Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/J-DnkDIBAAnZHEXfuyKZXQAkW2A.roa
File: J-DnkDIBAAnZHEXfuyKZXQAkW2A.roa (raw, json)
Hash identifier: UZ4Z7ovEg4zCFzWOwbxIFKRvRl5HTXuwEPNAH9nbHg8=
Subject key identifier: 27:E0:E7:90:32:01:00:09:D9:1C:45:DF:BB:22:99:5D:00:24:5B:60
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 01914ABC98BD4BA33C5E102BA6A479BA11BB
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/J-DnkDIBAAnZHEXfuyKZXQAkW2A.roa
Signing time: Tue 13 Aug 2024 07:55:59 +0000
ROA not before: Tue 13 Aug 2024 07:55:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56110
IP address blocks: 103.118.16.0/24 maxlen: 24
103.118.17.0/24 maxlen: 24
103.138.188.0/24 maxlen: 24
103.138.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4a:bc:98:bd:4b:a3:3c:5e:10:2b:a6:a4:79:ba:11:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Aug 13 07:55:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27e0e79032010009d91c45dfbb22995d00245b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:63:00:0e:50:6f:c9:09:99:00:08:da:4f:d8:
27:6c:8e:95:66:b1:ae:34:0f:77:46:bf:7b:57:af:
1a:18:c6:a9:0b:c2:3b:e9:e7:a0:d0:9d:7c:77:c1:
6e:4d:5c:17:18:98:bf:b4:bc:12:61:0a:65:e0:28:
9c:17:14:1f:92:45:23:4b:8d:68:25:b3:03:26:53:
c7:0e:57:e3:bb:b7:78:1e:85:f0:a7:b0:8b:da:e2:
aa:ac:62:30:44:b8:1a:7e:0e:5e:d3:7c:3c:c5:8d:
b0:bc:1b:d0:01:5d:b8:66:8b:1c:e7:2a:2c:79:28:
22:ba:7d:98:96:bc:9b:a8:ed:3e:64:fc:9e:f3:8a:
a2:10:6d:f6:5a:78:6c:86:db:20:e3:34:20:2d:d3:
cb:89:4a:5b:10:31:ab:6d:a8:a1:06:a1:b8:16:bf:
a9:8e:1d:77:d2:4e:64:b0:4c:1f:27:9b:ff:dc:c1:
a6:72:e4:9c:bd:04:11:a2:14:0f:80:4c:00:9f:2e:
0d:7b:e5:e6:d8:4d:a9:45:be:c4:41:16:9b:f0:e7:
4a:81:8d:f6:38:3e:34:81:cb:8f:83:b4:c2:1c:53:
95:05:36:c0:71:5f:2e:11:7e:6d:6e:84:9d:bf:cb:
cb:10:6c:37:b2:6e:5b:4b:60:a7:65:8b:ca:ba:af:
e1:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:E0:E7:90:32:01:00:09:D9:1C:45:DF:BB:22:99:5D:00:24:5B:60
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/J-DnkDIBAAnZHEXfuyKZXQAkW2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.118.16.0/23
103.138.188.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:28:38:df:60:9c:f4:b7:c9:df:31:6d:d7:90:a0:24:6f:f8:
65:3e:b4:72:37:61:2d:24:31:ff:c4:45:f7:4d:0e:b2:c3:19:
c4:21:c5:3f:0f:6e:19:e9:f2:e8:5a:8e:60:4c:38:6a:db:d3:
44:0b:0e:74:ad:81:9f:b2:20:66:2c:a6:6c:92:04:17:74:01:
fd:9a:d2:e9:bc:42:7d:90:22:8d:bf:27:eb:38:69:26:18:c6:
f7:ae:9a:a3:37:7c:e6:57:4c:d7:ab:49:b3:6a:3e:91:0b:c4:
6e:8a:31:ba:68:6a:21:b6:c8:55:1c:98:e0:20:b8:70:b9:a9:
4c:60:13:30:03:be:5a:cd:7f:15:ee:63:72:8a:d0:68:41:c6:
40:75:3f:7b:dd:2b:93:23:8f:31:85:fe:8a:2e:55:89:5c:f6:
63:66:aa:af:74:3c:e3:84:1c:6e:99:92:fa:8b:49:e2:75:2a:
e3:66:ea:b1:2f:56:70:f4:33:0c:d7:07:f3:75:71:5c:ab:c4:
f2:37:75:08:d6:37:94:08:fd:f0:01:e1:b3:cb:a7:56:e6:89:
73:16:5b:ba:c6:ce:da:c7:13:99:9c:f1:19:ad:c3:bf:b7:64:
35:dd:4f:1f:d6:59:ac:85:da:aa:58:98:78:9e:fe:cb:2d:7e:
df:ea:04:5a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFKvJi9S6M8XhArpqR5uhG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQwODEzMDc1NTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2UwZTc5MDMyMDEwMDA5ZDkxYzQ1ZGZiYjIyOTk1ZDAwMjQ1YjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2MADlBvyQmZAAjaT9gnbI6VZrGu
NA93Rr97V68aGMapC8I76eeg0J18d8FuTVwXGJi/tLwSYQpl4CicFxQfkkUjS41o
JbMDJlPHDlfju7d4HoXwp7CL2uKqrGIwRLgafg5e03w8xY2wvBvQAV24Zosc5yos
eSgiun2YlrybqO0+ZPye84qiEG32Wnhshtsg4zQgLdPLiUpbEDGrbaihBqG4Fr+p
jh130k5ksEwfJ5v/3MGmcuScvQQRohQPgEwAny4Ne+Xm2E2pRb7EQRab8OdKgY32
OD40gcuPg7TCHFOVBTbAcV8uEX5tboSdv8vLEGw3sm5bS2CnZYvKuq/h9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCfg55AyAQAJ2RxF37simV0AJFtgMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvSi1EbmtESUJBQW5aSEVYZnV5S1pYUUFrVzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBZ3YQAwQB
Z4q8MA0GCSqGSIb3DQEBCwUAA4IBAQBfKDjfYJz0t8nfMW3XkKAkb/hlPrRyN2Et
JDH/xEX3TQ6ywxnEIcU/D24Z6fLoWo5gTDhq29NECw50rYGfsiBmLKZskgQXdAH9
mtLpvEJ9kCKNvyfrOGkmGMb3rpqjN3zmV0zXq0mzaj6RC8RuijG6aGohtshVHJjg
ILhwualMYBMwA75azX8V7mNyitBoQcZAdT973SuTI48xhf6KLlWJXPZjZqqvdDzj
hBxumZL6i0nidSrjZuqxL1Zw9DMM1wfzdXFcq8TyN3UI1jeUCP3wAeGzy6dW5olz
Flu6xs7axxOZnPEZrcO/t2Q13U8f1lmshdqqWJh4nv7LLX7f6gRa
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:23:47 2024 by rpki-client on console-ams.rpki-client.org