Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/AqFQoZ5tMcenZVTjwiA7wb5NyGQ.roa
File: AqFQoZ5tMcenZVTjwiA7wb5NyGQ.roa (raw, json)
Hash identifier: mIDD2KzFcnMgCK/1kzPsCL33au7Vs9+ruXIfYWsMf4I=
Subject key identifier: 02:A1:50:A1:9E:6D:31:C7:A7:65:54:E3:C2:20:3B:C1:BE:4D:C8:64
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 019424B29D6D8B9A8C5AFC7C23503CD46339
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/AqFQoZ5tMcenZVTjwiA7wb5NyGQ.roa
Signing time: Thu 02 Jan 2025 01:47:52 +0000
ROA not before: Thu 02 Jan 2025 01:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397236
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 15:18:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:9d:6d:8b:9a:8c:5a:fc:7c:23:50:3c:d4:63:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 2 01:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02a150a19e6d31c7a76554e3c2203bc1be4dc864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:57:5f:50:cb:3f:36:b8:57:e9:76:46:9d:ff:
e7:38:0f:93:4a:5b:32:95:04:64:94:c5:b0:ff:72:
4d:7c:67:2d:1c:ed:6a:b1:ed:8e:9e:80:8c:2e:6e:
fe:6b:b2:4b:5d:eb:b5:b1:dd:75:e2:6b:57:4b:3f:
a8:ad:6f:c5:c2:12:52:53:8d:b5:d3:f2:30:39:58:
5a:a7:97:0a:60:c6:ae:6b:e2:08:ff:56:a1:8c:0a:
d9:4e:07:d5:4f:68:47:6d:b6:bd:4f:aa:24:e6:84:
e0:ef:2d:19:d9:a4:34:8b:88:5b:a6:1f:7d:58:74:
70:72:f4:a0:2e:8f:33:f4:26:a8:4e:76:d4:6e:6e:
7d:42:69:66:73:23:87:f0:95:e1:ef:65:c4:f1:5f:
1e:09:4d:11:0a:69:c8:9e:21:6f:29:e7:e9:91:5f:
8c:d9:65:d1:9a:9b:81:10:8b:a2:e4:24:c0:c1:e3:
6a:4b:e4:99:b4:69:6b:a9:96:49:ca:eb:83:95:0c:
3e:77:8a:3a:24:ee:af:94:fa:a3:c4:2a:73:65:15:
90:ea:fa:39:c1:2d:4c:e9:13:91:90:63:a6:74:d7:
84:f3:e9:b9:a9:4f:93:f1:75:1e:65:3a:f1:5f:c8:
00:fc:db:da:c0:c1:69:55:80:88:8d:77:10:56:e6:
56:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A1:50:A1:9E:6D:31:C7:A7:65:54:E3:C2:20:3B:C1:BE:4D:C8:64
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/AqFQoZ5tMcenZVTjwiA7wb5NyGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
19:51:dc:2b:e0:d9:50:35:60:06:1e:43:d1:d3:91:ae:20:0c:
6d:b4:3f:6f:f3:6b:1d:8f:d3:c6:41:9f:a2:91:7e:db:b7:64:
d8:e2:74:7a:57:a5:c5:e8:a0:56:c6:cc:9f:f2:fc:1f:c6:28:
d8:8d:06:fb:e3:84:a6:f2:2a:e8:5b:34:cf:3a:33:5b:0b:de:
c6:5c:32:44:60:58:5a:85:a9:71:c9:ec:00:13:8f:a0:94:2b:
e3:78:b0:c4:e0:1e:e1:6b:11:36:8b:f9:1e:a5:ab:8f:02:ea:
a8:12:8a:a0:e9:68:19:47:9b:db:92:ff:06:da:40:8e:44:60:
3d:ee:92:a5:eb:5e:a8:dd:92:c4:36:09:2c:1f:c5:7f:43:99:
75:3b:c2:d6:50:c1:2a:0a:77:2e:5a:de:83:f0:a6:92:c0:aa:
5a:14:14:9b:40:63:64:ca:3b:a3:f7:54:af:5b:c6:13:8e:cb:
36:5b:2e:01:f2:aa:6f:73:6c:1c:40:db:c2:95:e5:a5:0a:16:
1b:40:71:cb:aa:ed:d6:7e:84:39:e5:55:c8:61:70:70:6e:da:
04:73:fa:7d:2c:b8:fb:9d:8d:37:3e:ae:7a:a9:40:c1:a0:fc:
31:2c:c7:1d:cc:6e:8b:2b:a7:6b:72:d4:7c:4c:1d:e7:bb:7c:
60:83:11:1e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQksp1ti5qMWvx8I1A81GM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjUwMTAyMDE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmExNTBhMTllNmQzMWM3YTc2NTU0ZTNjMjIwM2JjMWJlNGRjODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1dfUMs/NrhX6XZGnf/nOA+TSlsy
lQRklMWw/3JNfGctHO1qse2OnoCMLm7+a7JLXeu1sd114mtXSz+orW/FwhJSU421
0/IwOVhap5cKYMaua+II/1ahjArZTgfVT2hHbba9T6ok5oTg7y0Z2aQ0i4hbph99
WHRwcvSgLo8z9CaoTnbUbm59QmlmcyOH8JXh72XE8V8eCU0RCmnIniFvKefpkV+M
2WXRmpuBEIui5CTAweNqS+SZtGlrqZZJyuuDlQw+d4o6JO6vlPqjxCpzZRWQ6vo5
wS1M6RORkGOmdNeE8+m5qU+T8XUeZTrxX8gA/NvawMFpVYCIjXcQVuZW5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAKhUKGebTHHp2VU48IgO8G+TchkMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvQXFGUW9aNXRNY2VuWlZUandpQTd3YjVOeUdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAZUdwr4NlQNWAGHkPR
05GuIAxttD9v82sdj9PGQZ+ikX7bt2TY4nR6V6XF6KBWxsyf8vwfxijYjQb744Sm
8iroWzTPOjNbC97GXDJEYFhahalxyewAE4+glCvjeLDE4B7haxE2i/kepauPAuqo
Eoqg6WgZR5vbkv8G2kCORGA97pKl616o3ZLENgksH8V/Q5l1O8LWUMEqCncuWt6D
8KaSwKpaFBSbQGNkyjuj91SvW8YTjss2Wy4B8qpvc2wcQNvCleWlChYbQHHLqu3W
foQ55VXIYXBwbtoEc/p9LLj7nY03Pq56qUDBoPwxLMcdzG6LK6drctR8TB3nu3xg
gxEe
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:22:32 2025 by rpki-client