Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/CuWsHbgT_C2B1MpCzl3Tcnh7qDA.roa
File: CuWsHbgT_C2B1MpCzl3Tcnh7qDA.roa (raw, json)
Hash identifier: FydU5iTLeGKnPVKpFCTWxei80LuqHywDP80pxMyuq9w=
Subject key identifier: 0A:E5:AC:1D:B8:13:FC:2D:81:D4:CA:42:CE:5D:D3:72:78:7B:A8:30
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 019424B299DB0A1406FEAEA86E5B31261D42
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/CuWsHbgT_C2B1MpCzl3Tcnh7qDA.roa
Signing time: Thu 02 Jan 2025 01:47:52 +0000
ROA not before: Thu 02 Jan 2025 01:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397226
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:99:db:0a:14:06:fe:ae:a8:6e:5b:31:26:1d:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 2 01:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ae5ac1db813fc2d81d4ca42ce5dd372787ba830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f1:1b:e0:42:c6:c0:dc:a4:d2:b3:ac:62:5a:
04:1a:ef:be:ed:55:0c:60:25:92:2b:4d:32:66:cf:
df:40:62:83:cd:76:d3:d4:92:a8:16:e7:aa:d9:f5:
64:ad:45:69:31:d0:c3:b2:0f:1d:ea:cf:35:57:05:
26:0b:a3:8d:a2:6d:3c:bc:5c:0d:24:23:10:e3:ab:
5c:b9:11:b2:06:f0:16:ff:96:3c:fe:d8:01:29:15:
6e:74:61:10:8f:65:30:49:93:27:be:ab:9c:3b:e7:
44:45:ab:21:3f:51:17:3b:e7:a5:d0:7c:a3:2d:4b:
0d:a9:19:9b:43:5f:e3:cb:ef:c3:0a:18:7a:26:63:
7b:23:b2:64:8b:58:8b:ce:91:62:ac:e9:d3:60:4e:
e4:04:f1:f3:78:a2:8c:17:a5:2a:3d:05:4a:a8:02:
9d:38:5c:37:00:91:0f:a5:e4:0d:09:7b:90:fe:5c:
6b:48:57:6c:8b:c3:ce:48:07:fa:9c:20:65:ef:e2:
5c:98:1f:06:db:c2:9f:57:2d:c5:65:d7:5e:46:ec:
54:9c:c5:43:da:f8:73:6e:b7:7a:9c:a4:38:45:39:
45:8b:e4:ad:4e:20:e0:cb:05:46:a3:8f:8f:d7:c0:
1f:f7:bf:82:5c:ac:f9:fa:a5:f9:58:45:94:93:a0:
c2:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E5:AC:1D:B8:13:FC:2D:81:D4:CA:42:CE:5D:D3:72:78:7B:A8:30
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/CuWsHbgT_C2B1MpCzl3Tcnh7qDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:e6:0b:1f:7a:fa:8c:d0:f8:47:00:50:67:de:c6:47:05:2a:
d2:04:52:69:ab:1c:24:e4:b8:9f:13:40:2c:a0:86:82:d3:68:
71:06:49:88:85:95:e6:69:ac:91:8f:9c:3a:fe:bc:96:0c:79:
1f:d7:34:84:1c:bd:07:50:61:1b:dd:95:63:b1:f2:a2:62:97:
f2:53:7e:01:92:43:07:a4:4d:4c:c6:34:79:d8:2a:83:35:dc:
b2:a2:51:75:c3:d5:a7:1c:92:0e:58:a4:83:a7:36:30:f8:16:
ac:28:d1:07:30:47:27:cc:e8:36:0f:22:45:21:d9:e6:a6:ad:
8c:56:bb:d0:b9:92:a5:f8:2e:99:69:e3:13:62:c3:d1:c5:69:
25:bc:6a:55:e3:6e:96:f3:a2:7a:90:3e:3a:e6:0b:56:ec:21:
79:9d:eb:40:60:12:31:46:6d:25:2e:ee:3b:fc:38:ec:f8:d3:
8f:48:22:ff:bf:31:01:5d:d2:52:46:f6:3a:58:15:76:17:1e:
46:84:ef:3b:c5:ba:c5:09:ab:4e:eb:99:55:24:d0:a9:83:05:
ba:2c:1e:e7:18:2c:35:7f:02:9f:d3:bf:fa:03:55:09:f4:6a:
9c:a7:88:66:3e:04:4f:cc:89:7d:ce:e4:74:71:2c:f0:2c:11:
b2:7a:d0:5b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQkspnbChQG/q6oblsxJh1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjUwMTAyMDE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWU1YWMxZGI4MTNmYzJkODFkNGNhNDJjZTVkZDM3Mjc4N2JhODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfEb4ELGwNyk0rOsYloEGu++7VUM
YCWSK00yZs/fQGKDzXbT1JKoFueq2fVkrUVpMdDDsg8d6s81VwUmC6ONom08vFwN
JCMQ46tcuRGyBvAW/5Y8/tgBKRVudGEQj2UwSZMnvqucO+dERashP1EXO+el0Hyj
LUsNqRmbQ1/jy+/DChh6JmN7I7Jki1iLzpFirOnTYE7kBPHzeKKMF6UqPQVKqAKd
OFw3AJEPpeQNCXuQ/lxrSFdsi8POSAf6nCBl7+JcmB8G28KfVy3FZddeRuxUnMVD
2vhzbrd6nKQ4RTlFi+StTiDgywVGo4+P18Af97+CXKz5+qX5WEWUk6DCYwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFArlrB24E/wtgdTKQs5d03J4e6gwMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvQ3VXc0hiZ1RfQzJCMU1wQ3psM1Rjbmg3cURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAM5gsfevqM0PhHAFBn
3sZHBSrSBFJpqxwk5LifE0AsoIaC02hxBkmIhZXmaayRj5w6/ryWDHkf1zSEHL0H
UGEb3ZVjsfKiYpfyU34BkkMHpE1MxjR52CqDNdyyolF1w9WnHJIOWKSDpzYw+Bas
KNEHMEcnzOg2DyJFIdnmpq2MVrvQuZKl+C6ZaeMTYsPRxWklvGpV426W86J6kD46
5gtW7CF5netAYBIxRm0lLu47/Djs+NOPSCL/vzEBXdJSRvY6WBV2Fx5GhO87xbrF
CatO65lVJNCpgwW6LB7nGCw1fwKf07/6A1UJ9Gqcp4hmPgRPzIl9zuR0cSzwLBGy
etBb
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:33:30 2025 by rpki-client