Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/rMButntV5GnO7W7_TuF_ZPA6g1Q.roa
File: rMButntV5GnO7W7_TuF_ZPA6g1Q.roa (raw, json)
Hash identifier: QKYvOeC5NwDMQzqYncxkm8rqO0746QVz/H7okZ5iBmI=
Subject key identifier: AC:C0:6E:B6:7B:55:E4:69:CE:ED:6E:FF:4E:E1:7F:64:F0:3A:83:54
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 019424B29B00CF292E8FAD59D91F843343B1
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/rMButntV5GnO7W7_TuF_ZPA6g1Q.roa
Signing time: Thu 02 Jan 2025 01:47:52 +0000
ROA not before: Thu 02 Jan 2025 01:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397229
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 23:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:9b:00:cf:29:2e:8f:ad:59:d9:1f:84:33:43:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 2 01:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=acc06eb67b55e469ceed6eff4ee17f64f03a8354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:08:a6:21:b1:f7:ba:9e:f7:26:4d:33:6a:77:
77:38:54:82:6d:05:a2:87:98:24:de:f2:14:8c:60:
af:29:11:30:48:7c:72:4a:87:13:51:f0:e6:36:e2:
b1:a9:69:ab:25:c1:bd:91:11:0d:c6:e1:ff:28:d1:
c9:33:3f:8b:f9:76:9e:58:ac:47:a7:61:38:cb:20:
55:4a:3a:b7:58:d9:be:63:af:d7:59:65:1f:42:62:
c5:ae:71:2c:d6:8e:85:a6:94:ed:f0:25:38:82:01:
2d:fd:53:a9:f3:f5:d1:53:a2:2b:25:99:dc:1f:37:
fb:79:8d:cf:e9:67:86:9b:0b:b4:51:00:d9:fb:4b:
10:64:ed:d9:c5:4a:03:05:0f:6f:a5:63:df:bb:cb:
cc:a7:cf:77:5b:62:58:e7:f3:b9:a6:43:d5:45:5e:
1e:91:2c:f9:63:4c:5c:be:1e:46:dd:1a:02:de:8d:
51:fa:d6:7a:9c:4f:12:da:42:7c:3a:ae:75:26:a7:
9d:8d:bf:5b:75:d4:96:63:ad:bc:2e:29:46:a2:db:
a6:4b:37:a3:e4:b3:df:c2:b5:be:01:77:5c:4f:25:
41:f5:d3:1a:93:45:ed:c2:b0:21:ee:f5:4f:f4:85:
5b:7c:f7:a8:9e:fe:b4:4b:59:6e:5a:81:43:53:a2:
de:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C0:6E:B6:7B:55:E4:69:CE:ED:6E:FF:4E:E1:7F:64:F0:3A:83:54
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/rMButntV5GnO7W7_TuF_ZPA6g1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
81:5d:0d:fc:1c:7f:af:0f:a0:22:6a:df:e7:66:1b:c9:e0:74:
43:28:00:b2:4f:93:83:2d:7a:a2:07:f0:00:a7:b6:8f:1e:64:
bc:d0:a7:62:e5:46:33:89:33:bd:8b:cf:f1:c0:2f:5a:16:23:
40:3e:fb:97:af:8c:4e:55:f8:4e:0e:39:64:12:13:11:31:b8:
8c:b8:41:ac:03:48:63:17:48:15:75:6e:a2:2a:50:2c:47:c9:
2a:ff:f9:ea:87:c9:98:d1:cc:d2:8a:ce:ad:9c:69:76:69:6b:
3e:59:c5:06:d4:ab:c8:c7:9d:bb:75:23:87:4e:c9:85:6b:06:
51:dd:39:55:85:4e:e2:8d:e2:af:80:49:ee:64:54:23:71:73:
ff:81:91:02:96:cd:36:9e:df:8e:eb:25:94:1e:e9:2e:6c:98:
18:dd:fa:e0:68:8d:2f:1d:00:23:7d:92:94:cc:ae:13:e0:8b:
70:24:e3:95:bd:01:c0:78:e2:30:20:98:f2:76:d2:59:e8:dc:
33:d4:a7:54:3a:e6:11:5c:bb:19:d5:95:07:16:b3:17:06:73:
ff:84:4d:54:ee:cf:56:96:a0:8c:ff:0f:58:97:bb:b4:c5:43:
2e:a3:41:7a:4c:8a:37:e8:cd:6d:13:f0:1d:38:ab:5d:89:e8:
4b:94:2d:9e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQkspsAzykuj61Z2R+EM0OxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjUwMTAyMDE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2MwNmViNjdiNTVlNDY5Y2VlZDZlZmY0ZWUxN2Y2NGYwM2E4MzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8QimIbH3up73Jk0zand3OFSCbQWi
h5gk3vIUjGCvKREwSHxySocTUfDmNuKxqWmrJcG9kRENxuH/KNHJMz+L+XaeWKxH
p2E4yyBVSjq3WNm+Y6/XWWUfQmLFrnEs1o6FppTt8CU4ggEt/VOp8/XRU6IrJZnc
Hzf7eY3P6WeGmwu0UQDZ+0sQZO3ZxUoDBQ9vpWPfu8vMp893W2JY5/O5pkPVRV4e
kSz5Y0xcvh5G3RoC3o1R+tZ6nE8S2kJ8Oq51Jqedjb9bddSWY628LilGotumSzej
5LPfwrW+AXdcTyVB9dMak0XtwrAh7vVP9IVbfPeonv60S1luWoFDU6LeJwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKzAbrZ7VeRpzu1u/07hf2TwOoNUMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvck1CdXRudFY1R25PN1c3X1R1Rl9aUEE2ZzFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQCBXQ38HH+vD6Aiat/n
ZhvJ4HRDKACyT5ODLXqiB/AAp7aPHmS80Kdi5UYziTO9i8/xwC9aFiNAPvuXr4xO
VfhODjlkEhMRMbiMuEGsA0hjF0gVdW6iKlAsR8kq//nqh8mY0czSis6tnGl2aWs+
WcUG1KvIx527dSOHTsmFawZR3TlVhU7ijeKvgEnuZFQjcXP/gZECls02nt+O6yWU
HukubJgY3frgaI0vHQAjfZKUzK4T4ItwJOOVvQHAeOIwIJjydtJZ6Nwz1KdUOuYR
XLsZ1ZUHFrMXBnP/hE1U7s9WlqCM/w9Yl7u0xUMuo0F6TIo36M1tE/AdOKtdiehL
lC2e
-----END CERTIFICATE-----
Generated at Thu Apr 10 09:08:27 2025 by rpki-client