Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/QH2q5m_XOxn2g1hlvZAQ1Cq0SME.roa
File: QH2q5m_XOxn2g1hlvZAQ1Cq0SME.roa (raw, json)
Hash identifier: /gOOkqvA32rFNMFx2G9GZi6bByovdQGSfXZpWgwpBvw=
Subject key identifier: 40:7D:AA:E6:6F:D7:3B:19:F6:83:58:65:BD:90:10:D4:2A:B4:48:C1
Certificate issuer: /CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Certificate serial: 0193103F91030E3A3DE263F5E57D2C9725CB
Authority key identifier: C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/QH2q5m_XOxn2g1hlvZAQ1Cq0SME.roa
Signing time: Sat 09 Nov 2024 09:27:01 +0000
ROA not before: Sat 09 Nov 2024 09:27:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213895
IP address blocks: 103.130.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:10:3f:91:03:0e:3a:3d:e2:63:f5:e5:7d:2c:97:25:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Validity
Not Before: Nov 9 09:27:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=407daae66fd73b19f6835865bd9010d42ab448c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:02:90:93:58:0a:bd:0d:09:c3:cc:aa:28:97:
ca:f6:af:51:13:5c:8f:a4:79:3a:ff:ec:3f:3a:0a:
92:a4:36:9e:84:31:a9:e7:36:b0:40:5d:3d:66:36:
f6:fd:41:c8:4c:32:71:d4:5f:0a:6c:70:71:07:64:
9b:e9:0f:c9:80:78:89:14:b1:c6:26:7b:81:d4:6c:
05:0e:de:54:83:f9:0e:69:3d:68:b9:92:60:68:7b:
06:9d:26:b2:ff:bf:38:5e:c1:29:60:5a:1a:e0:ac:
59:92:f8:bf:49:31:6b:6d:26:66:65:fa:18:f6:b6:
43:8b:91:11:51:6c:bc:e4:88:89:47:ac:bf:8c:68:
a9:35:15:d4:39:73:f4:10:95:80:e6:1e:ae:2c:31:
1e:8b:c2:8f:d8:7a:95:8f:b1:56:49:29:79:15:a4:
33:02:01:8b:38:96:1c:6d:aa:d1:09:53:96:f0:61:
83:ee:c3:be:16:88:f5:f0:34:2e:68:4d:ff:2d:14:
7d:eb:c1:c8:8f:3f:2f:dd:56:98:f3:97:8e:46:78:
bd:06:63:ff:14:03:9c:f6:3e:d1:8f:c3:20:d2:61:
fc:49:8f:2a:86:c3:00:f0:eb:71:8f:d8:68:3e:6d:
05:5e:9f:39:ec:16:19:4e:0a:ca:9d:cf:32:60:15:
70:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7D:AA:E6:6F:D7:3B:19:F6:83:58:65:BD:90:10:D4:2A:B4:48:C1
X509v3 Authority Key Identifier:
keyid:C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/QH2q5m_XOxn2g1hlvZAQ1Cq0SME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.130.144.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:90:72:7a:94:91:f8:db:7a:a2:ec:d5:0f:ed:fe:ab:c6:df:
40:9c:71:7c:5c:4e:06:76:ca:73:8d:3c:3d:ed:99:c5:98:9d:
27:05:12:a0:d1:1f:97:2a:5f:c7:35:32:41:78:8b:9a:7b:cf:
0f:81:f9:41:a6:b6:88:2f:7f:4b:f2:82:5a:b0:08:a2:6d:31:
1d:ea:c7:e1:69:9a:69:41:a6:e7:ab:b0:c2:a0:5f:85:c0:d2:
41:08:03:76:14:d8:43:ea:cf:9e:a2:41:e5:d1:6f:12:31:48:
ed:50:85:db:e2:a3:10:6c:21:37:f7:b6:e2:c6:c0:83:aa:0e:
4c:f7:f3:5c:1d:41:83:26:48:a6:91:96:e3:7a:0e:f8:b2:4c:
43:83:a0:2d:6d:5f:c0:17:31:08:cc:3c:69:1a:3b:ca:f7:41:
ac:9e:8c:9e:d8:44:2c:89:9c:6e:cc:28:ba:b9:6c:3a:f4:8c:
be:31:8f:8e:aa:f7:c7:60:fd:96:87:56:ee:90:a9:5c:3e:cf:
65:67:cb:4d:b3:76:87:9a:f0:20:35:58:61:0e:86:20:2d:42:
fa:9d:b3:67:13:ff:2d:86:46:a9:15:ca:52:86:23:d1:b3:f2:
73:90:43:7f:25:02:5c:25:66:98:e0:1c:ef:f2:a9:91:2e:32:
26:f4:57:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMQP5EDDjo94mP15X0slyXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWJkMWU4YzU4ZjY0MWJkOTQ0MzA1ZjExYzU0ZWZlNWYz
YTBjZTIwHhcNMjQxMTA5MDkyNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDdkYWFlNjZmZDczYjE5ZjY4MzU4NjViZDkwMTBkNDJhYjQ0OGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6wKQk1gKvQ0Jw8yqKJfK9q9RE1yP
pHk6/+w/OgqSpDaehDGp5zawQF09Zjb2/UHITDJx1F8KbHBxB2Sb6Q/JgHiJFLHG
JnuB1GwFDt5Ug/kOaT1ouZJgaHsGnSay/784XsEpYFoa4KxZkvi/STFrbSZmZfoY
9rZDi5ERUWy85IiJR6y/jGipNRXUOXP0EJWA5h6uLDEei8KP2HqVj7FWSSl5FaQz
AgGLOJYcbarRCVOW8GGD7sO+Foj18DQuaE3/LRR968HIjz8v3VaY85eORni9BmP/
FAOc9j7Rj8Mg0mH8SY8qhsMA8Otxj9hoPm0FXp857BYZTgrKnc8yYBVw+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEB9quZv1zsZ9oNYZb2QENQqtEjBMB8GA1UdIwQY
MBaAFMWb0ejFj2Qb2UQwXxHFTv5fOgziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgt
NTZjYzM5ZGI2ZWQ2LzEvUUgycTVtX1hPeG4yZzFobHZaQVExQ3EwU01FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgtNTZjYzM5ZGI2ZWQ2
LzEveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ4KQMA0G
CSqGSIb3DQEBCwUAA4IBAQCokHJ6lJH423qi7NUP7f6rxt9AnHF8XE4GdspzjTw9
7ZnFmJ0nBRKg0R+XKl/HNTJBeIuae88PgflBpraIL39L8oJasAiibTEd6sfhaZpp
Qabnq7DCoF+FwNJBCAN2FNhD6s+eokHl0W8SMUjtUIXb4qMQbCE397bixsCDqg5M
9/NcHUGDJkimkZbjeg74skxDg6AtbV/AFzEIzDxpGjvK90Gsnoye2EQsiZxuzCi6
uWw69Iy+MY+OqvfHYP2Wh1bukKlcPs9lZ8tNs3aHmvAgNVhhDoYgLUL6nbNnE/8t
hkapFcpShiPRs/JzkEN/JQJcJWaY4Bzv8qmRLjIm9Fc1
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:01:51 2024 by rpki-client on console-ams.rpki-client.org