Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS6849.roa
File: AS6849.roa (raw, json)
Hash identifier: /qecrz5Y3NdYXPjj0Iyi+5Cx9yOCHfpR409XaS4UnO4=
Subject key identifier: 7E:D8:F8:96:B9:47:7F:F6:63:68:A4:2C:B0:AB:F4:DE:60:F8:51:F6
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 679680E2B0757B6BAB48C1AAB6620B9EBA66C1C0
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS6849.roa
Signing time: Fri 23 Feb 2024 09:39:38 +0000
ROA not before: Fri 23 Feb 2024 09:34:38 +0000
ROA not after: Fri 21 Feb 2025 09:39:38 +0000
asID: 6849
IP address blocks: 37.52.0.0/21 maxlen: 21
37.52.0.0/24 maxlen: 24
37.52.1.0/24 maxlen: 24
37.52.2.0/24 maxlen: 24
37.52.3.0/24 maxlen: 24
37.52.4.0/24 maxlen: 24
37.52.16.0/20 maxlen: 20
37.52.32.0/21 maxlen: 21
37.52.32.0/24 maxlen: 24
37.52.33.0/24 maxlen: 24
37.52.34.0/24 maxlen: 24
37.52.35.0/24 maxlen: 24
37.52.36.0/24 maxlen: 24
37.52.37.0/24 maxlen: 24
37.52.38.0/24 maxlen: 24
37.52.39.0/24 maxlen: 24
37.52.40.0/21 maxlen: 21
37.52.56.0/21 maxlen: 21
37.52.64.0/21 maxlen: 21
37.52.72.0/21 maxlen: 21
37.52.72.0/24 maxlen: 24
37.52.80.0/21 maxlen: 21
37.52.80.0/24 maxlen: 24
37.52.81.0/24 maxlen: 24
37.52.82.0/24 maxlen: 24
37.52.83.0/24 maxlen: 24
37.52.84.0/24 maxlen: 24
37.52.85.0/24 maxlen: 24
37.52.86.0/24 maxlen: 24
37.52.87.0/24 maxlen: 24
37.52.96.0/21 maxlen: 21
37.52.96.0/24 maxlen: 24
37.52.97.0/24 maxlen: 24
37.52.98.0/24 maxlen: 24
37.52.99.0/24 maxlen: 24
37.52.100.0/24 maxlen: 24
37.52.101.0/24 maxlen: 24
37.52.102.0/24 maxlen: 24
37.52.103.0/24 maxlen: 24
37.52.104.0/22 maxlen: 22
37.52.108.0/22 maxlen: 22
37.52.108.0/24 maxlen: 24
37.52.109.0/24 maxlen: 24
37.52.110.0/24 maxlen: 24
37.52.111.0/24 maxlen: 24
37.52.112.0/22 maxlen: 22
37.52.116.0/23 maxlen: 23
37.52.118.0/23 maxlen: 23
37.52.128.0/21 maxlen: 21
37.52.134.0/24 maxlen: 24
37.52.136.0/21 maxlen: 21
37.52.144.0/21 maxlen: 21
37.52.144.0/24 maxlen: 24
37.52.145.0/24 maxlen: 24
37.52.146.0/24 maxlen: 24
37.52.147.0/24 maxlen: 24
37.52.148.0/24 maxlen: 24
37.52.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 14:36:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:96:80:e2:b0:75:7b:6b:ab:48:c1:aa:b6:62:0b:9e:ba:66:c1:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 23 09:34:38 2024 GMT
Not After : Feb 21 09:39:38 2025 GMT
Subject: CN=7ED8F896B9477FF66368A42CB0ABF4DE60F851F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ee:63:f6:2d:a1:83:f0:e5:96:2b:aa:ad:79:
7f:bb:e3:8c:cd:12:3e:15:1f:3a:ce:30:74:b4:27:
d7:9e:69:25:9f:8d:00:70:b7:5d:a4:4a:fd:59:d4:
c4:24:1f:d0:a7:08:6b:69:89:d2:2c:a3:96:c7:50:
59:d6:b0:3e:4c:fc:26:68:67:1f:7d:5b:f2:2e:b2:
da:21:fa:b4:bd:03:61:4d:d2:8a:d7:27:ff:09:42:
bd:a6:90:1a:4a:19:82:4d:6c:1a:4c:c5:2b:76:e3:
e0:0c:d9:78:98:97:5e:9e:22:c4:f1:32:b1:43:e8:
88:44:f8:a5:37:e2:8f:6c:fa:4d:1d:2d:fe:7d:36:
81:8f:2b:19:bb:4f:4a:45:aa:08:95:87:f1:f3:d6:
04:a8:87:e5:b8:d9:f7:18:36:a4:7f:c7:10:16:62:
96:5e:df:90:c2:0f:d2:d4:75:4d:d6:ba:30:17:4e:
2b:40:99:22:8f:55:1e:52:69:d1:b6:54:4d:82:b9:
3d:1a:70:22:c9:dd:74:23:b7:14:f9:7e:d8:11:ea:
fb:6e:16:d1:e2:06:53:83:38:39:79:53:f8:5b:75:
54:b1:67:8b:69:60:bd:3f:16:7f:c0:e5:b6:2c:c0:
22:00:f3:dd:4e:2b:50:e6:25:0c:4a:b6:5d:d5:42:
5a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:D8:F8:96:B9:47:7F:F6:63:68:A4:2C:B0:AB:F4:DE:60:F8:51:F6
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS6849.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.0.0/21
37.52.16.0-37.52.47.255
37.52.56.0-37.52.87.255
37.52.96.0-37.52.119.255
37.52.128.0-37.52.151.255
Signature Algorithm: sha256WithRSAEncryption
04:2c:15:c9:18:87:51:4b:ac:62:df:a8:7d:75:9c:ba:5c:40:
3e:15:8a:b4:0f:36:00:38:88:f3:0b:c5:03:1d:16:21:f5:c3:
3c:26:12:92:9a:f5:e8:9e:9a:8c:4c:e3:b1:aa:98:be:b4:09:
27:17:8c:c7:60:18:b4:d9:69:97:da:20:82:72:38:cd:7b:56:
13:5f:5f:41:02:f6:1c:ce:d5:f9:d8:a6:49:13:5f:46:5d:af:
3c:32:22:97:06:31:dc:0f:bc:66:f1:ad:1d:8d:d1:e1:7f:11:
40:01:55:d3:7e:e9:45:5b:78:5d:80:f7:0c:a1:10:29:32:32:
42:76:a7:b6:fd:d0:63:3a:28:1a:62:06:81:6c:57:87:58:ff:
69:b4:da:d9:73:2d:2b:22:f1:5c:4a:af:67:db:40:77:64:d3:
2f:14:2c:fb:41:0a:a4:1a:98:28:f6:83:c6:72:ff:2f:ec:34:
3b:e6:c7:fb:7b:5d:8b:52:c7:79:2d:18:14:33:b5:8b:8a:30:
e7:97:be:6e:99:bc:b5:ca:0f:09:40:7a:02:34:df:c9:50:10:
9f:8b:2c:63:86:0d:92:f5:15:d9:ea:97:d6:4a:0d:ff:fc:58:
6e:ce:aa:4f:62:84:de:c9:13:c8:6b:1e:01:dd:63:d2:9c:ce:
fa:47:8d:e6
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUZ5aA4rB1e2urSMGqtmILnrpmwcAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjMwOTM0MzhaFw0yNTAyMjEwOTM5MzhaMDMxMTAvBgNV
BAMTKDdFRDhGODk2Qjk0NzdGRjY2MzY4QTQyQ0IwQUJGNERFNjBGODUxRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI7mP2LaGD8OWWK6qteX+744zN
Ej4VHzrOMHS0J9eeaSWfjQBwt12kSv1Z1MQkH9CnCGtpidIso5bHUFnWsD5M/CZo
Zx99W/Iustoh+rS9A2FN0orXJ/8JQr2mkBpKGYJNbBpMxSt24+AM2XiYl16eIsTx
MrFD6IhE+KU34o9s+k0dLf59NoGPKxm7T0pFqgiVh/Hz1gSoh+W42fcYNqR/xxAW
YpZe35DCD9LUdU3WujAXTitAmSKPVR5SadG2VE2CuT0acCLJ3XQjtxT5ftgR6vtu
FtHiBlODODl5U/hbdVSxZ4tpYL0/Fn/A5bYswCIA891OK1DmJQxKtl3VQlpNAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUftj4lrlHf/ZjaKQssKv03mD4UfYwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNjg0OS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBXBggrBgEFBQcBBwEB/wRIMEYwRAQCAAEwPgMEAyU0ADAM
AwQEJTQQAwQEJTQgMAwDBAMlNDgDBAMlNFAwDAMEBSU0YAMEAyU0cDAMAwQHJTSA
AwQDJTSQMA0GCSqGSIb3DQEBCwUAA4IBAQAELBXJGIdRS6xi36h9dZy6XEA+FYq0
DzYAOIjzC8UDHRYh9cM8JhKSmvXonpqMTOOxqpi+tAknF4zHYBi02WmX2iCCcjjN
e1YTX19BAvYcztX52KZJE19GXa88MiKXBjHcD7xm8a0djdHhfxFAAVXTfulFW3hd
gPcMoRApMjJCdqe2/dBjOigaYgaBbFeHWP9ptNrZcy0rIvFcSq9n20B3ZNMvFCz7
QQqkGpgo9oPGcv8v7DQ75sf7e12LUsd5LRgUM7WLijDnl75umby1yg8JQHoCNN/J
UBCfiyxjhg2S9RXZ6pfWSg3//FhuzqpPYoTeyRPIax4B3WPSnM76R43m
-----END CERTIFICATE-----
Generated at Mon Jun 3 18:21:08 2024 by rpki-client on console-fra.rpki-client.org