Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/ViSw_vQvQ83vtBWzg_qgvy5A3-U.roa
File: ViSw_vQvQ83vtBWzg_qgvy5A3-U.roa (raw, json)
Hash identifier: sQdwQyHmUC7WQt1DmmsVtlQVWUUiiJTJJ0u9gKq1w5I=
Subject key identifier: 56:24:B0:FE:F4:2F:43:CD:EF:B4:15:B3:83:FA:A0:BF:2E:40:DF:E5
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC4923810B2AA61B5B201F986AD2081F2
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/ViSw_vQvQ83vtBWzg_qgvy5A3-U.roa
Signing time: Mon 01 Jan 2024 10:29:26 +0000
ROA not before: Mon 01 Jan 2024 10:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397215
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 04:04:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:38:10:b2:aa:61:b5:b2:01:f9:86:ad:20:81:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5624b0fef42f43cdefb415b383faa0bf2e40dfe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e3:a0:cd:ef:88:90:4a:2a:eb:6a:de:87:fd:
73:1e:7e:98:7f:d6:c3:f0:53:dc:82:bb:79:24:b2:
be:27:57:cc:8d:bc:db:32:0f:83:94:99:e6:76:4b:
d9:a4:e2:aa:14:05:fe:46:23:eb:41:ae:80:96:aa:
c9:b6:af:af:81:1a:71:19:da:35:ba:30:98:ff:42:
f4:6f:b1:37:bb:21:5b:6b:3f:1b:97:04:dc:2d:28:
60:4f:2a:4f:ea:78:e5:a4:ce:b9:f5:79:7d:f2:f6:
0a:71:a0:84:3c:31:4f:60:7c:65:83:27:d1:c0:89:
93:be:2c:e5:71:28:ec:3d:9e:67:f4:2b:c0:1c:de:
4a:fc:e4:49:03:46:ae:43:bc:ee:54:e3:a6:4f:60:
9f:98:83:9f:57:ae:90:a1:8a:62:ff:81:b8:62:27:
6f:08:67:44:e0:31:e4:b8:b5:fc:4e:d0:f5:03:2d:
5d:34:c5:10:1e:4c:4c:f3:f0:98:99:57:62:54:bc:
38:a2:2b:81:0a:41:c8:c1:e2:bb:48:5a:7a:5b:c7:
dd:84:41:65:b7:63:d9:9a:8e:f7:c3:35:1a:13:90:
35:32:6d:53:c2:dc:8d:20:70:74:c2:db:7b:16:01:
93:f2:31:cb:f0:ec:87:92:a3:3f:cb:6d:80:b5:5a:
64:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:24:B0:FE:F4:2F:43:CD:EF:B4:15:B3:83:FA:A0:BF:2E:40:DF:E5
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/ViSw_vQvQ83vtBWzg_qgvy5A3-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
36:00:a7:85:8e:40:70:ad:05:c7:02:c5:ef:4a:13:d2:2f:8f:
9c:51:7d:1c:14:16:8e:37:4c:ae:58:b9:d7:73:89:86:f4:53:
74:22:1d:89:64:1b:d5:74:4e:7a:06:65:e8:c9:d1:e7:3d:4e:
9e:e4:79:08:cd:d2:e5:aa:76:7a:b7:40:fa:e7:92:ef:13:2a:
c7:af:37:66:51:28:6a:d7:8d:8b:ca:a8:74:71:88:08:05:59:
16:d3:6b:76:2b:43:a5:91:ef:57:96:85:f1:10:13:96:3f:36:
4c:86:33:ad:e0:6b:f4:70:85:75:dd:1d:a0:e8:c2:45:42:f0:
c2:a2:cb:03:c9:d4:f6:32:f4:a1:c8:e8:16:93:08:38:e0:b1:
03:27:78:28:17:8c:7f:c2:77:46:53:03:5e:cb:8d:f1:b0:38:
77:72:e2:b9:eb:0f:95:27:61:c3:ee:21:b9:a0:04:03:81:b3:
4d:da:c7:1c:1c:84:db:ce:7f:6e:c7:39:c3:8f:15:24:9e:9d:
4f:fc:6e:c2:70:ea:ff:3e:3a:ed:42:04:fa:2f:ed:75:54:bf:
a6:01:48:5e:16:6f:13:50:c5:86:0b:74:95:6a:9d:24:f8:de:
3b:40:ae:73:12:01:2e:03:d2:12:bc:a7:61:e7:3d:1d:06:03:
09:7f:27:9c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkjgQsqphtbIB+YatIIHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjI0YjBmZWY0MmY0M2NkZWZiNDE1YjM4M2ZhYTBiZjJlNDBkZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+Ogze+IkEoq62reh/1zHn6Yf9bD
8FPcgrt5JLK+J1fMjbzbMg+DlJnmdkvZpOKqFAX+RiPrQa6AlqrJtq+vgRpxGdo1
ujCY/0L0b7E3uyFbaz8blwTcLShgTypP6njlpM659Xl98vYKcaCEPDFPYHxlgyfR
wImTvizlcSjsPZ5n9CvAHN5K/ORJA0auQ7zuVOOmT2CfmIOfV66QoYpi/4G4Yidv
CGdE4DHkuLX8TtD1Ay1dNMUQHkxM8/CYmVdiVLw4oiuBCkHIweK7SFp6W8fdhEFl
t2PZmo73wzUaE5A1Mm1TwtyNIHB0wtt7FgGT8jHL8OyHkqM/y22AtVpklwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFYksP70L0PN77QVs4P6oL8uQN/lMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvVmlTd192UXZRODN2dEJXemdfcWd2eTVBMy1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQA2AKeFjkBwrQXHAsXv
ShPSL4+cUX0cFBaON0yuWLnXc4mG9FN0Ih2JZBvVdE56BmXoydHnPU6e5HkIzdLl
qnZ6t0D655LvEyrHrzdmUShq142Lyqh0cYgIBVkW02t2K0Olke9XloXxEBOWPzZM
hjOt4Gv0cIV13R2g6MJFQvDCossDydT2MvShyOgWkwg44LEDJ3goF4x/wndGUwNe
y43xsDh3cuK56w+VJ2HD7iG5oAQDgbNN2sccHITbzn9uxznDjxUknp1P/G7CcOr/
PjrtQgT6L+11VL+mAUheFm8TUMWGC3SVap0k+N47QK5zEgEuA9ISvKdh5z0dBgMJ
fyec
-----END CERTIFICATE-----
Generated at Tue May 7 07:31:05 2024 by rpki-client on console-fra.rpki-client.org