Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/iu1fWH66SZ9O5DDDaM-2MDOaLIA.roa
File: iu1fWH66SZ9O5DDDaM-2MDOaLIA.roa (raw, json)
Hash identifier: sV3LB/LLztAnzBUKJ+GuA5d1avYjjSDLs3qTXjAWTY8=
Subject key identifier: 8A:ED:5F:58:7E:BA:49:9F:4E:E4:30:C3:68:CF:B6:30:33:9A:2C:80
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC49240FA9F8E6F32BC19E1D450C264D4
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/iu1fWH66SZ9O5DDDaM-2MDOaLIA.roa
Signing time: Mon 01 Jan 2024 10:29:28 +0000
ROA not before: Mon 01 Jan 2024 10:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397236
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:40:fa:9f:8e:6f:32:bc:19:e1:d4:50:c2:64:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8aed5f587eba499f4ee430c368cfb630339a2c80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fa:63:94:d2:97:b7:b1:fd:d7:02:58:a4:de:
44:02:46:15:ce:c7:c3:6d:93:59:15:ea:39:ab:44:
d8:c9:f1:27:88:b6:f2:3b:b3:12:2e:a5:3d:dd:81:
3e:ae:27:a0:e0:b5:9f:4f:2f:8f:cb:e5:29:8a:bc:
c6:2b:a3:ba:8c:dc:7c:c4:2f:c5:64:d8:f6:5e:40:
0e:e7:a4:51:29:b8:b2:91:df:e6:da:d4:63:4d:64:
f3:c9:d4:b9:58:ab:d5:ab:21:3a:aa:ab:34:25:62:
c4:e3:ab:29:ee:a8:61:89:0a:15:49:83:c8:34:f7:
6d:62:4b:5b:c6:aa:a3:a4:33:6f:eb:f6:bd:43:f9:
78:d9:30:ba:89:e6:7e:7b:41:68:c3:4b:32:f5:57:
30:bd:0b:f9:21:ca:43:77:7e:1c:b0:d1:9a:47:cc:
30:af:be:65:8b:0f:2f:ac:8e:51:4c:5e:e2:1d:4e:
29:9c:44:07:12:2a:6a:ac:1b:04:d1:0a:77:d8:4e:
fc:a5:a8:eb:02:a4:81:b2:96:7c:1d:32:d4:4b:f7:
3b:11:06:91:3d:6a:cb:d8:df:e6:82:e9:a3:41:96:
da:e3:29:ef:65:3d:ca:26:30:f9:35:18:ed:f9:60:
75:04:aa:06:bf:a0:ec:46:48:0f:88:45:78:9f:39:
29:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:ED:5F:58:7E:BA:49:9F:4E:E4:30:C3:68:CF:B6:30:33:9A:2C:80
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/iu1fWH66SZ9O5DDDaM-2MDOaLIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
41:0e:c3:87:0a:14:09:41:1a:f7:4c:bb:ca:7b:2c:aa:a7:ac:
9d:61:ba:a6:f7:cd:aa:b3:05:42:86:cb:8e:c8:2a:83:80:16:
dc:66:da:84:da:03:e9:1f:de:d4:74:72:be:15:6d:d7:ba:5e:
42:ff:70:16:38:9e:81:d3:fb:cc:92:1d:a2:d3:3b:f8:c8:f2:
0d:30:f5:74:4b:5a:da:9a:17:de:08:55:80:6e:62:4f:17:c2:
8f:e6:b0:06:0c:53:f1:3d:b1:7f:7a:6a:13:c7:44:f2:ee:8c:
9a:bc:d9:a6:35:37:16:7e:41:df:be:1a:cb:48:71:4d:19:c2:
5c:07:a0:09:a4:30:c3:64:6b:e2:42:8b:da:9b:01:f1:9b:f9:
0f:89:4e:e1:b0:49:f2:ca:40:2b:42:a2:06:8a:01:e7:9f:8e:
a5:59:ce:4b:ab:08:2a:01:51:d1:2a:0e:6e:57:ec:62:55:a9:
8d:1c:5b:2a:4e:a7:01:94:f3:83:e7:c8:c1:18:2f:54:45:e4:
f0:d7:9c:22:45:8f:b3:61:45:96:57:b9:8a:09:25:b9:91:52:
11:dc:59:bf:77:c4:0e:ee:18:23:ca:46:d2:30:fc:fb:b0:c2:
43:bb:c3:42:e8:09:91:8c:76:75:a4:95:88:71:64:88:60:44:
7d:c4:85:db
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkkD6n45vMrwZ4dRQwmTUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWVkNWY1ODdlYmE0OTlmNGVlNDMwYzM2OGNmYjYzMDMzOWEyYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfpjlNKXt7H91wJYpN5EAkYVzsfD
bZNZFeo5q0TYyfEniLbyO7MSLqU93YE+rieg4LWfTy+Py+UpirzGK6O6jNx8xC/F
ZNj2XkAO56RRKbiykd/m2tRjTWTzydS5WKvVqyE6qqs0JWLE46sp7qhhiQoVSYPI
NPdtYktbxqqjpDNv6/a9Q/l42TC6ieZ+e0Fow0sy9VcwvQv5IcpDd34csNGaR8ww
r75liw8vrI5RTF7iHU4pnEQHEipqrBsE0Qp32E78pajrAqSBspZ8HTLUS/c7EQaR
PWrL2N/mgumjQZba4ynvZT3KJjD5NRjt+WB1BKoGv6DsRkgPiEV4nzkpXQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIrtX1h+ukmfTuQww2jPtjAzmiyAMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvaXUxZldINjZTWjlPNURERGFNLTJNRE9hTElBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBBDsOHChQJQRr3TLvK
eyyqp6ydYbqm982qswVChsuOyCqDgBbcZtqE2gPpH97UdHK+FW3Xul5C/3AWOJ6B
0/vMkh2i0zv4yPINMPV0S1ramhfeCFWAbmJPF8KP5rAGDFPxPbF/emoTx0Ty7oya
vNmmNTcWfkHfvhrLSHFNGcJcB6AJpDDDZGviQovamwHxm/kPiU7hsEnyykArQqIG
igHnn46lWc5LqwgqAVHRKg5uV+xiVamNHFsqTqcBlPOD58jBGC9UReTw15wiRY+z
YUWWV7mKCSW5kVIR3Fm/d8QO7hgjykbSMPz7sMJDu8NC6AmRjHZ1pJWIcWSIYER9
xIXb
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:58:07 2024 by rpki-client on console-ams.rpki-client.org