Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/cmoAUs6X5Pn2mhNcTO70_q2Om9E.roa
File: cmoAUs6X5Pn2mhNcTO70_q2Om9E.roa (raw, json)
Hash identifier: ASHcNPe+MqU8takJ6f8PcyGdG5GjRJFHwhX1q1XqE6k=
Subject key identifier: 72:6A:00:52:CE:97:E4:F9:F6:9A:13:5C:4C:EE:F4:FE:AD:8E:9B:D1
Certificate issuer: /CN=b343514630dc17f3fe9b51dd434184d0b62b03c0
Certificate serial: 018CC5DC05980FA59EA411CFF5085AFBAF67
Authority key identifier: B3:43:51:46:30:DC:17:F3:FE:9B:51:DD:43:41:84:D0:B6:2B:03:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/cmoAUs6X5Pn2mhNcTO70_q2Om9E.roa
Signing time: Mon 01 Jan 2024 16:29:40 +0000
ROA not before: Mon 01 Jan 2024 16:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16222
IP address blocks: 185.37.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.mft
rsync://rpki.ripe.net/repository/DEFAULT/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:05:98:0f:a5:9e:a4:11:cf:f5:08:5a:fb:af:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b343514630dc17f3fe9b51dd434184d0b62b03c0
Validity
Not Before: Jan 1 16:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=726a0052ce97e4f9f69a135c4ceef4fead8e9bd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1e:4a:ff:d2:6b:47:fc:ab:97:67:34:9e:53:
ef:99:4f:36:95:06:b8:24:f0:6f:a2:76:7f:00:65:
cc:81:ab:71:bf:f2:51:70:77:d1:51:51:d8:67:cd:
87:d3:26:4d:9c:02:a1:4a:7e:b4:61:fd:25:73:48:
fe:d0:71:42:57:cd:eb:22:27:5f:13:b6:85:74:54:
16:27:41:50:0b:d4:4e:ef:4f:c6:96:12:5f:70:38:
77:5b:f9:e1:6a:9d:c8:22:5d:41:69:29:3a:af:93:
86:74:89:c3:5c:bf:ae:17:64:c9:60:7e:dc:3f:33:
27:b9:c6:b2:82:04:da:80:a2:fa:d3:1c:0b:b1:2f:
04:18:98:ba:a9:2e:6a:64:c2:ed:b2:d4:a7:fa:ac:
2e:bc:05:8e:21:ee:c3:3b:41:05:ff:55:54:68:98:
68:b8:86:b7:3c:63:e2:18:d2:1d:7a:c6:9e:c5:9e:
11:b6:ad:00:cf:45:bf:de:d6:48:f1:96:24:81:bd:
31:6c:86:dc:a5:4f:d6:cc:87:6a:c0:88:21:b0:4e:
51:57:62:b0:91:a6:42:6f:67:4b:19:65:06:4c:01:
7d:f7:06:cf:35:37:26:17:5f:89:36:cb:48:7a:19:
58:79:16:3e:24:79:63:7a:f5:21:1f:47:48:0b:6c:
09:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:6A:00:52:CE:97:E4:F9:F6:9A:13:5C:4C:EE:F4:FE:AD:8E:9B:D1
X509v3 Authority Key Identifier:
keyid:B3:43:51:46:30:DC:17:F3:FE:9B:51:DD:43:41:84:D0:B6:2B:03:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/cmoAUs6X5Pn2mhNcTO70_q2Om9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.60.0/24
Signature Algorithm: sha256WithRSAEncryption
74:ee:ec:57:e3:f4:d4:b9:72:ce:0c:bc:08:21:6c:8b:f2:fc:
e2:84:b8:4c:f2:2c:31:0e:e0:f7:1b:e3:ed:11:12:04:aa:05:
a8:e5:61:e3:40:82:bf:85:f7:47:6e:07:75:bb:db:6c:b7:09:
2d:e1:11:48:2e:2b:05:b8:82:15:d6:48:f2:c1:36:2c:a8:50:
64:03:ae:55:dc:ae:de:56:88:1c:f5:37:65:51:bd:f4:44:94:
32:b8:79:e8:97:b4:af:71:d8:01:76:44:b8:9c:4e:b0:8e:33:
54:5c:98:e2:3d:06:dd:90:70:c8:3c:b7:7a:eb:56:ae:1f:f3:
a6:7c:b2:e7:39:99:a5:8a:5b:ac:a6:e7:32:fb:b8:cf:57:ad:
ff:2d:ab:19:36:35:5b:f0:77:37:ca:a1:75:38:56:17:23:c3:
31:36:2a:10:f8:83:75:a2:8a:37:8d:e6:76:da:4d:d8:15:1f:
d5:76:d5:18:52:ff:95:f3:6c:88:49:8f:f0:ca:1c:2e:db:d2:
bb:e9:ba:02:a8:c2:3f:fc:49:c7:16:d0:c5:e7:d3:3f:f5:37:
fb:68:2a:bf:af:e4:58:9a:f1:25:e2:e6:8b:3c:09:5e:74:f3:
68:8c:ea:cb:80:53:66:55:8c:b0:22:f4:e6:b1:de:6f:1a:86:
41:2c:e7:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3AWYD6WepBHP9Qha+69nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNDM1MTQ2MzBkYzE3ZjNmZTliNTFkZDQzNDE4NGQwYjYy
YjAzYzAwHhcNMjQwMTAxMTYyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjZhMDA1MmNlOTdlNGY5ZjY5YTEzNWM0Y2VlZjRmZWFkOGU5YmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhh5K/9JrR/yrl2c0nlPvmU82lQa4
JPBvonZ/AGXMgatxv/JRcHfRUVHYZ82H0yZNnAKhSn60Yf0lc0j+0HFCV83rIidf
E7aFdFQWJ0FQC9RO70/GlhJfcDh3W/nhap3IIl1BaSk6r5OGdInDXL+uF2TJYH7c
PzMnucayggTagKL60xwLsS8EGJi6qS5qZMLtstSn+qwuvAWOIe7DO0EF/1VUaJho
uIa3PGPiGNIdesaexZ4Rtq0Az0W/3tZI8ZYkgb0xbIbcpU/WzIdqwIghsE5RV2Kw
kaZCb2dLGWUGTAF99wbPNTcmF1+JNstIehlYeRY+JHljevUhH0dIC2wJZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHJqAFLOl+T59poTXEzu9P6tjpvRMB8GA1UdIwQY
MBaAFLNDUUYw3Bfz/ptR3UNBhNC2KwPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczBOUlJqRGNGX1AtbTFIZFEwR0UwTFlyQThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMzgwNDYtN2JlMC00MDE3LWE5OGIt
YTcyNDdlOWQ1ZjNhLzEvY21vQVVzNlg1UG4ybWhOY1RPNzBfcTJPbTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMzgwNDYtN2JlMC00MDE3LWE5OGItYTcyNDdlOWQ1ZjNh
LzEvczBOUlJqRGNGX1AtbTFIZFEwR0UwTFlyQThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSU8MA0G
CSqGSIb3DQEBCwUAA4IBAQB07uxX4/TUuXLODLwIIWyL8vzihLhM8iwxDuD3G+Pt
ERIEqgWo5WHjQIK/hfdHbgd1u9tstwkt4RFILisFuIIV1kjywTYsqFBkA65V3K7e
Vogc9TdlUb30RJQyuHnol7SvcdgBdkS4nE6wjjNUXJjiPQbdkHDIPLd661auH/Om
fLLnOZmliluspucy+7jPV63/LasZNjVb8Hc3yqF1OFYXI8MxNioQ+IN1ooo3jeZ2
2k3YFR/VdtUYUv+V82yISY/wyhwu29K76boCqMI//EnHFtDF59M/9Tf7aCq/r+RY
mvEl4uaLPAledPNojOrLgFNmVYywIvTmsd5vGoZBLOfF
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:47:40 2024 by rpki-client on console-fra.rpki-client.org