Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/aXXbJ_bYXeqgAVnFRCvpbz4uq3Y.roa
File: aXXbJ_bYXeqgAVnFRCvpbz4uq3Y.roa (raw, json)
Hash identifier: KZEvD2ak3+iNBExi+sz51AP4CJLevMmTyz8Jh/XSo8o=
Subject key identifier: 69:75:DB:27:F6:D8:5D:EA:A0:01:59:C5:44:2B:E9:6F:3E:2E:AB:76
Certificate issuer: /CN=29993007c7c92df6178e7cb43183fd7f52a526d8
Certificate serial: 019275B99F3B5CF1D40A85DC17E1B66C03EA
Authority key identifier: 29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/aXXbJ_bYXeqgAVnFRCvpbz4uq3Y.roa
Signing time: Thu 10 Oct 2024 09:19:12 +0000
ROA not before: Thu 10 Oct 2024 09:19:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61135
IP address blocks: 37.77.21.0/24 maxlen: 24
37.77.22.0/24 maxlen: 24
37.77.27.0/24 maxlen: 24
37.77.28.0/24 maxlen: 24
37.77.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:75:b9:9f:3b:5c:f1:d4:0a:85:dc:17:e1:b6:6c:03:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29993007c7c92df6178e7cb43183fd7f52a526d8
Validity
Not Before: Oct 10 09:19:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6975db27f6d85deaa00159c5442be96f3e2eab76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:78:8e:04:78:30:66:17:1d:7d:03:7a:07:59:
49:a1:a6:0f:69:90:56:78:e8:bf:a3:64:7d:fa:cd:
b0:c7:86:05:12:ac:4a:70:37:18:3c:37:f7:06:3a:
8d:ad:a2:b0:3a:21:21:1b:5b:41:36:11:41:d0:80:
0e:b4:49:9e:dd:87:d8:a1:19:da:54:5c:c7:bc:ba:
1e:73:bb:70:bc:c3:9b:a9:b1:44:9b:d7:b6:c6:0e:
b5:ad:1a:3a:ee:78:fb:49:a4:b9:ef:d2:22:2a:f9:
42:1e:5f:96:cd:ed:e1:65:62:c6:ad:e3:ac:d4:4e:
3c:be:0d:3f:03:a5:68:52:c6:1a:02:dc:68:bb:b9:
5c:6d:d9:40:e4:fa:72:81:4b:25:68:94:b3:25:42:
a0:44:28:4d:1a:ea:0f:40:05:52:8a:17:c6:85:43:
0d:7f:fc:be:5b:e4:88:16:6d:db:81:1e:2d:53:38:
e6:3c:0f:06:20:b5:21:57:1e:38:51:8d:18:09:b5:
91:3f:7d:fd:25:45:a9:27:22:49:2b:28:69:f2:ba:
1d:ea:b0:1c:7b:dc:cf:75:e2:6c:f0:bb:08:1a:2f:
ec:13:01:c0:c7:48:3d:51:0b:25:6c:b3:6a:99:fa:
81:eb:15:53:6d:2c:d0:e9:48:e4:34:3f:c1:88:41:
1d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:75:DB:27:F6:D8:5D:EA:A0:01:59:C5:44:2B:E9:6F:3E:2E:AB:76
X509v3 Authority Key Identifier:
keyid:29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/aXXbJ_bYXeqgAVnFRCvpbz4uq3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.21.0-37.77.22.255
37.77.27.0-37.77.29.255
Signature Algorithm: sha256WithRSAEncryption
2e:4a:bb:81:64:69:2e:99:c1:1a:c9:3e:a3:1d:ed:b2:28:6e:
50:7d:70:57:16:91:28:48:cd:3b:af:2f:e6:d6:05:0d:a2:8c:
bb:73:d8:45:12:ca:17:4b:cc:70:b9:ed:4b:77:bf:d8:66:62:
47:f3:a5:42:e8:0f:be:fd:5b:1d:21:41:a3:44:ce:06:48:3e:
c9:f2:da:35:58:d5:ab:e8:8e:9e:07:56:cb:a2:13:09:f7:2f:
44:56:2a:ef:0a:4f:9c:d0:d5:4e:f4:42:a9:ee:7f:fd:12:2e:
6b:50:c8:66:74:1d:6d:32:85:ca:3b:76:93:31:9c:5a:00:55:
f3:64:fe:72:a9:de:3e:f6:0e:d4:15:9b:8f:0a:fb:1b:22:79:
4d:68:f9:09:69:00:61:9e:95:46:33:92:9d:6c:2d:93:06:05:
1f:3d:6c:21:d0:24:08:6d:fa:c3:75:8a:8d:56:69:98:16:89:
24:71:a8:05:bd:bd:59:69:eb:12:c6:ab:a7:ab:1a:0d:56:7e:
c6:93:44:bc:37:40:59:d3:11:05:d8:14:e9:f4:b9:18:e0:43:
d7:38:1a:58:77:fe:05:ea:64:b0:63:3d:b9:c4:74:42:c0:f9:
48:1b:dd:54:61:2f:e3:04:ea:00:68:21:e1:3d:5a:93:10:41:
56:cf:38:33
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZJ1uZ87XPHUCoXcF+G2bAPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTkzMDA3YzdjOTJkZjYxNzhlN2NiNDMxODNmZDdmNTJh
NTI2ZDgwHhcNMjQxMDEwMDkxOTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTc1ZGIyN2Y2ZDg1ZGVhYTAwMTU5YzU0NDJiZTk2ZjNlMmVhYjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXiOBHgwZhcdfQN6B1lJoaYPaZBW
eOi/o2R9+s2wx4YFEqxKcDcYPDf3BjqNraKwOiEhG1tBNhFB0IAOtEme3YfYoRna
VFzHvLoec7twvMObqbFEm9e2xg61rRo67nj7SaS579IiKvlCHl+Wze3hZWLGreOs
1E48vg0/A6VoUsYaAtxou7lcbdlA5PpygUslaJSzJUKgRChNGuoPQAVSihfGhUMN
f/y+W+SIFm3bgR4tUzjmPA8GILUhVx44UY0YCbWRP339JUWpJyJJKyhp8rod6rAc
e9zPdeJs8LsIGi/sEwHAx0g9UQslbLNqmfqB6xVTbSzQ6UjkND/BiEEdrQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGl12yf22F3qoAFZxUQr6W8+Lqt2MB8GA1UdIwQY
MBaAFCmZMAfHyS32F458tDGD/X9SpSbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODkt
MWU4MjlmZmExYzNhLzEvYVhYYkpfYllYZXFnQVZuRlJDdnBiejR1cTNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODktMWU4MjlmZmExYzNh
LzEvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAAlTRUD
BAAlTRYwDAMEACVNGwMEASVNHDANBgkqhkiG9w0BAQsFAAOCAQEALkq7gWRpLpnB
Gsk+ox3tsihuUH1wVxaRKEjNO68v5tYFDaKMu3PYRRLKF0vMcLntS3e/2GZiR/Ol
QugPvv1bHSFBo0TOBkg+yfLaNVjVq+iOngdWy6ITCfcvRFYq7wpPnNDVTvRCqe5/
/RIua1DIZnQdbTKFyjt2kzGcWgBV82T+cqnePvYO1BWbjwr7GyJ5TWj5CWkAYZ6V
RjOSnWwtkwYFHz1sIdAkCG36w3WKjVZpmBaJJHGoBb29WWnrEsarp6saDVZ+xpNE
vDdAWdMRBdgU6fS5GOBD1zgaWHf+BepksGM9ucR0QsD5SBvdVGEv4wTqAGgh4T1a
kxBBVs84Mw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:16:15 2024 by rpki-client on console-ams.rpki-client.org