Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/3b7485-8b74-4d50-974a-1b501520532b/1/kn2UeFfc3MT_V3TGmONjpBGO3qQ.roa
File: kn2UeFfc3MT_V3TGmONjpBGO3qQ.roa (raw, json)
Hash identifier: DhqpVFso1fSlnhBYcMU6CrNsnuVBcuf1CQd2JX9x9Yc=
Subject key identifier: 92:7D:94:78:57:DC:DC:C4:FF:57:74:C6:98:E3:63:A4:11:8E:DE:A4
Certificate issuer: /CN=cccdf6516237d425e9ae3817ecb141f481773c12
Certificate serial: 018CC72775D22EEBF29DA2D6ED3124242055
Authority key identifier: CC:CD:F6:51:62:37:D4:25:E9:AE:38:17:EC:B1:41:F4:81:77:3C:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zM32UWI31CXprjgX7LFB9IF3PBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/3b7485-8b74-4d50-974a-1b501520532b/1/kn2UeFfc3MT_V3TGmONjpBGO3qQ.roa
Signing time: Mon 01 Jan 2024 22:31:41 +0000
ROA not before: Mon 01 Jan 2024 22:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211031
IP address blocks: 37.140.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/3b7485-8b74-4d50-974a-1b501520532b/1/zM32UWI31CXprjgX7LFB9IF3PBI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/3b7485-8b74-4d50-974a-1b501520532b/1/zM32UWI31CXprjgX7LFB9IF3PBI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zM32UWI31CXprjgX7LFB9IF3PBI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:75:d2:2e:eb:f2:9d:a2:d6:ed:31:24:24:20:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cccdf6516237d425e9ae3817ecb141f481773c12
Validity
Not Before: Jan 1 22:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=927d947857dcdcc4ff5774c698e363a4118edea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:16:77:55:44:af:38:b4:55:59:ef:e0:93:da:
6b:9f:82:2d:8e:98:75:45:3b:d4:9b:c4:89:ce:f0:
6c:09:04:da:a1:ac:8e:7d:6b:6d:60:df:dd:9e:b0:
9e:51:65:06:17:e4:de:8a:ee:d5:a5:d0:32:cc:21:
d7:91:84:50:ea:3c:05:fe:48:db:24:60:da:f7:68:
fc:a8:d5:9d:6a:f3:ff:18:71:16:aa:f8:2c:89:14:
35:d8:7e:f2:df:24:16:e8:cd:cb:09:95:d6:29:1c:
1f:22:e6:74:cb:96:42:d0:61:c0:1f:00:50:e2:53:
46:ee:0e:68:67:7e:c8:4c:ed:29:27:47:b7:98:e0:
71:77:e4:b1:98:d1:b8:f6:da:aa:5c:6d:68:62:e0:
bf:63:ab:c2:c1:c9:a3:6f:95:33:01:28:7c:0a:28:
53:61:92:9c:ae:bb:f5:78:f9:cc:6e:0e:4b:cd:c9:
e9:b0:f5:7a:6b:b5:ea:0d:01:bd:87:0c:19:af:31:
5c:71:d6:f7:9e:b1:6b:44:eb:5d:f1:57:86:01:fd:
93:a3:59:76:ae:26:93:42:99:a7:5c:b7:21:3f:56:
7b:cc:6d:ec:7a:82:09:50:2e:fb:9a:49:79:86:4b:
94:d1:57:68:9e:f2:e3:60:eb:a0:c4:10:77:48:59:
37:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:7D:94:78:57:DC:DC:C4:FF:57:74:C6:98:E3:63:A4:11:8E:DE:A4
X509v3 Authority Key Identifier:
keyid:CC:CD:F6:51:62:37:D4:25:E9:AE:38:17:EC:B1:41:F4:81:77:3C:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zM32UWI31CXprjgX7LFB9IF3PBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/3b7485-8b74-4d50-974a-1b501520532b/1/kn2UeFfc3MT_V3TGmONjpBGO3qQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/3b7485-8b74-4d50-974a-1b501520532b/1/zM32UWI31CXprjgX7LFB9IF3PBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.249.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:4a:66:1f:0f:23:21:08:a0:a9:46:95:e6:48:cf:26:9c:8e:
1d:67:3a:3f:a8:49:9c:66:85:85:83:b3:4c:6a:31:b1:ce:5e:
f1:52:9a:6f:61:07:5f:39:d2:4b:4d:31:0b:df:d8:3a:dd:4f:
fe:c9:f6:df:5b:61:4c:81:2f:a6:b1:f2:69:96:16:86:40:48:
96:d8:4f:64:86:ae:5d:9a:70:ff:b6:2c:ae:b3:ab:ee:f2:34:
63:e5:93:4a:e1:97:37:49:e5:42:24:28:c8:15:b5:eb:74:0a:
ef:77:b6:06:25:83:7a:39:c7:9d:5f:ef:8d:ed:c3:c8:b5:9d:
8d:80:b5:2b:3c:3c:08:21:ed:fa:2d:76:73:7c:eb:56:70:c1:
85:00:ba:72:f9:91:61:c8:e4:04:e3:8e:0c:c1:65:a5:2e:ff:
75:45:29:d6:2e:ee:87:fb:72:95:f7:cc:0e:7f:c2:8c:d6:3b:
78:1c:5b:66:66:d9:5f:f9:fd:3e:89:67:04:39:78:73:f0:8d:
ad:d8:7e:8c:32:0f:0c:86:83:b3:1d:03:d7:87:80:28:74:0a:
b2:59:e5:44:31:1f:ca:2d:d0:33:74:38:9b:12:02:ad:3c:8d:
65:f1:f8:c5:ae:34:c0:ee:53:f1:43:e5:58:39:d2:70:a9:72:
ac:08:53:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ3XSLuvynaLW7TEkJCBVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjY2RmNjUxNjIzN2Q0MjVlOWFlMzgxN2VjYjE0MWY0ODE3
NzNjMTIwHhcNMjQwMTAxMjIzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjdkOTQ3ODU3ZGNkY2M0ZmY1Nzc0YzY5OGUzNjNhNDExOGVkZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9hZ3VUSvOLRVWe/gk9prn4Itjph1
RTvUm8SJzvBsCQTaoayOfWttYN/dnrCeUWUGF+Teiu7VpdAyzCHXkYRQ6jwF/kjb
JGDa92j8qNWdavP/GHEWqvgsiRQ12H7y3yQW6M3LCZXWKRwfIuZ0y5ZC0GHAHwBQ
4lNG7g5oZ37ITO0pJ0e3mOBxd+SxmNG49tqqXG1oYuC/Y6vCwcmjb5UzASh8CihT
YZKcrrv1ePnMbg5LzcnpsPV6a7XqDQG9hwwZrzFccdb3nrFrROtd8VeGAf2To1l2
riaTQpmnXLchP1Z7zG3seoIJUC77mkl5hkuU0VdonvLjYOugxBB3SFk3ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJ9lHhX3NzE/1d0xpjjY6QRjt6kMB8GA1UdIwQY
MBaAFMzN9lFiN9Ql6a44F+yxQfSBdzwSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek0zMlVXSTMxQ1hwcmpnWDdMRkI5SUYzUEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8zYjc0ODUtOGI3NC00ZDUwLTk3NGEt
MWI1MDE1MjA1MzJiLzEva24yVWVGZmMzTVRfVjNUR21PTmpwQkdPM3FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8zYjc0ODUtOGI3NC00ZDUwLTk3NGEtMWI1MDE1MjA1MzJi
LzEvek0zMlVXSTMxQ1hwcmpnWDdMRkI5SUYzUEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJYz5MA0G
CSqGSIb3DQEBCwUAA4IBAQA/SmYfDyMhCKCpRpXmSM8mnI4dZzo/qEmcZoWFg7NM
ajGxzl7xUppvYQdfOdJLTTEL39g63U/+yfbfW2FMgS+msfJplhaGQEiW2E9khq5d
mnD/tiyus6vu8jRj5ZNK4Zc3SeVCJCjIFbXrdArvd7YGJYN6OcedX++N7cPItZ2N
gLUrPDwIIe36LXZzfOtWcMGFALpy+ZFhyOQE444MwWWlLv91RSnWLu6H+3KV98wO
f8KM1jt4HFtmZtlf+f0+iWcEOXhz8I2t2H6MMg8MhoOzHQPXh4AodAqyWeVEMR/K
LdAzdDibEgKtPI1l8fjFrjTA7lPxQ+VYOdJwqXKsCFM/
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:55:27 2024 by rpki-client on console-ams.rpki-client.org