Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/A7nrWQx5l76hJYU3Mqg8uzxvrBY.roa
File: A7nrWQx5l76hJYU3Mqg8uzxvrBY.roa (raw, json)
Hash identifier: 0C0d3q5iZiuNTFqDyJ9GIjvIBGyB1Y9G7UcPjVAgRIM=
Subject key identifier: 03:B9:EB:59:0C:79:97:BE:A1:25:85:37:32:A8:3C:BB:3C:6F:AC:16
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC49241F18CCA7AA2B8723DDFF65492B7
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/A7nrWQx5l76hJYU3Mqg8uzxvrBY.roa
Signing time: Mon 01 Jan 2024 10:29:28 +0000
ROA not before: Mon 01 Jan 2024 10:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397239
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:41:f1:8c:ca:7a:a2:b8:72:3d:df:f6:54:92:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03b9eb590c7997bea125853732a83cbb3c6fac16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d5:83:15:e0:cb:f1:a8:ad:84:74:e7:5d:2c:
7a:66:f6:69:5c:51:20:7c:83:a9:d0:58:89:d6:c7:
b7:95:79:37:fb:d6:b5:a0:12:8f:38:20:14:3c:9c:
10:27:3c:62:c0:96:b9:9d:5b:59:64:3e:e2:6d:57:
f6:f1:ad:5c:e4:c5:07:ce:af:9c:ee:2d:24:95:c8:
17:c3:c9:2c:ce:41:4b:63:c0:86:c1:4d:59:71:fc:
a7:3a:ba:c5:47:34:97:70:f2:e1:50:44:12:0b:5d:
2b:a8:7e:8e:7b:c8:5d:c9:a5:20:47:b9:2c:4b:d5:
37:12:22:2e:8c:26:4d:50:bf:f5:d6:85:dc:2f:e9:
1a:4f:02:3b:eb:e9:0e:79:2b:ca:eb:52:bd:a1:15:
2c:bf:cc:ee:a6:ca:44:1b:c1:2a:6f:e2:45:3f:c2:
7b:ae:f6:9c:d5:d6:b8:4e:59:94:9f:40:ef:ad:82:
50:98:aa:80:56:85:ca:ba:68:32:34:d9:1e:3f:3f:
ea:05:98:71:ab:06:c8:84:1f:52:6b:17:7e:7d:83:
66:26:92:aa:7b:b7:9d:e1:fb:24:25:d7:66:fa:b5:
14:05:87:9e:8f:79:85:10:1a:86:23:75:7b:70:b9:
e2:d4:05:a1:c9:99:3b:d2:d9:1b:a2:0f:98:ca:a5:
31:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:B9:EB:59:0C:79:97:BE:A1:25:85:37:32:A8:3C:BB:3C:6F:AC:16
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/A7nrWQx5l76hJYU3Mqg8uzxvrBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
01:16:8a:b9:76:72:a8:fc:cd:41:4b:2d:42:9f:b1:8e:2a:fd:
ae:c3:19:17:73:e9:dd:d8:21:80:cf:de:0b:f8:b3:7b:d2:f1:
95:ae:60:c8:ee:35:7d:ea:4d:1c:40:c3:a9:04:de:3a:39:e4:
fe:d2:7f:a6:53:af:75:9d:6e:71:80:da:69:aa:51:de:a1:dd:
66:72:91:87:18:42:6f:44:42:df:c5:11:cd:98:a3:43:da:64:
de:ef:b3:2f:fa:7c:08:37:f6:7d:2c:ea:ec:4c:64:98:e6:a9:
0a:7c:4f:71:6b:bb:28:5c:5c:5c:31:ee:8c:f9:ab:a2:4d:9d:
01:95:d5:d0:8b:94:eb:1a:e7:43:09:44:1e:24:ae:d9:17:75:
ff:f8:6f:ea:3d:a0:4b:82:aa:d3:83:79:d5:ee:8e:ff:01:94:
4a:bf:15:38:c0:4e:fa:03:cf:fa:73:56:c0:d8:ac:a4:1f:44:
96:c6:95:80:4f:aa:58:9d:77:5d:d9:53:52:e1:de:ea:75:d0:
a9:48:9c:4e:d9:66:f6:df:28:29:68:53:c3:ff:e4:66:00:e2:
b0:42:77:98:80:0d:a8:4b:bd:6d:0c:32:4a:4c:36:f4:41:b3:
07:af:41:0f:d8:ad:93:ae:8f:8e:ac:07:c6:0e:ff:08:64:5e:
9f:0c:d4:fd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkkHxjMp6orhyPd/2VJK3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2I5ZWI1OTBjNzk5N2JlYTEyNTg1MzczMmE4M2NiYjNjNmZhYzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9WDFeDL8aithHTnXSx6ZvZpXFEg
fIOp0FiJ1se3lXk3+9a1oBKPOCAUPJwQJzxiwJa5nVtZZD7ibVf28a1c5MUHzq+c
7i0klcgXw8kszkFLY8CGwU1ZcfynOrrFRzSXcPLhUEQSC10rqH6Oe8hdyaUgR7ks
S9U3EiIujCZNUL/11oXcL+kaTwI76+kOeSvK61K9oRUsv8zupspEG8Eqb+JFP8J7
rvac1da4TlmUn0DvrYJQmKqAVoXKumgyNNkePz/qBZhxqwbIhB9Saxd+fYNmJpKq
e7ed4fskJddm+rUUBYeej3mFEBqGI3V7cLni1AWhyZk70tkbog+YyqUx0QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAO561kMeZe+oSWFNzKoPLs8b6wWMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvQTducldReDVsNzZoSllVM01xZzh1enh2ckJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQABFoq5dnKo/M1BSy1C
n7GOKv2uwxkXc+nd2CGAz94L+LN70vGVrmDI7jV96k0cQMOpBN46OeT+0n+mU691
nW5xgNppqlHeod1mcpGHGEJvRELfxRHNmKND2mTe77Mv+nwIN/Z9LOrsTGSY5qkK
fE9xa7soXFxcMe6M+auiTZ0BldXQi5TrGudDCUQeJK7ZF3X/+G/qPaBLgqrTg3nV
7o7/AZRKvxU4wE76A8/6c1bA2KykH0SWxpWAT6pYnXdd2VNS4d7qddCpSJxO2Wb2
3ygpaFPD/+RmAOKwQneYgA2oS71tDDJKTDb0QbMHr0EP2K2Tro+OrAfGDv8IZF6f
DNT9
-----END CERTIFICATE-----
Generated at Sun May 19 22:57:08 2024 by rpki-client on console-fra.rpki-client.org