Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/2k3i8jWfTXZXNgMWu3nuNPvd_DI.roa
File: 2k3i8jWfTXZXNgMWu3nuNPvd_DI.roa (raw, json)
Hash identifier: fyKcM+5nuBSVLcaJ/t52vneKvt9SUHgPFsRkU4aC5mQ=
Subject key identifier: DA:4D:E2:F2:35:9F:4D:76:57:36:03:16:BB:79:EE:34:FB:DD:FC:32
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC4924088952FFB66F6BC8884F28AAEEA
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/2k3i8jWfTXZXNgMWu3nuNPvd_DI.roa
Signing time: Mon 01 Jan 2024 10:29:28 +0000
ROA not before: Mon 01 Jan 2024 10:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397235
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 13:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:40:88:95:2f:fb:66:f6:bc:88:84:f2:8a:ae:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da4de2f2359f4d7657360316bb79ee34fbddfc32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7d:a1:c0:d8:31:30:b2:5a:89:cf:fd:12:51:
08:bd:66:a1:58:ac:2f:c9:db:ff:fe:80:f0:48:d3:
9c:05:04:f3:e8:5e:f7:fb:0f:3c:cd:85:3e:a2:cd:
2a:b0:3e:cc:73:0c:a4:20:f7:11:ac:b4:5b:80:ac:
05:c5:d2:2f:08:0d:d7:6d:34:d6:2a:bb:08:cd:55:
ed:99:25:07:fc:fa:0b:84:f1:89:2b:1c:35:d4:b8:
5c:b9:86:3c:d7:bd:18:1d:9f:34:c7:92:78:94:bf:
1b:0e:dc:22:68:78:53:92:cf:83:68:15:91:03:0f:
15:01:ff:c8:d0:1b:4d:ac:5a:fa:25:c2:07:c1:21:
26:fb:7f:06:1b:36:99:49:0e:95:72:68:d7:dd:3c:
f0:79:fb:73:74:d3:5f:02:cf:5d:e3:a3:fd:9c:05:
9d:9c:ff:23:5b:e8:5f:de:14:8a:fa:9a:e6:b4:4d:
0d:99:f0:bc:6e:bd:83:e7:97:05:42:d0:7d:a2:ba:
83:75:6d:c1:83:d7:7e:e8:32:32:25:bf:a1:b9:bd:
74:b2:e7:3a:32:d3:cd:ae:ae:f5:c8:b1:6a:cb:76:
30:08:f0:30:4f:9f:51:03:94:63:d2:22:51:56:69:
04:b4:e0:b1:39:ae:3b:29:bc:92:2e:16:06:ac:d8:
db:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:4D:E2:F2:35:9F:4D:76:57:36:03:16:BB:79:EE:34:FB:DD:FC:32
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/2k3i8jWfTXZXNgMWu3nuNPvd_DI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
38:98:c5:a5:c2:61:d1:95:bf:0e:af:98:89:f8:83:02:fe:34:
d7:cb:ad:45:78:7c:6e:1b:8c:fc:9e:96:59:34:ee:f2:9c:a3:
ab:54:6e:45:e5:18:a4:cb:42:72:c4:26:83:3d:79:e8:3e:e9:
ea:0e:17:0b:de:eb:ee:1d:69:5b:03:be:cf:8e:a8:d9:a2:a0:
ca:d6:4d:a3:7b:6b:bd:ec:29:b7:ae:32:23:7b:77:7b:d1:a4:
03:f7:37:52:fd:e1:46:b2:fa:5a:d5:a1:8e:42:95:76:31:d4:
60:ac:0d:4c:5f:80:ba:d9:b9:82:fd:d2:7d:9f:84:b5:6d:e9:
1f:4d:31:d3:6e:98:6d:e8:98:87:69:dc:d1:e8:7e:15:8d:6c:
d3:f2:8d:30:79:75:53:03:d5:2d:c5:20:5c:d2:a5:71:12:20:
f4:40:16:fa:ef:24:2a:c2:12:38:1d:93:56:42:dc:90:5a:f4:
f1:78:fa:50:9e:68:f4:b5:1f:22:51:57:b3:1f:73:c0:24:78:
0d:7a:70:93:27:fe:c5:39:e9:a3:aa:52:f4:37:17:09:8e:24:
b8:0c:9e:02:73:ba:05:27:ee:73:4a:3e:14:37:d5:3d:6b:8b:
2b:ac:db:94:f1:18:e5:57:39:6c:bc:c4:53:fb:2d:f0:9f:59:
43:9f:c2:94
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkkCIlS/7Zva8iITyiq7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTRkZTJmMjM1OWY0ZDc2NTczNjAzMTZiYjc5ZWUzNGZiZGRmYzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt32hwNgxMLJaic/9ElEIvWahWKwv
ydv//oDwSNOcBQTz6F73+w88zYU+os0qsD7McwykIPcRrLRbgKwFxdIvCA3XbTTW
KrsIzVXtmSUH/PoLhPGJKxw11LhcuYY8170YHZ80x5J4lL8bDtwiaHhTks+DaBWR
Aw8VAf/I0BtNrFr6JcIHwSEm+38GGzaZSQ6VcmjX3TzweftzdNNfAs9d46P9nAWd
nP8jW+hf3hSK+prmtE0NmfC8br2D55cFQtB9orqDdW3Bg9d+6DIyJb+hub10suc6
MtPNrq71yLFqy3YwCPAwT59RA5Rj0iJRVmkEtOCxOa47KbySLhYGrNjbZQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNpN4vI1n012VzYDFrt57jT73fwyMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvMmszaThqV2ZUWFpYTmdNV3UzbnVOUHZkX0RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQA4mMWlwmHRlb8Or5iJ
+IMC/jTXy61FeHxuG4z8npZZNO7ynKOrVG5F5Riky0JyxCaDPXnoPunqDhcL3uvu
HWlbA77PjqjZoqDK1k2je2u97Cm3rjIje3d70aQD9zdS/eFGsvpa1aGOQpV2MdRg
rA1MX4C62bmC/dJ9n4S1bekfTTHTbpht6JiHadzR6H4VjWzT8o0weXVTA9UtxSBc
0qVxEiD0QBb67yQqwhI4HZNWQtyQWvTxePpQnmj0tR8iUVezH3PAJHgNenCTJ/7F
OemjqlL0NxcJjiS4DJ4Cc7oFJ+5zSj4UN9U9a4srrNuU8RjlVzlsvMRT+y3wn1lD
n8KU
-----END CERTIFICATE-----
Generated at Wed May 1 19:57:17 2024 by rpki-client on console-fra.rpki-client.org