Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/on7n50BKHTFK35l4Ad5W_3poVr0.roa
File: on7n50BKHTFK35l4Ad5W_3poVr0.roa (raw, json)
Hash identifier: a9hztt8BsrfOa51j/gm2FLwSu/S1uKdxErfREDCBroA=
Subject key identifier: A2:7E:E7:E7:40:4A:1D:31:4A:DF:99:78:01:DE:56:FF:7A:68:56:BD
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 019348B6F54C19CC0DCBC81CABF158452CA3
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/on7n50BKHTFK35l4Ad5W_3poVr0.roa
Signing time: Wed 20 Nov 2024 08:36:10 +0000
ROA not before: Wed 20 Nov 2024 08:36:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34471
IP address blocks: 37.72.16.0/24 maxlen: 24
84.232.104.0/24 maxlen: 24
84.236.158.0/24 maxlen: 24
176.227.155.0/24 maxlen: 24
178.156.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:48:b6:f5:4c:19:cc:0d:cb:c8:1c:ab:f1:58:45:2c:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Nov 20 08:36:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a27ee7e7404a1d314adf997801de56ff7a6856bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b8:22:6b:63:14:29:a2:76:f5:8e:40:4c:c5:
06:67:21:9c:58:bb:67:cd:a2:8a:45:8a:12:a6:00:
df:80:41:65:c7:b6:91:21:dc:b4:09:28:1f:21:c9:
41:3e:bd:d4:b0:6e:da:e7:e2:b3:13:1b:c9:3b:b5:
01:f2:c1:95:4c:09:b2:c0:74:23:86:72:fd:4e:78:
c3:e1:ec:0b:86:9c:56:1f:35:eb:86:94:dc:7a:b3:
00:8d:9e:68:82:6a:b2:69:02:56:ab:fc:a3:51:34:
03:1b:4a:7f:75:56:04:e2:49:51:f5:37:cd:51:ee:
71:99:58:5a:b6:72:3c:b0:71:18:9d:09:53:dd:95:
11:9d:3b:c0:59:2e:52:3b:8a:ed:eb:2b:9c:b8:14:
b3:ee:7b:42:62:0e:8a:99:3a:70:65:5d:27:fa:2f:
53:70:17:5e:a0:ff:ae:95:cb:a4:9f:43:8a:67:5c:
da:f4:c8:21:05:dc:2a:7a:8f:fa:ae:4e:4c:0c:a1:
98:b2:eb:fa:10:b4:47:89:e3:c1:1e:2a:2e:eb:81:
fa:77:c7:12:66:d6:3e:87:e0:fc:d6:26:1e:4c:e8:
9c:6a:0c:e5:cb:ee:ee:de:ca:f3:a5:a2:39:b8:af:
29:61:fa:59:6b:7c:b6:d6:61:63:dd:a9:5a:01:35:
c3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:7E:E7:E7:40:4A:1D:31:4A:DF:99:78:01:DE:56:FF:7A:68:56:BD
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/on7n50BKHTFK35l4Ad5W_3poVr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.16.0/24
84.232.104.0/24
84.236.158.0/24
176.227.155.0/24
178.156.34.0/24
Signature Algorithm: sha256WithRSAEncryption
31:68:d1:5b:2c:40:ab:c1:21:bb:c1:3a:c6:cb:67:1c:3a:0d:
58:98:82:3e:d3:80:df:57:83:76:dc:6b:a0:20:01:23:47:64:
36:c6:c0:80:2d:4f:3f:cb:fa:e3:f2:cd:9f:07:11:bd:a6:ec:
d7:f4:63:49:13:1a:9a:0e:ca:85:d1:2e:dd:33:eb:f8:a6:34:
09:79:39:3a:a2:81:b7:29:0f:c6:7d:c4:c5:b3:cf:df:b4:fc:
fe:12:e6:c1:72:24:df:4d:2f:d6:bb:00:c1:09:c8:a7:9e:1a:
5b:07:68:d5:ef:7b:43:7b:6c:0d:f0:8c:de:cd:a4:e0:d4:7f:
de:02:44:b0:90:41:0d:34:89:26:81:2e:78:45:92:4d:15:b2:
e1:68:5f:08:8c:20:fb:11:d2:db:a8:87:2c:d3:d4:39:a5:ce:
e6:8a:32:68:0d:fe:86:f5:dd:3a:c4:a3:64:3c:b8:3c:ad:ca:
84:c2:5c:0d:6f:6d:44:00:9c:9d:bf:21:b1:ba:5f:85:e9:ae:
5c:f4:01:97:c7:87:16:f9:59:40:d3:66:3b:36:d0:87:2f:05:
84:e9:d6:15:49:a6:0f:a3:3e:f6:fc:90:a2:41:b1:ba:ec:0a:
51:28:59:0c:d1:96:91:76:ac:01:8e:82:28:a7:57:9a:62:a8:
1d:17:7b:1f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZNItvVMGcwNy8gcq/FYRSyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQxMTIwMDgzNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjdlZTdlNzQwNGExZDMxNGFkZjk5NzgwMWRlNTZmZjdhNjg1NmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrgia2MUKaJ29Y5ATMUGZyGcWLtn
zaKKRYoSpgDfgEFlx7aRIdy0CSgfIclBPr3UsG7a5+KzExvJO7UB8sGVTAmywHQj
hnL9TnjD4ewLhpxWHzXrhpTcerMAjZ5ogmqyaQJWq/yjUTQDG0p/dVYE4klR9TfN
Ue5xmVhatnI8sHEYnQlT3ZURnTvAWS5SO4rt6yucuBSz7ntCYg6KmTpwZV0n+i9T
cBdeoP+ulcukn0OKZ1za9MghBdwqeo/6rk5MDKGYsuv6ELRHiePBHiou64H6d8cS
ZtY+h+D81iYeTOicagzly+7u3srzpaI5uK8pYfpZa3y21mFj3alaATXDYQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKJ+5+dASh0xSt+ZeAHeVv96aFa9MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvb243bjUwQktIVEZLMzVsNEFkNVdfM3BvVnIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJUgQAwQA
VOhoAwQAVOyeAwQAsOObAwQAspwiMA0GCSqGSIb3DQEBCwUAA4IBAQAxaNFbLECr
wSG7wTrGy2ccOg1YmII+04DfV4N23GugIAEjR2Q2xsCALU8/y/rj8s2fBxG9puzX
9GNJExqaDsqF0S7dM+v4pjQJeTk6ooG3KQ/GfcTFs8/ftPz+EubBciTfTS/WuwDB
CcinnhpbB2jV73tDe2wN8IzezaTg1H/eAkSwkEENNIkmgS54RZJNFbLhaF8IjCD7
EdLbqIcs09Q5pc7mijJoDf6G9d06xKNkPLg8rcqEwlwNb21EAJydvyGxul+F6a5c
9AGXx4cW+VlA02Y7NtCHLwWE6dYVSaYPoz72/JCiQbG67ApRKFkM0ZaRdqwBjoIo
p1eaYqgdF3sf
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:03:55 2024 by rpki-client on console-ams.rpki-client.org