Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/wm8krqNL_HZSm8TEkZb1L2G0hTQ.roa
File: wm8krqNL_HZSm8TEkZb1L2G0hTQ.roa (raw, json)
Hash identifier: MLpn4NR+obvpCFF8y28IbPWab+tdWOjBcwqbcQGurZ8=
Subject key identifier: C2:6F:24:AE:A3:4B:FC:76:52:9B:C4:C4:91:96:F5:2F:61:B4:85:34
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC4923C36821B3A180EF87E480BA320A4
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/wm8krqNL_HZSm8TEkZb1L2G0hTQ.roa
Signing time: Mon 01 Jan 2024 10:29:27 +0000
ROA not before: Mon 01 Jan 2024 10:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397224
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 04:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:3c:36:82:1b:3a:18:0e:f8:7e:48:0b:a3:20:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c26f24aea34bfc76529bc4c49196f52f61b48534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d0:29:4f:5b:fc:39:0e:c5:2e:9b:61:28:c1:
17:9f:62:35:49:29:1a:57:e3:61:8c:4f:a0:1e:d8:
b6:ed:c7:be:10:80:a8:c4:cf:0d:b6:55:21:6d:bc:
68:cc:bc:03:6d:77:c9:c1:25:c8:21:64:c1:b5:92:
ca:db:1e:f8:20:5b:72:ab:18:64:04:1f:75:8d:25:
d8:5f:76:de:57:0a:c6:42:bc:b4:43:31:4d:01:38:
c7:d7:b8:f5:a9:43:eb:7e:b9:6b:fc:c6:20:8e:a8:
e8:52:d4:6a:6c:fb:34:79:41:a3:ee:73:5c:8f:34:
b5:74:b0:61:14:f6:a1:ce:30:3b:9a:48:bb:c5:09:
62:a8:1e:e5:85:f0:07:67:38:2c:85:5e:d3:60:8b:
39:06:40:59:c7:e3:c6:2a:18:b1:c9:f9:d3:29:8c:
18:e2:38:e2:42:0a:c6:51:b2:8f:e4:ae:00:81:a6:
3f:ff:75:1c:4f:f1:e9:70:4a:6a:2a:06:cc:ad:16:
c0:fc:e9:26:f1:5a:07:01:fd:5b:a8:fd:cc:83:75:
60:9d:d3:a9:a0:d5:91:d5:d5:6d:3b:9d:bf:cb:9f:
5d:11:e0:b3:cb:2a:53:32:ac:bb:c7:a2:c0:93:fb:
13:b4:40:1f:7a:aa:5c:04:dd:7b:c4:0d:9d:af:05:
d7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:6F:24:AE:A3:4B:FC:76:52:9B:C4:C4:91:96:F5:2F:61:B4:85:34
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/wm8krqNL_HZSm8TEkZb1L2G0hTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
75:76:64:96:41:00:16:2a:6b:f4:cf:2d:42:ac:60:92:bf:a5:
cd:76:25:26:a7:6d:a4:be:97:af:47:17:f3:de:c3:9d:a9:9f:
81:cd:03:52:14:44:51:59:ae:70:bd:1d:73:10:25:ab:27:da:
19:db:be:b5:e2:78:e1:08:89:50:84:06:2c:0e:e7:c7:85:a4:
72:34:5c:35:f8:41:a4:21:45:d3:cd:fb:fb:a6:bd:e4:d9:b2:
25:93:7e:f2:8a:8b:77:6b:bf:71:a7:c9:c8:11:a0:11:c8:77:
08:f0:a5:b4:23:3a:62:b3:8b:86:b5:90:67:83:f7:87:96:9b:
db:43:fc:f1:13:eb:09:8d:a8:ef:1e:67:f5:29:b6:d6:b8:76:
a6:e4:5f:e2:fb:1e:d3:a5:ca:cd:65:13:a8:20:8c:fb:e8:f8:
c2:ba:67:9d:56:6f:4f:cf:fd:3f:e3:fb:dd:ee:5b:34:d8:5c:
85:4e:5f:2c:d8:a1:2a:ca:91:0d:9c:5d:a6:1d:18:ab:c0:7b:
b8:37:90:19:ed:88:f9:8e:07:60:07:95:3a:ba:e4:4f:30:89:
c5:ce:62:2b:f6:72:3d:3f:3a:d4:0a:77:80:33:c6:cc:7d:b1:
8f:ac:3e:94:d0:52:28:4b:e9:5b:25:7b:76:b7:ed:9e:e6:60:
e8:f3:9c:b4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkjw2ghs6GA74fkgLoyCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjZmMjRhZWEzNGJmYzc2NTI5YmM0YzQ5MTk2ZjUyZjYxYjQ4NTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9ApT1v8OQ7FLpthKMEXn2I1SSka
V+NhjE+gHti27ce+EICoxM8NtlUhbbxozLwDbXfJwSXIIWTBtZLK2x74IFtyqxhk
BB91jSXYX3beVwrGQry0QzFNATjH17j1qUPrfrlr/MYgjqjoUtRqbPs0eUGj7nNc
jzS1dLBhFPahzjA7mki7xQliqB7lhfAHZzgshV7TYIs5BkBZx+PGKhixyfnTKYwY
4jjiQgrGUbKP5K4AgaY//3UcT/HpcEpqKgbMrRbA/Okm8VoHAf1bqP3Mg3VgndOp
oNWR1dVtO52/y59dEeCzyypTMqy7x6LAk/sTtEAfeqpcBN17xA2drwXXeQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMJvJK6jS/x2UpvExJGW9S9htIU0MB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvd204a3JxTkxfSFpTbThURWtaYjFMMkcwaFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQB1dmSWQQAWKmv0zy1C
rGCSv6XNdiUmp22kvpevRxfz3sOdqZ+BzQNSFERRWa5wvR1zECWrJ9oZ27614njh
CIlQhAYsDufHhaRyNFw1+EGkIUXTzfv7pr3k2bIlk37yiot3a79xp8nIEaARyHcI
8KW0Izpis4uGtZBng/eHlpvbQ/zxE+sJjajvHmf1KbbWuHam5F/i+x7TpcrNZROo
IIz76PjCumedVm9Pz/0/4/vd7ls02FyFTl8s2KEqypENnF2mHRirwHu4N5AZ7Yj5
jgdgB5U6uuRPMInFzmIr9nI9PzrUCneAM8bMfbGPrD6U0FIoS+lbJXt2t+2e5mDo
85y0
-----END CERTIFICATE-----
Generated at Wed May 1 10:30:35 2024 by rpki-client on console-ams.rpki-client.org