Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/ti0W6fjaL6Z8NJz1MH9rdtxIt7Q.roa
File: ti0W6fjaL6Z8NJz1MH9rdtxIt7Q.roa (raw, json)
Hash identifier: eexhvPXToWxtG+Ffy16JfuC8/yelu2NCnq6+i2y5ma4=
Subject key identifier: B6:2D:16:E9:F8:DA:2F:A6:7C:34:9C:F5:30:7F:6B:76:DC:48:B7:B4
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 019424B2A0AB314C9C515F3C487D3AAF098A
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/ti0W6fjaL6Z8NJz1MH9rdtxIt7Q.roa
Signing time: Thu 02 Jan 2025 01:47:53 +0000
ROA not before: Thu 02 Jan 2025 01:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 399151
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:a0:ab:31:4c:9c:51:5f:3c:48:7d:3a:af:09:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 2 01:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b62d16e9f8da2fa67c349cf5307f6b76dc48b7b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:9b:f4:d0:a4:f6:8c:ec:1b:1b:91:44:06:58:
62:42:d0:1c:e5:ed:a9:17:00:32:ca:7d:78:3b:fd:
f6:94:15:b7:56:09:87:8f:44:18:5a:ed:07:bd:b5:
08:4f:e4:ea:8f:d4:94:81:d9:87:3b:f6:a9:5c:6b:
22:1f:df:e2:4c:f9:4d:f4:3a:73:f8:c9:90:b6:91:
a2:18:b0:cf:00:cb:a8:82:3b:96:8a:55:b9:22:ab:
2e:a1:ef:53:6c:2d:81:36:8e:53:20:dd:f9:a6:06:
8e:75:8f:8a:06:db:c0:a2:21:fd:b5:ce:dc:3a:d2:
ec:96:f1:b4:e4:2c:35:7a:37:b3:0a:ee:bf:5a:97:
9c:65:43:b9:15:28:c0:76:36:b0:d2:1c:64:18:f3:
3a:fe:08:89:29:7b:3a:7c:6e:16:88:70:99:24:d8:
93:48:a3:f4:b0:79:83:82:7e:bc:85:40:ec:2e:52:
f7:a1:7b:05:a3:8b:f1:42:ff:1d:cf:96:4b:6b:5a:
d9:8a:f5:ed:27:09:cd:bb:51:69:42:b2:4a:9c:f7:
70:ee:2f:14:8d:3e:85:36:d2:f5:de:eb:01:73:92:
9a:23:ec:1e:3c:d2:9e:87:8f:66:9b:a7:9a:c6:7d:
6f:fc:b4:2c:b1:be:6c:d6:0d:42:0c:77:0f:d4:23:
b8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:2D:16:E9:F8:DA:2F:A6:7C:34:9C:F5:30:7F:6B:76:DC:48:B7:B4
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/ti0W6fjaL6Z8NJz1MH9rdtxIt7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
49:c5:2d:32:fb:33:40:57:69:3f:3b:78:d5:86:b7:99:1e:76:
e5:ea:b1:4d:89:85:bb:73:0a:e6:8c:b4:8a:a5:c9:bb:c8:1e:
c3:84:02:7a:57:e4:01:c5:49:c9:23:63:2a:8d:31:af:7a:54:
3c:ee:f8:c9:f7:d7:94:de:e5:a3:d8:d1:3a:da:ad:0f:11:ef:
f2:4c:c7:06:8c:a3:7e:6b:db:d9:22:23:90:2a:d8:05:26:9e:
42:77:bc:4c:21:f2:fe:7f:31:61:8d:25:0c:70:86:75:5a:cb:
8f:0c:51:2c:f4:58:76:0b:6e:c5:92:6f:ef:cd:a4:ec:c9:5c:
e1:75:a8:08:df:8c:4c:a2:ef:cc:32:3a:0b:70:4d:8f:2a:07:
e7:0e:cd:60:7d:ea:71:68:ab:34:a9:97:b5:0e:28:37:31:ac:
bb:a3:df:27:22:50:21:49:b6:38:bc:84:3c:3f:ba:af:63:b1:
2d:3b:dc:04:76:21:46:f9:66:3c:a0:85:ed:1f:d3:d9:df:ad:
b4:41:93:cd:66:03:5d:44:98:3b:3b:8b:e0:82:e9:c0:1c:74:
78:ec:ac:ee:4a:61:1c:fd:68:4f:33:d8:3c:88:f5:9d:61:55:
bb:e1:cd:88:c4:4a:c4:5b:76:58:24:7a:c4:b7:f8:12:1a:e2:
27:fa:07:ea
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQksqCrMUycUV88SH06rwmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjUwMTAyMDE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjJkMTZlOWY4ZGEyZmE2N2MzNDljZjUzMDdmNmI3NmRjNDhiN2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Zv00KT2jOwbG5FEBlhiQtAc5e2p
FwAyyn14O/32lBW3VgmHj0QYWu0HvbUIT+Tqj9SUgdmHO/apXGsiH9/iTPlN9Dpz
+MmQtpGiGLDPAMuogjuWilW5Iqsuoe9TbC2BNo5TIN35pgaOdY+KBtvAoiH9tc7c
OtLslvG05Cw1ejezCu6/WpecZUO5FSjAdjaw0hxkGPM6/giJKXs6fG4WiHCZJNiT
SKP0sHmDgn68hUDsLlL3oXsFo4vxQv8dz5ZLa1rZivXtJwnNu1FpQrJKnPdw7i8U
jT6FNtL13usBc5KaI+wePNKeh49mm6eaxn1v/LQssb5s1g1CDHcP1CO49QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLYtFun42i+mfDSc9TB/a3bcSLe0MB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvdGkwVzZmamFMNlo4Tkp6MU1IOXJkdHhJdDdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBJxS0y+zNAV2k/O3jV
hreZHnbl6rFNiYW7cwrmjLSKpcm7yB7DhAJ6V+QBxUnJI2MqjTGvelQ87vjJ99eU
3uWj2NE62q0PEe/yTMcGjKN+a9vZIiOQKtgFJp5Cd7xMIfL+fzFhjSUMcIZ1WsuP
DFEs9Fh2C27Fkm/vzaTsyVzhdagI34xMou/MMjoLcE2PKgfnDs1gfepxaKs0qZe1
Dig3May7o98nIlAhSbY4vIQ8P7qvY7EtO9wEdiFG+WY8oIXtH9PZ3620QZPNZgNd
RJg7O4vggunAHHR47KzuSmEc/WhPM9g8iPWdYVW74c2IxErEW3ZYJHrEt/gSGuIn
+gfq
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:03:15 2025 by rpki-client