Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/I5XtFOyOe8l0lKD9QWOo5Mg5Ndg.roa
File: I5XtFOyOe8l0lKD9QWOo5Mg5Ndg.roa (raw, json)
Hash identifier: 4s/BkTFGgc6nuat5MSSYT60lAROdjXvAq9XNiMV+bKM=
Subject key identifier: 23:95:ED:14:EC:8E:7B:C9:74:94:A0:FD:41:63:A8:E4:C8:39:35:D8
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC492433A0E88464046AE368ACFFD64DA
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/I5XtFOyOe8l0lKD9QWOo5Mg5Ndg.roa
Signing time: Mon 01 Jan 2024 10:29:28 +0000
ROA not before: Mon 01 Jan 2024 10:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399151
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 22:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:43:3a:0e:88:46:40:46:ae:36:8a:cf:fd:64:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2395ed14ec8e7bc97494a0fd4163a8e4c83935d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:21:16:82:59:99:c4:cd:84:20:f1:7e:29:fa:
65:5b:30:aa:0d:1f:65:ef:23:fc:36:a3:22:19:73:
17:ce:e7:f7:98:8f:95:f6:4d:53:86:5b:e7:bb:1a:
0c:49:2d:cf:e8:1d:a3:4b:be:89:c3:a2:c0:6c:4b:
1c:5a:fb:75:34:61:2b:e7:22:4e:ec:68:61:b0:d4:
c9:16:68:ba:51:17:0b:4e:45:17:c1:73:1c:9d:c6:
bd:11:e6:eb:55:41:16:bb:de:25:b8:38:d4:6c:c7:
77:64:55:f3:5d:8a:c1:b4:9c:df:61:e2:dc:32:7c:
cc:5b:d4:72:1a:a1:db:18:6e:bc:e6:7e:5d:53:ef:
7c:cc:0c:c5:ac:33:1e:c3:bf:89:07:cd:db:d3:f9:
bc:b9:25:e0:d5:64:f9:03:53:11:07:11:32:f4:80:
7f:14:9b:28:de:c7:7a:32:bf:48:b0:17:29:1e:e3:
2a:b1:cc:fa:46:1d:6d:3b:ef:34:d9:1e:95:d4:dd:
5b:2a:1d:10:00:86:ce:de:65:01:43:44:e5:0b:ac:
db:65:d1:f3:eb:b8:45:27:86:d3:20:06:cd:3b:f0:
47:91:c3:a1:dc:4d:ed:aa:77:b2:91:d8:f9:7e:62:
e4:fc:98:f7:c8:43:19:b4:85:7c:30:6e:0c:b6:1a:
a5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:95:ED:14:EC:8E:7B:C9:74:94:A0:FD:41:63:A8:E4:C8:39:35:D8
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/I5XtFOyOe8l0lKD9QWOo5Mg5Ndg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:ed:fd:68:d4:d4:be:98:58:b6:02:f8:c4:84:bd:fa:8d:4e:
82:d4:e0:96:43:b6:cf:c8:b8:b4:b0:5f:fc:43:70:ec:67:dd:
69:26:65:f7:9d:ca:c0:e5:c1:6c:0a:a2:95:b8:fd:27:05:b3:
21:a5:ca:b9:e2:71:c6:c0:2f:5e:0a:ea:22:2a:04:2c:bd:40:
88:43:8b:ca:b7:a4:06:4f:59:36:65:fd:9b:8f:82:a0:f9:df:
0e:76:2a:71:86:39:62:3f:26:99:35:f4:70:2a:5e:62:8b:40:
f6:6c:09:e4:67:2e:44:c3:31:5c:fb:49:34:c5:e5:ae:ea:19:
e8:66:f5:1d:f7:8e:77:e8:79:03:7d:8c:07:f4:03:cd:68:3c:
38:bc:ee:69:80:7f:54:90:00:92:12:e4:70:86:fc:d7:fa:0b:
37:95:54:63:5b:44:1b:e7:44:fa:6b:28:da:c5:3d:9a:f9:5f:
38:fb:3a:4c:f2:8c:cf:a7:60:04:54:65:aa:0d:ee:67:65:ba:
a8:2b:e8:1f:8b:c8:77:7b:55:c8:82:29:7c:0f:7d:40:c5:48:
62:78:59:c6:1c:54:69:aa:e4:c4:98:d9:94:c6:15:05:5e:c9:
93:2b:26:fc:fb:b0:7f:29:36:7c:69:c0:06:c3:57:3b:75:f2:
26:65:52:a2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkkM6DohGQEauNorP/WTaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzk1ZWQxNGVjOGU3YmM5NzQ5NGEwZmQ0MTYzYThlNGM4MzkzNWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiEWglmZxM2EIPF+KfplWzCqDR9l
7yP8NqMiGXMXzuf3mI+V9k1ThlvnuxoMSS3P6B2jS76Jw6LAbEscWvt1NGEr5yJO
7GhhsNTJFmi6URcLTkUXwXMcnca9EebrVUEWu94luDjUbMd3ZFXzXYrBtJzfYeLc
MnzMW9RyGqHbGG685n5dU+98zAzFrDMew7+JB83b0/m8uSXg1WT5A1MRBxEy9IB/
FJso3sd6Mr9IsBcpHuMqscz6Rh1tO+802R6V1N1bKh0QAIbO3mUBQ0TlC6zbZdHz
67hFJ4bTIAbNO/BHkcOh3E3tqneykdj5fmLk/Jj3yEMZtIV8MG4MthqlIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCOV7RTsjnvJdJSg/UFjqOTIOTXYMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvSTVYdEZPeU9lOGwwbEtEOVFXT281TWc1TmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAf7f1o1NS+mFi2AvjE
hL36jU6C1OCWQ7bPyLi0sF/8Q3DsZ91pJmX3ncrA5cFsCqKVuP0nBbMhpcq54nHG
wC9eCuoiKgQsvUCIQ4vKt6QGT1k2Zf2bj4Kg+d8OdipxhjliPyaZNfRwKl5ii0D2
bAnkZy5EwzFc+0k0xeWu6hnoZvUd94536HkDfYwH9APNaDw4vO5pgH9UkACSEuRw
hvzX+gs3lVRjW0Qb50T6ayjaxT2a+V84+zpM8ozPp2AEVGWqDe5nZbqoK+gfi8h3
e1XIgil8D31AxUhieFnGHFRpquTEmNmUxhUFXsmTKyb8+7B/KTZ8acAGw1c7dfIm
ZVKi
-----END CERTIFICATE-----
Generated at Mon May 20 04:47:11 2024 by rpki-client on console-fra.rpki-client.org