Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/9T1jIIJIKCIkFmLdLRq47zJ0TW0.roa
File: 9T1jIIJIKCIkFmLdLRq47zJ0TW0.roa (raw, json)
Hash identifier: tMowNqQI/cgY3mPoq6c5EsUp9DbAQ2Gc+l2RC88bGiA=
Subject key identifier: F5:3D:63:20:82:48:28:22:24:16:62:DD:2D:1A:B8:EF:32:74:4D:6D
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC4923D164A0A48254CA773904AC81DCB
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/9T1jIIJIKCIkFmLdLRq47zJ0TW0.roa
Signing time: Mon 01 Jan 2024 10:29:27 +0000
ROA not before: Mon 01 Jan 2024 10:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397227
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:3d:16:4a:0a:48:25:4c:a7:73:90:4a:c8:1d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f53d632082482822241662dd2d1ab8ef32744d6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:6c:2c:03:e7:94:17:77:5d:b2:50:d3:56:9f:
f8:a2:a5:53:cd:3e:b6:bc:c3:0b:86:51:36:1c:73:
d1:b4:a9:8c:60:79:37:12:ca:eb:c1:72:dd:b6:2f:
b7:80:9b:7a:1b:e2:30:f9:c6:77:e4:a0:10:a8:1c:
7f:22:40:f5:b4:e3:09:4b:be:b9:48:84:45:cf:6c:
6d:e5:5d:ae:ba:7f:0c:70:dc:83:d6:2b:0d:b7:8f:
c8:c9:26:c9:70:cb:ad:82:0f:19:fa:a9:95:ce:d6:
27:48:d7:b1:da:ca:c7:70:e3:e8:55:30:73:d9:ab:
ef:91:b2:65:69:e7:6f:f5:33:de:c0:0f:a8:f9:60:
43:1c:7d:28:64:05:05:dd:86:ca:88:10:c3:bf:40:
6e:99:62:ae:a7:95:11:79:17:0b:05:5f:d4:29:12:
a6:1a:5c:46:85:77:6f:f8:08:a3:b0:4f:ae:e7:53:
79:a2:fe:0d:d1:48:85:a4:0b:d5:19:5d:d8:bb:f7:
43:b4:f8:2b:25:20:10:74:79:bf:58:39:f8:08:5e:
ac:9b:46:a4:e9:10:4b:07:79:5c:a0:b7:c3:79:46:
27:d8:cd:41:33:17:ae:7a:f8:3c:1d:cf:e1:d3:be:
a6:5e:29:38:10:ea:b7:ef:61:74:9a:16:ff:20:8c:
b2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:3D:63:20:82:48:28:22:24:16:62:DD:2D:1A:B8:EF:32:74:4D:6D
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/9T1jIIJIKCIkFmLdLRq47zJ0TW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:85:25:64:b1:0a:d3:f4:cc:63:37:32:2f:ca:3d:49:a6:22:
88:75:6c:01:57:fa:91:0b:6d:2d:37:8e:80:f5:df:a4:f4:db:
00:06:d2:62:a9:d8:5c:7c:fd:f9:0c:26:10:60:b8:0f:05:dc:
92:15:53:bf:cd:52:54:14:82:d2:57:fe:a0:f6:5c:0d:a5:0f:
28:f2:07:78:79:25:cc:60:d0:7d:5e:9f:b8:d6:c6:a2:40:64:
6e:ad:5f:c9:72:9e:1a:15:be:ff:55:4d:85:6f:64:ce:e3:05:
48:05:8b:a9:fb:94:13:a6:c5:ce:2c:d2:e5:80:42:30:26:a8:
61:2d:ca:ad:12:b4:46:ce:9e:53:35:86:ed:4a:ef:32:38:1f:
82:24:84:15:46:63:89:47:23:86:92:a1:26:c5:cb:cf:d6:94:
7b:87:1e:5d:9a:2a:1c:6e:6f:6a:69:c5:55:8b:50:4f:ec:01:
e3:26:a7:9a:5c:37:33:2e:45:73:7b:0e:63:0c:2b:5b:ac:ab:
d7:50:82:fc:25:4d:07:c2:01:cb:a2:3e:6c:4e:2a:c7:89:d8:
ca:af:0a:fa:5e:74:35:9b:3c:69:c3:9d:4a:36:7b:b8:ff:69:
9a:ff:19:95:e1:b0:90:3a:58:53:71:6d:63:28:13:5d:5a:3f:
92:bc:c0:96
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkj0WSgpIJUync5BKyB3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTNkNjMyMDgyNDgyODIyMjQxNjYyZGQyZDFhYjhlZjMyNzQ0ZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2wsA+eUF3ddslDTVp/4oqVTzT62
vMMLhlE2HHPRtKmMYHk3EsrrwXLdti+3gJt6G+Iw+cZ35KAQqBx/IkD1tOMJS765
SIRFz2xt5V2uun8McNyD1isNt4/IySbJcMutgg8Z+qmVztYnSNex2srHcOPoVTBz
2avvkbJlaedv9TPewA+o+WBDHH0oZAUF3YbKiBDDv0BumWKup5UReRcLBV/UKRKm
GlxGhXdv+AijsE+u51N5ov4N0UiFpAvVGV3Yu/dDtPgrJSAQdHm/WDn4CF6sm0ak
6RBLB3lcoLfDeUYn2M1BMxeuevg8Hc/h076mXik4EOq372F0mhb/IIyyEQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPU9YyCCSCgiJBZi3S0auO8ydE1tMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvOVQxaklJSklLQ0lrRm1MZExScTQ3ekowVFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBchSVksQrT9MxjNzIv
yj1JpiKIdWwBV/qRC20tN46A9d+k9NsABtJiqdhcfP35DCYQYLgPBdySFVO/zVJU
FILSV/6g9lwNpQ8o8gd4eSXMYNB9Xp+41saiQGRurV/Jcp4aFb7/VU2Fb2TO4wVI
BYup+5QTpsXOLNLlgEIwJqhhLcqtErRGzp5TNYbtSu8yOB+CJIQVRmOJRyOGkqEm
xcvP1pR7hx5dmiocbm9qacVVi1BP7AHjJqeaXDczLkVzew5jDCtbrKvXUIL8JU0H
wgHLoj5sTirHidjKrwr6XnQ1mzxpw51KNnu4/2ma/xmV4bCQOlhTcW1jKBNdWj+S
vMCW
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:46:05 2024 by rpki-client on console-fra.rpki-client.org