Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/akrKiN6z3-AQfaIxIZZeqWb37V4.roa
File: akrKiN6z3-AQfaIxIZZeqWb37V4.roa (raw, json)
Hash identifier: qRS1cPo/dPPie2cX5uEiIqbBC1M0WPHnxd3hVXUg6do=
Subject key identifier: 6A:4A:CA:88:DE:B3:DF:E0:10:7D:A2:31:21:96:5E:A9:66:F7:ED:5E
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC4923F1654C6BE2D3382B9E4EB0890DE
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/akrKiN6z3-AQfaIxIZZeqWb37V4.roa
Signing time: Mon 01 Jan 2024 10:29:27 +0000
ROA not before: Mon 01 Jan 2024 10:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397231
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 07:02:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:3f:16:54:c6:be:2d:33:82:b9:e4:eb:08:90:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a4aca88deb3dfe0107da23121965ea966f7ed5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9c:4f:c2:bd:89:0d:8d:88:ee:d0:90:6f:49:
d3:5e:ed:20:85:2b:ad:6e:12:60:df:17:63:a0:50:
00:46:9e:8e:e8:02:91:6a:c7:b6:82:3e:db:22:ea:
76:85:e7:15:de:6a:a7:09:cf:db:17:5c:35:68:5f:
8b:da:9e:60:47:ce:54:86:a7:e2:d3:70:e6:2a:e6:
fb:6c:c2:69:91:3f:50:61:60:25:d2:22:2b:01:e9:
ce:68:36:ca:f7:82:36:91:9e:f8:f7:01:f3:81:b6:
43:b3:60:c8:79:b8:d3:5a:e0:40:c4:72:04:57:de:
21:3e:32:9a:8f:86:8b:84:f2:c4:f3:a2:1b:49:9a:
36:48:12:f9:3e:fd:41:69:99:c0:5f:bd:55:5f:54:
cc:37:26:3f:64:c6:59:31:91:a4:a4:0a:68:69:91:
e6:ee:d0:63:d7:4a:4f:aa:f8:dc:14:5e:0d:35:3c:
de:80:f2:55:96:53:2e:20:18:1b:01:1a:50:e6:52:
b0:b5:63:1b:8a:af:c9:3c:c3:88:aa:e1:9e:81:ee:
65:fc:45:a2:78:f3:da:36:24:1c:a6:5c:4c:c3:bb:
30:a1:13:bb:64:ed:cb:b4:1e:77:46:44:a9:ed:f4:
f0:b4:d3:e6:c6:6c:c9:38:67:f2:22:69:25:db:d0:
12:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:4A:CA:88:DE:B3:DF:E0:10:7D:A2:31:21:96:5E:A9:66:F7:ED:5E
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/akrKiN6z3-AQfaIxIZZeqWb37V4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
79:79:de:10:ac:76:01:92:22:73:90:c1:93:36:a2:34:4f:8b:
87:c4:78:89:09:ae:23:57:50:73:03:ae:32:9d:73:a9:00:f4:
0d:91:b2:7b:f0:68:33:7a:89:d5:10:47:23:21:44:9d:f4:0b:
71:b0:8a:9a:1f:1d:f4:c9:36:05:04:80:69:06:29:bc:f3:95:
15:c7:0b:fb:1a:93:92:2e:4f:b2:10:94:fa:e2:08:58:e0:0e:
d7:81:6b:53:66:a0:8b:b6:93:15:03:1f:d7:17:a2:ee:4f:b1:
bb:27:ad:59:a1:5f:cc:10:bc:67:7e:39:cd:8c:9d:7f:27:78:
b2:86:db:fa:c1:96:50:2c:36:71:a5:e1:41:36:c7:c6:95:e4:
de:f8:08:40:33:21:2e:d2:36:08:52:1e:2e:6c:47:d6:df:59:
fb:99:e3:e0:8a:bf:ac:d7:5c:41:17:74:b7:b3:4e:8b:b1:cc:
43:54:76:c8:58:5f:a7:4b:1c:99:9e:df:b9:fa:c9:fe:6b:83:
9b:ee:c8:c9:b4:81:2d:2f:f3:fc:8c:c2:66:24:fa:a6:fc:82:
9d:14:28:c3:fe:11:56:b0:99:45:e1:d9:20:4f:e5:81:03:27:
85:c9:e7:28:94:49:b7:c5:d0:bc:af:9b:31:52:ef:58:50:6e:
45:ec:88:03
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkj8WVMa+LTOCueTrCJDeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTRhY2E4OGRlYjNkZmUwMTA3ZGEyMzEyMTk2NWVhOTY2ZjdlZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZxPwr2JDY2I7tCQb0nTXu0ghSut
bhJg3xdjoFAARp6O6AKRase2gj7bIup2hecV3mqnCc/bF1w1aF+L2p5gR85Uhqfi
03DmKub7bMJpkT9QYWAl0iIrAenOaDbK94I2kZ749wHzgbZDs2DIebjTWuBAxHIE
V94hPjKaj4aLhPLE86IbSZo2SBL5Pv1BaZnAX71VX1TMNyY/ZMZZMZGkpApoaZHm
7tBj10pPqvjcFF4NNTzegPJVllMuIBgbARpQ5lKwtWMbiq/JPMOIquGege5l/EWi
ePPaNiQcplxMw7swoRO7ZO3LtB53RkSp7fTwtNPmxmzJOGfyImkl29ASHQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGpKyojes9/gEH2iMSGWXqlm9+1eMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvYWtyS2lONnozLUFRZmFJeElaWmVxV2IzN1Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQB5ed4QrHYBkiJzkMGT
NqI0T4uHxHiJCa4jV1BzA64ynXOpAPQNkbJ78GgzeonVEEcjIUSd9AtxsIqaHx30
yTYFBIBpBim885UVxwv7GpOSLk+yEJT64ghY4A7XgWtTZqCLtpMVAx/XF6LuT7G7
J61ZoV/MELxnfjnNjJ1/J3iyhtv6wZZQLDZxpeFBNsfGleTe+AhAMyEu0jYIUh4u
bEfW31n7mePgir+s11xBF3S3s06LscxDVHbIWF+nSxyZnt+5+sn+a4Ob7sjJtIEt
L/P8jMJmJPqm/IKdFCjD/hFWsJlF4dkgT+WBAyeFyecolEm3xdC8r5sxUu9YUG5F
7IgD
-----END CERTIFICATE-----
Generated at Thu May 2 15:25:56 2024 by rpki-client on console-fra.rpki-client.org