Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/9XZSOg59x2YlO1Qoo4LM2XPwatk.roa
File: 9XZSOg59x2YlO1Qoo4LM2XPwatk.roa (raw, json)
Hash identifier: RVaWGJ+NeF95vme/uAKTYpjQ3cX+WEewzhSbsSxQkc8=
Subject key identifier: F5:76:52:3A:0E:7D:C7:66:25:3B:54:28:A3:82:CC:D9:73:F0:6A:D9
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC4923DF7F49E6492B762EC7417758C98
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/9XZSOg59x2YlO1Qoo4LM2XPwatk.roa
Signing time: Mon 01 Jan 2024 10:29:27 +0000
ROA not before: Mon 01 Jan 2024 10:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397229
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:3d:f7:f4:9e:64:92:b7:62:ec:74:17:75:8c:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f576523a0e7dc766253b5428a382ccd973f06ad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ce:bd:d6:e6:06:41:00:65:23:3a:9c:2c:0b:
c6:96:af:39:af:c9:f5:75:1e:c7:0e:c4:65:21:01:
36:e0:f7:31:06:14:4d:81:3c:c6:6b:77:bc:f6:7e:
b0:d6:2f:66:cc:94:47:dc:2d:8f:ff:41:56:97:21:
97:76:d4:69:33:18:ea:37:91:10:b4:96:83:21:3b:
0a:31:d2:12:e0:d4:a6:cd:9a:37:e4:f3:30:bd:10:
20:e3:d4:53:39:46:27:4f:54:1a:91:44:86:e2:7a:
8e:23:2c:83:c0:91:05:3b:7c:13:25:ec:96:a0:30:
3f:cd:e3:d1:82:c4:be:3f:a5:e0:f8:fe:69:c9:6a:
4c:0a:cb:0c:f0:03:84:b3:70:85:56:3f:b6:3f:6e:
76:0b:f4:df:8e:19:6a:99:32:a5:31:65:c6:85:ea:
46:54:11:16:1a:a5:ca:a8:f0:d2:8e:7b:05:42:5d:
a0:7d:65:37:b4:be:10:c1:92:81:6b:c5:51:cb:31:
b2:f0:f4:be:19:d3:90:2c:4c:fa:9a:6b:c6:80:c0:
60:4c:bc:91:9b:17:f0:6d:2f:d8:6c:e8:fa:ad:65:
7a:03:8d:ae:f3:b9:8d:9e:51:a1:57:94:ab:ee:24:
f6:b7:27:66:cb:28:a6:6e:93:e8:58:e1:51:36:f3:
68:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:76:52:3A:0E:7D:C7:66:25:3B:54:28:A3:82:CC:D9:73:F0:6A:D9
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/9XZSOg59x2YlO1Qoo4LM2XPwatk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:6b:d5:e3:d9:97:89:c7:a6:dc:62:e0:f4:2a:a0:63:23:78:
a5:ac:43:0d:1e:c1:34:4e:81:e2:d1:48:8c:aa:26:b5:4f:f2:
b1:11:5f:6c:e2:65:0c:a5:04:22:0d:c6:52:ae:e6:07:77:e1:
7a:c1:fa:53:59:de:c8:57:e4:21:e3:45:a3:0d:d6:da:14:8d:
9d:cf:07:9f:14:5b:97:2f:0b:7e:a7:4b:71:c9:ad:e9:63:7e:
1d:b8:0a:ef:d1:c4:b6:cc:d5:c2:7a:c2:d4:e9:77:19:ba:00:
76:8b:77:8c:96:70:55:ec:67:86:df:bd:7c:1b:7c:04:7b:ac:
24:de:98:98:34:64:f7:50:6a:b2:c8:90:4c:f3:77:87:77:0a:
56:5c:e7:ce:fa:ae:11:87:9c:ca:2d:cf:c9:18:e1:8e:6c:7f:
23:10:b8:7d:6d:c2:de:9a:5e:44:1e:ff:21:bf:6a:3f:27:01:
bc:a8:1a:17:8b:6e:01:67:ca:39:09:3e:d1:9c:1d:cc:9a:3b:
aa:00:ed:fa:65:20:c9:1e:d9:29:d3:85:73:2b:49:4b:84:50:
5e:85:36:cc:42:54:12:a1:72:e5:83:2a:98:62:24:6c:28:2b:
c4:88:c3:42:82:3c:0b:7d:06:80:ea:40:ed:48:c6:56:5b:d6:
55:bc:0d:f6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkj339J5kkrdi7HQXdYyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTc2NTIzYTBlN2RjNzY2MjUzYjU0MjhhMzgyY2NkOTczZjA2YWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAys691uYGQQBlIzqcLAvGlq85r8n1
dR7HDsRlIQE24PcxBhRNgTzGa3e89n6w1i9mzJRH3C2P/0FWlyGXdtRpMxjqN5EQ
tJaDITsKMdIS4NSmzZo35PMwvRAg49RTOUYnT1QakUSG4nqOIyyDwJEFO3wTJeyW
oDA/zePRgsS+P6Xg+P5pyWpMCssM8AOEs3CFVj+2P252C/TfjhlqmTKlMWXGhepG
VBEWGqXKqPDSjnsFQl2gfWU3tL4QwZKBa8VRyzGy8PS+GdOQLEz6mmvGgMBgTLyR
mxfwbS/YbOj6rWV6A42u87mNnlGhV5Sr7iT2tydmyyimbpPoWOFRNvNo0QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPV2UjoOfcdmJTtUKKOCzNlz8GrZMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvOVhaU09nNTl4MllsTzFRb280TE0yWFB3YXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBba9Xj2ZeJx6bcYuD0
KqBjI3ilrEMNHsE0ToHi0UiMqia1T/KxEV9s4mUMpQQiDcZSruYHd+F6wfpTWd7I
V+Qh40WjDdbaFI2dzwefFFuXLwt+p0txya3pY34duArv0cS2zNXCesLU6XcZugB2
i3eMlnBV7GeG3718G3wEe6wk3piYNGT3UGqyyJBM83eHdwpWXOfO+q4Rh5zKLc/J
GOGObH8jELh9bcLeml5EHv8hv2o/JwG8qBoXi24BZ8o5CT7RnB3MmjuqAO36ZSDJ
Htkp04VzK0lLhFBehTbMQlQSoXLlgyqYYiRsKCvEiMNCgjwLfQaA6kDtSMZWW9ZV
vA32
-----END CERTIFICATE-----
Generated at Wed May 8 18:18:28 2024 by rpki-client on console-ams.rpki-client.org