Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/KmC6wS-Bry5klAycE2tBc7Q2hVk.roa
File: KmC6wS-Bry5klAycE2tBc7Q2hVk.roa (raw, json)
Hash identifier: ZcqNpLLMacfOeosAYfPte8ziOUeM115N30agsD9prWg=
Subject key identifier: 2A:60:BA:C1:2F:81:AF:2E:64:94:0C:9C:13:6B:41:73:B4:36:85:59
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 0194AAC8B0AB71571CE212F31CC4C1258674
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/KmC6wS-Bry5klAycE2tBc7Q2hVk.roa
Signing time: Tue 28 Jan 2025 02:41:06 +0000
ROA not before: Tue 28 Jan 2025 02:41:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395793
IP address blocks: 103.211.101.0/24 maxlen: 24
124.155.240.0/24 maxlen: 24
124.155.241.0/24 maxlen: 24
124.155.242.0/24 maxlen: 24
124.155.243.0/24 maxlen: 24
124.155.244.0/24 maxlen: 24
124.155.245.0/24 maxlen: 24
124.155.246.0/24 maxlen: 24
124.155.247.0/24 maxlen: 24
124.155.249.0/24 maxlen: 24
124.155.250.0/24 maxlen: 24
124.155.252.0/24 maxlen: 24
124.155.253.0/24 maxlen: 24
124.155.254.0/24 maxlen: 24
124.155.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 21:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:aa:c8:b0:ab:71:57:1c:e2:12:f3:1c:c4:c1:25:86:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 28 02:41:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a60bac12f81af2e64940c9c136b4173b4368559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1e:03:71:6d:8d:f7:4c:27:22:62:47:b7:a0:
56:1e:23:59:05:cb:1e:ee:4e:ac:0e:56:ea:ba:37:
8f:11:64:16:97:8e:bd:c0:af:4b:3b:88:89:1f:2e:
da:90:94:6c:63:3d:fa:7b:39:bf:30:6e:28:7a:42:
11:37:91:12:df:6e:3f:ca:17:53:2f:15:bb:e3:3c:
46:96:9a:2e:d3:d1:5f:f7:3c:78:a6:b2:61:b0:25:
7a:15:7c:20:a9:a5:15:71:9c:fa:20:d9:84:4a:ec:
6b:4f:5b:eb:b6:ef:1d:75:b6:dd:32:53:de:74:4c:
d0:b9:17:04:eb:f2:4d:d0:8a:79:7e:50:c3:af:3f:
b0:54:eb:2c:a6:f8:a4:da:d6:93:af:82:56:db:e6:
9e:c8:fe:7e:03:b1:f4:3a:5c:3c:be:01:b6:3c:8e:
8d:fb:dd:7e:13:d2:69:78:5f:fd:96:34:3b:55:03:
68:37:f3:76:f4:fa:ff:48:67:c2:8f:7a:2b:c2:16:
c0:8f:1c:45:da:8a:d1:2e:2a:54:cd:bd:00:c1:6b:
70:be:bb:b2:cd:bb:5c:10:e0:22:a2:35:f7:2a:2d:
52:71:81:e8:64:f8:79:27:7b:9e:97:41:06:e0:a1:
c7:b6:48:11:6c:bb:b8:4a:ff:ea:c3:a2:5d:20:fb:
81:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:60:BA:C1:2F:81:AF:2E:64:94:0C:9C:13:6B:41:73:B4:36:85:59
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/KmC6wS-Bry5klAycE2tBc7Q2hVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.211.101.0/24
124.155.240.0/21
124.155.249.0-124.155.250.255
124.155.252.0/22
Signature Algorithm: sha256WithRSAEncryption
60:68:29:3f:de:5c:66:76:48:7f:82:ee:6e:58:cd:55:65:1c:
f9:dc:46:ec:48:ab:89:ed:bd:16:78:4f:7f:b1:34:c0:c9:06:
7f:58:f1:89:76:eb:02:07:f8:fd:fb:08:b3:9d:2f:9a:b7:e1:
d3:2e:df:32:0e:e5:d5:0e:61:80:8d:9b:05:ba:de:d8:a3:4f:
d2:72:3e:72:a7:cb:0e:7f:27:d6:f9:3d:99:42:1a:b5:40:c5:
9f:be:0a:ea:95:f2:28:fd:67:55:9e:6c:d0:9d:c5:00:db:6a:
23:7b:6b:9d:70:d7:94:d9:59:3a:f1:fb:8c:d0:94:1f:a5:99:
68:a7:07:ef:66:fc:df:9e:5d:30:1c:7c:f1:12:b2:31:c1:cd:
2d:28:e0:1c:c3:4b:8b:72:be:10:f4:72:fe:8a:4d:93:68:c8:
c7:0c:ec:49:e1:9b:f1:b0:e5:b2:d5:44:29:96:9d:41:33:b9:
3f:77:87:00:0e:07:00:ca:ba:7a:65:1c:c7:28:1f:e9:6b:29:
fb:7f:76:bf:3c:d7:f3:11:83:47:7d:3d:55:23:93:70:ac:a0:
a3:97:69:2c:7b:2d:6c:a1:b3:0f:6d:a5:60:5e:73:49:50:af:
cc:3b:d5:d9:bd:90:69:01:1f:46:56:17:fd:35:8e:be:5d:a3:
98:38:bf:f8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZSqyLCrcVcc4hLzHMTBJYZ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjUwMTI4MDI0MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTYwYmFjMTJmODFhZjJlNjQ5NDBjOWMxMzZiNDE3M2I0MzY4NTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4B4DcW2N90wnImJHt6BWHiNZBcse
7k6sDlbqujePEWQWl469wK9LO4iJHy7akJRsYz36ezm/MG4oekIRN5ES324/yhdT
LxW74zxGlpou09Ff9zx4prJhsCV6FXwgqaUVcZz6INmESuxrT1vrtu8ddbbdMlPe
dEzQuRcE6/JN0Ip5flDDrz+wVOsspvik2taTr4JW2+aeyP5+A7H0Olw8vgG2PI6N
+91+E9JpeF/9ljQ7VQNoN/N29Pr/SGfCj3orwhbAjxxF2orRLipUzb0AwWtwvruy
zbtcEOAiojX3Ki1ScYHoZPh5J3uel0EG4KHHtkgRbLu4Sv/qw6JdIPuBEwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCpgusEvga8uZJQMnBNrQXO0NoVZMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvS21DNndTLUJyeTVrbEF5Y0UydEJjN1EyaFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAZ9NlAwQD
fJvwMAwDBAB8m/kDBAB8m/oDBAJ8m/wwDQYJKoZIhvcNAQELBQADggEBAGBoKT/e
XGZ2SH+C7m5YzVVlHPncRuxIq4ntvRZ4T3+xNMDJBn9Y8Yl26wIH+P37CLOdL5q3
4dMu3zIO5dUOYYCNmwW63tijT9JyPnKnyw5/J9b5PZlCGrVAxZ++CuqV8ij9Z1We
bNCdxQDbaiN7a51w15TZWTrx+4zQlB+lmWinB+9m/N+eXTAcfPESsjHBzS0o4BzD
S4tyvhD0cv6KTZNoyMcM7Enhm/Gw5bLVRCmWnUEzuT93hwAOBwDKunplHMcoH+lr
Kft/dr881/MRg0d9PVUjk3CsoKOXaSx7LWyhsw9tpWBec0lQr8w71dm9kGkBH0ZW
F/01jr5do5g4v/g=
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:57:52 2025 by rpki-client