Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/z3Q0oq3UWIqyfju6c0Dd-yu1gKk.roa
File: z3Q0oq3UWIqyfju6c0Dd-yu1gKk.roa (raw, json)
Hash identifier: d+AAUiPogRE9gXwOadifw5sWxUfwx9B97i6xeiwcXz4=
Subject key identifier: CF:74:34:A2:AD:D4:58:8A:B2:7E:3B:BA:73:40:DD:FB:2B:B5:80:A9
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC4923D83E5665CF0ED804CDC03274EAB
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/z3Q0oq3UWIqyfju6c0Dd-yu1gKk.roa
Signing time: Mon 01 Jan 2024 10:29:27 +0000
ROA not before: Mon 01 Jan 2024 10:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397228
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 04:04:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:3d:83:e5:66:5c:f0:ed:80:4c:dc:03:27:4e:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf7434a2add4588ab27e3bba7340ddfb2bb580a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:73:c3:d2:2c:c6:e8:f1:37:02:68:bd:86:38:
1f:00:33:a4:90:d7:f7:c2:56:f2:3f:c6:50:fa:87:
04:61:b7:57:11:39:6a:32:1a:53:c5:0a:02:28:59:
ac:3c:df:a1:7e:e4:4d:82:72:6d:44:d0:ff:51:c6:
a5:79:f2:ca:e6:a4:7e:b4:6a:94:ff:96:fe:47:7e:
e4:87:47:83:f7:ae:0c:16:11:1b:59:7d:18:89:f1:
13:ad:31:63:bb:12:b9:09:7a:72:9d:9c:6e:da:1b:
27:5c:27:b0:d0:3c:84:a3:90:68:7e:33:b6:6f:d5:
97:fa:b5:76:e7:a5:09:22:50:b2:74:b2:2c:c4:d5:
43:55:03:46:7f:bd:1d:c5:bc:fc:b9:c0:c1:ef:b6:
c9:9a:70:66:ea:c3:3d:d3:45:58:15:80:f3:17:15:
73:e9:c8:80:6d:7c:1b:82:0c:46:bf:8d:f0:11:a1:
6f:d0:d0:95:cd:a9:87:1d:6f:1c:d9:bd:bc:57:d9:
00:eb:23:83:a5:c7:c3:74:95:e7:39:ba:18:30:db:
91:aa:ba:e0:31:87:29:7b:78:61:f5:c8:57:e7:58:
39:a7:8b:6b:61:62:fa:5b:2c:25:ad:54:16:e2:8b:
dd:e8:16:51:15:06:8a:14:40:e9:44:08:40:aa:03:
2e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:74:34:A2:AD:D4:58:8A:B2:7E:3B:BA:73:40:DD:FB:2B:B5:80:A9
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/z3Q0oq3UWIqyfju6c0Dd-yu1gKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
31:a4:c8:35:36:5b:e0:7e:0e:5b:8a:77:37:ee:89:87:6c:dc:
5c:7d:4b:f9:c1:e3:8a:1b:f0:82:bd:8b:86:38:c3:29:cc:2c:
3b:24:d1:09:91:48:e9:16:f6:51:c7:35:d9:d0:4e:a2:bc:a8:
a2:30:49:8f:d6:ee:c7:ef:4b:8b:91:05:f8:86:43:4a:48:d5:
0c:4d:90:bc:e8:1f:35:91:e3:a7:68:19:f6:63:c0:ae:00:98:
e5:b8:e5:8a:f9:c0:b0:76:9e:d4:60:36:66:14:e9:80:6e:6d:
43:0e:d3:e1:30:ed:dd:43:ff:ad:a6:02:c3:ea:ab:d8:d6:19:
9a:48:ee:13:11:7c:10:cc:e9:52:cd:8a:f3:05:e8:55:f6:1c:
f1:6d:b5:11:4e:08:d2:03:41:16:3f:c8:d9:45:ae:1f:eb:26:
42:c2:7b:9d:14:7e:71:89:b1:62:95:e2:7e:8d:56:90:84:2f:
24:9b:49:dc:01:46:59:20:b0:b4:d5:ee:51:3b:5a:4a:d1:dd:
54:ad:b8:cb:63:54:7e:7b:44:ab:a1:e4:25:06:d5:d2:7c:ea:
eb:b5:b7:75:24:8e:e0:cf:d6:ef:81:c8:0a:0c:fe:0a:fd:e7:
e8:77:fd:ba:d1:95:3b:61:ae:ca:b6:39:0d:7d:cc:db:be:a0:
77:ba:9b:df
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkj2D5WZc8O2ATNwDJ06rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjc0MzRhMmFkZDQ1ODhhYjI3ZTNiYmE3MzQwZGRmYjJiYjU4MGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3PD0izG6PE3Ami9hjgfADOkkNf3
wlbyP8ZQ+ocEYbdXETlqMhpTxQoCKFmsPN+hfuRNgnJtRND/UcalefLK5qR+tGqU
/5b+R37kh0eD964MFhEbWX0YifETrTFjuxK5CXpynZxu2hsnXCew0DyEo5BofjO2
b9WX+rV256UJIlCydLIsxNVDVQNGf70dxbz8ucDB77bJmnBm6sM900VYFYDzFxVz
6ciAbXwbggxGv43wEaFv0NCVzamHHW8c2b28V9kA6yODpcfDdJXnOboYMNuRqrrg
MYcpe3hh9chX51g5p4trYWL6WywlrVQW4ovd6BZRFQaKFEDpRAhAqgMuOwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM90NKKt1FiKsn47unNA3fsrtYCpMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvejNRMG9xM1VXSXF5Zmp1NmMwRGQteXUxZ0trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAxpMg1Nlvgfg5binc3
7omHbNxcfUv5weOKG/CCvYuGOMMpzCw7JNEJkUjpFvZRxzXZ0E6ivKiiMEmP1u7H
70uLkQX4hkNKSNUMTZC86B81keOnaBn2Y8CuAJjluOWK+cCwdp7UYDZmFOmAbm1D
DtPhMO3dQ/+tpgLD6qvY1hmaSO4TEXwQzOlSzYrzBehV9hzxbbURTgjSA0EWP8jZ
Ra4f6yZCwnudFH5xibFileJ+jVaQhC8km0ncAUZZILC01e5RO1pK0d1UrbjLY1R+
e0SroeQlBtXSfOrrtbd1JI7gz9bvgcgKDP4K/efod/260ZU7Ya7KtjkNfczbvqB3
upvf
-----END CERTIFICATE-----
Generated at Tue May 7 07:31:29 2024 by rpki-client on console-ams.rpki-client.org