Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/MhoPM4rMUDF9s0zNhqGQ7alN2DQ.roa
File: MhoPM4rMUDF9s0zNhqGQ7alN2DQ.roa (raw, json)
Hash identifier: SwZBsPGydWGuTc5HVtp2AaSgGg6x46IJe/sFCtQXIKU=
Subject key identifier: 32:1A:0F:33:8A:CC:50:31:7D:B3:4C:CD:86:A1:90:ED:A9:4D:D8:34
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC4923B464861837A5BF144A2E7DCCD3D
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/MhoPM4rMUDF9s0zNhqGQ7alN2DQ.roa
Signing time: Mon 01 Jan 2024 10:29:26 +0000
ROA not before: Mon 01 Jan 2024 10:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397222
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:3b:46:48:61:83:7a:5b:f1:44:a2:e7:dc:cd:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=321a0f338acc50317db34ccd86a190eda94dd834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:7f:26:26:88:c2:e4:f1:90:d8:6d:ea:28:c0:
8e:3f:8c:e5:a6:2a:11:6d:70:65:d9:0b:39:4b:2a:
60:e5:fe:17:8d:f9:4e:32:66:10:92:0c:ad:fa:ea:
60:31:b0:be:73:55:cb:85:67:81:56:bf:1f:c9:71:
cb:52:7a:61:a0:2b:6c:4c:66:87:8b:c7:75:37:f6:
8f:36:bb:30:c2:c8:aa:54:2e:b6:79:e6:67:e8:f6:
7e:30:19:87:3b:7a:38:d9:7a:a7:78:b0:59:b4:9e:
95:ba:95:5a:6e:e6:e2:6f:8f:5c:fa:ed:53:8e:f8:
c6:fe:1c:84:a6:56:e2:98:4a:32:b1:5c:f3:fe:5b:
68:5e:0a:cb:bd:7b:42:8a:de:3a:50:bf:5f:05:3b:
93:9c:32:19:8e:61:30:bf:3c:f8:b2:f3:28:6f:2a:
6e:07:c9:e2:ac:87:ed:40:76:01:cf:e4:dc:b1:4b:
5b:63:04:fb:d2:d2:ec:1b:00:70:dd:bb:53:a9:2b:
4d:27:da:32:ab:91:1d:c7:62:3b:e1:6c:75:32:e4:
a0:45:fe:30:41:d4:89:90:78:a0:71:c3:8b:55:4a:
e5:df:9a:c4:db:38:b1:3a:03:ae:9e:19:80:e7:05:
15:95:c9:e7:98:4c:9b:e3:03:58:0d:27:a8:2b:4a:
2e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:1A:0F:33:8A:CC:50:31:7D:B3:4C:CD:86:A1:90:ED:A9:4D:D8:34
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/MhoPM4rMUDF9s0zNhqGQ7alN2DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
36:c8:77:ac:02:e0:a0:24:5f:e5:03:71:61:e5:b1:05:47:ef:
b8:3c:4c:d4:ec:1e:d0:a0:9b:88:63:37:59:4e:6d:ca:3b:95:
f4:93:84:6b:d2:47:cf:9c:f1:2f:3d:13:e1:79:5a:8b:3b:02:
63:03:b1:96:6e:19:a5:29:a2:4d:d4:e5:49:67:11:cd:86:92:
43:83:e9:bc:52:06:e3:7c:17:52:4c:e1:bb:f4:c1:96:19:5a:
39:19:8c:9e:3c:54:ee:9a:3f:0e:bb:39:f5:3b:3f:65:ef:1c:
48:b9:08:10:cd:cf:40:d9:82:bd:15:d8:3e:b9:20:c2:53:ae:
9a:96:b0:4b:a7:11:37:c3:41:58:b4:17:7d:a3:6c:a1:32:4f:
e7:c7:18:6d:20:d2:c5:80:ba:5c:69:e8:b5:d8:b8:55:9a:20:
da:2c:5f:1c:06:a9:2f:8b:97:30:51:ca:cb:13:8b:5d:01:7c:
5f:9e:52:81:06:82:c7:d1:9f:b8:87:18:e6:bd:86:8c:cb:9a:
74:31:d6:53:80:cd:a2:4b:ff:92:ef:85:a1:e2:a7:77:86:f9:
17:e0:55:72:3d:e3:df:17:72:e5:6c:d2:f8:16:1c:04:07:a3:
b9:9c:96:c2:0c:eb:c0:1a:20:27:49:16:5b:a8:cc:f2:b4:75:
43:35:6c:1d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkjtGSGGDelvxRKLn3M09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjFhMGYzMzhhY2M1MDMxN2RiMzRjY2Q4NmExOTBlZGE5NGRkODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjn8mJojC5PGQ2G3qKMCOP4zlpioR
bXBl2Qs5Sypg5f4XjflOMmYQkgyt+upgMbC+c1XLhWeBVr8fyXHLUnphoCtsTGaH
i8d1N/aPNrswwsiqVC62eeZn6PZ+MBmHO3o42XqneLBZtJ6VupVabubib49c+u1T
jvjG/hyEplbimEoysVzz/ltoXgrLvXtCit46UL9fBTuTnDIZjmEwvzz4svMobypu
B8nirIftQHYBz+TcsUtbYwT70tLsGwBw3btTqStNJ9oyq5Edx2I74Wx1MuSgRf4w
QdSJkHigccOLVUrl35rE2zixOgOunhmA5wUVlcnnmEyb4wNYDSeoK0ou0wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDIaDzOKzFAxfbNMzYahkO2pTdg0MB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvTWhvUE00ck1VREY5czB6TmhxR1E3YWxOMkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQA2yHesAuCgJF/lA3Fh
5bEFR++4PEzU7B7QoJuIYzdZTm3KO5X0k4Rr0kfPnPEvPRPheVqLOwJjA7GWbhml
KaJN1OVJZxHNhpJDg+m8UgbjfBdSTOG79MGWGVo5GYyePFTumj8Ouzn1Oz9l7xxI
uQgQzc9A2YK9Fdg+uSDCU66alrBLpxE3w0FYtBd9o2yhMk/nxxhtINLFgLpcaei1
2LhVmiDaLF8cBqkvi5cwUcrLE4tdAXxfnlKBBoLH0Z+4hxjmvYaMy5p0MdZTgM2i
S/+S74Wh4qd3hvkX4FVyPePfF3LlbNL4FhwEB6O5nJbCDOvAGiAnSRZbqMzytHVD
NWwd
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:46:05 2024 by rpki-client on console-fra.rpki-client.org