Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/267bf5-0220-48b1-b723-a5ae5b19939a/1/0hMgJ3JZtnkATs9HHgh-JoGgKAk.roa
File: 0hMgJ3JZtnkATs9HHgh-JoGgKAk.roa (raw, json)
Hash identifier: FQ54WEdvJrseoD3nHfvgXCilU7ubSC6kN3RGrjp0K3I=
Subject key identifier: D2:13:20:27:72:59:B6:79:00:4E:CF:47:1E:08:7E:26:81:A0:28:09
Certificate issuer: /CN=cb14d30f3b1e1137423c4b235957f3303064daff
Certificate serial: 018CCA2AE53C85C53E55DA62AD05C0505387
Authority key identifier: CB:14:D3:0F:3B:1E:11:37:42:3C:4B:23:59:57:F3:30:30:64:DA:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yxTTDzseETdCPEsjWVfzMDBk2v8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/267bf5-0220-48b1-b723-a5ae5b19939a/1/0hMgJ3JZtnkATs9HHgh-JoGgKAk.roa
Signing time: Tue 02 Jan 2024 12:34:17 +0000
ROA not before: Tue 02 Jan 2024 12:34:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57710
IP address blocks: 185.235.200.0/22 maxlen: 24
37.61.160.0/20 maxlen: 24
2a00:9640::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/267bf5-0220-48b1-b723-a5ae5b19939a/1/yxTTDzseETdCPEsjWVfzMDBk2v8.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/267bf5-0220-48b1-b723-a5ae5b19939a/1/yxTTDzseETdCPEsjWVfzMDBk2v8.mft
rsync://rpki.ripe.net/repository/DEFAULT/yxTTDzseETdCPEsjWVfzMDBk2v8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:e5:3c:85:c5:3e:55:da:62:ad:05:c0:50:53:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb14d30f3b1e1137423c4b235957f3303064daff
Validity
Not Before: Jan 2 12:34:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d21320277259b679004ecf471e087e2681a02809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c9:9a:2d:b9:59:20:de:80:01:6b:e8:54:dc:
9a:12:17:88:c3:c8:78:5a:d9:df:a0:72:1b:da:ba:
e4:4a:0e:65:ab:b0:97:28:cd:c6:2b:bb:75:0b:1c:
f2:e9:66:2a:eb:95:a8:1e:83:fa:58:48:b6:55:64:
47:bd:5b:c2:ab:02:cc:40:49:e5:f8:eb:9a:12:3d:
53:bf:29:e9:d5:e3:72:51:f7:46:d7:2c:61:4d:81:
a7:49:3d:4f:2d:af:cf:5e:93:74:b2:c2:fa:57:d8:
31:80:d5:a3:57:4f:3a:71:68:a5:d1:59:06:bc:c2:
fe:82:51:ff:44:f2:4d:80:71:76:da:a3:4c:2c:92:
fd:3d:b5:2f:c7:72:63:f4:fe:b5:42:5b:0d:df:7c:
be:50:a8:8a:ff:63:2e:33:b9:50:1f:0a:5d:22:fd:
c7:2b:40:e5:30:18:b9:04:ba:b2:3e:fd:75:a6:d6:
da:f9:bf:7d:18:61:78:69:7a:ec:44:57:81:91:a0:
b9:00:ea:89:b5:a2:cd:2b:8a:9d:d7:59:01:7f:bd:
b0:0d:55:5f:b3:32:d3:de:af:a3:49:86:dd:6c:87:
3a:2e:c7:0e:86:9d:61:24:03:c0:28:35:37:98:f9:
a2:c2:6a:9c:66:38:7e:bb:f1:4b:21:eb:14:c2:19:
43:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:13:20:27:72:59:B6:79:00:4E:CF:47:1E:08:7E:26:81:A0:28:09
X509v3 Authority Key Identifier:
keyid:CB:14:D3:0F:3B:1E:11:37:42:3C:4B:23:59:57:F3:30:30:64:DA:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yxTTDzseETdCPEsjWVfzMDBk2v8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/267bf5-0220-48b1-b723-a5ae5b19939a/1/0hMgJ3JZtnkATs9HHgh-JoGgKAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/267bf5-0220-48b1-b723-a5ae5b19939a/1/yxTTDzseETdCPEsjWVfzMDBk2v8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.160.0/20
185.235.200.0/22
IPv6:
2a00:9640::/32
Signature Algorithm: sha256WithRSAEncryption
93:61:69:ee:07:b8:90:a4:d8:b1:3e:6e:3f:83:ba:e4:d7:a4:
c0:94:5c:d5:8a:25:49:af:bc:22:29:47:a3:55:6a:ee:15:a8:
8d:f7:7b:ca:e4:b9:3a:ce:6c:fc:17:3c:cb:85:5e:d4:ca:38:
cd:5d:cb:9d:33:2a:20:c1:3c:0a:b3:70:05:88:58:2b:dc:d0:
5b:82:6a:70:fd:0f:d3:08:47:73:44:02:0c:74:5e:be:36:44:
65:bd:c2:00:fb:08:95:26:00:81:bd:a5:c9:5a:b0:05:00:ea:
44:09:6c:88:9d:17:86:6c:c0:8e:cc:c0:b6:14:ac:ad:e9:b5:
3f:2f:ef:a8:50:c2:20:16:ab:6a:a5:59:e2:c5:06:3e:b5:ba:
35:50:57:f2:28:fe:c4:90:0a:ad:b5:ee:ec:7b:5f:43:4f:8e:
30:0f:66:97:f1:5e:97:ca:d0:4d:c1:28:22:59:02:a5:c0:6e:
1a:5f:c3:63:47:9c:83:de:87:0b:b2:5e:aa:b7:e8:03:b5:37:
3e:30:78:de:cd:93:26:18:e3:1b:88:a3:8e:f1:79:f5:fd:57:
94:9f:5e:96:77:30:3a:93:f1:09:9b:17:2d:41:29:13:42:79:
6a:5e:b2:14:40:a8:19:3b:f3:f3:98:a6:ad:ff:06:df:ca:5c:
6d:1c:82:33
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKKuU8hcU+VdpirQXAUFOHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMTRkMzBmM2IxZTExMzc0MjNjNGIyMzU5NTdmMzMwMzA2
NGRhZmYwHhcNMjQwMTAyMTIzNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjEzMjAyNzcyNTliNjc5MDA0ZWNmNDcxZTA4N2UyNjgxYTAyODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcmaLblZIN6AAWvoVNyaEheIw8h4
WtnfoHIb2rrkSg5lq7CXKM3GK7t1Cxzy6WYq65WoHoP6WEi2VWRHvVvCqwLMQEnl
+OuaEj1Tvynp1eNyUfdG1yxhTYGnST1PLa/PXpN0ssL6V9gxgNWjV086cWil0VkG
vML+glH/RPJNgHF22qNMLJL9PbUvx3Jj9P61QlsN33y+UKiK/2MuM7lQHwpdIv3H
K0DlMBi5BLqyPv11ptba+b99GGF4aXrsRFeBkaC5AOqJtaLNK4qd11kBf72wDVVf
szLT3q+jSYbdbIc6LscOhp1hJAPAKDU3mPmiwmqcZjh+u/FLIesUwhlDrwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNITICdyWbZ5AE7PRx4IfiaBoCgJMB8GA1UdIwQY
MBaAFMsU0w87HhE3QjxLI1lX8zAwZNr/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXhUVER6c2VFVGRDUEVzaldWZnpNREJrMnY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNjdiZjUtMDIyMC00OGIxLWI3MjMt
YTVhZTViMTk5MzlhLzEvMGhNZ0ozSlp0bmtBVHM5SEhnaC1Kb0dnS0FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNjdiZjUtMDIyMC00OGIxLWI3MjMtYTVhZTViMTk5Mzlh
LzEveXhUVER6c2VFVGRDUEVzaldWZnpNREJrMnY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEJT2gAwQC
uevIMA0EAgACMAcDBQAqAJZAMA0GCSqGSIb3DQEBCwUAA4IBAQCTYWnuB7iQpNix
Pm4/g7rk16TAlFzViiVJr7wiKUejVWruFaiN93vK5Lk6zmz8FzzLhV7UyjjNXcud
MyogwTwKs3AFiFgr3NBbgmpw/Q/TCEdzRAIMdF6+NkRlvcIA+wiVJgCBvaXJWrAF
AOpECWyInReGbMCOzMC2FKyt6bU/L++oUMIgFqtqpVnixQY+tbo1UFfyKP7EkAqt
te7se19DT44wD2aX8V6XytBNwSgiWQKlwG4aX8NjR5yD3ocLsl6qt+gDtTc+MHje
zZMmGOMbiKOO8Xn1/VeUn16WdzA6k/EJmxctQSkTQnlqXrIUQKgZO/PzmKat/wbf
ylxtHIIz
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:20:23 2024 by rpki-client on console-ams.rpki-client.org