Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/Ta1ZYJzIQb0ONVqdSJaLoel0AWA.roa
File: Ta1ZYJzIQb0ONVqdSJaLoel0AWA.roa (raw, json)
Hash identifier: cebFZ3w2EmCb1g/ckuoEHZ1lxyQdiWYDM6ZSHDjWJwA=
Subject key identifier: 4D:AD:59:60:9C:C8:41:BD:0E:35:5A:9D:48:96:8B:A1:E9:74:01:60
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC4923CA2FC08C044EA8B65580FBAF07E
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/Ta1ZYJzIQb0ONVqdSJaLoel0AWA.roa
Signing time: Mon 01 Jan 2024 10:29:27 +0000
ROA not before: Mon 01 Jan 2024 10:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397226
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:3c:a2:fc:08:c0:44:ea:8b:65:58:0f:ba:f0:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4dad59609cc841bd0e355a9d48968ba1e9740160
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1b:47:8f:21:a2:07:09:a6:9b:61:c1:6a:15:
7e:7f:20:ef:b4:24:d2:a3:82:96:04:da:cc:de:3b:
d5:22:fd:cb:ab:ae:e6:b1:8d:33:86:3c:29:43:cf:
55:31:00:71:ad:6f:4e:cf:3d:31:14:51:fa:18:78:
b6:7c:e1:70:9f:55:f9:83:23:58:2f:73:2b:9c:b0:
0f:9d:09:ee:61:c0:e7:47:fa:69:61:c5:64:b2:27:
2e:cc:01:22:ae:6e:4f:fd:b3:88:6d:80:12:2c:9f:
6d:48:af:98:c2:27:51:c7:40:57:bf:91:1d:c1:4a:
1c:be:f5:18:a7:b1:55:7c:b6:f4:16:01:da:f1:d3:
ce:2b:b0:84:c6:48:56:8f:e0:af:33:aa:5a:f5:33:
a1:00:a3:c0:30:20:cd:c2:50:80:c6:7e:4b:4e:b3:
9a:73:92:62:30:b1:bc:5b:ae:23:a9:58:7e:45:62:
f9:e8:db:b9:df:74:fc:14:a5:aa:ed:e2:b1:50:23:
26:60:d3:3c:f2:9f:1f:c2:af:f0:ed:97:c2:52:03:
05:19:1c:0b:72:ea:37:85:5c:66:96:65:4a:bc:ce:
6b:72:00:9d:6b:12:95:e4:41:a5:cc:b8:eb:5d:fd:
38:e7:f8:07:76:bb:6c:d9:b6:09:df:21:32:a2:0c:
6b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:AD:59:60:9C:C8:41:BD:0E:35:5A:9D:48:96:8B:A1:E9:74:01:60
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/Ta1ZYJzIQb0ONVqdSJaLoel0AWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
62:b0:35:8e:2a:09:3a:fa:7a:be:2f:40:e0:5d:9b:dd:5f:2a:
40:1c:bd:49:19:57:f7:3c:c4:35:4d:96:0e:b4:d5:bf:15:a9:
21:97:79:ed:d4:6e:af:c4:bd:99:22:2d:46:60:53:4a:da:cd:
7e:71:10:7b:5a:e2:46:94:67:fb:31:7c:d8:27:78:b1:8d:0d:
b2:6f:f2:53:07:72:d5:d1:39:9d:43:95:44:91:e0:14:4e:96:
31:83:b2:3b:7f:01:09:60:19:c3:16:46:38:d5:02:ce:96:19:
81:5a:ca:53:87:01:6b:f0:fe:27:ce:b0:9a:5e:77:b0:97:c1:
b2:4f:90:40:83:14:c7:19:db:73:2c:ea:d0:ce:9d:9b:b7:0a:
43:94:80:47:f4:4c:da:ef:7f:a1:62:46:f2:a8:a2:1f:eb:b2:
ad:46:e9:78:47:90:a5:1e:33:ad:31:a3:5a:2c:10:21:06:00:
4f:a0:2d:5a:57:42:2d:e9:e6:17:69:be:98:8f:55:43:d3:00:
80:05:6b:48:c2:00:57:fb:75:82:69:2d:ef:f2:b5:77:f6:62:
9b:4b:93:9d:16:4f:06:56:95:cd:6e:89:0e:88:e0:2e:7b:1d:
36:98:80:65:c5:6e:39:9e:d3:e7:8b:0b:76:48:74:13:02:15:
9b:ab:e1:32
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkjyi/AjAROqLZVgPuvB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGFkNTk2MDljYzg0MWJkMGUzNTVhOWQ0ODk2OGJhMWU5NzQwMTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxtHjyGiBwmmm2HBahV+fyDvtCTS
o4KWBNrM3jvVIv3Lq67msY0zhjwpQ89VMQBxrW9Ozz0xFFH6GHi2fOFwn1X5gyNY
L3MrnLAPnQnuYcDnR/ppYcVksicuzAEirm5P/bOIbYASLJ9tSK+YwidRx0BXv5Ed
wUocvvUYp7FVfLb0FgHa8dPOK7CExkhWj+CvM6pa9TOhAKPAMCDNwlCAxn5LTrOa
c5JiMLG8W64jqVh+RWL56Nu533T8FKWq7eKxUCMmYNM88p8fwq/w7ZfCUgMFGRwL
cuo3hVxmlmVKvM5rcgCdaxKV5EGlzLjrXf045/gHdrts2bYJ3yEyogxr1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE2tWWCcyEG9DjVanUiWi6HpdAFgMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvVGExWllKeklRYjBPTlZxZFNKYUxvZWwwQVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBisDWOKgk6+nq+L0Dg
XZvdXypAHL1JGVf3PMQ1TZYOtNW/Fakhl3nt1G6vxL2ZIi1GYFNK2s1+cRB7WuJG
lGf7MXzYJ3ixjQ2yb/JTB3LV0TmdQ5VEkeAUTpYxg7I7fwEJYBnDFkY41QLOlhmB
WspThwFr8P4nzrCaXnewl8GyT5BAgxTHGdtzLOrQzp2btwpDlIBH9Eza73+hYkby
qKIf67KtRul4R5ClHjOtMaNaLBAhBgBPoC1aV0It6eYXab6Yj1VD0wCABWtIwgBX
+3WCaS3v8rV39mKbS5OdFk8GVpXNbokOiOAuex02mIBlxW45ntPniwt2SHQTAhWb
q+Ey
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:46:05 2024 by rpki-client on console-fra.rpki-client.org