Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pakgoJm1JHH02EFn_cluKwwBgfw.roa
File: pakgoJm1JHH02EFn_cluKwwBgfw.roa (raw, json)
Hash identifier: 9psJh/g+q6UomADY1AKlNBezhzkIM0njclurAr2L1G8=
Subject key identifier: A5:A9:20:A0:99:B5:24:71:F4:D8:41:67:FD:C9:6E:2B:0C:01:81:FC
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 019424B2A06101E9B6746329C14DAC1B437F
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pakgoJm1JHH02EFn_cluKwwBgfw.roa
Signing time: Thu 02 Jan 2025 01:47:53 +0000
ROA not before: Thu 02 Jan 2025 01:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397243
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:a0:61:01:e9:b6:74:63:29:c1:4d:ac:1b:43:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 2 01:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5a920a099b52471f4d84167fdc96e2b0c0181fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:10:4c:77:ac:5a:c8:fa:49:a7:5c:84:64:e3:
cc:c9:6c:bf:42:f1:8e:f0:ff:9b:ea:6a:19:e1:92:
f2:de:9b:ec:ee:e0:07:74:3d:63:1e:31:83:76:8b:
94:fa:b8:e3:36:73:0f:3e:2a:c8:2b:f1:c8:7d:54:
75:56:8f:9d:e0:b9:b5:1d:07:60:f4:de:c7:30:75:
91:0d:91:91:10:18:1c:69:99:db:f9:f0:af:b6:56:
bb:b1:cb:42:b8:c2:6a:2d:dd:69:6e:87:ea:8a:4b:
87:b9:f5:46:77:33:41:3c:b2:96:fd:dd:13:55:92:
3c:78:7a:9b:36:15:22:14:b1:72:7d:8d:5b:6b:d4:
08:73:7d:69:05:51:a8:60:e6:b8:10:06:20:1f:52:
00:bd:28:39:45:c8:7a:c5:96:8c:8c:59:08:f0:74:
ac:1e:5d:ce:23:7c:26:be:09:86:3c:77:d8:14:ee:
d2:b2:e7:05:04:1d:1a:19:99:21:0f:d5:75:90:71:
ae:7e:e7:00:13:5e:68:7d:bd:1b:d2:79:af:b0:36:
79:16:aa:50:ef:52:22:48:64:2a:dd:d5:93:e8:69:
4a:95:6c:a2:1c:0d:19:dd:ab:c9:80:25:36:4b:21:
38:f0:47:26:ab:24:40:ca:85:71:b7:57:86:f0:fd:
ed:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A9:20:A0:99:B5:24:71:F4:D8:41:67:FD:C9:6E:2B:0C:01:81:FC
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pakgoJm1JHH02EFn_cluKwwBgfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
15:1a:cc:38:00:34:04:3d:36:61:17:a0:b3:a3:7c:25:09:2c:
4f:5a:af:c0:36:23:02:09:48:c4:b5:75:cc:a9:7e:72:ac:66:
33:2a:85:ec:fe:b9:3b:78:0e:b8:c6:d5:33:3f:27:ce:6b:fd:
aa:5c:7b:88:8f:70:af:ba:aa:de:20:29:53:6a:ae:dd:68:1f:
5f:d9:99:f8:09:78:63:21:b9:8d:d1:80:aa:fc:7c:3b:eb:e7:
18:da:44:a2:a1:70:c1:6d:ac:9c:5f:eb:ed:9e:49:90:71:32:
41:aa:82:c2:c8:d9:42:b5:d1:f2:e6:b3:bd:83:e6:9b:c9:c2:
16:17:e9:07:62:0e:00:83:8a:b8:e5:99:30:5f:d1:61:d7:63:
9a:c7:2e:7d:e1:93:ab:6a:55:15:12:05:62:4a:ac:d6:53:6e:
d2:82:7f:e0:2e:19:b3:ca:f8:1a:a2:14:5e:f7:61:4a:25:17:
4d:0e:7a:a3:d0:fe:c8:c7:63:f6:ea:31:c3:58:d1:39:9e:8d:
e7:5b:e9:60:29:85:6c:49:5a:66:96:16:71:5a:57:63:5e:57:
e1:8a:fd:90:71:4e:a1:fb:cd:de:14:75:2c:15:bb:76:da:3e:
44:13:e3:9c:b2:b2:03:03:b7:85:93:33:ef:73:d0:98:75:e6:
fc:4a:25:49
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQksqBhAem2dGMpwU2sG0N/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjUwMTAyMDE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWE5MjBhMDk5YjUyNDcxZjRkODQxNjdmZGM5NmUyYjBjMDE4MWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBBMd6xayPpJp1yEZOPMyWy/QvGO
8P+b6moZ4ZLy3pvs7uAHdD1jHjGDdouU+rjjNnMPPirIK/HIfVR1Vo+d4Lm1HQdg
9N7HMHWRDZGREBgcaZnb+fCvtla7sctCuMJqLd1pbofqikuHufVGdzNBPLKW/d0T
VZI8eHqbNhUiFLFyfY1ba9QIc31pBVGoYOa4EAYgH1IAvSg5Rch6xZaMjFkI8HSs
Hl3OI3wmvgmGPHfYFO7SsucFBB0aGZkhD9V1kHGufucAE15ofb0b0nmvsDZ5FqpQ
71IiSGQq3dWT6GlKlWyiHA0Z3avJgCU2SyE48EcmqyRAyoVxt1eG8P3tRwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKWpIKCZtSRx9NhBZ/3JbisMAYH8MB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvcGFrZ29KbTFKSEgwMkVGbl9jbHVLd3dCZ2Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAVGsw4ADQEPTZhF6Cz
o3wlCSxPWq/ANiMCCUjEtXXMqX5yrGYzKoXs/rk7eA64xtUzPyfOa/2qXHuIj3Cv
uqreIClTaq7daB9f2Zn4CXhjIbmN0YCq/Hw76+cY2kSioXDBbaycX+vtnkmQcTJB
qoLCyNlCtdHy5rO9g+abycIWF+kHYg4Ag4q45ZkwX9Fh12Oaxy594ZOralUVEgVi
SqzWU27Sgn/gLhmzyvgaohRe92FKJRdNDnqj0P7Ix2P26jHDWNE5no3nW+lgKYVs
SVpmlhZxWldjXlfhiv2QcU6h+83eFHUsFbt22j5EE+OcsrIDA7eFkzPvc9CYdeb8
SiVJ
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:59:12 2025 by rpki-client