Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/NQNRJI6IbtOnb_c1d6cel5a2eWo.roa
File: NQNRJI6IbtOnb_c1d6cel5a2eWo.roa (raw, json)
Hash identifier: +QHzzebondE6Sd8P02Apy4D58mKRS9PEV2/40sAo9G0=
Subject key identifier: 35:03:51:24:8E:88:6E:D3:A7:6F:F7:35:77:A7:1E:97:96:B6:79:6A
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 019306913B88C24C95DBFD5D059FE5DB87F9
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/NQNRJI6IbtOnb_c1d6cel5a2eWo.roa
Signing time: Thu 07 Nov 2024 12:20:01 +0000
ROA not before: Thu 07 Nov 2024 12:20:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200482
IP address blocks: 37.114.35.0/24 maxlen: 32
37.114.60.0/24 maxlen: 24
37.114.61.0/24 maxlen: 24
43.251.162.0/24 maxlen: 24
43.251.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:06:91:3b:88:c2:4c:95:db:fd:5d:05:9f:e5:db:87:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Nov 7 12:20:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=350351248e886ed3a76ff73577a71e9796b6796a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8c:e1:a5:56:11:2c:a8:ae:d3:9b:6a:4c:19:
cf:e1:5e:9d:7f:0d:4f:4d:45:5a:c6:95:59:99:f8:
90:cc:6a:f0:ad:63:83:b6:ea:33:fc:12:c3:21:0a:
cb:0e:e9:42:60:c8:de:43:47:24:ae:1d:5c:30:51:
26:d8:d7:cf:2a:90:7b:89:72:9b:03:68:aa:9c:13:
1b:d4:f0:f9:88:5c:e8:86:d6:fe:bd:1a:35:38:74:
44:70:2e:e2:e6:07:15:87:d7:fe:19:63:a0:ea:2e:
6a:9d:67:b4:ea:18:04:e4:eb:f5:09:21:e3:d7:1d:
81:5f:69:6c:18:c6:d2:b0:21:7a:5d:51:96:d6:12:
d3:a5:0b:e2:b6:04:e1:43:08:7d:de:32:4c:d1:ff:
4a:0a:df:d5:34:d2:03:97:2c:02:0f:0b:85:77:2f:
26:b0:ee:a2:f3:2a:76:9f:32:7a:ab:ba:a1:7a:54:
a0:91:fb:59:f4:22:5e:b0:19:1f:a2:12:01:16:7b:
dc:bf:6c:61:55:7f:1c:f6:40:c1:ea:95:8c:17:58:
5f:b9:55:91:62:ca:e5:78:f3:76:3e:8d:aa:4a:ff:
5f:68:58:70:45:04:de:7d:8c:29:c5:36:74:d2:fc:
fd:5e:7b:3d:c6:70:bf:06:57:1b:13:bd:1b:64:9f:
ab:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:03:51:24:8E:88:6E:D3:A7:6F:F7:35:77:A7:1E:97:96:B6:79:6A
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/NQNRJI6IbtOnb_c1d6cel5a2eWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.35.0/24
37.114.60.0/23
43.251.162.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:6e:91:51:c5:47:c5:dc:78:20:f9:6d:84:8a:e0:ad:33:a5:
48:0f:5c:60:77:e8:a4:6e:ed:79:55:a6:34:e6:23:db:60:74:
5a:8b:3e:36:47:34:86:8d:a7:7e:85:88:51:85:83:98:13:c4:
d3:2a:b8:e4:28:d1:78:4e:c8:70:4f:88:81:47:0e:2d:db:7b:
26:0f:d8:36:7c:1e:f2:bd:12:7b:27:51:4d:1b:bb:b4:17:7a:
44:10:37:59:56:99:d2:1e:8f:3e:5e:62:f7:55:b0:4c:49:6f:
8b:ce:36:db:a0:78:6a:38:53:8a:5c:a7:86:e7:37:b2:c1:ca:
08:50:91:b8:2f:09:f7:77:ca:3b:97:58:75:8a:25:ff:c3:85:
dd:4c:e6:53:83:10:8b:5a:1b:40:16:be:7e:c4:a7:aa:f5:7b:
a4:59:70:94:0c:90:65:7f:77:cd:cc:5b:07:7d:e8:e2:e8:3a:
d6:2b:5e:51:09:d7:94:93:dc:93:65:ea:cd:d9:fe:f4:0d:58:
00:c9:3c:72:e8:c2:a7:bd:4a:0f:8b:03:94:c8:ac:49:3d:8f:
fd:4c:d1:f3:94:9b:bf:ea:f6:50:6f:63:52:b0:74:ef:2c:d4:
b2:a5:5a:4e:0f:2d:f7:8e:0e:dd:26:d5:5f:47:f4:96:d8:93:
5a:7c:52:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMGkTuIwkyV2/1dBZ/l24f5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjQxMTA3MTIyMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTAzNTEyNDhlODg2ZWQzYTc2ZmY3MzU3N2E3MWU5Nzk2YjY3OTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYzhpVYRLKiu05tqTBnP4V6dfw1P
TUVaxpVZmfiQzGrwrWODtuoz/BLDIQrLDulCYMjeQ0ckrh1cMFEm2NfPKpB7iXKb
A2iqnBMb1PD5iFzohtb+vRo1OHREcC7i5gcVh9f+GWOg6i5qnWe06hgE5Ov1CSHj
1x2BX2lsGMbSsCF6XVGW1hLTpQvitgThQwh93jJM0f9KCt/VNNIDlywCDwuFdy8m
sO6i8yp2nzJ6q7qhelSgkftZ9CJesBkfohIBFnvcv2xhVX8c9kDB6pWMF1hfuVWR
YsrlePN2Po2qSv9faFhwRQTefYwpxTZ00vz9Xns9xnC/BlcbE70bZJ+r6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDUDUSSOiG7Tp2/3NXenHpeWtnlqMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvTlFOUkpJNklidE9uYl9jMWQ2Y2VsNWEyZVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJXIjAwQB
JXI8AwQBK/uiMA0GCSqGSIb3DQEBCwUAA4IBAQCubpFRxUfF3Hgg+W2EiuCtM6VI
D1xgd+ikbu15VaY05iPbYHRaiz42RzSGjad+hYhRhYOYE8TTKrjkKNF4TshwT4iB
Rw4t23smD9g2fB7yvRJ7J1FNG7u0F3pEEDdZVpnSHo8+XmL3VbBMSW+LzjbboHhq
OFOKXKeG5zeywcoIUJG4Lwn3d8o7l1h1iiX/w4XdTOZTgxCLWhtAFr5+xKeq9Xuk
WXCUDJBlf3fNzFsHfeji6DrWK15RCdeUk9yTZerN2f70DVgAyTxy6MKnvUoPiwOU
yKxJPY/9TNHzlJu/6vZQb2NSsHTvLNSypVpODy33jg7dJtVfR/SW2JNafFJt
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:39:47 2024 by rpki-client on console-fra.rpki-client.org