Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/Cs7UyycYScBk1pFCzn0s-LMd9Bs.roa
File: Cs7UyycYScBk1pFCzn0s-LMd9Bs.roa (raw, json)
Hash identifier: GJnFRrBek63OwsnCvkrBCazRvRKSDhNwyvg1e3ptN3Q=
Subject key identifier: 0A:CE:D4:CB:27:18:49:C0:64:D6:91:42:CE:7D:2C:F8:B3:1D:F4:1B
Certificate issuer: /CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Certificate serial: 018ED6F8B3C1255A095900BC6023BDDDD846
Authority key identifier: C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/Cs7UyycYScBk1pFCzn0s-LMd9Bs.roa
Signing time: Sat 13 Apr 2024 10:20:06 +0000
ROA not before: Sat 13 Apr 2024 10:20:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57497
IP address blocks: 45.89.236.0/22 maxlen: 24
103.130.144.0/24 maxlen: 24
103.130.146.0/24 maxlen: 24
212.18.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d6:f8:b3:c1:25:5a:09:59:00:bc:60:23:bd:dd:d8:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Validity
Not Before: Apr 13 10:20:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0aced4cb271849c064d69142ce7d2cf8b31df41b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:18:02:54:41:fb:5b:38:f5:a5:5b:15:b7:37:
27:01:f6:e0:03:92:89:d2:a2:2d:47:55:ac:13:df:
a4:e0:c5:f6:6d:2a:76:b1:4f:3e:cd:6c:25:ad:7d:
d0:bd:27:40:20:dc:18:43:57:b2:5c:ed:a5:bf:fc:
e6:c0:8a:47:0e:a2:13:f2:28:2c:73:24:12:fd:24:
6f:c2:c9:d2:b2:13:0d:80:7e:fa:5d:b1:72:4f:71:
81:a5:1b:6d:ca:59:00:11:10:c7:7b:37:86:f0:3d:
cf:9d:02:ed:ee:a6:b1:10:e3:93:3e:24:87:7c:90:
17:09:40:a0:16:58:95:a6:f4:5c:0c:84:93:c5:4f:
f1:74:72:87:80:66:d8:c6:d8:25:1f:50:00:97:f6:
09:7c:95:fb:67:61:09:6e:c1:cd:b8:44:22:15:bb:
72:df:2a:7d:ee:05:cc:ef:46:66:6b:d9:7d:dc:86:
5f:ee:4e:2b:05:10:c4:9d:1b:5a:ac:fd:90:b8:91:
68:25:95:b5:d6:9c:2e:a5:ae:5a:5f:42:8e:17:d3:
cb:f3:d5:f4:af:12:72:65:b7:bc:ef:8f:5d:65:c1:
8c:e8:d1:ab:7c:dc:af:14:bf:fa:a5:99:8f:df:5b:
e6:84:a0:fb:35:27:04:cb:27:cc:a1:e9:fa:ce:24:
d1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:CE:D4:CB:27:18:49:C0:64:D6:91:42:CE:7D:2C:F8:B3:1D:F4:1B
X509v3 Authority Key Identifier:
keyid:C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/Cs7UyycYScBk1pFCzn0s-LMd9Bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.236.0/22
103.130.144.0/24
103.130.146.0/24
212.18.108.0/24
Signature Algorithm: sha256WithRSAEncryption
63:b8:46:47:c8:76:5a:98:d7:22:cb:c0:4c:3b:e8:24:d3:a8:
fa:04:65:c0:3c:12:8a:4a:3d:59:81:85:43:95:26:84:7f:59:
82:13:16:dc:f7:22:0a:49:15:44:4e:2b:c5:40:42:cb:ca:ca:
4e:24:64:0f:ca:b2:ce:04:84:c5:45:d3:9c:fa:1f:16:6f:68:
40:0f:60:86:a3:c2:13:46:6d:af:95:6b:20:a9:5a:40:e1:8b:
4e:be:51:03:52:16:89:ac:a9:c0:73:5d:73:ba:d6:35:ab:88:
38:88:23:fe:a2:ef:5f:4a:e0:21:a0:17:01:8a:b8:8d:22:bb:
3e:28:2f:9d:a6:02:59:99:fe:d4:c4:20:d1:56:48:21:f2:d0:
d7:cb:09:d3:ae:85:01:ee:b3:09:0c:fa:0a:7f:45:ef:77:2f:
1a:ae:c0:32:21:d8:60:c9:52:d0:99:87:c9:9c:52:29:8f:61:
36:0e:86:0d:84:f5:51:35:68:89:3d:65:0f:6f:f6:aa:7f:eb:
7f:0f:4f:ad:9b:22:28:04:c5:eb:ef:5e:ee:c0:60:45:2d:2d:
58:f7:c5:82:b2:1b:dc:54:12:66:56:45:fe:90:e3:24:0a:55:
67:48:0a:9f:a7:9d:92:88:dc:76:61:9b:3a:d0:3e:eb:76:18:
76:31:8e:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY7W+LPBJVoJWQC8YCO93dhGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWJkMWU4YzU4ZjY0MWJkOTQ0MzA1ZjExYzU0ZWZlNWYz
YTBjZTIwHhcNMjQwNDEzMTAyMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWNlZDRjYjI3MTg0OWMwNjRkNjkxNDJjZTdkMmNmOGIzMWRmNDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRgCVEH7Wzj1pVsVtzcnAfbgA5KJ
0qItR1WsE9+k4MX2bSp2sU8+zWwlrX3QvSdAINwYQ1eyXO2lv/zmwIpHDqIT8igs
cyQS/SRvwsnSshMNgH76XbFyT3GBpRttylkAERDHezeG8D3PnQLt7qaxEOOTPiSH
fJAXCUCgFliVpvRcDISTxU/xdHKHgGbYxtglH1AAl/YJfJX7Z2EJbsHNuEQiFbty
3yp97gXM70Zma9l93IZf7k4rBRDEnRtarP2QuJFoJZW11pwupa5aX0KOF9PL89X0
rxJyZbe8749dZcGM6NGrfNyvFL/6pZmP31vmhKD7NScEyyfMoen6ziTRVwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFArO1MsnGEnAZNaRQs59LPizHfQbMB8GA1UdIwQY
MBaAFMWb0ejFj2Qb2UQwXxHFTv5fOgziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgt
NTZjYzM5ZGI2ZWQ2LzEvQ3M3VXl5Y1lTY0JrMXBGQ3puMHMtTE1kOUJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgtNTZjYzM5ZGI2ZWQ2
LzEveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLVnsAwQA
Z4KQAwQAZ4KSAwQA1BJsMA0GCSqGSIb3DQEBCwUAA4IBAQBjuEZHyHZamNciy8BM
O+gk06j6BGXAPBKKSj1ZgYVDlSaEf1mCExbc9yIKSRVETivFQELLyspOJGQPyrLO
BITFRdOc+h8Wb2hAD2CGo8ITRm2vlWsgqVpA4YtOvlEDUhaJrKnAc11zutY1q4g4
iCP+ou9fSuAhoBcBiriNIrs+KC+dpgJZmf7UxCDRVkgh8tDXywnTroUB7rMJDPoK
f0Xvdy8arsAyIdhgyVLQmYfJnFIpj2E2DoYNhPVRNWiJPWUPb/aqf+t/D0+tmyIo
BMXr717uwGBFLS1Y98WCshvcVBJmVkX+kOMkClVnSAqfp52SiNx2YZs60D7rdhh2
MY7e
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:15:46 2024 by rpki-client on console-ams.rpki-client.org