Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/P6f9sdz98JuNzadRf06PelZEYZ0.roa
File: P6f9sdz98JuNzadRf06PelZEYZ0.roa (raw, json)
Hash identifier: BAeDaPR/U/MalZUcYI2NRlO+jQ2xRgw7CvGICc1jCJs=
Subject key identifier: 3F:A7:FD:B1:DC:FD:F0:9B:8D:CD:A7:51:7F:4E:8F:7A:56:44:61:9D
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC492372F983293DB4EBC2F0D90666207
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/P6f9sdz98JuNzadRf06PelZEYZ0.roa
Signing time: Mon 01 Jan 2024 10:29:25 +0000
ROA not before: Mon 01 Jan 2024 10:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 07:02:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:37:2f:98:32:93:db:4e:bc:2f:0d:90:66:62:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fa7fdb1dcfdf09b8dcda7517f4e8f7a5644619d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:09:42:88:90:45:a9:69:03:de:e2:83:af:27:
c3:a3:83:76:00:42:70:1f:e1:45:8b:4e:48:41:55:
e2:95:2d:5f:d6:c4:f9:bb:3f:30:d6:09:8f:8d:16:
d9:22:f1:d3:a8:b9:21:e3:25:fe:39:d0:d2:18:89:
ed:dd:7a:31:31:68:b6:04:61:03:87:10:79:cb:18:
69:5f:da:1b:37:64:a1:ae:6d:10:13:47:93:e5:95:
0d:08:c3:84:49:0d:56:91:1d:19:ac:c1:83:65:ac:
2a:b4:b7:2f:32:84:92:9e:13:e4:10:36:c6:a3:de:
39:c4:f0:e2:42:a7:43:3f:df:32:f5:7e:92:bd:03:
ab:a8:d0:3b:29:38:1d:3b:7b:95:dd:c0:76:55:3d:
bc:bd:28:cc:31:f4:af:af:85:08:be:83:2a:1d:91:
81:b2:ec:54:0a:a8:6c:0d:57:41:d6:64:23:92:6d:
e9:86:24:e9:2f:65:4d:8e:b3:b0:98:55:7e:19:c5:
0d:12:aa:50:0e:9a:51:cd:55:e5:17:21:14:68:f3:
e2:ad:0d:39:16:f8:63:49:fc:f0:6c:17:dd:a8:c8:
ad:3b:57:70:ee:20:ce:c6:88:69:f1:60:ea:03:58:
ee:14:3f:d0:d0:ba:cd:25:ae:29:cc:e9:27:c6:64:
bd:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:A7:FD:B1:DC:FD:F0:9B:8D:CD:A7:51:7F:4E:8F:7A:56:44:61:9D
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/P6f9sdz98JuNzadRf06PelZEYZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:56:db:05:11:f8:7a:b5:05:9d:25:f8:b8:93:ed:be:06:44:
b9:23:d2:d9:10:b0:36:8e:cc:13:93:7a:19:2a:41:fc:c7:ba:
b1:19:39:eb:9b:51:2b:e2:d6:4c:c5:cf:bc:46:33:14:c9:b4:
bd:0d:1a:3d:9b:7b:c4:b2:93:9c:f0:15:cd:77:92:7a:a1:a3:
3c:90:71:8d:8c:a3:d4:80:50:b3:9d:ce:11:72:26:0d:f8:a1:
a5:c8:47:e9:c1:80:cd:1f:94:d7:24:52:18:b4:c8:9c:ad:54:
c5:86:42:ee:9a:64:a9:1f:82:88:20:a0:e5:bd:e6:a5:1e:95:
ee:2a:a4:49:74:46:3d:fe:e6:64:1e:e9:df:a0:36:5c:ff:79:
7c:76:16:9e:42:e7:01:24:ba:5b:9b:c1:e9:ae:d5:fc:de:83:
50:3e:fe:90:eb:fd:8f:e4:01:6f:a1:1a:ac:a6:ce:5c:53:a4:
5b:c4:50:80:7b:de:e8:84:22:25:36:40:40:bf:86:3a:fc:49:
66:bb:71:58:ae:e3:fb:61:58:6a:d3:d3:cc:08:95:56:09:a3:
70:5d:6c:18:37:a0:28:42:a2:31:b4:9a:63:14:96:6d:f7:ae:
3a:9d:af:7d:c0:f4:3d:18:b4:6b:78:e9:c4:79:1f:e8:66:29:
89:63:d5:fb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkjcvmDKT2068Lw2QZmIHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmE3ZmRiMWRjZmRmMDliOGRjZGE3NTE3ZjRlOGY3YTU2NDQ2MTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwlCiJBFqWkD3uKDryfDo4N2AEJw
H+FFi05IQVXilS1f1sT5uz8w1gmPjRbZIvHTqLkh4yX+OdDSGInt3XoxMWi2BGED
hxB5yxhpX9obN2Shrm0QE0eT5ZUNCMOESQ1WkR0ZrMGDZawqtLcvMoSSnhPkEDbG
o945xPDiQqdDP98y9X6SvQOrqNA7KTgdO3uV3cB2VT28vSjMMfSvr4UIvoMqHZGB
suxUCqhsDVdB1mQjkm3phiTpL2VNjrOwmFV+GcUNEqpQDppRzVXlFyEUaPPirQ05
FvhjSfzwbBfdqMitO1dw7iDOxohp8WDqA1juFD/Q0LrNJa4pzOknxmS9rQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD+n/bHc/fCbjc2nUX9Oj3pWRGGdMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvUDZmOXNkejk4SnVOemFkUmYwNlBlbFpFWVowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBvVtsFEfh6tQWdJfi4
k+2+BkS5I9LZELA2jswTk3oZKkH8x7qxGTnrm1Er4tZMxc+8RjMUybS9DRo9m3vE
spOc8BXNd5J6oaM8kHGNjKPUgFCznc4RciYN+KGlyEfpwYDNH5TXJFIYtMicrVTF
hkLummSpH4KIIKDlvealHpXuKqRJdEY9/uZkHunfoDZc/3l8dhaeQucBJLpbm8Hp
rtX83oNQPv6Q6/2P5AFvoRqsps5cU6RbxFCAe97ohCIlNkBAv4Y6/Elmu3FYruP7
YVhq09PMCJVWCaNwXWwYN6AoQqIxtJpjFJZt9646na99wPQ9GLRreOnEeR/oZimJ
Y9X7
-----END CERTIFICATE-----
Generated at Thu May 2 15:25:56 2024 by rpki-client on console-fra.rpki-client.org