Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/hPYLx_9mBj_Ye24Y1_2lQPvsrq4.roa
File: hPYLx_9mBj_Ye24Y1_2lQPvsrq4.roa (raw, json)
Hash identifier: vQ4lqUvsFgblBgv4IH3pH1VZWDEVfeUus2uMPqiXEdM=
Subject key identifier: 84:F6:0B:C7:FF:66:06:3F:D8:7B:6E:18:D7:FD:A5:40:FB:EC:AE:AE
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 019424B29F03ED52C41BD4C709C91E00E2E2
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/hPYLx_9mBj_Ye24Y1_2lQPvsrq4.roa
Signing time: Thu 02 Jan 2025 01:47:53 +0000
ROA not before: Thu 02 Jan 2025 01:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397239
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 23:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:9f:03:ed:52:c4:1b:d4:c7:09:c9:1e:00:e2:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 2 01:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84f60bc7ff66063fd87b6e18d7fda540fbecaeae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:18:2b:b5:de:5d:e7:b1:cd:b4:5e:0f:5b:e5:
6d:e6:32:fc:e0:dd:99:11:a7:89:aa:ae:73:69:1a:
49:70:62:82:5c:2e:1e:5b:c5:51:36:82:54:ba:d9:
62:26:0e:51:bc:79:58:e9:0a:e0:d5:60:b1:5e:2c:
bc:40:8b:e1:25:be:7a:2f:47:b7:c0:26:a6:9e:cf:
91:b1:6b:f3:b6:07:76:41:7d:32:f5:21:9d:3b:54:
2b:d9:d1:7c:c8:6e:69:91:4c:3a:cd:16:e9:89:a8:
aa:04:97:57:e0:23:76:60:fa:5a:40:d4:7a:1d:fe:
f8:cf:cb:c2:78:55:fd:18:e8:2e:8b:71:d8:0f:88:
d2:f9:23:bc:fb:b1:6b:c6:51:86:37:e6:7d:4f:e6:
cd:21:6f:48:52:bd:ca:e5:a0:9f:3d:0a:ca:5f:0c:
4e:df:00:18:51:50:9c:f3:cf:13:98:5a:50:ea:4b:
cb:ef:52:3c:4a:99:89:02:b5:a3:d1:f0:74:81:60:
d4:cb:19:50:94:1e:6a:82:a2:85:55:7e:c5:d3:6b:
2f:07:39:0b:6f:aa:01:37:ea:68:0b:d1:d1:82:22:
d7:9b:9c:8c:ad:99:a9:c0:60:ba:14:49:8f:b4:87:
cd:af:61:00:de:d8:e0:e3:d0:e8:45:9c:12:9d:cb:
99:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F6:0B:C7:FF:66:06:3F:D8:7B:6E:18:D7:FD:A5:40:FB:EC:AE:AE
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/hPYLx_9mBj_Ye24Y1_2lQPvsrq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
18:ce:de:1c:9c:97:80:2a:d5:8f:6f:db:f1:44:a0:6b:5e:a8:
e5:9e:9c:9c:35:83:88:6d:fa:77:5e:1e:74:a9:b3:79:74:ad:
73:15:ff:87:75:eb:a6:5b:f9:89:69:58:2f:31:e3:5e:2f:55:
a8:8c:e8:37:1b:bf:39:67:91:08:17:b9:26:1e:7e:8c:a5:ae:
79:d2:04:3e:d6:56:8f:3e:41:02:48:b9:01:4d:b1:1a:e3:22:
55:48:a4:17:a3:3f:69:f8:6a:93:2a:80:6b:54:69:f6:3c:6d:
e6:19:fb:02:b3:b2:ad:ce:94:41:f4:df:c1:4c:50:64:04:d5:
88:52:3d:63:d1:26:86:b1:cf:24:b3:e5:3a:b0:fc:07:ba:a6:
6b:66:43:c2:0f:4f:c8:9d:46:20:79:bd:0b:ec:37:82:0a:07:
32:b9:d1:3d:a2:b9:9a:2a:98:6e:73:5d:ea:1e:0c:07:69:c1:
7c:85:8e:98:4c:60:ff:05:9f:00:2f:52:bf:4f:1b:18:89:30:
9a:af:76:ee:20:14:0b:b8:53:5d:af:cf:53:9e:df:21:de:88:
25:cb:62:3d:25:02:4c:48:e3:96:86:07:ae:fe:93:0a:ce:40:
22:d3:18:59:c9:c7:71:50:d5:d1:a8:63:04:a4:2b:79:e5:d5:
6d:78:0c:ca
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQksp8D7VLEG9THCckeAOLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjUwMTAyMDE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGY2MGJjN2ZmNjYwNjNmZDg3YjZlMThkN2ZkYTU0MGZiZWNhZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBgrtd5d57HNtF4PW+Vt5jL84N2Z
EaeJqq5zaRpJcGKCXC4eW8VRNoJUutliJg5RvHlY6Qrg1WCxXiy8QIvhJb56L0e3
wCamns+RsWvztgd2QX0y9SGdO1Qr2dF8yG5pkUw6zRbpiaiqBJdX4CN2YPpaQNR6
Hf74z8vCeFX9GOgui3HYD4jS+SO8+7FrxlGGN+Z9T+bNIW9IUr3K5aCfPQrKXwxO
3wAYUVCc888TmFpQ6kvL71I8SpmJArWj0fB0gWDUyxlQlB5qgqKFVX7F02svBzkL
b6oBN+poC9HRgiLXm5yMrZmpwGC6FEmPtIfNr2EA3tjg49DoRZwSncuZwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIT2C8f/ZgY/2HtuGNf9pUD77K6uMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvaFBZTHhfOW1Cal9ZZTI0WTFfMmxRUHZzcnE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAYzt4cnJeAKtWPb9vx
RKBrXqjlnpycNYOIbfp3Xh50qbN5dK1zFf+HdeumW/mJaVgvMeNeL1WojOg3G785
Z5EIF7kmHn6Mpa550gQ+1laPPkECSLkBTbEa4yJVSKQXoz9p+GqTKoBrVGn2PG3m
GfsCs7KtzpRB9N/BTFBkBNWIUj1j0SaGsc8ks+U6sPwHuqZrZkPCD0/InUYgeb0L
7DeCCgcyudE9ormaKphuc13qHgwHacF8hY6YTGD/BZ8AL1K/TxsYiTCar3buIBQL
uFNdr89Tnt8h3ogly2I9JQJMSOOWhgeu/pMKzkAi0xhZycdxUNXRqGMEpCt55dVt
eAzK
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:55:40 2025 by rpki-client