Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/dd41f5-bc06-4c97-9ed8-fc460ff98e31/1/awRI-yZjhCrwkBxvflQ96py528I.roa
File: awRI-yZjhCrwkBxvflQ96py528I.roa (raw, json)
Hash identifier: NOcmotxNQ+7MKKVh76cnZHAYwH87rKrgslevl9MQndU=
Subject key identifier: 6B:04:48:FB:26:63:84:2A:F0:90:1C:6F:7E:54:3D:EA:9C:B9:DB:C2
Certificate issuer: /CN=abaedf2f8128f48eb8113bfaf4d67d901049093a
Certificate serial: 018CC4244882588D0C80B1186CCDE1E5BCD9
Authority key identifier: AB:AE:DF:2F:81:28:F4:8E:B8:11:3B:FA:F4:D6:7D:90:10:49:09:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q67fL4Eo9I64ETv69NZ9kBBJCTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/dd41f5-bc06-4c97-9ed8-fc460ff98e31/1/awRI-yZjhCrwkBxvflQ96py528I.roa
Signing time: Mon 01 Jan 2024 08:29:21 +0000
ROA not before: Mon 01 Jan 2024 08:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198183
IP address blocks: 130.255.89.0/24 maxlen: 24
130.255.88.0/24 maxlen: 24
130.255.91.0/24 maxlen: 24
130.255.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/dd41f5-bc06-4c97-9ed8-fc460ff98e31/1/q67fL4Eo9I64ETv69NZ9kBBJCTo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/dd41f5-bc06-4c97-9ed8-fc460ff98e31/1/q67fL4Eo9I64ETv69NZ9kBBJCTo.mft
rsync://rpki.ripe.net/repository/DEFAULT/q67fL4Eo9I64ETv69NZ9kBBJCTo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:48:82:58:8d:0c:80:b1:18:6c:cd:e1:e5:bc:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abaedf2f8128f48eb8113bfaf4d67d901049093a
Validity
Not Before: Jan 1 08:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b0448fb2663842af0901c6f7e543dea9cb9dbc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:01:8f:02:63:e6:7b:e2:29:40:2a:03:9a:b4:
81:c4:94:b2:f3:eb:e1:c7:33:c0:4d:7c:56:3b:70:
31:f6:7e:8f:47:47:18:e2:3b:4d:28:82:a1:1d:21:
92:3d:22:b1:21:e7:1f:61:77:79:9b:3b:b7:1a:74:
02:7d:35:8d:d2:be:7a:14:e7:a2:db:8f:4a:8a:aa:
78:4c:c6:62:98:1a:bb:8c:1f:f5:1d:cd:98:0f:ea:
2b:0d:69:96:64:c1:8a:84:21:65:e4:5a:34:35:cd:
35:88:10:ea:07:84:f6:28:3e:e9:97:52:af:df:53:
87:32:4b:89:0d:f5:a3:65:cb:c8:27:7a:02:0f:5d:
34:de:59:86:d5:c5:64:ab:1c:43:16:f1:73:6b:35:
df:88:cb:26:1e:31:97:e8:7a:29:da:43:38:e7:ba:
44:d5:18:4a:d7:4f:f2:88:6f:7c:f5:37:3c:e0:a1:
3f:80:b5:0e:d5:36:ba:ee:dc:fb:b6:b0:b7:b5:3a:
7c:1c:8a:f0:12:36:22:2a:26:56:50:72:84:5b:9b:
97:6e:cb:06:09:f1:69:d8:18:49:d6:a8:75:e1:cb:
b9:af:ac:29:12:69:92:02:34:1b:78:40:5c:75:0f:
e3:9f:ca:49:c0:20:dd:24:cf:1c:8d:f0:fd:f1:1e:
44:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:04:48:FB:26:63:84:2A:F0:90:1C:6F:7E:54:3D:EA:9C:B9:DB:C2
X509v3 Authority Key Identifier:
keyid:AB:AE:DF:2F:81:28:F4:8E:B8:11:3B:FA:F4:D6:7D:90:10:49:09:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q67fL4Eo9I64ETv69NZ9kBBJCTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/dd41f5-bc06-4c97-9ed8-fc460ff98e31/1/awRI-yZjhCrwkBxvflQ96py528I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/dd41f5-bc06-4c97-9ed8-fc460ff98e31/1/q67fL4Eo9I64ETv69NZ9kBBJCTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.88.0/22
Signature Algorithm: sha256WithRSAEncryption
02:54:d6:e1:d6:45:2c:61:d6:b3:cd:da:af:c3:3f:4d:9f:11:
bf:ac:e5:df:b0:61:82:33:1c:88:7e:b6:54:01:15:9d:aa:76:
f5:50:a7:c3:75:24:b0:dc:cd:2f:fb:72:5d:b9:46:bc:b5:db:
85:7e:4b:f9:bb:d7:93:79:f0:ff:81:85:50:b1:20:43:2a:8e:
c6:55:39:1e:1e:b4:29:31:8a:e2:7b:f5:a3:0c:0f:d4:80:24:
d2:4a:29:5c:bd:f3:99:dd:f3:54:84:79:af:4b:4c:81:64:11:
0b:ff:f7:05:ad:35:e6:28:81:0f:2e:cf:74:18:a1:cf:26:36:
38:6d:2b:ed:4e:5a:b9:7e:fc:6d:16:c0:84:28:83:da:0b:5d:
20:5b:e1:3a:e3:13:bd:ba:bf:51:a3:84:0b:ef:2b:9f:77:80:
01:50:5a:9a:c7:90:d0:5e:28:52:60:31:c5:af:7f:9a:d3:1b:
9a:a8:56:40:75:30:f2:af:53:33:02:60:9e:f3:80:02:34:46:
43:6e:32:93:7e:cc:48:c3:1d:95:1c:28:e6:62:51:d8:48:5f:
f6:02:36:3c:f4:64:53:75:cf:1d:ab:9a:6a:aa:1e:7b:2e:b9:
33:29:21:af:c9:2f:13:14:cb:ee:92:12:fc:eb:6c:28:ef:bb:
e2:70:bc:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJEiCWI0MgLEYbM3h5bzZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYWVkZjJmODEyOGY0OGViODExM2JmYWY0ZDY3ZDkwMTA0
OTA5M2EwHhcNMjQwMTAxMDgyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjA0NDhmYjI2NjM4NDJhZjA5MDFjNmY3ZTU0M2RlYTljYjlkYmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgGPAmPme+IpQCoDmrSBxJSy8+vh
xzPATXxWO3Ax9n6PR0cY4jtNKIKhHSGSPSKxIecfYXd5mzu3GnQCfTWN0r56FOei
249Kiqp4TMZimBq7jB/1Hc2YD+orDWmWZMGKhCFl5Fo0Nc01iBDqB4T2KD7pl1Kv
31OHMkuJDfWjZcvIJ3oCD1003lmG1cVkqxxDFvFzazXfiMsmHjGX6Hop2kM457pE
1RhK10/yiG989Tc84KE/gLUO1Ta67tz7trC3tTp8HIrwEjYiKiZWUHKEW5uXbssG
CfFp2BhJ1qh14cu5r6wpEmmSAjQbeEBcdQ/jn8pJwCDdJM8cjfD98R5EcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGsESPsmY4Qq8JAcb35UPeqcudvCMB8GA1UdIwQY
MBaAFKuu3y+BKPSOuBE7+vTWfZAQSQk6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTY3Zkw0RW85STY0RVR2NjlOWjlrQkJKQ1RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9kZDQxZjUtYmMwNi00Yzk3LTllZDgt
ZmM0NjBmZjk4ZTMxLzEvYXdSSS15WmpoQ3J3a0J4dmZsUTk2cHk1MjhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9kZDQxZjUtYmMwNi00Yzk3LTllZDgtZmM0NjBmZjk4ZTMx
LzEvcTY3Zkw0RW85STY0RVR2NjlOWjlrQkJKQ1RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCgv9YMA0G
CSqGSIb3DQEBCwUAA4IBAQACVNbh1kUsYdazzdqvwz9NnxG/rOXfsGGCMxyIfrZU
ARWdqnb1UKfDdSSw3M0v+3JduUa8tduFfkv5u9eTefD/gYVQsSBDKo7GVTkeHrQp
MYrie/WjDA/UgCTSSilcvfOZ3fNUhHmvS0yBZBEL//cFrTXmKIEPLs90GKHPJjY4
bSvtTlq5fvxtFsCEKIPaC10gW+E64xO9ur9Ro4QL7yufd4ABUFqax5DQXihSYDHF
r3+a0xuaqFZAdTDyr1MzAmCe84ACNEZDbjKTfsxIwx2VHCjmYlHYSF/2AjY89GRT
dc8dq5pqqh57LrkzKSGvyS8TFMvukhL862wo77vicLyQ
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:57:13 2024 by rpki-client on console-ams.rpki-client.org