Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b816b9-91b0-46da-8e58-91488a34fcc8/1/Odr74CN_IA7I-5ZEpMJ0BMFo070.roa
File: Odr74CN_IA7I-5ZEpMJ0BMFo070.roa (raw, json)
Hash identifier: 7h6Fph4qLa+Ev6+Xo2km7tCVhElEyMnVWPPfeaiHMDc=
Subject key identifier: 39:DA:FB:E0:23:7F:20:0E:C8:FB:96:44:A4:C2:74:04:C1:68:D3:BD
Certificate issuer: /CN=bc9c405f142e53eb67b1c49923ab795e84328c9b
Certificate serial: 018CC8DFA42F1A8EA305D6E29B64DCED3EFB
Authority key identifier: BC:9C:40:5F:14:2E:53:EB:67:B1:C4:99:23:AB:79:5E:84:32:8C:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJxAXxQuU-tnscSZI6t5XoQyjJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b816b9-91b0-46da-8e58-91488a34fcc8/1/Odr74CN_IA7I-5ZEpMJ0BMFo070.roa
Signing time: Tue 02 Jan 2024 06:32:28 +0000
ROA not before: Tue 02 Jan 2024 06:32:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50289
IP address blocks: 62.78.32.0/19 maxlen: 24
185.142.64.0/22 maxlen: 24
37.123.216.0/21 maxlen: 24
2a03:a400::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/b816b9-91b0-46da-8e58-91488a34fcc8/1/vJxAXxQuU-tnscSZI6t5XoQyjJs.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/b816b9-91b0-46da-8e58-91488a34fcc8/1/vJxAXxQuU-tnscSZI6t5XoQyjJs.mft
rsync://rpki.ripe.net/repository/DEFAULT/vJxAXxQuU-tnscSZI6t5XoQyjJs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 03:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:a4:2f:1a:8e:a3:05:d6:e2:9b:64:dc:ed:3e:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc9c405f142e53eb67b1c49923ab795e84328c9b
Validity
Not Before: Jan 2 06:32:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39dafbe0237f200ec8fb9644a4c27404c168d3bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9e:de:b1:36:80:33:00:af:b7:83:41:43:a8:
29:8b:82:b5:f5:b7:90:74:5a:f9:e2:ad:95:96:e6:
60:c8:57:77:4b:2f:9c:18:d9:38:9c:59:a2:e8:d5:
bd:0f:19:cd:c6:36:d2:46:71:94:67:d7:31:1e:4f:
5f:2b:f4:79:60:9e:6c:e2:70:55:a9:71:59:c0:77:
ad:31:2a:1a:8a:96:c2:7e:66:5a:c4:af:fe:b0:15:
52:74:56:bd:f8:62:5a:77:4b:d0:f2:ac:a4:54:d5:
04:9d:6f:c5:d2:e2:6f:a8:c9:6c:10:97:c2:34:0a:
96:bb:08:3e:be:45:7a:40:99:33:6a:c5:c1:de:e2:
7c:a2:c0:44:ee:6e:f1:59:ac:90:60:41:5d:07:4b:
db:62:ba:a1:21:82:d4:38:a0:71:68:ed:3d:00:7a:
26:70:f1:eb:9a:a0:8e:ad:39:e5:b9:c3:b9:4e:4b:
a1:cb:b9:d3:b7:73:9e:4d:e5:0e:db:99:0e:56:a6:
a6:cc:38:99:fa:6c:ba:88:50:9c:54:4b:c3:a9:8f:
c3:3d:67:85:bf:37:39:09:83:8b:ae:c9:d1:cd:88:
8d:3c:a3:72:2d:b2:47:0d:00:10:17:a4:4d:24:d7:
bc:72:be:c4:1b:e0:ba:ea:a2:22:0b:60:2a:9e:43:
ab:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:DA:FB:E0:23:7F:20:0E:C8:FB:96:44:A4:C2:74:04:C1:68:D3:BD
X509v3 Authority Key Identifier:
keyid:BC:9C:40:5F:14:2E:53:EB:67:B1:C4:99:23:AB:79:5E:84:32:8C:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJxAXxQuU-tnscSZI6t5XoQyjJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b816b9-91b0-46da-8e58-91488a34fcc8/1/Odr74CN_IA7I-5ZEpMJ0BMFo070.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b816b9-91b0-46da-8e58-91488a34fcc8/1/vJxAXxQuU-tnscSZI6t5XoQyjJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.216.0/21
62.78.32.0/19
185.142.64.0/22
IPv6:
2a03:a400::/32
Signature Algorithm: sha256WithRSAEncryption
14:98:45:79:52:b1:90:e8:73:01:ba:b8:15:5c:ae:6a:a9:8b:
9c:26:c4:4c:83:a1:8d:fc:f9:a8:fa:cd:25:5c:27:38:8f:86:
8a:55:37:32:8a:56:21:12:04:64:7a:d2:91:62:be:14:6b:a0:
ba:50:ec:fe:e3:56:74:06:62:f1:07:6c:b0:d1:68:0e:7b:e4:
29:77:f6:06:f1:80:30:7d:c4:18:d0:aa:e9:85:4a:49:2d:48:
44:4c:68:f6:51:30:8b:b8:4f:2c:53:f5:bc:46:b5:43:30:37:
c5:d4:56:70:46:39:c1:7b:fd:fe:10:ec:e8:36:25:bb:09:be:
8d:b8:6e:6e:79:e0:4b:9c:41:1e:c3:06:63:37:6d:44:b8:ca:
b7:36:73:7c:c3:b8:cb:78:97:58:17:3c:87:d6:59:27:f7:4f:
ba:71:97:be:d0:f1:00:74:0e:17:ab:5d:71:a6:d7:ba:1f:48:
8c:62:23:d5:fa:36:2e:9f:3f:a3:0e:08:02:bc:e6:69:77:11:
91:64:f2:d0:fa:4d:b4:66:01:13:88:1c:4f:8b:1e:be:a5:68:
56:da:a2:12:0b:63:7f:4b:fd:d7:dc:dc:2a:01:04:ca:0b:7a:
7c:2b:e4:db:78:76:b8:91:ff:b1:f6:a7:56:15:be:a1:ae:a6:
87:25:1e:fe
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzI36QvGo6jBdbim2Tc7T77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOWM0MDVmMTQyZTUzZWI2N2IxYzQ5OTIzYWI3OTVlODQz
MjhjOWIwHhcNMjQwMTAyMDYzMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWRhZmJlMDIzN2YyMDBlYzhmYjk2NDRhNGMyNzQwNGMxNjhkM2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAop7esTaAMwCvt4NBQ6gpi4K19beQ
dFr54q2VluZgyFd3Sy+cGNk4nFmi6NW9DxnNxjbSRnGUZ9cxHk9fK/R5YJ5s4nBV
qXFZwHetMSoaipbCfmZaxK/+sBVSdFa9+GJad0vQ8qykVNUEnW/F0uJvqMlsEJfC
NAqWuwg+vkV6QJkzasXB3uJ8osBE7m7xWayQYEFdB0vbYrqhIYLUOKBxaO09AHom
cPHrmqCOrTnlucO5Tkuhy7nTt3OeTeUO25kOVqamzDiZ+my6iFCcVEvDqY/DPWeF
vzc5CYOLrsnRzYiNPKNyLbJHDQAQF6RNJNe8cr7EG+C66qIiC2AqnkOr9wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDna++AjfyAOyPuWRKTCdATBaNO9MB8GA1UdIwQY
MBaAFLycQF8ULlPrZ7HEmSOreV6EMoybMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkp4QVh4UXVVLXRuc2NTWkk2dDVYb1F5akpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iODE2YjktOTFiMC00NmRhLThlNTgt
OTE0ODhhMzRmY2M4LzEvT2RyNzRDTl9JQTdJLTVaRXBNSjBCTUZvMDcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iODE2YjktOTFiMC00NmRhLThlNTgtOTE0ODhhMzRmY2M4
LzEvdkp4QVh4UXVVLXRuc2NTWkk2dDVYb1F5akpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJXvYAwQF
Pk4gAwQCuY5AMA0EAgACMAcDBQAqA6QAMA0GCSqGSIb3DQEBCwUAA4IBAQAUmEV5
UrGQ6HMBurgVXK5qqYucJsRMg6GN/Pmo+s0lXCc4j4aKVTcyilYhEgRketKRYr4U
a6C6UOz+41Z0BmLxB2yw0WgOe+Qpd/YG8YAwfcQY0KrphUpJLUhETGj2UTCLuE8s
U/W8RrVDMDfF1FZwRjnBe/3+EOzoNiW7Cb6NuG5ueeBLnEEewwZjN21EuMq3NnN8
w7jLeJdYFzyH1lkn90+6cZe+0PEAdA4Xq11xpte6H0iMYiPV+jYunz+jDggCvOZp
dxGRZPLQ+k20ZgETiBxPix6+pWhW2qISC2N/S/3X3NwqAQTKC3p8K+TbeHa4kf+x
9qdWFb6hrqaHJR7+
-----END CERTIFICATE-----
Generated at Wed Jun 26 09:52:33 2024 by rpki-client on console-fra.rpki-client.org