Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/80353d-4f22-4d94-bead-dd20e2994cd0/1/dAH7ARBUaBt5UjPzcSqUS0qAoUA.roa
File: dAH7ARBUaBt5UjPzcSqUS0qAoUA.roa (raw, json)
Hash identifier: 7zbOnvySB46f8ElmyItz+8UoFhrAjARk+Y6qTe3/uG8=
Subject key identifier: 74:01:FB:01:10:54:68:1B:79:52:33:F3:71:2A:94:4B:4A:80:A1:40
Certificate issuer: /CN=aba10057bcd00762eef43823c030e7e32d572241
Certificate serial: 018CC8DF8D0302CF686E237E255F67F1489F
Authority key identifier: AB:A1:00:57:BC:D0:07:62:EE:F4:38:23:C0:30:E7:E3:2D:57:22:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q6EAV7zQB2Lu9DgjwDDn4y1XIkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/80353d-4f22-4d94-bead-dd20e2994cd0/1/dAH7ARBUaBt5UjPzcSqUS0qAoUA.roa
Signing time: Tue 02 Jan 2024 06:32:22 +0000
ROA not before: Tue 02 Jan 2024 06:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 160.202.20.0/24 maxlen: 24
160.202.22.0/24 maxlen: 24
160.202.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/80353d-4f22-4d94-bead-dd20e2994cd0/1/q6EAV7zQB2Lu9DgjwDDn4y1XIkE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/80353d-4f22-4d94-bead-dd20e2994cd0/1/q6EAV7zQB2Lu9DgjwDDn4y1XIkE.mft
rsync://rpki.ripe.net/repository/DEFAULT/q6EAV7zQB2Lu9DgjwDDn4y1XIkE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:8d:03:02:cf:68:6e:23:7e:25:5f:67:f1:48:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aba10057bcd00762eef43823c030e7e32d572241
Validity
Not Before: Jan 2 06:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7401fb011054681b795233f3712a944b4a80a140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b7:25:06:5c:98:8a:43:e3:da:75:2e:83:b1:
82:76:d0:c5:96:55:6b:dd:aa:5b:da:9a:65:b8:b7:
d9:16:4c:a5:65:4a:47:fb:fc:aa:56:07:ad:ee:2e:
3e:3d:d8:38:b2:55:6c:1e:40:59:e8:50:eb:ba:80:
47:a1:cf:e6:b5:7a:bf:b4:1a:6e:57:8f:3f:5f:1e:
3a:24:fc:61:f9:42:f9:0c:02:30:5d:93:4f:f8:0f:
91:15:fe:da:b5:10:73:0b:cc:bc:3e:38:42:02:d8:
79:8f:7e:8b:e6:3d:46:e0:cf:e0:d9:57:5f:b6:b3:
13:8e:d4:43:08:f0:4b:70:6f:97:c1:16:41:c8:78:
6e:05:02:46:d6:50:81:f8:93:6c:cc:cd:bd:91:91:
c5:06:d5:9b:bd:2d:21:5b:e1:9d:f7:81:6a:95:52:
41:68:7a:0d:38:e1:91:a6:7a:df:41:05:97:d2:bd:
72:92:14:c7:f0:ee:9d:a1:77:45:ac:10:04:cc:5e:
28:7d:f6:31:1b:19:59:8f:52:46:88:cb:9b:1b:8f:
d2:34:5e:7c:ff:e1:69:ab:0a:99:66:7e:74:8c:3e:
1a:08:3b:e9:2b:39:02:69:b6:6a:60:a6:c8:39:c9:
28:0f:74:cf:1a:33:b6:95:e9:35:e0:2a:fd:fd:f2:
71:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:01:FB:01:10:54:68:1B:79:52:33:F3:71:2A:94:4B:4A:80:A1:40
X509v3 Authority Key Identifier:
keyid:AB:A1:00:57:BC:D0:07:62:EE:F4:38:23:C0:30:E7:E3:2D:57:22:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6EAV7zQB2Lu9DgjwDDn4y1XIkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/80353d-4f22-4d94-bead-dd20e2994cd0/1/dAH7ARBUaBt5UjPzcSqUS0qAoUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/80353d-4f22-4d94-bead-dd20e2994cd0/1/q6EAV7zQB2Lu9DgjwDDn4y1XIkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.202.20.0-160.202.22.255
Signature Algorithm: sha256WithRSAEncryption
c7:4a:f0:52:3f:a5:f7:eb:e1:8f:60:12:ae:c8:b6:30:64:ed:
a1:fc:77:1c:dc:c0:40:7a:ef:c3:15:44:0b:00:95:da:2a:c3:
4f:7b:e0:f0:ac:ee:d2:5e:73:63:a1:45:23:10:99:75:4a:d0:
e2:e2:65:39:80:f8:4b:47:8b:b3:4c:a3:94:e3:f9:12:36:75:
54:b9:a7:e5:14:8d:60:b4:73:1d:8b:12:da:f0:6c:7e:4a:09:
a2:bb:4d:b2:1e:4a:1d:25:d8:c8:8b:e2:be:09:ac:6c:7c:23:
3b:1d:0d:c3:a6:13:4b:ca:5d:9f:73:3d:2c:f7:e2:f8:d6:db:
16:60:d6:be:7a:fe:01:14:a4:80:e1:03:5f:cf:8e:b1:02:f5:
29:64:10:c4:9a:3d:a2:69:aa:0d:2f:97:8f:ff:d7:e7:85:10:
69:25:eb:76:63:15:17:1d:60:47:e6:06:c3:66:cd:60:54:50:
7f:c0:8b:f9:ca:12:15:70:7e:ef:12:c6:27:51:1a:54:a6:1a:
6e:fb:a8:3d:d7:4f:83:d1:c5:99:f5:2f:8c:bc:be:4b:51:ac:
3b:76:aa:b6:26:b9:d0:a1:94:f2:35:bc:3b:96:0d:85:9c:03:
9f:ee:e9:d1:67:29:d7:06:01:94:c4:ff:24:04:8a:c5:14:1e:
00:1e:13:30
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzI340DAs9obiN+JV9n8UifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYTEwMDU3YmNkMDA3NjJlZWY0MzgyM2MwMzBlN2UzMmQ1
NzIyNDEwHhcNMjQwMTAyMDYzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDAxZmIwMTEwNTQ2ODFiNzk1MjMzZjM3MTJhOTQ0YjRhODBhMTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLclBlyYikPj2nUug7GCdtDFllVr
3apb2ppluLfZFkylZUpH+/yqVget7i4+Pdg4slVsHkBZ6FDruoBHoc/mtXq/tBpu
V48/Xx46JPxh+UL5DAIwXZNP+A+RFf7atRBzC8y8PjhCAth5j36L5j1G4M/g2Vdf
trMTjtRDCPBLcG+XwRZByHhuBQJG1lCB+JNszM29kZHFBtWbvS0hW+Gd94FqlVJB
aHoNOOGRpnrfQQWX0r1ykhTH8O6doXdFrBAEzF4offYxGxlZj1JGiMubG4/SNF58
/+FpqwqZZn50jD4aCDvpKzkCabZqYKbIOckoD3TPGjO2lek14Cr9/fJxTQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHQB+wEQVGgbeVIz83EqlEtKgKFAMB8GA1UdIwQY
MBaAFKuhAFe80Adi7vQ4I8Aw5+MtVyJBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTZFQVY3elFCMkx1OURnandERG40eTFYSWtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi84MDM1M2QtNGYyMi00ZDk0LWJlYWQt
ZGQyMGUyOTk0Y2QwLzEvZEFIN0FSQlVhQnQ1VWpQemNTcVVTMHFBb1VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi84MDM1M2QtNGYyMi00ZDk0LWJlYWQtZGQyMGUyOTk0Y2Qw
LzEvcTZFQVY3elFCMkx1OURnandERG40eTFYSWtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKgyhQD
BACgyhYwDQYJKoZIhvcNAQELBQADggEBAMdK8FI/pffr4Y9gEq7ItjBk7aH8dxzc
wEB678MVRAsAldoqw0974PCs7tJec2OhRSMQmXVK0OLiZTmA+EtHi7NMo5Tj+RI2
dVS5p+UUjWC0cx2LEtrwbH5KCaK7TbIeSh0l2MiL4r4JrGx8IzsdDcOmE0vKXZ9z
PSz34vjW2xZg1r56/gEUpIDhA1/PjrEC9SlkEMSaPaJpqg0vl4//1+eFEGkl63Zj
FRcdYEfmBsNmzWBUUH/Ai/nKEhVwfu8SxidRGlSmGm77qD3XT4PRxZn1L4y8vktR
rDt2qrYmudChlPI1vDuWDYWcA5/u6dFnKdcGAZTE/yQEisUUHgAeEzA=
-----END CERTIFICATE-----
Generated at Thu May 2 21:26:05 2024 by rpki-client on console-fra.rpki-client.org