Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/a3c5a2-5149-4186-b309-cfdcb57b5e1d/1/aJZ7aeyBkqV9KmHG5FOMAAPsbVE.roa
File: aJZ7aeyBkqV9KmHG5FOMAAPsbVE.roa (raw, json)
Hash identifier: uSn0TuA7gSGChTH/k2QI7GpPzawotKgFwr/iKmE/sqI=
Subject key identifier: 68:96:7B:69:EC:81:92:A5:7D:2A:61:C6:E4:53:8C:00:03:EC:6D:51
Certificate issuer: /CN=6cb272da1d8126b51719e5a3456880adfa889ca3
Certificate serial: 018CC94E6706A3D35BDC2DF7846308BE6E6D
Authority key identifier: 6C:B2:72:DA:1D:81:26:B5:17:19:E5:A3:45:68:80:AD:FA:88:9C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLJy2h2BJrUXGeWjRWiArfqInKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/a3c5a2-5149-4186-b309-cfdcb57b5e1d/1/aJZ7aeyBkqV9KmHG5FOMAAPsbVE.roa
Signing time: Tue 02 Jan 2024 08:33:27 +0000
ROA not before: Tue 02 Jan 2024 08:33:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1930
IP address blocks: 192.84.13.0/24 maxlen: 24
192.84.15.0/24 maxlen: 24
192.138.204.0/24 maxlen: 24
192.92.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/a3c5a2-5149-4186-b309-cfdcb57b5e1d/1/bLJy2h2BJrUXGeWjRWiArfqInKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/a3c5a2-5149-4186-b309-cfdcb57b5e1d/1/bLJy2h2BJrUXGeWjRWiArfqInKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bLJy2h2BJrUXGeWjRWiArfqInKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:67:06:a3:d3:5b:dc:2d:f7:84:63:08:be:6e:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb272da1d8126b51719e5a3456880adfa889ca3
Validity
Not Before: Jan 2 08:33:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68967b69ec8192a57d2a61c6e4538c0003ec6d51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:36:84:2e:a3:7a:ed:34:10:2b:a4:f6:8b:fc:
cc:a4:9a:85:33:de:17:ed:84:35:7a:ea:df:d1:92:
3f:ba:00:21:c1:73:45:1d:cb:a1:0c:80:c5:df:5c:
6b:5f:93:79:cc:82:c7:74:23:79:46:42:7b:f7:11:
8d:80:01:85:61:b3:d7:c0:8b:32:ad:e7:cf:18:5c:
31:ae:e7:ff:9f:33:f4:87:46:bf:db:1a:47:0e:c2:
b2:8d:7e:15:44:b5:8c:ff:30:40:5e:32:f9:b2:11:
59:50:51:3a:ae:f0:48:ad:d5:a4:0e:54:f0:57:f1:
ab:fe:64:2b:f9:be:32:55:38:cb:45:17:aa:cf:ee:
c4:2d:bf:cc:23:31:98:bf:9b:77:b8:97:6b:4b:a5:
1b:11:4a:23:f8:bb:59:51:b4:39:0c:6a:e0:e3:91:
ec:f5:c3:5a:8b:4c:34:f6:c2:8b:88:d2:b1:9d:73:
23:10:cb:fc:c4:92:0a:d5:4f:0d:54:2a:8c:24:7a:
22:98:95:81:fb:4c:74:5d:5f:64:06:68:b1:32:b9:
2f:08:ba:e8:f3:49:06:36:0e:18:bf:67:39:60:7f:
6f:a2:04:62:94:12:72:89:df:6b:1a:e1:4e:49:d8:
42:89:14:77:88:84:33:6e:6d:88:d7:0f:9e:6a:67:
74:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:96:7B:69:EC:81:92:A5:7D:2A:61:C6:E4:53:8C:00:03:EC:6D:51
X509v3 Authority Key Identifier:
keyid:6C:B2:72:DA:1D:81:26:B5:17:19:E5:A3:45:68:80:AD:FA:88:9C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLJy2h2BJrUXGeWjRWiArfqInKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/a3c5a2-5149-4186-b309-cfdcb57b5e1d/1/aJZ7aeyBkqV9KmHG5FOMAAPsbVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/a3c5a2-5149-4186-b309-cfdcb57b5e1d/1/bLJy2h2BJrUXGeWjRWiArfqInKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.84.13.0/24
192.84.15.0/24
192.92.144.0/24
192.138.204.0/24
Signature Algorithm: sha256WithRSAEncryption
61:65:30:f2:5d:59:9a:62:b9:d5:2f:e9:c8:01:b4:aa:81:5c:
f3:17:a0:10:ec:6d:a9:6b:2d:48:38:f5:00:b4:22:7f:4d:48:
4f:8a:60:66:c7:8b:eb:e7:fd:0e:2f:54:ed:fe:46:20:71:9a:
30:24:7c:71:de:de:ad:47:b6:20:73:fb:36:ba:e9:c3:b8:57:
30:1b:39:76:53:2b:61:af:d0:48:54:80:8c:ac:95:56:a2:6f:
a3:c5:63:7b:1d:28:14:67:7a:47:6b:5d:34:97:f3:02:bf:41:
7d:2f:71:a1:74:6d:15:ea:5f:c3:0e:b5:69:a6:8e:2f:30:fc:
72:8c:c4:29:6b:cb:f3:43:2b:3d:03:1e:cb:69:ce:2d:fb:f3:
a3:a1:c9:65:a4:e4:84:9d:39:0f:6c:1e:0f:e8:26:fd:a5:20:
37:db:7a:37:8c:f5:7e:17:18:94:fa:67:29:85:de:75:99:b4:
24:63:c1:3c:d3:53:49:a6:35:dc:b4:bc:ba:78:a5:45:a9:34:
61:4a:45:7b:8f:69:67:e3:db:69:57:0d:73:c9:57:40:33:f3:
95:78:2c:c0:48:bf:dd:40:96:5e:3f:51:b6:12:62:df:5f:e9:
0a:77:fa:e4:3f:83:e8:a9:c3:5f:b2:eb:5c:63:9a:f0:42:3c:
a3:48:04:a8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJTmcGo9Nb3C33hGMIvm5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjI3MmRhMWQ4MTI2YjUxNzE5ZTVhMzQ1Njg4MGFkZmE4
ODljYTMwHhcNMjQwMTAyMDgzMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODk2N2I2OWVjODE5MmE1N2QyYTYxYzZlNDUzOGMwMDAzZWM2ZDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzaELqN67TQQK6T2i/zMpJqFM94X
7YQ1eurf0ZI/ugAhwXNFHcuhDIDF31xrX5N5zILHdCN5RkJ79xGNgAGFYbPXwIsy
refPGFwxruf/nzP0h0a/2xpHDsKyjX4VRLWM/zBAXjL5shFZUFE6rvBIrdWkDlTw
V/Gr/mQr+b4yVTjLRReqz+7ELb/MIzGYv5t3uJdrS6UbEUoj+LtZUbQ5DGrg45Hs
9cNai0w09sKLiNKxnXMjEMv8xJIK1U8NVCqMJHoimJWB+0x0XV9kBmixMrkvCLro
80kGNg4Yv2c5YH9vogRilBJyid9rGuFOSdhCiRR3iIQzbm2I1w+eamd0VwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGiWe2nsgZKlfSphxuRTjAAD7G1RMB8GA1UdIwQY
MBaAFGyyctodgSa1Fxnlo0VogK36iJyjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxKeTJoMkJKclVYR2VXalJXaUFyZnFJbktNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hM2M1YTItNTE0OS00MTg2LWIzMDkt
Y2ZkY2I1N2I1ZTFkLzEvYUpaN2FleUJrcVY5S21IRzVGT01BQVBzYlZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hM2M1YTItNTE0OS00MTg2LWIzMDktY2ZkY2I1N2I1ZTFk
LzEvYkxKeTJoMkJKclVYR2VXalJXaUFyZnFJbktNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwFQNAwQA
wFQPAwQAwFyQAwQAwIrMMA0GCSqGSIb3DQEBCwUAA4IBAQBhZTDyXVmaYrnVL+nI
AbSqgVzzF6AQ7G2pay1IOPUAtCJ/TUhPimBmx4vr5/0OL1Tt/kYgcZowJHxx3t6t
R7Ygc/s2uunDuFcwGzl2Uythr9BIVICMrJVWom+jxWN7HSgUZ3pHa100l/MCv0F9
L3GhdG0V6l/DDrVppo4vMPxyjMQpa8vzQys9Ax7Lac4t+/OjocllpOSEnTkPbB4P
6Cb9pSA323o3jPV+FxiU+mcphd51mbQkY8E801NJpjXctLy6eKVFqTRhSkV7j2ln
49tpVw1zyVdAM/OVeCzASL/dQJZeP1G2EmLfX+kKd/rkP4PoqcNfsutcY5rwQjyj
SASo
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:17:41 2024 by rpki-client on console-ams.rpki-client.org