Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/43DuKtgbG447gxcZF5p5U1kh87I.roa
File: 43DuKtgbG447gxcZF5p5U1kh87I.roa (raw, json)
Hash identifier: bR6TXVkCgdJnLrIjSeIx3oDz4U12ORRIGTNa6twixqk=
Subject key identifier: E3:70:EE:2A:D8:1B:1B:8E:3B:83:17:19:17:9A:79:53:59:21:F3:B2
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC492421F52ECF5110CEF220FC40EA102
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/43DuKtgbG447gxcZF5p5U1kh87I.roa
Signing time: Mon 01 Jan 2024 10:29:28 +0000
ROA not before: Mon 01 Jan 2024 10:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397240
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 00:09:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:42:1f:52:ec:f5:11:0c:ef:22:0f:c4:0e:a1:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e370ee2ad81b1b8e3b831719179a79535921f3b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b3:22:9c:8d:ca:46:56:66:7b:4b:30:b1:0e:
8c:e1:6b:0d:1c:7d:5f:44:c7:4f:a5:88:95:0d:63:
23:91:da:25:18:9d:72:25:ad:7c:ee:ad:e2:2c:8d:
bf:e6:90:d9:be:ba:4c:c1:ed:82:17:e2:1c:e0:a5:
93:59:04:3b:9e:9d:e1:0b:a0:22:9b:d9:bd:c5:06:
af:0c:c4:23:f4:c2:bc:db:a4:45:cd:57:37:60:af:
fe:f9:dd:80:db:1d:f2:a9:3a:6c:60:92:0d:19:51:
ff:bc:24:25:cd:97:b4:cb:cc:14:ce:52:66:32:98:
8d:a1:3b:ea:91:8c:14:49:2a:10:0f:ba:e4:21:c9:
8b:4a:3f:46:b7:ff:a7:76:f2:66:cf:82:8b:6d:b7:
15:a6:e0:18:63:02:bc:c1:9f:ca:a2:02:cd:92:04:
6a:e2:85:7c:72:03:59:bb:9a:da:b8:8b:2c:b6:c0:
d3:a5:71:17:c5:db:1a:0e:d2:97:29:84:c8:10:de:
f7:b9:64:55:94:f2:e1:6d:93:0b:5e:85:95:ba:b0:
26:7c:41:6f:19:6f:86:8d:b6:bb:93:c4:21:c5:27:
b9:cc:9f:ad:8e:2e:3a:7d:fa:67:7e:9c:f7:a2:24:
4c:ed:2b:0e:9b:9a:d3:c0:69:86:fd:f5:ab:77:f2:
d7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:70:EE:2A:D8:1B:1B:8E:3B:83:17:19:17:9A:79:53:59:21:F3:B2
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/43DuKtgbG447gxcZF5p5U1kh87I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
28:10:b1:72:45:f2:a3:33:67:d2:0d:05:e6:a4:be:2e:8e:37:
90:51:f2:29:43:22:3e:8e:d5:e4:13:46:aa:c3:45:d7:c1:73:
22:e9:25:3f:dc:27:73:a1:2b:ef:d0:69:1d:29:05:74:70:97:
ec:6c:f2:7d:eb:a4:56:a3:4f:55:39:bd:c6:cb:45:44:64:b1:
53:40:f6:4c:68:80:71:d0:25:58:a9:ea:e3:08:28:ae:c6:ec:
8f:f9:c6:56:99:e6:49:d4:ec:a7:f7:89:a7:b2:ca:36:8d:08:
44:f0:85:a6:0a:40:34:71:24:2e:80:ba:95:93:a6:4a:5d:ca:
44:e8:ae:70:05:74:25:e2:13:3b:9f:67:d9:02:66:5d:48:dd:
68:c8:fa:10:e0:44:86:c2:35:8a:df:65:f2:e9:4c:bd:e2:12:
2d:81:19:7b:3d:03:02:02:d0:e2:25:11:e1:c3:6d:8a:cc:7e:
55:36:ac:c2:e4:2c:57:6b:0f:da:b5:4d:97:35:34:d8:7e:fa:
85:8a:52:1c:7c:32:53:79:aa:f2:53:15:d8:65:f9:33:bd:ae:
32:b9:c0:62:4e:39:b1:e1:61:aa:ab:90:cf:93:48:da:5b:2e:
b5:79:65:1a:8c:d7:9a:85:92:5c:06:29:ec:4c:4a:ef:d4:e0:
4a:f8:8e:15
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkkIfUuz1EQzvIg/EDqECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzcwZWUyYWQ4MWIxYjhlM2I4MzE3MTkxNzlhNzk1MzU5MjFmM2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrMinI3KRlZme0swsQ6M4WsNHH1f
RMdPpYiVDWMjkdolGJ1yJa187q3iLI2/5pDZvrpMwe2CF+Ic4KWTWQQ7np3hC6Ai
m9m9xQavDMQj9MK826RFzVc3YK/++d2A2x3yqTpsYJINGVH/vCQlzZe0y8wUzlJm
MpiNoTvqkYwUSSoQD7rkIcmLSj9Gt/+ndvJmz4KLbbcVpuAYYwK8wZ/KogLNkgRq
4oV8cgNZu5rauIsstsDTpXEXxdsaDtKXKYTIEN73uWRVlPLhbZMLXoWVurAmfEFv
GW+Gjba7k8QhxSe5zJ+tji46ffpnfpz3oiRM7SsOm5rTwGmG/fWrd/LXFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFONw7irYGxuOO4MXGReaeVNZIfOyMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvNDNEdUt0Z2JHNDQ3Z3hjWkY1cDVVMWtoODdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAoELFyRfKjM2fSDQXm
pL4ujjeQUfIpQyI+jtXkE0aqw0XXwXMi6SU/3CdzoSvv0GkdKQV0cJfsbPJ966RW
o09VOb3Gy0VEZLFTQPZMaIBx0CVYqerjCCiuxuyP+cZWmeZJ1Oyn94mnsso2jQhE
8IWmCkA0cSQugLqVk6ZKXcpE6K5wBXQl4hM7n2fZAmZdSN1oyPoQ4ESGwjWK32Xy
6Uy94hItgRl7PQMCAtDiJRHhw22KzH5VNqzC5CxXaw/atU2XNTTYfvqFilIcfDJT
earyUxXYZfkzva4yucBiTjmx4WGqq5DPk0jaWy61eWUajNeahZJcBinsTErv1OBK
+I4V
-----END CERTIFICATE-----
Generated at Fri May 3 03:33:42 2024 by rpki-client on console-ams.rpki-client.org