Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/o0unYtOvK0ypo95RgHxsLRbSEI0.roa
File: o0unYtOvK0ypo95RgHxsLRbSEI0.roa (raw, json)
Hash identifier: /Kszii2RBvuT+vSDoTo/zRmMb8Q32yFP1SEkPKjGPyg=
Subject key identifier: A3:4B:A7:62:D3:AF:2B:4C:A9:A3:DE:51:80:7C:6C:2D:16:D2:10:8D
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 019424B29F30536EE81944593024561F78D7
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/o0unYtOvK0ypo95RgHxsLRbSEI0.roa
Signing time: Thu 02 Jan 2025 01:47:53 +0000
ROA not before: Thu 02 Jan 2025 01:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397240
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 23:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:9f:30:53:6e:e8:19:44:59:30:24:56:1f:78:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 2 01:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a34ba762d3af2b4ca9a3de51807c6c2d16d2108d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:57:d6:86:a9:33:fb:15:76:2a:f8:5f:f9:be:
03:e6:b0:ee:b4:27:3b:ec:3e:8d:dd:13:8c:42:22:
2e:b1:48:ad:ef:6d:30:83:ff:ad:03:42:05:78:b5:
10:a1:e8:ea:55:c4:93:1d:9c:21:6b:02:7c:60:5a:
4e:58:95:f8:c6:f5:db:49:08:d6:fe:ad:95:f5:7d:
29:49:be:94:72:96:45:b2:fa:a4:98:65:58:ce:33:
9d:3e:af:a5:1f:29:88:4e:09:27:49:22:00:e1:c8:
97:e2:98:8b:12:f4:59:3b:ad:57:3d:e9:1c:4c:79:
6f:30:4d:40:54:4a:9c:41:2b:27:f7:88:67:6e:76:
3c:4c:81:33:45:07:c4:cd:41:77:49:e7:17:4b:c9:
cf:7a:16:b4:55:88:04:53:c7:6e:cd:83:0e:d7:75:
b2:61:e8:c2:13:8c:c2:cb:04:d8:d0:5c:c8:7f:6a:
e7:fd:76:07:ec:df:6d:ca:1a:f1:7f:54:39:d7:f5:
e0:15:97:4d:f6:c5:fc:36:23:da:69:69:f3:78:e2:
36:3e:49:0d:a0:cb:77:ac:bf:76:98:f1:13:da:36:
49:63:fb:97:94:90:26:1a:00:73:00:cf:c1:0f:a8:
20:a8:4e:a8:00:31:bb:2d:30:01:34:49:86:17:b5:
f1:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:4B:A7:62:D3:AF:2B:4C:A9:A3:DE:51:80:7C:6C:2D:16:D2:10:8D
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/o0unYtOvK0ypo95RgHxsLRbSEI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
62:8b:19:f2:af:47:78:a6:85:83:d1:fd:f2:8a:e5:ad:ec:84:
7f:0e:a9:b8:7a:b8:96:a6:d7:d9:6c:57:68:c4:62:df:e9:54:
aa:81:71:d0:5a:52:32:6c:7b:1e:af:28:54:d4:e1:a1:e8:17:
aa:86:95:fe:b3:37:42:64:da:e1:79:28:0d:78:ee:19:9d:63:
18:6a:35:aa:81:77:ff:63:0e:ad:54:07:e8:ff:04:0b:49:7a:
11:00:cf:57:78:fe:e8:64:34:8e:7a:5e:3a:1f:bd:d1:21:5d:
95:39:46:fa:43:06:4f:ae:fa:74:dc:8e:de:92:92:7b:2d:37:
2a:ca:69:85:63:2f:7f:a5:c4:96:67:80:3b:cf:65:71:ed:94:
0c:45:85:1a:9e:36:0e:94:71:6f:7a:85:2e:fc:d0:4f:87:e7:
45:d7:a4:27:25:21:9f:99:ef:9d:91:23:6a:bc:ba:44:11:a7:
f9:17:ee:9b:26:47:35:db:2e:0b:d1:78:a2:c3:1f:02:d6:d9:
c3:b2:69:63:ce:98:93:65:e5:be:7e:18:2c:36:e6:3c:3d:d5:
44:5a:4c:4d:28:64:05:4d:f5:b1:c5:e5:fa:3d:f2:3a:e0:90:
a2:53:a9:f3:57:e6:cd:6f:a9:e6:2b:72:f8:24:fe:a9:31:e8:
ca:84:59:9d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQksp8wU27oGURZMCRWH3jXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjUwMTAyMDE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzRiYTc2MmQzYWYyYjRjYTlhM2RlNTE4MDdjNmMyZDE2ZDIxMDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1fWhqkz+xV2Kvhf+b4D5rDutCc7
7D6N3ROMQiIusUit720wg/+tA0IFeLUQoejqVcSTHZwhawJ8YFpOWJX4xvXbSQjW
/q2V9X0pSb6UcpZFsvqkmGVYzjOdPq+lHymITgknSSIA4ciX4piLEvRZO61XPekc
THlvME1AVEqcQSsn94hnbnY8TIEzRQfEzUF3SecXS8nPeha0VYgEU8duzYMO13Wy
YejCE4zCywTY0FzIf2rn/XYH7N9tyhrxf1Q51/XgFZdN9sX8NiPaaWnzeOI2PkkN
oMt3rL92mPET2jZJY/uXlJAmGgBzAM/BD6ggqE6oADG7LTABNEmGF7XxTwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKNLp2LTrytMqaPeUYB8bC0W0hCNMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvbzB1bll0T3ZLMHlwbzk1UmdIeHNMUmJTRUkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBiixnyr0d4poWD0f3y
iuWt7IR/Dqm4eriWptfZbFdoxGLf6VSqgXHQWlIybHseryhU1OGh6BeqhpX+szdC
ZNrheSgNeO4ZnWMYajWqgXf/Yw6tVAfo/wQLSXoRAM9XeP7oZDSOel46H73RIV2V
OUb6QwZPrvp03I7ekpJ7LTcqymmFYy9/pcSWZ4A7z2Vx7ZQMRYUanjYOlHFveoUu
/NBPh+dF16QnJSGfme+dkSNqvLpEEaf5F+6bJkc12y4L0Xiiwx8C1tnDsmljzpiT
ZeW+fhgsNuY8PdVEWkxNKGQFTfWxxeX6PfI64JCiU6nzV+bNb6nmK3L4JP6pMejK
hFmd
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:04:57 2025 by rpki-client