Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/9hsuTTCytTvhgJTlP9qEu95OSEk.roa
File: 9hsuTTCytTvhgJTlP9qEu95OSEk.roa (raw, json)
Hash identifier: qOwnzocB1gJ0wvS93u2XnFn39UbkfSDDOQb5klTmQTw=
Subject key identifier: F6:1B:2E:4D:30:B2:B5:3B:E1:80:94:E5:3F:DA:84:BB:DE:4E:48:49
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC4923F833B479D26A4BEC433822CE00D
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/9hsuTTCytTvhgJTlP9qEu95OSEk.roa
Signing time: Mon 01 Jan 2024 10:29:27 +0000
ROA not before: Mon 01 Jan 2024 10:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397232
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:3f:83:3b:47:9d:26:a4:be:c4:33:82:2c:e0:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f61b2e4d30b2b53be18094e53fda84bbde4e4849
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:83:23:a4:6e:a4:fa:40:a0:e8:c9:60:a6:4e:
a0:4f:14:1c:8d:0d:59:f1:31:db:f8:45:24:ae:41:
9f:f6:27:60:79:5c:76:1f:1d:fc:d1:f1:af:e8:86:
74:8d:c5:48:17:e5:8d:6c:d8:01:90:e2:5c:d9:32:
32:a3:a0:7b:6e:c3:ee:a2:10:38:ab:02:f7:ad:28:
42:68:33:63:65:c9:89:ad:ca:06:1c:88:f4:b2:8b:
09:ee:bb:37:30:c0:00:39:e4:7f:6b:bb:11:2e:46:
95:aa:22:82:2f:b4:2f:79:28:2a:6c:89:79:15:fe:
1f:ca:99:35:61:cd:2d:55:f6:5f:bd:cb:3f:f9:0a:
97:52:f7:c1:07:48:61:63:cc:df:19:18:63:9f:0e:
da:4d:04:18:b6:f2:9e:16:02:b0:6a:23:0d:51:03:
6f:80:f9:35:64:b1:3e:56:06:a1:df:43:47:f2:18:
00:a2:bd:1a:f0:09:f7:9d:ff:f7:62:ff:2b:73:2a:
cc:6e:fa:5b:56:09:ba:d1:6e:da:ed:7e:c3:3c:8a:
25:d7:5e:6a:31:63:29:da:d3:38:ec:ff:c0:5b:a8:
e8:22:a5:3c:7e:eb:b7:9d:49:59:b5:57:28:89:10:
32:09:81:f5:cd:39:26:ac:8a:16:06:8b:fa:d8:67:
a4:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:1B:2E:4D:30:B2:B5:3B:E1:80:94:E5:3F:DA:84:BB:DE:4E:48:49
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/9hsuTTCytTvhgJTlP9qEu95OSEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
74:a2:72:cb:44:4e:64:3f:81:d9:b2:b2:80:5b:57:b1:ce:da:
30:17:fb:e2:98:8c:49:7d:02:4f:4e:a4:11:52:79:11:8e:6d:
48:a1:b4:6e:29:8c:54:4b:2f:ea:61:23:ae:79:2e:26:64:1e:
34:21:ce:8a:fe:66:78:60:7b:95:e2:87:f3:1c:1b:4a:54:26:
13:96:7b:9f:fc:fe:e3:01:74:5f:43:a6:02:f5:05:b2:48:fb:
43:57:25:cc:9d:24:e9:27:74:5f:1c:d7:66:78:ff:68:e4:01:
36:ed:3b:29:65:63:5e:df:d5:83:4a:83:80:54:cb:a6:2f:72:
5d:aa:d8:5b:8f:91:d8:b7:69:7e:ec:da:3f:0f:a6:8c:5c:4b:
75:99:3d:a1:90:e8:1a:16:c8:9f:f0:08:e4:33:6a:00:de:09:
db:d5:8c:cf:0c:05:10:56:15:a7:c9:0f:6f:3c:d1:8e:96:b0:
ce:8c:55:ce:17:f8:3b:9b:da:70:9b:c0:36:84:ab:67:90:62:
32:1f:fc:65:58:5e:cb:1a:31:7a:0e:db:f4:30:4f:15:63:9e:
7b:84:db:9f:79:30:39:32:cb:07:19:d0:17:1c:ae:4e:29:a8:
f5:d9:cd:09:ec:64:ea:93:72:22:07:5e:c7:a7:bf:bd:41:ca:
fd:f5:1d:4a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkj+DO0edJqS+xDOCLOANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjFiMmU0ZDMwYjJiNTNiZTE4MDk0ZTUzZmRhODRiYmRlNGU0ODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroMjpG6k+kCg6Mlgpk6gTxQcjQ1Z
8THb+EUkrkGf9idgeVx2Hx380fGv6IZ0jcVIF+WNbNgBkOJc2TIyo6B7bsPuohA4
qwL3rShCaDNjZcmJrcoGHIj0sosJ7rs3MMAAOeR/a7sRLkaVqiKCL7QveSgqbIl5
Ff4fypk1Yc0tVfZfvcs/+QqXUvfBB0hhY8zfGRhjnw7aTQQYtvKeFgKwaiMNUQNv
gPk1ZLE+Vgah30NH8hgAor0a8An3nf/3Yv8rcyrMbvpbVgm60W7a7X7DPIol115q
MWMp2tM47P/AW6joIqU8fuu3nUlZtVcoiRAyCYH1zTkmrIoWBov62GeklQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPYbLk0wsrU74YCU5T/ahLveTkhJMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvOWhzdVRUQ3l0VHZoZ0pUbFA5cUV1OTVPU0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQB0onLLRE5kP4HZsrKA
W1exztowF/vimIxJfQJPTqQRUnkRjm1IobRuKYxUSy/qYSOueS4mZB40Ic6K/mZ4
YHuV4ofzHBtKVCYTlnuf/P7jAXRfQ6YC9QWySPtDVyXMnSTpJ3RfHNdmeP9o5AE2
7TspZWNe39WDSoOAVMumL3Jdqthbj5HYt2l+7No/D6aMXEt1mT2hkOgaFsif8Ajk
M2oA3gnb1YzPDAUQVhWnyQ9vPNGOlrDOjFXOF/g7m9pwm8A2hKtnkGIyH/xlWF7L
GjF6Dtv0ME8VY557hNufeTA5MssHGdAXHK5OKaj12c0J7GTqk3IiB17Hp7+9Qcr9
9R1K
-----END CERTIFICATE-----
Generated at Tue May 7 23:14:35 2024 by rpki-client on console-fra.rpki-client.org