Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/DEKUyDFlv0e8yKx6Qf9prP7A4Fg.roa
File: DEKUyDFlv0e8yKx6Qf9prP7A4Fg.roa (raw, json)
Hash identifier: 9fuWkGHBrBEgAx43BDlPVkE8N+SB95+bzFmo3laQDWw=
Subject key identifier: 0C:42:94:C8:31:65:BF:47:BC:C8:AC:7A:41:FF:69:AC:FE:C0:E0:58
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC492391D42BED8523628E173A12467B4
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/DEKUyDFlv0e8yKx6Qf9prP7A4Fg.roa
Signing time: Mon 01 Jan 2024 10:29:26 +0000
ROA not before: Mon 01 Jan 2024 10:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397218
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:39:1d:42:be:d8:52:36:28:e1:73:a1:24:67:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c4294c83165bf47bcc8ac7a41ff69acfec0e058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:03:67:4c:3d:e1:62:29:45:6a:d7:7c:20:23:
94:6c:5b:fa:55:31:a8:fa:85:83:92:0f:c4:12:07:
5a:af:ec:20:a6:cc:2b:4a:24:51:f4:99:03:68:7c:
c7:b8:bd:a1:92:2d:6a:39:ba:de:c9:98:fe:77:60:
aa:f9:9c:ac:90:33:50:6e:9b:fa:85:da:39:70:40:
f7:6a:1c:3a:4b:9f:5f:4d:75:93:ab:f4:5f:d1:ff:
66:83:49:2e:46:e2:60:28:9d:20:a2:8a:e3:8d:15:
3b:0b:2e:67:eb:d0:59:53:1c:27:64:86:85:5e:b2:
b9:fd:6a:49:be:31:01:e4:0e:f0:ef:d8:c6:02:56:
6e:5c:05:6f:c9:a7:15:eb:f9:af:9e:3c:6e:52:88:
e8:fb:98:58:1c:c7:57:0b:f6:c6:c3:ac:a3:9e:91:
41:3d:36:74:17:3f:c3:0b:eb:d2:ad:87:7e:98:0a:
2c:73:76:bf:d3:75:4e:06:6a:0c:7e:5f:b7:70:19:
1d:f0:52:61:74:f2:5b:8f:1d:41:d2:ca:95:63:48:
ab:24:0a:1a:39:6d:02:dd:1c:92:5a:89:6e:43:ce:
aa:7b:db:3f:20:b0:86:a5:e6:f7:a2:45:75:d1:e6:
33:a9:5e:e6:1c:45:28:53:96:00:29:af:77:56:c3:
a0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:42:94:C8:31:65:BF:47:BC:C8:AC:7A:41:FF:69:AC:FE:C0:E0:58
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/DEKUyDFlv0e8yKx6Qf9prP7A4Fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
21:09:31:84:b6:b4:44:12:1d:1a:6b:b8:ae:51:93:67:5a:2a:
34:88:ed:c0:c8:41:4d:29:81:a1:1a:4a:0d:40:1d:52:d1:eb:
15:bc:74:e1:46:df:53:6c:32:52:38:00:4c:00:ba:20:b9:d0:
bd:68:2e:69:ca:ad:ef:f5:c6:23:56:f4:f8:38:c4:d6:d8:0e:
88:5a:11:ca:5f:28:a7:10:94:67:b4:67:7f:13:aa:03:fb:6f:
68:38:5d:12:4f:86:af:ee:2f:d9:9a:e0:46:56:c4:45:f1:af:
b7:7e:1f:f4:e4:b9:e0:53:ed:4e:97:37:5b:65:ed:35:2c:3f:
72:d6:80:2d:4a:26:58:95:89:28:96:30:80:f6:3d:c7:1d:c2:
67:1a:b6:43:f0:79:d3:38:2b:55:23:fd:08:af:d8:6c:32:e8:
6f:a8:c4:68:d9:ee:ca:e4:18:85:b5:33:ef:11:76:c5:bb:55:
40:08:48:87:54:af:31:e8:cd:a8:77:f7:ac:8a:7f:92:42:3e:
c8:6d:8c:35:46:3c:63:5c:ab:cc:d0:a8:07:ac:19:e8:94:c0:
ea:ce:45:d7:4e:16:7f:ea:db:eb:8a:6d:75:39:f4:81:9c:af:
04:64:56:1f:37:70:ed:e7:b5:e8:74:35:cd:5b:d2:3e:23:78:
4b:b4:cb:7f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkjkdQr7YUjYo4XOhJGe0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzQyOTRjODMxNjViZjQ3YmNjOGFjN2E0MWZmNjlhY2ZlYzBlMDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQNnTD3hYilFatd8ICOUbFv6VTGo
+oWDkg/EEgdar+wgpswrSiRR9JkDaHzHuL2hki1qObreyZj+d2Cq+ZyskDNQbpv6
hdo5cED3ahw6S59fTXWTq/Rf0f9mg0kuRuJgKJ0goorjjRU7Cy5n69BZUxwnZIaF
XrK5/WpJvjEB5A7w79jGAlZuXAVvyacV6/mvnjxuUojo+5hYHMdXC/bGw6yjnpFB
PTZ0Fz/DC+vSrYd+mAosc3a/03VOBmoMfl+3cBkd8FJhdPJbjx1B0sqVY0irJAoa
OW0C3RySWoluQ86qe9s/ILCGpeb3okV10eYzqV7mHEUoU5YAKa93VsOgbwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAxClMgxZb9HvMisekH/aaz+wOBYMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvREVLVXlERmx2MGU4eUt4NlFmOXByUDdBNEZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAhCTGEtrREEh0aa7iu
UZNnWio0iO3AyEFNKYGhGkoNQB1S0esVvHThRt9TbDJSOABMALogudC9aC5pyq3v
9cYjVvT4OMTW2A6IWhHKXyinEJRntGd/E6oD+29oOF0ST4av7i/ZmuBGVsRF8a+3
fh/05LngU+1OlzdbZe01LD9y1oAtSiZYlYkoljCA9j3HHcJnGrZD8HnTOCtVI/0I
r9hsMuhvqMRo2e7K5BiFtTPvEXbFu1VACEiHVK8x6M2od/esin+SQj7IbYw1Rjxj
XKvM0KgHrBnolMDqzkXXThZ/6tvrim11OfSBnK8EZFYfN3Dt57XodDXNW9I+I3hL
tMt/
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:46:05 2024 by rpki-client on console-fra.rpki-client.org