Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/2tnLTpbvYpF5wn0bb0Co1GvjgiY.roa
File: 2tnLTpbvYpF5wn0bb0Co1GvjgiY.roa (raw, json)
Hash identifier: HzTpOZ6LHiY6EuXMogc/VltVljaO9/29ucHTonoVI2s=
Subject key identifier: DA:D9:CB:4E:96:EF:62:91:79:C2:7D:1B:6F:40:A8:D4:6B:E3:82:26
Certificate issuer: /CN=0f091bdc666b8a59433c68d90e0d8cc37acdce92
Certificate serial: 019104AC942D67ECB5E5C9AA68EC791F61F3
Authority key identifier: 0F:09:1B:DC:66:6B:8A:59:43:3C:68:D9:0E:0D:8C:C3:7A:CD:CE:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dwkb3GZrillDPGjZDg2Mw3rNzpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/2tnLTpbvYpF5wn0bb0Co1GvjgiY.roa
Signing time: Tue 30 Jul 2024 17:25:04 +0000
ROA not before: Tue 30 Jul 2024 17:25:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60989
IP address blocks: 37.34.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/Dwkb3GZrillDPGjZDg2Mw3rNzpI.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/Dwkb3GZrillDPGjZDg2Mw3rNzpI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Dwkb3GZrillDPGjZDg2Mw3rNzpI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:04:ac:94:2d:67:ec:b5:e5:c9:aa:68:ec:79:1f:61:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f091bdc666b8a59433c68d90e0d8cc37acdce92
Validity
Not Before: Jul 30 17:25:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dad9cb4e96ef629179c27d1b6f40a8d46be38226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:58:13:e1:71:01:d5:a5:ff:99:b2:8c:29:5b:
fd:55:e6:0f:5c:d8:29:ff:52:62:78:6c:cd:70:5e:
3b:c8:42:3f:29:bc:de:f4:fd:4f:fd:68:b8:ff:e9:
70:2d:27:47:3c:7e:8d:67:2b:62:ff:22:4b:44:29:
a0:4e:1b:2b:79:67:40:a4:4b:b9:12:1b:99:52:92:
92:88:f5:b5:04:6d:a3:74:0e:c6:9a:39:3e:d6:36:
67:ba:a8:a1:79:31:e4:02:18:2b:6c:fa:73:ae:69:
48:03:db:1b:7e:8f:56:32:25:5f:90:75:57:a8:87:
42:06:7f:00:f1:39:e1:09:e3:6f:5a:96:12:d6:b8:
02:f8:44:f8:17:fb:69:b9:12:54:75:71:f7:87:a0:
41:c4:e9:5d:9a:b7:d9:b8:0e:63:eb:8e:48:fe:96:
40:78:e5:b4:66:eb:65:b8:c5:9e:66:6e:87:28:90:
f0:50:13:75:7d:7b:5e:d2:fa:f3:fa:4a:9e:af:01:
9f:82:33:0a:6e:f1:1c:14:ee:5a:20:c9:e8:70:c4:
3a:e6:9f:cc:cc:73:3f:b7:1c:a2:6a:40:ee:90:80:
6f:32:2e:5d:ca:97:99:18:09:25:63:b8:5a:52:ab:
14:b0:5b:2b:45:0f:67:5d:01:f5:b6:ea:c4:6b:23:
13:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D9:CB:4E:96:EF:62:91:79:C2:7D:1B:6F:40:A8:D4:6B:E3:82:26
X509v3 Authority Key Identifier:
keyid:0F:09:1B:DC:66:6B:8A:59:43:3C:68:D9:0E:0D:8C:C3:7A:CD:CE:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dwkb3GZrillDPGjZDg2Mw3rNzpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/2tnLTpbvYpF5wn0bb0Co1GvjgiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/Dwkb3GZrillDPGjZDg2Mw3rNzpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.73.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:eb:05:f1:06:a0:29:38:11:b7:52:c2:2a:e2:25:f0:63:3d:
e9:0b:e6:2f:84:d7:36:4e:6c:57:8e:00:bf:8c:33:9e:ea:df:
f9:4f:af:13:53:fe:83:23:ab:b3:83:6d:7f:4f:dc:2e:15:cc:
b0:fd:47:51:26:98:54:2c:9b:34:cc:cf:1b:31:63:be:7f:76:
8d:5c:ef:28:72:1b:60:05:4c:3b:36:9b:ef:42:45:bf:1b:47:
9a:da:58:05:3b:52:2c:5e:a7:8b:95:09:bd:16:41:71:bf:dc:
f1:f8:2a:d4:9e:d0:13:59:45:d0:11:f7:a1:01:b1:4e:c2:61:
93:b3:ec:7a:0b:fd:b4:98:28:99:4f:ca:4d:f2:d3:f3:7e:23:
e9:a4:71:41:18:08:a5:17:32:fb:ee:2c:1a:f3:8c:e5:a5:2a:
22:64:9a:eb:fb:7d:b6:c7:24:85:71:fc:fc:89:e5:42:62:33:
7a:a7:99:8a:19:3c:c2:75:fa:ae:d6:ff:3a:0e:39:3a:aa:ee:
42:06:4a:f9:47:b0:28:1f:27:82:8a:23:7a:f0:8e:16:fa:c0:
37:c2:31:1d:2c:8c:0b:57:ab:44:83:b8:13:ad:17:d6:c4:e1:
b2:32:84:49:9d:e1:ae:99:9a:eb:51:9a:aa:9d:d9:8c:03:87:
b9:b3:1b:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEErJQtZ+y15cmqaOx5H2HzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDkxYmRjNjY2YjhhNTk0MzNjNjhkOTBlMGQ4Y2MzN2Fj
ZGNlOTIwHhcNMjQwNzMwMTcyNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWQ5Y2I0ZTk2ZWY2MjkxNzljMjdkMWI2ZjQwYThkNDZiZTM4MjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVgT4XEB1aX/mbKMKVv9VeYPXNgp
/1JieGzNcF47yEI/Kbze9P1P/Wi4/+lwLSdHPH6NZyti/yJLRCmgThsreWdApEu5
EhuZUpKSiPW1BG2jdA7Gmjk+1jZnuqiheTHkAhgrbPpzrmlIA9sbfo9WMiVfkHVX
qIdCBn8A8TnhCeNvWpYS1rgC+ET4F/tpuRJUdXH3h6BBxOldmrfZuA5j645I/pZA
eOW0ZutluMWeZm6HKJDwUBN1fXte0vrz+kqerwGfgjMKbvEcFO5aIMnocMQ65p/M
zHM/txyiakDukIBvMi5dypeZGAklY7haUqsUsFsrRQ9nXQH1turEayMTVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrZy06W72KRecJ9G29AqNRr44ImMB8GA1UdIwQY
MBaAFA8JG9xma4pZQzxo2Q4NjMN6zc6SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdrYjNHWnJpbGxEUEdqWkRnMk13M3JOenBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iNjQwODMtNTUwZS00Y2FmLWJjMjkt
YTM0YThiODA2ODMyLzEvMnRuTFRwYnZZcEY1d24wYmIwQ28xR3ZqZ2lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iNjQwODMtNTUwZS00Y2FmLWJjMjktYTM0YThiODA2ODMy
LzEvRHdrYjNHWnJpbGxEUEdqWkRnMk13M3JOenBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJSJJMA0G
CSqGSIb3DQEBCwUAA4IBAQBq6wXxBqApOBG3UsIq4iXwYz3pC+YvhNc2TmxXjgC/
jDOe6t/5T68TU/6DI6uzg21/T9wuFcyw/UdRJphULJs0zM8bMWO+f3aNXO8ochtg
BUw7NpvvQkW/G0ea2lgFO1IsXqeLlQm9FkFxv9zx+CrUntATWUXQEfehAbFOwmGT
s+x6C/20mCiZT8pN8tPzfiPppHFBGAilFzL77iwa84zlpSoiZJrr+322xySFcfz8
ieVCYjN6p5mKGTzCdfqu1v86Djk6qu5CBkr5R7AoHyeCiiN68I4W+sA3wjEdLIwL
V6tEg7gTrRfWxOGyMoRJneGumZrrUZqqndmMA4e5sxvl
-----END CERTIFICATE-----
Generated at Sun Nov 24 00:17:49 2024 by rpki-client on console-ams.rpki-client.org