Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS6849.roa
File: AS6849.roa (raw, json)
Hash identifier: jSeBt2WA2/h4PPnw6FrNrIi4YPzSu7U7oCfCoGoaM2M=
Subject key identifier: 6E:F4:9F:AC:C6:38:52:9B:B2:69:1A:22:04:5C:68:DF:3B:1E:BD:7C
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 7A7031C91DE1A6196017037F1AD2F6AE045951C3
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS6849.roa
Signing time: Fri 01 Nov 2024 11:49:05 +0000
ROA not before: Fri 01 Nov 2024 11:44:05 +0000
ROA not after: Fri 31 Oct 2025 11:49:05 +0000
asID: 6849
IP address blocks: 37.52.0.0/21 maxlen: 21
37.52.0.0/24 maxlen: 24
37.52.1.0/24 maxlen: 24
37.52.2.0/24 maxlen: 24
37.52.3.0/24 maxlen: 24
37.52.4.0/24 maxlen: 24
37.52.16.0/20 maxlen: 20
37.52.32.0/21 maxlen: 21
37.52.32.0/24 maxlen: 24
37.52.33.0/24 maxlen: 24
37.52.34.0/24 maxlen: 24
37.52.35.0/24 maxlen: 24
37.52.36.0/24 maxlen: 24
37.52.37.0/24 maxlen: 24
37.52.38.0/24 maxlen: 24
37.52.39.0/24 maxlen: 24
37.52.40.0/21 maxlen: 21
37.52.56.0/21 maxlen: 21
37.52.64.0/21 maxlen: 24
37.52.64.0/24 maxlen: 24
37.52.65.0/24 maxlen: 24
37.52.66.0/24 maxlen: 24
37.52.67.0/24 maxlen: 24
37.52.68.0/24 maxlen: 24
37.52.69.0/24 maxlen: 24
37.52.70.0/24 maxlen: 24
37.52.71.0/24 maxlen: 24
37.52.72.0/21 maxlen: 21
37.52.72.0/24 maxlen: 24
37.52.73.0/24 maxlen: 24
37.52.74.0/24 maxlen: 24
37.52.75.0/24 maxlen: 24
37.52.76.0/24 maxlen: 24
37.52.77.0/24 maxlen: 24
37.52.78.0/24 maxlen: 24
37.52.79.0/24 maxlen: 24
37.52.80.0/21 maxlen: 21
37.52.80.0/24 maxlen: 24
37.52.81.0/24 maxlen: 24
37.52.82.0/24 maxlen: 24
37.52.83.0/24 maxlen: 24
37.52.84.0/24 maxlen: 24
37.52.85.0/24 maxlen: 24
37.52.86.0/24 maxlen: 24
37.52.87.0/24 maxlen: 24
37.52.88.0/24 maxlen: 24
37.52.89.0/24 maxlen: 24
37.52.90.0/24 maxlen: 24
37.52.91.0/24 maxlen: 24
37.52.92.0/24 maxlen: 24
37.52.93.0/24 maxlen: 24
37.52.94.0/24 maxlen: 24
37.52.95.0/24 maxlen: 24
37.52.96.0/21 maxlen: 21
37.52.96.0/24 maxlen: 24
37.52.97.0/24 maxlen: 24
37.52.98.0/24 maxlen: 24
37.52.99.0/24 maxlen: 24
37.52.100.0/24 maxlen: 24
37.52.101.0/24 maxlen: 24
37.52.102.0/24 maxlen: 24
37.52.103.0/24 maxlen: 24
37.52.104.0/24 maxlen: 24
37.52.105.0/24 maxlen: 24
37.52.106.0/24 maxlen: 24
37.52.107.0/24 maxlen: 24
37.52.108.0/24 maxlen: 24
37.52.109.0/24 maxlen: 24
37.52.110.0/24 maxlen: 24
37.52.111.0/24 maxlen: 24
37.52.112.0/22 maxlen: 22
37.52.116.0/23 maxlen: 23
37.52.118.0/23 maxlen: 23
37.52.128.0/21 maxlen: 21
37.52.134.0/24 maxlen: 24
37.52.136.0/21 maxlen: 21
37.52.144.0/21 maxlen: 21
37.52.144.0/24 maxlen: 24
37.52.145.0/24 maxlen: 24
37.52.146.0/24 maxlen: 24
37.52.147.0/24 maxlen: 24
37.52.148.0/24 maxlen: 24
37.52.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:70:31:c9:1d:e1:a6:19:60:17:03:7f:1a:d2:f6:ae:04:59:51:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Nov 1 11:44:05 2024 GMT
Not After : Oct 31 11:49:05 2025 GMT
Subject: CN=6EF49FACC638529BB2691A22045C68DF3B1EBD7C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:41:c9:d1:65:75:b4:04:8e:46:0a:56:da:80:
8c:fc:e1:63:f3:a4:1a:8f:bc:70:34:d0:c3:6c:00:
c7:f9:df:81:52:b0:a8:b0:6b:bd:38:a7:c0:ab:76:
29:d7:7e:96:bc:a0:45:9d:40:d7:bb:31:15:04:1d:
a0:b5:ee:9b:51:3c:90:54:02:1a:df:a1:89:2a:65:
c0:f0:ed:ec:44:f9:b3:c9:4d:b8:f5:32:e1:0c:ae:
e0:99:85:82:21:e4:83:9e:ab:42:c5:e4:4d:49:a8:
0d:d6:3f:0b:40:43:9a:0a:57:99:5b:9a:6c:61:85:
c4:09:ec:79:61:7b:f2:89:b2:f7:ca:26:42:f9:ed:
79:dc:9d:2b:cd:cc:ba:bb:6f:76:17:60:c9:41:30:
01:ea:e9:b3:4c:e3:10:15:49:1a:e1:5c:c1:26:aa:
5b:d6:b1:6f:71:18:7b:38:9d:32:ed:b9:1e:30:5a:
63:c9:9b:41:e7:3a:39:32:8c:94:2a:e7:c4:d5:5a:
23:a8:1e:93:98:f6:d9:a7:09:5c:11:0d:99:e1:2c:
98:a5:4d:28:c5:92:9b:12:1d:85:db:e1:01:52:b1:
f0:2b:b5:ea:b0:b1:45:44:03:e2:c1:a5:b2:b7:8d:
09:40:27:f4:60:3c:6d:0c:76:f2:ad:e9:8b:dd:0f:
ce:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F4:9F:AC:C6:38:52:9B:B2:69:1A:22:04:5C:68:DF:3B:1E:BD:7C
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS6849.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.0.0/21
37.52.16.0-37.52.47.255
37.52.56.0-37.52.119.255
37.52.128.0-37.52.151.255
Signature Algorithm: sha256WithRSAEncryption
62:3c:68:7b:31:5d:83:cc:82:72:e6:bf:47:90:28:22:2d:d8:
79:24:a3:15:c9:82:7e:4f:ea:c6:c7:ec:e1:46:92:b1:70:f0:
b3:92:e3:5b:62:30:8c:5f:fd:50:98:be:6e:d0:6e:f9:02:f2:
26:50:4a:2a:9c:d5:e2:f0:8c:e8:c8:a3:66:02:63:48:8a:43:
e9:f1:bd:10:9e:fc:93:fe:63:99:69:d6:82:59:11:07:80:1d:
20:c2:93:74:12:8e:95:a0:d3:18:ea:23:9f:4d:c6:ca:64:5c:
1a:3c:1a:a0:ad:fe:b0:3a:2a:af:4b:5b:f1:38:53:81:02:69:
8c:4f:b7:d7:11:fb:7a:9c:41:84:63:ef:bb:15:01:75:55:98:
4c:fd:99:3f:3d:72:94:61:eb:1e:84:e3:52:e2:11:a3:ab:0c:
4f:5c:a5:3c:63:23:72:b7:56:39:37:45:46:dd:7e:4c:8b:fb:
66:21:f9:74:24:e2:d7:86:53:3a:cf:7b:a6:5f:84:15:30:c1:
91:b4:57:c3:30:c7:8b:42:93:13:82:79:ec:bc:e2:af:e7:5f:
21:fb:00:c0:bf:c0:84:66:59:cb:f8:2d:13:2a:2e:09:47:06:
34:97:72:f8:0e:eb:14:31:0d:8b:e4:c6:32:95:11:7e:b8:dd:
e9:78:8f:aa
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUenAxyR3hphlgFwN/GtL2rgRZUcMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDExMDExMTQ0MDVaFw0yNTEwMzExMTQ5MDVaMDMxMTAvBgNV
BAMTKDZFRjQ5RkFDQzYzODUyOUJCMjY5MUEyMjA0NUM2OERGM0IxRUJEN0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCQcnRZXW0BI5GClbagIz84WPz
pBqPvHA00MNsAMf534FSsKiwa704p8CrdinXfpa8oEWdQNe7MRUEHaC17ptRPJBU
AhrfoYkqZcDw7exE+bPJTbj1MuEMruCZhYIh5IOeq0LF5E1JqA3WPwtAQ5oKV5lb
mmxhhcQJ7Hlhe/KJsvfKJkL57XncnSvNzLq7b3YXYMlBMAHq6bNM4xAVSRrhXMEm
qlvWsW9xGHs4nTLtuR4wWmPJm0HnOjkyjJQq58TVWiOoHpOY9tmnCVwRDZnhLJil
TSjFkpsSHYXb4QFSsfArteqwsUVEA+LBpbK3jQlAJ/RgPG0MdvKt6YvdD86BAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUbvSfrMY4UpuyaRoiBFxo3zsevXwwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNjg0OS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBJBggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAyU0ADAM
AwQEJTQQAwQEJTQgMAwDBAMlNDgDBAMlNHAwDAMEByU0gAMEAyU0kDANBgkqhkiG
9w0BAQsFAAOCAQEAYjxoezFdg8yCcua/R5AoIi3YeSSjFcmCfk/qxsfs4UaSsXDw
s5LjW2IwjF/9UJi+btBu+QLyJlBKKpzV4vCM6MijZgJjSIpD6fG9EJ78k/5jmWnW
glkRB4AdIMKTdBKOlaDTGOojn03GymRcGjwaoK3+sDoqr0tb8ThTgQJpjE+31xH7
epxBhGPvuxUBdVWYTP2ZPz1ylGHrHoTjUuIRo6sMT1ylPGMjcrdWOTdFRt1+TIv7
ZiH5dCTi14ZTOs97pl+EFTDBkbRXwzDHi0KTE4J57Lzir+dfIfsAwL/AhGZZy/gt
EyouCUcGNJdy+A7rFDENi+TGMpURfrjd6XiPqg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:43 2024 by rpki-client on console-ams.rpki-client.org