Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/C3zigT_QMOrsopIvhHKQqigFAd4.roa
File: C3zigT_QMOrsopIvhHKQqigFAd4.roa (raw, json)
Hash identifier: 7seTOjGVO187r7acC6pSfLV8quCGOJKpIoAlbkBgZic=
Subject key identifier: 0B:7C:E2:81:3F:D0:30:EA:EC:A2:92:2F:84:72:90:AA:28:05:01:DE
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC49241B76F13A71BB2D06BA826B009F5
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/C3zigT_QMOrsopIvhHKQqigFAd4.roa
Signing time: Mon 01 Jan 2024 10:29:28 +0000
ROA not before: Mon 01 Jan 2024 10:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397238
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:41:b7:6f:13:a7:1b:b2:d0:6b:a8:26:b0:09:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b7ce2813fd030eaeca2922f847290aa280501de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:3e:bb:da:20:ec:53:dc:c1:c0:02:5a:4f:7f:
76:ff:0a:a1:4b:49:40:cc:06:54:1d:97:74:24:d4:
4f:33:e3:fb:09:67:81:5e:c2:26:5c:12:4a:f2:0e:
80:b8:6c:ff:02:12:2e:e7:a1:87:dd:e2:d9:45:36:
79:cf:9e:cd:cf:6d:15:8c:f0:00:ad:f9:06:51:a9:
ca:aa:7f:94:1e:8c:72:dc:ee:a4:e7:1f:5c:c9:09:
da:6f:8b:8b:3e:ae:5a:53:f9:80:49:59:82:27:33:
a1:bc:36:fb:50:21:e7:94:97:dc:e4:64:6f:a7:bc:
a6:de:2f:7b:fa:96:b6:ca:e4:d9:0c:26:d9:22:dc:
0f:03:15:0d:c0:ee:e6:18:fc:0a:e8:62:5e:9d:10:
80:da:c5:ac:e8:d4:78:9e:5a:05:73:ea:11:f2:a6:
43:c9:ab:36:3b:40:1d:49:de:2e:d7:59:73:ca:91:
7f:e0:1d:97:bf:b8:0f:3e:65:c4:f4:47:e6:f8:23:
e6:d8:4a:c1:93:1f:a1:cf:9d:f1:de:0e:0e:1e:07:
e0:dc:5c:99:10:eb:91:a7:60:d1:7d:40:f8:6c:00:
2b:08:47:31:dc:ae:0f:96:ee:d8:77:92:7f:be:e6:
1c:a1:d0:b3:35:12:d8:0a:ae:a5:af:59:d6:36:44:
e7:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:7C:E2:81:3F:D0:30:EA:EC:A2:92:2F:84:72:90:AA:28:05:01:DE
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/C3zigT_QMOrsopIvhHKQqigFAd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:0a:43:73:aa:4f:2d:fb:03:83:89:81:b7:84:4a:de:a0:85:
5f:ad:f9:c5:9b:75:87:ab:00:b0:71:75:1f:34:f2:1d:d2:33:
cc:33:5d:e6:d1:34:40:fa:4e:6c:3c:ce:55:7a:f6:e7:4e:5e:
2a:bc:de:dc:9a:58:6f:3a:7f:27:c3:71:e4:95:87:b5:8a:71:
44:d8:dd:68:d2:c6:04:9d:f1:be:24:a9:5c:6e:22:51:2d:f5:
4a:d5:2d:f0:dd:42:1f:34:70:45:01:8b:12:c2:83:0f:1e:4d:
b5:b4:25:ea:07:19:32:50:2e:c5:f5:f6:ce:02:55:eb:24:8b:
55:e2:2b:4e:50:30:82:e6:96:02:a0:13:fd:8e:8d:2c:74:22:
76:e5:18:5c:05:f4:ab:fa:76:46:b7:03:31:dc:02:7e:21:ea:
c8:20:98:5a:f5:dd:44:03:cf:48:ec:d1:b6:a3:2c:30:a0:2b:
d2:fa:7f:17:5e:c0:0c:58:b0:5c:58:11:08:c8:dc:aa:27:52:
19:d6:fb:d8:ae:67:ea:e8:3a:6f:b2:28:85:ca:df:08:af:be:
c2:10:e4:91:73:ff:5e:81:0c:54:de:ef:ae:3b:cb:18:21:2f:
e7:a7:99:a5:e9:c7:43:37:b1:b3:fe:79:51:8d:e0:34:f5:9c:
20:80:a0:15
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkkG3bxOnG7LQa6gmsAn1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjdjZTI4MTNmZDAzMGVhZWNhMjkyMmY4NDcyOTBhYTI4MDUwMWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7D672iDsU9zBwAJaT392/wqhS0lA
zAZUHZd0JNRPM+P7CWeBXsImXBJK8g6AuGz/AhIu56GH3eLZRTZ5z57Nz20VjPAA
rfkGUanKqn+UHoxy3O6k5x9cyQnab4uLPq5aU/mASVmCJzOhvDb7UCHnlJfc5GRv
p7ym3i97+pa2yuTZDCbZItwPAxUNwO7mGPwK6GJenRCA2sWs6NR4nloFc+oR8qZD
yas2O0AdSd4u11lzypF/4B2Xv7gPPmXE9Efm+CPm2ErBkx+hz53x3g4OHgfg3FyZ
EOuRp2DRfUD4bAArCEcx3K4Plu7Yd5J/vuYcodCzNRLYCq6lr1nWNkTn2wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAt84oE/0DDq7KKSL4RykKooBQHeMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvQzN6aWdUX1FNT3Jzb3BJdmhIS1FxaWdGQWQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAvCkNzqk8t+wODiYG3
hEreoIVfrfnFm3WHqwCwcXUfNPId0jPMM13m0TRA+k5sPM5VevbnTl4qvN7cmlhv
On8nw3HklYe1inFE2N1o0sYEnfG+JKlcbiJRLfVK1S3w3UIfNHBFAYsSwoMPHk21
tCXqBxkyUC7F9fbOAlXrJItV4itOUDCC5pYCoBP9jo0sdCJ25RhcBfSr+nZGtwMx
3AJ+IerIIJha9d1EA89I7NG2oywwoCvS+n8XXsAMWLBcWBEIyNyqJ1IZ1vvYrmfq
6DpvsiiFyt8Ir77CEOSRc/9egQxU3u+uO8sYIS/np5ml6cdDN7Gz/nlRjeA09Zwg
gKAV
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:46:05 2024 by rpki-client on console-fra.rpki-client.org