Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/ANuF8UOOa2Xdpm6EPQNA4x1Ki-w.roa
File: ANuF8UOOa2Xdpm6EPQNA4x1Ki-w.roa (raw, json)
Hash identifier: 6qCxrz0Zxj0X2qozcjzE21Eiawy9WR7HiBReGhK8Dno=
Subject key identifier: 00:DB:85:F1:43:8E:6B:65:DD:A6:6E:84:3D:03:40:E3:1D:4A:8B:EC
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC4923A55D2FB8952095291FB57ECC5E4
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/ANuF8UOOa2Xdpm6EPQNA4x1Ki-w.roa
Signing time: Mon 01 Jan 2024 10:29:26 +0000
ROA not before: Mon 01 Jan 2024 10:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397220
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 22:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:3a:55:d2:fb:89:52:09:52:91:fb:57:ec:c5:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00db85f1438e6b65dda66e843d0340e31d4a8bec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ec:93:cc:7b:d4:5d:ba:7d:6e:83:3b:50:56:
5a:5f:09:fd:14:00:fe:1d:3b:eb:73:3c:61:ca:f7:
e5:25:ed:44:97:ae:98:8f:a9:8d:04:3c:82:13:de:
9d:54:ba:d3:a2:2a:3b:26:ef:a2:b3:65:17:71:fb:
43:1e:b2:f9:31:70:a7:3e:b6:fb:2d:db:46:06:ee:
7a:e8:1e:06:f0:b2:1d:a3:cb:a0:83:28:f8:e4:40:
b7:97:47:93:79:97:13:ad:94:6b:03:33:f8:9f:02:
3e:0c:3e:ca:0a:b6:df:33:f7:98:9d:06:c2:9b:48:
9a:33:bf:19:67:36:af:96:6d:96:a4:00:e7:ef:4b:
b8:df:e8:89:f6:c8:22:63:6d:58:66:a8:d8:f9:45:
b3:14:43:1b:a6:a8:3c:91:67:31:06:45:14:78:4d:
73:98:31:b2:5c:e4:bd:33:5f:81:3d:96:f0:8b:b2:
01:81:d6:9e:a4:fe:2a:2a:67:23:0d:7e:dd:6b:12:
5e:46:54:c5:d2:c1:1f:f7:f8:20:91:19:9f:9c:c2:
90:86:f9:83:7f:1c:84:27:19:c5:9a:c0:42:53:7f:
b5:56:f8:fd:d8:f7:a9:82:e2:db:f1:87:39:e6:ac:
8c:57:90:ba:da:23:cf:27:6c:97:f9:f0:55:f8:8a:
90:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:DB:85:F1:43:8E:6B:65:DD:A6:6E:84:3D:03:40:E3:1D:4A:8B:EC
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/ANuF8UOOa2Xdpm6EPQNA4x1Ki-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:91:f2:ba:4f:a7:6a:a9:43:b0:67:d9:ed:70:3c:bc:25:e9:
6a:b8:1b:88:7a:58:a3:43:7c:cf:7f:01:6e:f3:7b:93:9e:0a:
2b:60:8c:fd:90:42:42:5c:a5:98:bf:cf:b9:a2:69:9d:44:62:
04:6a:1b:cb:dc:2d:a7:f0:c9:f2:df:1f:f8:6d:90:1e:68:34:
b5:ea:1e:30:b4:da:db:b8:f7:84:12:7f:5a:3f:8e:4d:f5:b2:
60:ce:f6:89:c5:cd:f1:ba:2b:98:95:ab:39:08:2c:90:22:e0:
ba:3b:cb:de:1c:06:5e:95:aa:64:12:66:16:2a:ab:93:31:b0:
b2:aa:44:94:93:8a:d7:14:c7:44:46:42:e6:52:e9:3e:83:a0:
3b:b5:22:be:cb:f8:47:3a:d6:1e:b8:29:2c:b1:33:c7:56:88:
a0:60:20:4f:7a:5d:51:f8:ec:cb:68:33:e3:be:f9:b8:cd:ed:
72:18:91:21:b2:3f:e3:e7:64:5b:7c:17:3f:5d:70:cf:cc:e6:
7e:62:08:2d:2c:96:0b:b6:9e:86:1c:61:c9:06:a6:7e:c9:ae:
09:66:1a:44:f9:a4:d4:9a:a3:2b:7f:02:69:a4:21:e9:5f:ed:
ce:85:5f:f0:bc:1d:88:29:fe:ce:53:b8:54:b1:00:62:e6:07:
fb:8e:a4:dc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkjpV0vuJUglSkftX7MXkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGRiODVmMTQzOGU2YjY1ZGRhNjZlODQzZDAzNDBlMzFkNGE4YmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOyTzHvUXbp9boM7UFZaXwn9FAD+
HTvrczxhyvflJe1El66Yj6mNBDyCE96dVLrToio7Ju+is2UXcftDHrL5MXCnPrb7
LdtGBu566B4G8LIdo8uggyj45EC3l0eTeZcTrZRrAzP4nwI+DD7KCrbfM/eYnQbC
m0iaM78ZZzavlm2WpADn70u43+iJ9sgiY21YZqjY+UWzFEMbpqg8kWcxBkUUeE1z
mDGyXOS9M1+BPZbwi7IBgdaepP4qKmcjDX7daxJeRlTF0sEf9/ggkRmfnMKQhvmD
fxyEJxnFmsBCU3+1Vvj92PepguLb8Yc55qyMV5C62iPPJ2yX+fBV+IqQ1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFADbhfFDjmtl3aZuhD0DQOMdSovsMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvQU51RjhVT09hMlhkcG02RVBRTkE0eDFLaS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQA+kfK6T6dqqUOwZ9nt
cDy8JelquBuIelijQ3zPfwFu83uTngorYIz9kEJCXKWYv8+5ommdRGIEahvL3C2n
8Mny3x/4bZAeaDS16h4wtNrbuPeEEn9aP45N9bJgzvaJxc3xuiuYlas5CCyQIuC6
O8veHAZelapkEmYWKquTMbCyqkSUk4rXFMdERkLmUuk+g6A7tSK+y/hHOtYeuCks
sTPHVoigYCBPel1R+OzLaDPjvvm4ze1yGJEhsj/j52RbfBc/XXDPzOZ+YggtLJYL
tp6GHGHJBqZ+ya4JZhpE+aTUmqMrfwJppCHpX+3OhV/wvB2IKf7OU7hUsQBi5gf7
jqTc
-----END CERTIFICATE-----
Generated at Mon May 20 04:47:11 2024 by rpki-client on console-fra.rpki-client.org