Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/wv61e77oscUDJBn9VYlTu_3AbRM.roa
File: wv61e77oscUDJBn9VYlTu_3AbRM.roa (raw, json)
Hash identifier: WF74l5Tv59hxzHDkv3UDIsUfaTD5KoMxhkr5geA0BW0=
Subject key identifier: C2:FE:B5:7B:BE:E8:B1:C5:03:24:19:FD:55:89:53:BB:FD:C0:6D:13
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 019424B296C2A373DCA4876765E3A342110E
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/wv61e77oscUDJBn9VYlTu_3AbRM.roa
Signing time: Thu 02 Jan 2025 01:47:51 +0000
ROA not before: Thu 02 Jan 2025 01:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397219
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 19:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:96:c2:a3:73:dc:a4:87:67:65:e3:a3:42:11:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 2 01:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2feb57bbee8b1c5032419fd558953bbfdc06d13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ab:09:72:3a:2b:f1:9f:17:65:49:13:2c:9b:
33:f1:b8:46:7f:9a:c3:67:5c:82:56:24:31:ca:96:
15:81:43:fd:50:07:fd:8f:3d:01:1e:c4:bf:cb:76:
53:47:44:ee:65:a9:08:fb:be:c6:a4:35:f2:72:80:
43:ae:1e:bb:0e:d3:b2:89:c8:08:f8:2d:bd:26:ec:
48:00:76:b6:d7:0a:f2:81:87:f3:96:67:8f:af:fd:
ce:fa:2f:b7:53:e3:54:18:76:ea:a8:96:3f:19:7b:
f9:33:3a:aa:04:03:1e:d7:bf:34:e6:b5:a1:d7:a7:
6c:cd:cb:40:b3:ff:a1:e3:25:2f:45:16:9a:74:b2:
4d:50:da:5d:56:23:15:76:39:3a:79:47:56:15:3a:
f1:b1:41:f7:20:ca:8d:fa:c4:4e:98:78:5f:da:b8:
2a:5b:30:d8:96:fc:ce:ca:36:9b:9a:97:f1:f4:f9:
4a:ef:a9:36:81:f8:35:03:32:6c:05:7e:b9:dc:25:
54:81:c8:fd:28:8f:6a:7b:39:0a:b7:a4:b8:9f:59:
ee:41:3a:f1:57:6e:e1:09:f4:b1:66:bc:30:b1:5d:
ff:49:22:3e:bc:06:d2:6c:28:5c:2b:04:f5:0a:b8:
89:30:6b:a6:7d:32:02:98:69:fe:00:7e:eb:58:6e:
19:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:FE:B5:7B:BE:E8:B1:C5:03:24:19:FD:55:89:53:BB:FD:C0:6D:13
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/wv61e77oscUDJBn9VYlTu_3AbRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
81:66:85:cd:71:ba:02:bc:12:e4:be:eb:21:20:9f:fc:7c:4f:
db:f4:6d:95:61:d2:9a:c4:32:d3:9f:53:30:ed:7d:4f:90:58:
11:b2:39:42:0e:b5:a6:eb:ef:b4:59:db:c5:7c:17:cb:d9:13:
4f:f5:8d:ad:21:af:5c:4d:a8:2a:65:fa:a9:60:cd:9f:21:2c:
9c:a4:bf:e8:c2:ed:d3:26:2c:20:cf:bc:52:31:6d:95:fb:fd:
cd:4e:67:d1:73:a5:03:86:b7:10:94:5e:0c:d2:a6:e3:df:19:
d7:3c:64:7b:fd:8a:51:db:bf:f8:74:4b:c5:cc:ea:c7:8e:c0:
e1:88:32:82:f0:d2:5d:69:ac:58:a0:0f:0a:4e:4d:75:4d:ba:
7b:42:8b:46:ad:3a:c4:99:f4:b7:57:d8:aa:fe:6a:1c:89:eb:
36:cf:a9:82:49:e5:d5:5c:79:ea:7c:e7:25:a8:16:fc:84:74:
97:03:8b:61:d0:88:92:10:56:7d:9a:22:87:90:27:04:31:b5:
58:40:3a:6b:c1:18:3f:c5:bb:02:1b:3a:41:f6:2a:7f:54:01:
09:c2:f4:1e:09:f4:95:e4:d3:2d:cc:f2:7d:ef:25:0b:10:47:
7d:b1:70:a2:38:23:44:18:a1:5c:ca:91:aa:00:4a:7b:67:53:
b3:91:33:92
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQkspbCo3PcpIdnZeOjQhEOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjUwMTAyMDE0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmZlYjU3YmJlZThiMWM1MDMyNDE5ZmQ1NTg5NTNiYmZkYzA2ZDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqsJcjor8Z8XZUkTLJsz8bhGf5rD
Z1yCViQxypYVgUP9UAf9jz0BHsS/y3ZTR0TuZakI+77GpDXycoBDrh67DtOyicgI
+C29JuxIAHa21wrygYfzlmePr/3O+i+3U+NUGHbqqJY/GXv5MzqqBAMe17805rWh
16dszctAs/+h4yUvRRaadLJNUNpdViMVdjk6eUdWFTrxsUH3IMqN+sROmHhf2rgq
WzDYlvzOyjabmpfx9PlK76k2gfg1AzJsBX653CVUgcj9KI9qezkKt6S4n1nuQTrx
V27hCfSxZrwwsV3/SSI+vAbSbChcKwT1CriJMGumfTICmGn+AH7rWG4ZAQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFML+tXu+6LHFAyQZ/VWJU7v9wG0TMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvd3Y2MWU3N29zY1VESkJuOVZZbFR1XzNBYlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQCBZoXNcboCvBLkvush
IJ/8fE/b9G2VYdKaxDLTn1Mw7X1PkFgRsjlCDrWm6++0WdvFfBfL2RNP9Y2tIa9c
TagqZfqpYM2fISycpL/owu3TJiwgz7xSMW2V+/3NTmfRc6UDhrcQlF4M0qbj3xnX
PGR7/YpR27/4dEvFzOrHjsDhiDKC8NJdaaxYoA8KTk11Tbp7QotGrTrEmfS3V9iq
/mocies2z6mCSeXVXHnqfOclqBb8hHSXA4th0IiSEFZ9miKHkCcEMbVYQDprwRg/
xbsCGzpB9ip/VAEJwvQeCfSV5NMtzPJ97yULEEd9sXCiOCNEGKFcypGqAEp7Z1Oz
kTOS
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:18:45 2025 by rpki-client