Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/OnMOQq4xudR6xbXWbPKyHBG6BYU.roa
File: OnMOQq4xudR6xbXWbPKyHBG6BYU.roa (raw, json)
Hash identifier: ix86ZPxbLYgBe8sTnBblxomJnEvCYCPhUZ0bD0h+7q8=
Subject key identifier: 3A:73:0E:42:AE:31:B9:D4:7A:C5:B5:D6:6C:F2:B2:1C:11:BA:05:85
Certificate issuer: /CN=a92dc7bdbc9d097336de6243b550ab173375ea39
Certificate serial: 018CC56E551E470D228B757A335C64B57C37
Authority key identifier: A9:2D:C7:BD:BC:9D:09:73:36:DE:62:43:B5:50:AB:17:33:75:EA:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qS3HvbydCXM23mJDtVCrFzN16jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/OnMOQq4xudR6xbXWbPKyHBG6BYU.roa
Signing time: Mon 01 Jan 2024 14:29:51 +0000
ROA not before: Mon 01 Jan 2024 14:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212632
IP address blocks: 212.39.32.0/24 maxlen: 24
212.39.32.0/22 maxlen: 22
212.39.32.0/21 maxlen: 21
212.39.34.0/24 maxlen: 24
212.39.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/qS3HvbydCXM23mJDtVCrFzN16jk.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/qS3HvbydCXM23mJDtVCrFzN16jk.mft
rsync://rpki.ripe.net/repository/DEFAULT/qS3HvbydCXM23mJDtVCrFzN16jk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:55:1e:47:0d:22:8b:75:7a:33:5c:64:b5:7c:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a92dc7bdbc9d097336de6243b550ab173375ea39
Validity
Not Before: Jan 1 14:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a730e42ae31b9d47ac5b5d66cf2b21c11ba0585
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cc:35:f7:f7:3e:10:4d:21:1f:9e:51:4c:5e:
c0:d1:fc:ef:db:e5:bd:d7:c2:e9:27:81:7c:05:dc:
44:ed:51:ec:3f:11:2d:0f:a6:f6:0f:bd:c4:25:ad:
e6:ac:53:08:85:f0:5a:db:fb:84:0b:94:dd:b6:a2:
c8:b7:a8:d6:c3:ad:1b:ff:1d:70:ef:f2:f6:d9:c0:
5b:02:3d:9c:a9:7c:8d:1b:48:25:73:82:f7:1e:67:
a1:af:92:81:3c:9d:c6:3b:6c:93:4e:c5:af:80:4e:
1c:d1:35:89:94:3f:04:12:ab:7b:2e:4c:00:fb:50:
ea:65:84:47:df:85:f8:e6:94:2e:b5:4a:4e:42:24:
21:6e:59:f8:9a:f3:b9:27:97:5e:7b:d9:2e:86:05:
38:dd:66:d4:45:30:4f:37:ee:db:cb:3d:5b:cc:7b:
eb:22:60:47:08:22:98:ba:d0:ba:e5:8a:64:63:cb:
b0:44:aa:7c:aa:a6:4c:7d:6f:50:5d:13:26:5d:39:
d1:ae:4d:1e:8d:39:d1:41:aa:10:da:d7:95:3c:e6:
c1:35:73:07:d5:fd:bc:33:e1:ad:75:d9:39:1f:6c:
24:7a:97:eb:5e:15:80:12:6f:7c:21:19:35:9a:19:
a1:2e:a5:2c:de:36:80:d8:aa:57:07:b3:fd:cd:d5:
58:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:73:0E:42:AE:31:B9:D4:7A:C5:B5:D6:6C:F2:B2:1C:11:BA:05:85
X509v3 Authority Key Identifier:
keyid:A9:2D:C7:BD:BC:9D:09:73:36:DE:62:43:B5:50:AB:17:33:75:EA:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qS3HvbydCXM23mJDtVCrFzN16jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/OnMOQq4xudR6xbXWbPKyHBG6BYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/qS3HvbydCXM23mJDtVCrFzN16jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.39.32.0/21
212.39.63.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:a3:bd:a5:af:7d:a8:25:2e:8e:d3:3e:b7:ec:2e:aa:de:14:
0b:4e:97:ff:20:15:36:4e:01:ea:c3:8d:52:7a:a3:5a:7e:ba:
79:94:68:c4:55:e7:06:e3:ab:38:78:55:51:c3:ff:02:ea:12:
93:75:4f:ba:30:b1:b3:7f:65:71:6f:e5:73:28:c9:82:51:3b:
9a:a4:05:28:26:3e:cb:24:cd:30:a0:4d:4c:23:40:d7:92:61:
16:ff:5b:05:d8:7a:a5:d6:80:38:df:60:3f:fa:38:8f:ed:12:
9e:f1:0d:18:90:ef:59:6a:e4:1e:eb:7f:61:f5:36:3d:4f:73:
a5:e8:3a:31:19:74:ef:c0:7f:9f:d2:b6:e8:d0:b0:b8:db:1b:
54:5e:b8:33:d4:53:a9:67:5d:6e:88:d5:5c:16:cf:d3:9f:2d:
ff:f3:b9:65:4e:db:4f:4a:71:ff:22:50:55:3f:ce:03:e4:16:
85:a9:b0:79:d8:70:e9:27:81:ec:66:29:6e:c0:42:20:a6:8f:
7e:48:66:0c:2e:f4:cf:30:ec:08:fd:0c:e9:e8:2d:4b:72:a1:
6e:48:02:40:eb:7d:94:a0:40:34:2f:f3:b3:31:38:7b:d1:5d:
8e:4f:5e:57:ac:f9:c8:4f:05:eb:62:38:a4:76:3d:f9:2c:d3:
fd:78:4a:56
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFblUeRw0ii3V6M1xktXw3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MmRjN2JkYmM5ZDA5NzMzNmRlNjI0M2I1NTBhYjE3MzM3
NWVhMzkwHhcNMjQwMTAxMTQyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTczMGU0MmFlMzFiOWQ0N2FjNWI1ZDY2Y2YyYjIxYzExYmEwNTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8w19/c+EE0hH55RTF7A0fzv2+W9
18LpJ4F8BdxE7VHsPxEtD6b2D73EJa3mrFMIhfBa2/uEC5TdtqLIt6jWw60b/x1w
7/L22cBbAj2cqXyNG0glc4L3Hmehr5KBPJ3GO2yTTsWvgE4c0TWJlD8EEqt7LkwA
+1DqZYRH34X45pQutUpOQiQhbln4mvO5J5dee9kuhgU43WbURTBPN+7byz1bzHvr
ImBHCCKYutC65YpkY8uwRKp8qqZMfW9QXRMmXTnRrk0ejTnRQaoQ2teVPObBNXMH
1f28M+Gtddk5H2wkepfrXhWAEm98IRk1mhmhLqUs3jaA2KpXB7P9zdVY3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDpzDkKuMbnUesW11mzyshwRugWFMB8GA1UdIwQY
MBaAFKktx728nQlzNt5iQ7VQqxczdeo5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVMzSHZieWRDWE0yM21KRHRWQ3JGek4xNmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8wYjQ2MjktMzljYy00ZTZjLTllMWMt
OTkxYjdhZWU3NDZjLzEvT25NT1FxNHh1ZFI2eGJYV2JQS3lIQkc2QllVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8wYjQ2MjktMzljYy00ZTZjLTllMWMtOTkxYjdhZWU3NDZj
LzEvcVMzSHZieWRDWE0yM21KRHRWQ3JGek4xNmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQD1CcgAwQA
1Cc/MA0GCSqGSIb3DQEBCwUAA4IBAQBOo72lr32oJS6O0z637C6q3hQLTpf/IBU2
TgHqw41SeqNafrp5lGjEVecG46s4eFVRw/8C6hKTdU+6MLGzf2Vxb+VzKMmCUTua
pAUoJj7LJM0woE1MI0DXkmEW/1sF2Hql1oA432A/+jiP7RKe8Q0YkO9ZauQe639h
9TY9T3Ol6DoxGXTvwH+f0rbo0LC42xtUXrgz1FOpZ11uiNVcFs/Tny3/87llTttP
SnH/IlBVP84D5BaFqbB52HDpJ4HsZiluwEIgpo9+SGYMLvTPMOwI/Qzp6C1LcqFu
SAJA632UoEA0L/OzMTh70V2OT15XrPnITwXrYjikdj35LNP9eEpW
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:43:19 2024 by rpki-client on console-ams.rpki-client.org