Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/z7RmVNBbCREUcp6M3H2zEBG4MtY.roa
File: z7RmVNBbCREUcp6M3H2zEBG4MtY.roa (raw, json)
Hash identifier: UKLD0ookdT771LXoeqD+iQ7cPBMEcvfL246UcYrkjt4=
Subject key identifier: CF:B4:66:54:D0:5B:09:11:14:72:9E:8C:DC:7D:B3:10:11:B8:32:D6
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 018CC49238B195EBE35E033D9284300F2907
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/z7RmVNBbCREUcp6M3H2zEBG4MtY.roa
Signing time: Mon 01 Jan 2024 10:29:26 +0000
ROA not before: Mon 01 Jan 2024 10:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397217
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 22:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:38:b1:95:eb:e3:5e:03:3d:92:84:30:0f:29:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 10:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfb46654d05b091114729e8cdc7db31011b832d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:00:aa:13:07:3b:2d:e6:e6:56:40:30:30:b6:
a1:2f:79:ba:d0:81:59:a5:f5:40:b2:da:56:b9:87:
63:82:72:b0:9a:1b:d8:2d:60:d3:ad:3f:6a:35:83:
c9:26:ec:1f:b1:00:7a:6a:6d:11:66:52:65:5b:3b:
e2:ac:c5:93:d3:65:5d:e5:52:22:fa:29:22:d8:cb:
d1:1a:a2:13:59:5b:eb:94:de:e2:7d:a8:b4:fd:f0:
1e:66:b1:42:7f:39:cc:b8:07:ca:fe:3e:7f:aa:11:
33:ec:e2:a8:67:75:8b:7c:20:83:54:99:ad:35:01:
74:ca:e3:29:de:f9:2f:37:92:71:26:45:83:78:83:
40:9f:65:8b:32:46:a6:fc:22:f3:18:77:26:53:2d:
73:8b:e6:77:78:fc:2f:a1:b6:6b:3d:4b:bd:bc:4c:
68:2b:cd:7b:14:a8:13:db:cd:db:9a:9c:11:94:c3:
dd:19:de:85:66:d3:b2:53:4c:b5:d7:55:55:61:79:
dd:e2:81:b3:b9:04:90:5a:15:65:dd:f0:c4:fd:6f:
e1:c9:08:55:ee:de:b2:e5:4a:02:66:29:b7:d9:9a:
87:d0:60:f2:b1:8f:f3:9f:92:8c:60:df:05:39:b8:
94:f8:11:cc:16:a5:ee:6e:a4:ba:59:d8:c9:49:9f:
4f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B4:66:54:D0:5B:09:11:14:72:9E:8C:DC:7D:B3:10:11:B8:32:D6
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/z7RmVNBbCREUcp6M3H2zEBG4MtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
44:54:29:44:b6:c3:a5:03:b2:f5:93:4e:91:40:15:3a:57:49:
e5:a2:62:27:18:74:d3:35:a9:44:85:ac:5e:a7:f4:a7:75:e1:
8a:eb:03:db:be:11:57:a7:98:3d:91:96:c8:f9:7b:3f:6a:f9:
d5:cc:8f:49:a5:54:99:93:7d:e2:56:8d:c6:7d:8d:5f:7c:8a:
99:54:ab:05:0b:01:19:d4:04:7f:1c:19:d0:a7:ea:ea:d7:0c:
97:49:29:26:2a:76:34:29:97:be:76:d3:ac:50:0c:b0:39:9d:
d8:9d:a7:65:47:47:f7:ed:68:5d:35:47:8b:b6:13:ac:77:ed:
c5:ab:7e:95:5b:4a:b1:d9:fc:e5:5c:5b:0e:36:5a:0f:4e:db:
b7:88:03:17:f3:3f:12:50:8c:90:27:e4:65:e1:50:17:ab:5a:
36:e0:7f:d7:c6:17:e5:ad:64:9e:f9:bb:49:a1:62:a9:52:37:
dd:e9:ca:61:d9:5c:69:d8:2b:4d:db:a3:a5:70:e1:f6:9c:f3:
de:34:d5:db:87:68:b1:13:ad:4b:e3:d7:54:f2:c7:22:9f:67:
0b:6b:61:e8:40:a5:2d:77:4a:3b:23:b6:9e:09:a8:4c:5f:d6:
83:73:29:57:b0:67:d0:a2:5e:c2:34:7e:82:a0:bb:f3:b6:b0:
65:a3:18:da
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkjixlevjXgM9koQwDykHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjQwMTAxMTAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmI0NjY1NGQwNWIwOTExMTQ3MjllOGNkYzdkYjMxMDExYjgzMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQCqEwc7LebmVkAwMLahL3m60IFZ
pfVAstpWuYdjgnKwmhvYLWDTrT9qNYPJJuwfsQB6am0RZlJlWzvirMWT02Vd5VIi
+iki2MvRGqITWVvrlN7ifai0/fAeZrFCfznMuAfK/j5/qhEz7OKoZ3WLfCCDVJmt
NQF0yuMp3vkvN5JxJkWDeINAn2WLMkam/CLzGHcmUy1zi+Z3ePwvobZrPUu9vExo
K817FKgT283bmpwRlMPdGd6FZtOyU0y111VVYXnd4oGzuQSQWhVl3fDE/W/hyQhV
7t6y5UoCZim32ZqH0GDysY/zn5KMYN8FObiU+BHMFqXubqS6WdjJSZ9PBwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM+0ZlTQWwkRFHKejNx9sxARuDLWMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvejdSbVZOQmJDUkVVY3A2TTNIMnpFQkc0TXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBEVClEtsOlA7L1k06R
QBU6V0nlomInGHTTNalEhaxep/SndeGK6wPbvhFXp5g9kZbI+Xs/avnVzI9JpVSZ
k33iVo3GfY1ffIqZVKsFCwEZ1AR/HBnQp+rq1wyXSSkmKnY0KZe+dtOsUAywOZ3Y
nadlR0f37WhdNUeLthOsd+3Fq36VW0qx2fzlXFsONloPTtu3iAMX8z8SUIyQJ+Rl
4VAXq1o24H/XxhflrWSe+btJoWKpUjfd6cph2Vxp2CtN26OlcOH2nPPeNNXbh2ix
E61L49dU8scin2cLa2HoQKUtd0o7I7aeCahMX9aDcylXsGfQol7CNH6CoLvztrBl
oxja
-----END CERTIFICATE-----
Generated at Mon May 20 05:12:17 2024 by rpki-client on console-ams.rpki-client.org