Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/OMKmctDkwf-5JjJ8thf-QEdYSeg.roa
File: OMKmctDkwf-5JjJ8thf-QEdYSeg.roa (raw, json)
Hash identifier: l89SjZLoD0kxD/1c9j0cVQqhGWNZ65gIQY3QPmFWGfw=
Subject key identifier: 38:C2:A6:72:D0:E4:C1:FF:B9:26:32:7C:B6:17:FE:40:47:58:49:E8
Certificate issuer: /CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Certificate serial: 018D4021785B5C81AA096081A5AE795A42FC
Authority key identifier: C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/OMKmctDkwf-5JjJ8thf-QEdYSeg.roa
Signing time: Thu 25 Jan 2024 10:19:11 +0000
ROA not before: Thu 25 Jan 2024 10:19:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26042
IP address blocks: 103.130.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:40:21:78:5b:5c:81:aa:09:60:81:a5:ae:79:5a:42:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Validity
Not Before: Jan 25 10:19:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38c2a672d0e4c1ffb926327cb617fe40475849e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f2:b5:6f:fd:ce:f0:44:94:0a:be:8a:5e:24:
3c:a9:05:f0:30:ba:c5:e4:37:60:6e:ea:5b:26:05:
80:eb:2d:18:36:67:15:c2:91:7a:96:a4:c2:1b:36:
ee:28:93:f2:b6:74:0c:50:24:4c:9b:8a:b1:4a:e7:
cd:73:ce:13:e2:ba:93:75:8a:91:ef:1f:6c:76:ae:
fe:92:45:82:37:e7:7a:2d:d9:d7:8d:85:7a:55:35:
04:81:72:c8:af:ff:4e:6d:e3:2f:7a:5e:3d:a5:cb:
7c:ff:e3:21:fc:05:38:1d:6f:ad:39:fd:0e:2a:96:
af:85:19:ef:81:0d:9f:84:27:27:41:54:24:45:8c:
af:05:e7:aa:36:4a:fd:6a:35:d2:62:64:1e:b0:c7:
9e:8a:43:f4:b5:32:8c:06:d7:b8:60:6e:2c:2b:c4:
27:18:f7:66:92:c8:db:22:20:ce:be:ee:09:f5:46:
3f:55:f2:99:ce:f0:66:dd:b1:22:2a:c6:b8:c3:0a:
b9:34:b5:d9:e1:09:f8:2d:b0:ab:c3:65:98:5f:71:
7a:0a:5f:13:bd:46:e3:91:c4:76:5c:fd:bf:cc:44:
23:49:b6:58:e7:92:1a:f8:74:64:96:28:55:1c:46:
e3:e1:ea:97:0d:61:d2:6d:fd:6c:6c:af:4a:25:e2:
a3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:C2:A6:72:D0:E4:C1:FF:B9:26:32:7C:B6:17:FE:40:47:58:49:E8
X509v3 Authority Key Identifier:
keyid:C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/OMKmctDkwf-5JjJ8thf-QEdYSeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.130.147.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:bf:b5:ab:d0:17:eb:5c:10:e6:7a:47:86:11:d1:35:0e:3d:
ac:56:4d:c7:d0:4f:86:de:f2:db:b9:e2:4b:b3:3d:e4:26:83:
af:13:22:37:85:8b:99:0e:9b:76:47:e4:b9:7f:59:ae:1f:8f:
eb:eb:cd:59:93:e0:6f:7b:07:b7:31:9b:50:8a:42:a8:35:24:
3b:7c:34:0b:10:59:82:39:e3:fa:ea:58:28:52:f3:66:76:85:
33:b2:eb:84:a7:13:2c:7e:7c:47:17:50:d6:ca:0d:da:28:cd:
9b:2f:0e:62:ff:de:23:e6:8d:e3:97:24:4e:a5:f9:bb:cc:ba:
f0:15:48:b7:a0:27:2c:19:5f:d5:6b:d9:86:c1:c9:04:cb:6a:
6e:90:a3:a8:7d:5d:bb:36:97:6a:ab:37:79:d7:4e:3d:19:11:
35:55:6c:5e:dd:10:ae:b6:29:8e:40:92:6b:84:2d:79:89:76:
73:55:7d:6c:6b:df:a2:f1:98:55:7f:ba:c4:03:22:66:42:a3:
77:5f:63:7c:c2:61:db:78:6d:6b:7b:3b:73:57:68:9f:e5:54:
e8:ce:9e:8b:98:11:b5:7e:bb:60:58:67:8a:0d:da:62:85:67:
8e:b0:27:b4:90:fb:5a:98:05:0a:53:4e:01:97:58:aa:ae:12:
e7:f0:0b:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1AIXhbXIGqCWCBpa55WkL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWJkMWU4YzU4ZjY0MWJkOTQ0MzA1ZjExYzU0ZWZlNWYz
YTBjZTIwHhcNMjQwMTI1MTAxOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGMyYTY3MmQwZTRjMWZmYjkyNjMyN2NiNjE3ZmU0MDQ3NTg0OWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/K1b/3O8ESUCr6KXiQ8qQXwMLrF
5DdgbupbJgWA6y0YNmcVwpF6lqTCGzbuKJPytnQMUCRMm4qxSufNc84T4rqTdYqR
7x9sdq7+kkWCN+d6LdnXjYV6VTUEgXLIr/9ObeMvel49pct8/+Mh/AU4HW+tOf0O
KpavhRnvgQ2fhCcnQVQkRYyvBeeqNkr9ajXSYmQesMeeikP0tTKMBte4YG4sK8Qn
GPdmksjbIiDOvu4J9UY/VfKZzvBm3bEiKsa4wwq5NLXZ4Qn4LbCrw2WYX3F6Cl8T
vUbjkcR2XP2/zEQjSbZY55Ia+HRklihVHEbj4eqXDWHSbf1sbK9KJeKjKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjCpnLQ5MH/uSYyfLYX/kBHWEnoMB8GA1UdIwQY
MBaAFMWb0ejFj2Qb2UQwXxHFTv5fOgziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgt
NTZjYzM5ZGI2ZWQ2LzEvT01LbWN0RGt3Zi01SmpKOHRoZi1RRWRZU2VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgtNTZjYzM5ZGI2ZWQ2
LzEveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ4KTMA0G
CSqGSIb3DQEBCwUAA4IBAQCNv7Wr0BfrXBDmekeGEdE1Dj2sVk3H0E+G3vLbueJL
sz3kJoOvEyI3hYuZDpt2R+S5f1muH4/r681Zk+Bvewe3MZtQikKoNSQ7fDQLEFmC
OeP66lgoUvNmdoUzsuuEpxMsfnxHF1DWyg3aKM2bLw5i/94j5o3jlyROpfm7zLrw
FUi3oCcsGV/Va9mGwckEy2pukKOofV27Npdqqzd51049GRE1VWxe3RCutimOQJJr
hC15iXZzVX1sa9+i8ZhVf7rEAyJmQqN3X2N8wmHbeG1reztzV2if5VTozp6LmBG1
frtgWGeKDdpihWeOsCe0kPtamAUKU04Bl1iqrhLn8AtZ
-----END CERTIFICATE-----
Generated at Sun May 19 21:06:03 2024 by rpki-client on console-ams.rpki-client.org