Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/oyokzIn026-PrXoWkL2twkIzg5c.roa
File: oyokzIn026-PrXoWkL2twkIzg5c.roa (raw, json)
Hash identifier: vnYvn1vfv3V6OKUsd9n/C+ZJyouWqYiCJWFXAmzYfwA=
Subject key identifier: A3:2A:24:CC:89:F4:DB:AF:8F:AD:7A:16:90:BD:AD:C2:42:33:83:97
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 019424B29AB0B4EC76B2D46DA1E976885557
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/oyokzIn026-PrXoWkL2twkIzg5c.roa
Signing time: Thu 02 Jan 2025 01:47:52 +0000
ROA not before: Thu 02 Jan 2025 01:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397228
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:9a:b0:b4:ec:76:b2:d4:6d:a1:e9:76:88:55:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 2 01:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a32a24cc89f4dbaf8fad7a1690bdadc242338397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f7:cc:cb:d6:36:2b:d3:3b:4f:ff:e9:dd:0b:
7d:98:e8:3e:35:6b:e9:c7:d2:97:59:90:4a:7b:8b:
a5:bf:74:63:0d:ed:ae:c6:25:1b:fc:e2:56:d3:4a:
5f:7b:c3:c4:a6:4e:0a:02:7f:df:d9:68:84:03:3d:
99:3b:fe:e4:56:81:ff:a8:21:21:25:39:0b:c0:0c:
4c:0c:49:07:50:56:36:df:e8:d0:1d:39:64:b3:25:
c5:01:d5:fa:3f:5d:2e:ee:e3:a6:14:c3:b9:7e:0b:
e8:6b:9a:c9:df:2d:6d:14:48:6c:f3:d2:e9:f3:a5:
a1:cd:b0:7c:fa:6e:1a:f4:7a:83:24:98:59:18:86:
cf:b7:08:e4:c4:37:56:58:39:c3:3c:94:c8:1b:53:
3f:04:30:48:b7:b9:74:29:b1:b7:d8:b1:24:54:df:
f4:42:ce:91:5c:ac:92:c9:23:ae:3b:d1:e6:82:58:
af:61:6e:ac:bf:85:ec:e8:35:a4:eb:f4:1b:9b:10:
f1:8a:12:fe:1b:3f:cc:a0:aa:91:3c:99:8e:f2:d6:
18:33:63:40:a9:02:80:13:a1:11:30:50:b9:f4:cd:
e2:50:72:82:bf:91:c0:7c:c5:ec:30:ad:77:1e:d7:
ac:a6:06:65:1a:98:f4:d3:32:9a:48:00:62:73:c9:
dd:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:2A:24:CC:89:F4:DB:AF:8F:AD:7A:16:90:BD:AD:C2:42:33:83:97
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/oyokzIn026-PrXoWkL2twkIzg5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:71:87:e7:23:8d:b0:16:a8:d8:7a:95:c0:fd:0f:d2:c7:b3:
74:a6:62:e7:d5:92:78:4d:c6:00:e3:8c:11:e7:71:f1:71:3d:
79:62:4f:70:84:b1:eb:32:54:d0:51:13:d8:d0:ef:85:b9:25:
69:05:fc:3f:fd:91:c5:52:f8:df:11:31:ce:77:0d:1c:7b:26:
5f:b8:61:24:8a:69:05:17:2d:48:df:fc:db:02:4c:77:82:25:
40:6c:f8:b7:00:45:b2:2c:03:cd:10:36:10:17:68:c9:69:3c:
b1:b3:b8:c3:91:ad:12:63:c6:56:65:c7:3a:4a:66:2a:33:a2:
3b:9b:2c:41:f0:3b:e4:32:ce:4c:e3:34:04:3f:93:40:a0:8e:
11:50:79:97:ed:0d:52:15:a5:e1:23:61:ca:d0:2e:83:a1:8e:
b0:12:cc:6e:bf:33:b8:63:b0:df:4a:d8:41:57:dc:3b:8f:7f:
0f:04:1e:64:10:e5:65:15:bb:00:b1:78:2b:22:2c:82:f0:f4:
48:cc:18:bb:b3:1f:ae:17:39:81:0b:3d:d4:08:fa:e3:b5:6e:
b3:57:19:31:5e:29:2c:46:26:5c:d8:35:60:a5:02:d9:13:71:
49:2c:3e:2b:28:74:17:a2:af:0b:a8:af:73:05:58:ff:7e:4c:
44:97:78:3f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQkspqwtOx2stRtoel2iFVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjUwMTAyMDE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzJhMjRjYzg5ZjRkYmFmOGZhZDdhMTY5MGJkYWRjMjQyMzM4Mzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPfMy9Y2K9M7T//p3Qt9mOg+NWvp
x9KXWZBKe4ulv3RjDe2uxiUb/OJW00pfe8PEpk4KAn/f2WiEAz2ZO/7kVoH/qCEh
JTkLwAxMDEkHUFY23+jQHTlksyXFAdX6P10u7uOmFMO5fgvoa5rJ3y1tFEhs89Lp
86WhzbB8+m4a9HqDJJhZGIbPtwjkxDdWWDnDPJTIG1M/BDBIt7l0KbG32LEkVN/0
Qs6RXKySySOuO9HmglivYW6sv4Xs6DWk6/QbmxDxihL+Gz/MoKqRPJmO8tYYM2NA
qQKAE6ERMFC59M3iUHKCv5HAfMXsMK13HtespgZlGpj00zKaSABic8ndcQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKMqJMyJ9Nuvj616FpC9rcJCM4OXMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvb3lva3pJbjAyNi1QclhvV2tMMnR3a0l6ZzVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQANcYfnI42wFqjYepXA
/Q/Sx7N0pmLn1ZJ4TcYA44wR53HxcT15Yk9whLHrMlTQURPY0O+FuSVpBfw//ZHF
UvjfETHOdw0ceyZfuGEkimkFFy1I3/zbAkx3giVAbPi3AEWyLAPNEDYQF2jJaTyx
s7jDka0SY8ZWZcc6SmYqM6I7myxB8DvkMs5M4zQEP5NAoI4RUHmX7Q1SFaXhI2HK
0C6DoY6wEsxuvzO4Y7DfSthBV9w7j38PBB5kEOVlFbsAsXgrIiyC8PRIzBi7sx+u
FzmBCz3UCPrjtW6zVxkxXiksRiZc2DVgpQLZE3FJLD4rKHQXoq8LqK9zBVj/fkxE
l3g/
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:05:34 2025 by rpki-client