:12:
c6:04:6c:4b:47:47:f7:bf:c4:1d:dd:09:20:ec:c9:
4c:2d:47:97:45:0a:40:23:1b:cf:77:c8:5a:7a:82:
bf:bc:5b:d7:70:ef:b4:29:85:41:bb:a6:90:f5:45:
43:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:AC:87:3C:8C:D9:1F:C9:2E:13:86:EE:5F:D2:FD:7A:49:FA:BC:D6
X509v3 Authority Key Identifier:
keyid:00:E6:E6:5E:D7:4F:06:C2:23:A9:A4:9C:3E:A6:D3:EE:EC:B2:38:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AObmXtdPBsIjqaScPqbT7uyyOFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/24da6f-5053-414e-9370-16b9eafeb4ea/1/aayHPIzZH8kuE4buX9L9ekn6vNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/24da6f-5053-414e-9370-16b9eafeb4ea/1/AObmXtdPBsIjqaScPqbT7uyyOFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.108.32.0/24
193.25.32.0/20
Signature Algorithm: sha256WithRSAEncryption
90:0f:15:d9:11:df:a2:6d:31:2c:bb:b0:af:14:ed:81:16:a8:
b4:2a:0e:c2:7d:60:0d:89:d7:a1:f0:31:b9:1e:d7:59:76:9f:
17:50:c0:ac:5e:3b:8a:0e:79:b3:c2:e1:9d:dd:d7:c1:5f:23:
a9:74:0f:b1:98:6e:44:da:57:34:ba:7e:21:85:d0:3e:68:f0:
65:f9:55:3f:3c:a2:4c:57:58:ae:15:33:40:7e:57:66:2e:62:
f9:1c:fa:0a:1b:90:f1:2a:3f:7a:c1:32:88:98:99:76:27:1d:
09:72:98:71:2d:2f:4e:a5:81:a3:63:98:94:6d:c6:07:26:2b:
3e:a6:96:e3:aa:4e:8a:6a:bc:79:4e:41:6f:36:61:33:44:a6:
78:26:bd:0f:e2:b1:73:6a:7c:f4:97:78:45:c4:7c:4f:e3:d0:
f6:7f:17:d6:8f:23:4b:45:49:6a:17:c0:06:18:5f:3f:d5:da:
e7:fa:6c:ab:91:f4:58:68:61:20:91:9c:c2:26:37:97:e8:1a:
01:bf:73:67:30:ba:12:d5:73:5b:5d:f4:96:f6:02:a8:3c:df:
ae:8f:42:39:bd:16:13:ff:52:ed:fb:68:29:3b:9d:ec:5c:9a:
9a:57:e7:53:e0:51:3c:27:28:3d:51:59:c1:14:9c:de:47:d0:
2f:33:fb:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+rsCWOTA7MZAzuvX8CgEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTZlNjVlZDc0ZjA2YzIyM2E5YTQ5YzNlYTZkM2VlZWNi
MjM4NTAwHhcNMjUwMTAxMDM0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWFjODczYzhjZDkxZmM5MmUxMzg2ZWU1ZmQyZmQ3YTQ5ZmFiY2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniu5MYKW+Rkuq29Reih7uliXsb8j
sfB/s/5bmtwLLh2F5wbE+currm5Z74qBbXLTCkDSLv+dFQ4W2UOEBDOUZhR2Mcpw
HVqnzAcsBOuHvECnIgLbLpmcIIcrdfhhYR0DHlYYYHthyrYTDzpZp4/zn3YoKjqA
HZZssPUArpq8a5Sk063bYjNQ7OTSMeaI8w0RSMl+dfBrhn87w8lLnTp0M1pUzRS1
OUK+ZcEK3EgSEGqYHNFhC3UzefbiPTckWBbhB9vDBD1RBvfrDqCY67njARLGBGxL
R0f3v8Qd3Qkg7MlMLUeXRQpAIxvPd8haeoK/vFvXcO+0KYVBu6aQ9UVDMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGmshzyM2R/JLhOG7l/S/XpJ+rzWMB8GA1UdIwQY
MBaAFADm5l7XTwbCI6mknD6m0+7ssjhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9ibVh0ZFBCc0lqcWFTY1BxYlQ3dXl5T0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8yNGRhNmYtNTA1My00MTRlLTkzNzAt
MTZiOWVhZmViNGVhLzEvYWF5SFBJelpIOGt1RTRidVg5TDlla242dk5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8yNGRhNmYtNTA1My00MTRlLTkzNzAtMTZiOWVhZmViNGVh
LzEvQU9ibVh0ZFBCc0lqcWFTY1BxYlQ3dXl5T0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwGwgAwQE
wRkgMA0GCSqGSIb3DQEBCwUAA4IBAQCQDxXZEd+ibTEsu7CvFO2BFqi0Kg7CfWAN
ideh8DG5HtdZdp8XUMCsXjuKDnmzwuGd3dfBXyOpdA+xmG5E2lc0un4hhdA+aPBl
+VU/PKJMV1iuFTNAfldmLmL5HPoKG5DxKj96wTKImJl2Jx0JcphxLS9OpYGjY5iU
bcYHJis+ppbjqk6Karx5TkFvNmEzRKZ4Jr0P4rFzanz0l3hFxHxP49D2fxfWjyNL
RUlqF8AGGF8/1drn+myrkfRYaGEgkZzCJjeX6BoBv3NnMLoS1XNbXfSW9gKoPN+u
j0I5vRYT/1Lt+2gpO53sXJqaV+dT4FE8Jyg9UVnBFJzeR9AvM/sQ
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:27:24 2025 by rpki-client